There is no Application ACL for chaincode access control. It is guided to use client identity to control chaincode access in the chaincode itself (https://hyperledger-fabric.readthedocs.io/en/release-1.4/chaincode4ade.html#chaincode-access-control).
For example, It would be much convenient if there's some ACL to prevent clients to send transaction but allow querying. This could be implemented in two ways. One is by peers checking the ACL and the type of the request from clients. Another is by orderer checking the ACL and decide whether to accept the endorsement.
Possible ACL policy names could be:
ACL policy for invoking querying chaincodes on peer
ACL policy for send transaction on orderer