IT policies should be available
To ensure that your computer systems operate optimally, securely and reliably without being a contributor to people and process inefficiency, there are a set of principles that your organization should follow.
To minimize the possibility of a Virus Infection or data loss, your staff should only use your IT Equipment and Systems for the purposes intended.
If no IT-Policies are implemented, it will be difficult to try and enforce a directive that staff do not visit non-business-related websites or use non business-related software for example.
IT Policies should be implemented that enables an organisation to mandate what safe IT related work practices are, what activities should be prohibited, what are the disciplinary steps for non compliance.