10 Things To Consider When Drafting Your Remote Working Policy

Guest Post by Marie Murphy, Fort Privacy

These days we are all talking about the “New Normal”. Whether we apply that to how we shop, or what’s happening in schools and creches or how the GAA is adapting to get people back playing games, there seems to be a general acceptance that for now at least things are going to move in a new direction and we need to adapt.

For a lot of us, the new normal of work will mean a lot more time spend accessing our office from a distance. What we used to call “remote working” and reserve for the special few is becoming just simply working and applied to many.

In March, a lot of companies pulled together remote working procedures in a hurry. Managers and IT staff were immediately concerned with keeping the lights on by making a very fast transition of the workforce from office to home working environments.

As the Covid-19 situation evolves, our organisations need to revisit these hastily assembled procedures and really think through the implications of remote working at scale and over the long term.

We always find putting a policy in place is an excellent exercise to bring clarity to these situations. It forces the company to consider the whats, whys and wherefores and take control of the situation rather than allowing the situation to take control of them.

So as a follow-up to the webinar delivered by Fort Privacy and CalQRisk [link to recording] this week we have compiled the 10 Things You Must Consider When Drafting Your Remote Working Policy.

  1. Who is eligible to work remotely? This could be a list of the roles that are suited to home working or event a decision that someone must be with the company for 12 months before it is considered possible to have them working outside the office.
  2. What is the approval process? Can the manager approve? Must it get a second line approval? Do you need to involve HR or IT to assess the remote work environment and infrastructure for suitability?
  3. What should the home working environment look like? Do you need to assess the space for suitability? Do you require the employee to have a dedicated workspace and what type of space qualifies and what does not? Will you require the employee to implement a clear desk policy in the home office? If the employee cannot provide a suitable space will you arrange for access to a suitable remote office facility?
  4. What about an assessment of the equipment Is there a desk, lighting, chair, storage? Who is responsible for providing equipment and what standards do you expect?
  5. What are the working conditions? Are remote workers expected to be at their desks for fixed hours or do you allow for more flexibility in the working arrangements?
  6. How will you measure employee performance and assess if the remote working arrangement is working for the employee and company? How will job performance be monitored? If the employee performance suffers, what action will be taken? Will the remote working arrangement be terminated?
  7. How will remote work accounts be managed to ensure secure remote access? How are the accounts granted, authenticated, and revoked?
  8. How will devices be configured and managed? What level of password protection, encryption, screen timeouts needs to be implemented? How will patch updates be pushed out and what anti-virus configuration will be implemented?
  9. What apps are authorised? What software applications are authorised to remote use, are these apps all configured with multi-factor authentication? Will remote workers be permitted to download applications to their devices and if so, how will this be monitored?
  10. If there is a security incident at home what should the remote worker report?  How quickly do you expect an incident to be reported to you?

Remote working is part of the new normal for a very significant portion of the workforce. In many cases it a new normal we want to hang onto because it eliminates terrible commutes and wasted hours in the car or on packed public transport. We work smarter and as an added bonus we get to spend more quality time with our families and friends. And the past few months have thrown a lot of us in the deep end and proven that it works.

If it is to continue to work, it’s time to start formalising the arrangements protecting your company and your employees and creating a healthy environment that everyone will benefit from.

Marie Murphy (marie.murphy@fortprivacy.ie) is co-founder and COO of Fort Privacy, an innovative data protection services company based in Cork offering clients outsourced Data Protection Officer Services, tailored compliance programmes and audits all based on the Fort Privacy Maturity Model Framework.

____________________

If you are interested in learning more about how CalQRisk can help with Control Registers, Control Testing and more, click here to contact us.

We would love to hear your opinion on what works and doesn’t work in your organisation in terms of the management of controls? Feel free to send your feedback  to us at enquiries@calqrisk.com.

Recent News

CalQRisk wins CIR Risk Management Product of the Year

CalQRisk, an Irish-developed software application, has won Risk Management Product of the Year in the recent Risk Management ...
Read More
Database

How to Prepare for Cyber Attacks

The potential for cyber-attacks is an ever-increasing concern. Daily, there are stories about organisations, both large and small ...
Read More
Central bank of ireland building

Central Bank of Ireland releases Discussion Paper on the Review of the Consumer Protection Code (CPC)

The Central Bank of Ireland has released a Discussion Paper on the review of the Consumer Protection Code. ...
Read More

CalQRisk attends the MATs Summit 2022

CalQRisk is delighted to be exhibiting at the MATs Summit 2022 in Stratford-Upon-Avon on October 13th and 14th. ...
Read More

CalQRisk attends the Charities Leadership Summit 2022

CalQRisk will be in attendance at the Charities Leadership Summit on September 15th, 2022.   This year's summit ...
Read More
Brokers Ireland Logo

CalQRisk attends the Brokers Ireland Meet the Market Day 2022

CalQRisk will be in attendance at the Brokers Ireland Meet the Market Day at the RDS on September ...
Read More

CalQRisk is Attending the CUMA Autumn Conference

CalQRisk will be attending the CUMA Autumn Conference on Sustainability and Strategy. The conference takes place on September  ...
Read More
laptops on a table doing risk reports

What is Operational Resilience?

Many organisations aim to be operationally resilient, however, what this means and how to practically achieve it can ...
Read More

CalQRisk Shortlisted for CIR Risk Management Awards 2022

CalQRisk is delighted to be shortlisted for the Risk Management Product of the Year at the CIR Risk ...
Read More

Featured Risk and the Failure to Establish a Risk Conscious Culture

One of the first banking scandals of scale was the fraudulent Treasury securities bids by Salomon Brothers traders ...
Read More