Acceptable Use Policy And Access Control

“Acceptable Use Policy and Access Control”  Please respond to the following IN YOUR OWN WORDS: 

Organizations should have policies that describe which users have access to sensitive systems and data, for what purpose, and for how long. Assume that you are an IT manager in charge of creating your organization’s new Acceptable Use Policy. What are the most important items to add to that policy in order to help enforce access control.