This policy applies to all computers that are connected to the [company name] network via a standard network connection, wireless connection, modem connection, or virtual private network connection. This includes both company-owned computers and personally-owned computers attached to the [company name] network. The definition of computers includes desktop workstations, laptop computers, handheld computing devices, and servers.
Currently, [company name] has [describe type anti-virus software in use and type of license]. Licensed copies of [name anti-virus software] can be obtained at [online/offline location]. The most current available version of the anti-virus software package will be taken as the default standard.
Any activities with the intention to create and/or distribute malicious programs onto the [company name] network (e.g. viruses, worms, Trojan horses, e-mail bombs, etc.) are strictly prohibited.
If an employee receives what he/she believes to be a virus, or suspects that a computer is infected with a virus, it must be reported to the IT department immediately at [provide contact information]. Report the following information (if known): virus name, extent of infection, source of virus, and potential recipients of infected material.