This document discusses the risks associated with email, instant messaging, internet usage, and software use in a business environment. It covers developing policies around appropriate usage, assessing risks, educating end users, and addressing auditor concerns. The role of the system administrator is also discussed in mitigating risks through monitoring usage and enforcing policies.