The right of a company to monitor the activities of their employees on its information systems is typically defined under the "User Access Control" policy. This policy sets out the rules and conditions under which employee activities can be monitored, ensuring that monitoring is conducted legally and ethically while protecting the privacy rights of employees. It often includes provisions for the monitoring of email, internet use, and other digital interactions to safeguard company assets and ensure compliance with corporate policies.References: The establishment and enforcement of user access control policies are fundamental principles in cybersecurity management and are discussed in Network Defender training materials.