Blocking traffic says “firewall” to me. The most common ports you need to block are 6881 to 6889. You would already be blocking those ports. If you have a problem with a specific destination, seriously consider a “deny all” for traffic with that destination by configuring your firewall. If you have a problem with a specific source, talk to them (or HR, or your manager).
Filter the .torrent file using ISA server.
Beyond that, don’t focus on ISA as your tool. Find another approach, such as Nessus to detect torrent usage, or insert a traffic filter (a Linux box running L7 Filter, for example).
Make sure there is a written policy about instant messenger traffic and file sharing. Make sure that the policy is known, and have employees sign that they have been trained on and made aware of the policy.