We are trying to wordsmith a document that sets out in simple terms what we do and don't scan. I confess I thought this would be relatively easy but this has not been the case!
As you have deduced from the above we do not scan everything on our network and its actually more for this reason that I need to flush out some sort of list. I'm hoping that the once I have the list of what we don't scan, I can then clarify the reasons why we don't.
I was wondering if anybody out there in the community has tried to do something similar or even suceeded, and would be willing to share their policy in some form or provide hints as to its structure and level of detail that it goes to.
Maybe we could even try collaboratively developing a template !
Thanks in advance