10 Things To Consider When Drafting Your Remote Working Policy

Guest Post by Marie Murphy, Fort Privacy

These days we are all talking about the “New Normal”. Whether we apply that to how we shop, or what’s happening in schools and creches or how the GAA is adapting to get people back playing games, there seems to be a general acceptance that for now at least things are going to move in a new direction and we need to adapt.

For a lot of us, the new normal of work will mean a lot more time spend accessing our office from a distance. What we used to call “remote working” and reserve for the special few is becoming just simply working and applied to many.

In March, a lot of companies pulled together remote working procedures in a hurry. Managers and IT staff were immediately concerned with keeping the lights on by making a very fast transition of the workforce from office to home working environments.

As the Covid-19 situation evolves, our organisations need to revisit these hastily assembled procedures and really think through the implications of remote working at scale and over the long term.

We always find putting a policy in place is an excellent exercise to bring clarity to these situations. It forces the company to consider the whats, whys and wherefores and take control of the situation rather than allowing the situation to take control of them.

So as a follow-up to the webinar delivered by Fort Privacy and CalQRisk [link to recording] this week we have compiled the 10 Things You Must Consider When Drafting Your Remote Working Policy.

  1. Who is eligible to work remotely? This could be a list of the roles that are suited to home working or event a decision that someone must be with the company for 12 months before it is considered possible to have them working outside the office.
  2. What is the approval process? Can the manager approve? Must it get a second line approval? Do you need to involve HR or IT to assess the remote work environment and infrastructure for suitability?
  3. What should the home working environment look like? Do you need to assess the space for suitability? Do you require the employee to have a dedicated workspace and what type of space qualifies and what does not? Will you require the employee to implement a clear desk policy in the home office? If the employee cannot provide a suitable space will you arrange for access to a suitable remote office facility?
  4. What about an assessment of the equipment Is there a desk, lighting, chair, storage? Who is responsible for providing equipment and what standards do you expect?
  5. What are the working conditions? Are remote workers expected to be at their desks for fixed hours or do you allow for more flexibility in the working arrangements?
  6. How will you measure employee performance and assess if the remote working arrangement is working for the employee and company? How will job performance be monitored? If the employee performance suffers, what action will be taken? Will the remote working arrangement be terminated?
  7. How will remote work accounts be managed to ensure secure remote access? How are the accounts granted, authenticated, and revoked?
  8. How will devices be configured and managed? What level of password protection, encryption, screen timeouts needs to be implemented? How will patch updates be pushed out and what anti-virus configuration will be implemented?
  9. What apps are authorised? What software applications are authorised to remote use, are these apps all configured with multi-factor authentication? Will remote workers be permitted to download applications to their devices and if so, how will this be monitored?
  10. If there is a security incident at home what should the remote worker report?  How quickly do you expect an incident to be reported to you?

Remote working is part of the new normal for a very significant portion of the workforce. In many cases it a new normal we want to hang onto because it eliminates terrible commutes and wasted hours in the car or on packed public transport. We work smarter and as an added bonus we get to spend more quality time with our families and friends. And the past few months have thrown a lot of us in the deep end and proven that it works.

If it is to continue to work, it’s time to start formalising the arrangements protecting your company and your employees and creating a healthy environment that everyone will benefit from.

Marie Murphy (marie.murphy@fortprivacy.ie) is co-founder and COO of Fort Privacy, an innovative data protection services company based in Cork offering clients outsourced Data Protection Officer Services, tailored compliance programmes and audits all based on the Fort Privacy Maturity Model Framework.

____________________

If you are interested in learning more about how CalQRisk can help with Control Registers, Control Testing and more, click here to contact us.

We would love to hear your opinion on what works and doesn’t work in your organisation in terms of the management of controls? Feel free to send your feedback  to us at enquiries@calqrisk.com.

Recent News

b&S credit union implement calqrisk

B&S Credit Union implement CalQRisk

B&S Credit Union implement CalQRisk – 90th credit union in Ireland to do so B&S Credit Union have ...
Read More

CalQRisk Announces Partnership with the Welsh Sports Association

CalQRisk is delighted to announce its partnership with The Welsh Sports Association. The Welsh Sports Association (WSA) is ...
Read More
laptop and writing in notebook

What is Good Governance?

What is good governance?  Governance can be defined as: “The system by which entities are directed and controlled. ...
Read More

CalQRisk at The Wheel Charity Summit, 2022

We recently attended The Wheel's Charity Summit, which took place on June 1st, 2022 in Croke Park's events ...
Read More
forward thinking imagery

Incident vs Crisis

What’s the difference between an incident and a crisis? Not every incident/event is a crisis, but it can ...
Read More
Logging in to attend a CalQRisk webinar

Operational Resilience vs Business Continuity 

At first glance, you might think Operational Resilience is just Business Continuity (BC) by another name, but there ...
Read More
Central bank of ireland building

Assessing your Outsourcing Governance Framework

In March 2022, the Central Bank of Ireland fined BNY Mellon Fund Services €10.78 million for 16 regulatory ...
Read More
laptops on a table doing risk reports

Cybersecurity – What are the risks?

With changes to working culture, and more people working from home than ever, businesses can see the importance ...
Read More
IWD2022 employee spotlight

International Women’s Day Spotlight – Fiona Kiely

It's International Women's Day and today we would like to shine the spotlight on our very own Fiona ...
Read More
risk assessment

10 Key Steps to getting Operational Resilience off the ground

It can seem daunting to begin a brand-new process for your business. However, risk assessments are an easy ...
Read More