There's a good writeup here from David das Neves on powershell security in the enterprise:
It's a long read (that I'm part way through) but the intro should give you a taster:
"The most important points to enforce Powershell Security is to use the newest Versions (OS and Powershell), use whitelisting and enforcing the usage of the ConstrainedLanguageMode and establish a good rights structure with frequent centralized logging and validate all the new features coming with the new Windows 10 Versions.
And now in more detail:"
Should be an interesting read and a good place to start if your company has "disabled powershell" which it probably hasn't.