Approved Software Policy
Subscriber Content
A Governance Approach to Software Approval
This sample policy outlines procedures for the usage and maintenance of approved software in a company. The procedures detail the use of only approved software in company applications, reporting of problems by systems designers and developers, removal of all unauthorized access paths in production software, use of most current operating system versions, and prompt implementation of security fixes.
In this sample, the company manufactures medical equipment and must follow FDA regulations. Because not all software products comply with those regulations, free software, shareware and other nonapproved software must not be used on any production-related company system.