CentOS

To ensure compliance with our parent company's audit rules, I am installing clamav anti-virus software on our CENTOS 6 cloud servers located at Rackspace. I have installed and configured the software on a test server. My first question for the forum is what directories should I scan? Right now, I am only scanning the /home directory. My second question, is how do I add to a script that I want to scan more than one directory?
I am including below a code snippet from the shell script that runs in CRON.

clamscan /home -r \
--move=/var/log/clamav \
--log=$LOG_FILE

Reading man clamscan seems to show that you can specify --include-dir= multiple times in the same clamscan run so that's how I'd do it. Depending on your server use case you might want to scan more than /home - for example a mail server might have a spool directory that you'd want to scan though for a mail server it would probably be better to implement a scanning technique that calls out from the mail server software to scan mails as they arrive...