The organization utilizes the principle of least functionality in deploying and configuring systems. Systems must not have rights to anything that is not needed to accomplish what they are intended for.
Systems here mean servers, workstations, active network devices (firewalls, routers, switches, wireless base stations, etc.) and the like. Hardening, on the other hand, means changing the system's settings in such a way that the system's vulnerability area can be reduced.
Organization has defined operating processes through which:
Our organization has defined policies in place to prevent or at least detect the use of unauthorized programs.