Professional Documents
Culture Documents
HR Policy
No part of this documentation may be reproduced or transmitted in any form or by any means, electronic
or mechanical, including photocopying or recording, for any purpose without express written permission of
the CEO of <Company Name Here>.
© 2021, <Company Name Here>. All Rights Reserved
Revision History
Ver Change Description Prepared By Reviewed By Approved Date
No. By
Table Of Contents
1
Table Of Contents 3
1. Objective 4
2. Scope and Applicability 4
3. Definition/Glossary 4
4. Policy / Process 5
4.1. Security & Confidentiality 5
4.2. ID Badge Policy 5
4.3. Clear Desk Clear Screen Policy 5
4.4. Personal Assets 6
4.5. Protection of Company Assets 6
4.6. Assessment Movements 6
4.7. Communication 6
4.8. Copyrights Policy 6
4.9. Protection Against Virus from Mobile Devices (Laptops) 6
4.10. Physical Security of Mobile Devices 7
4.11. Protection of Sensitive Data on Mobile Devices 8
4.12. Right to Trace User Activity 8
4.13. Employee Responsibility towards Business Continuity 8
4.14. Email 9
4.15. Spam Filtering 9
4.16. Social Networking Sites 10
4.17. Blogging 10
4.18. General Internet Access 11
4.19. Remote Access 11
5. Special Circumstance and Exception 12
6. Non-compliance and Consequence 12
1.Objective
The intent of this policy is to establish guidelines for the employees using <Company
Name Here>’s network facilities, including computer hardware, printers, software, e-
mail and internet access tools, collectively called “Information Technology Assets”.
This policy is in place to protect <Company Name Here> and it’s employees from
any inappropriate use of these assets which may lead to risks including virus
attacks, compromise of network systems and services, confidential data, Company’s
intellectual properties and related legal issues.
3.Definition/Glossary
4.Policy / Process
√ Screensavers shall be activated if the systems are not being used for
more than 2 minutes.
√ Sensitive documents are stored securely and handled with care.
4.7. Communication
√ Employees shall take appropriate care not to compromise on information
security while using various modes of communication like email, verbal
discussions and phone.
4.14. Email
√ Email is to be used for company’s business purpose only
4.17. Blogging
√ Personal blogs, micro blogs and websites should not reveal confidential
information about <Company Name Here>. This might include aspects of
<Company Name Here> policies or details of internal <Company Name
Here> discussions. If in doubt about what might be confidential, staff
members should consult their reporting manager.
√ Personal blogs, micro blogs and websites should not be used to attack or
abuse colleagues. Staff members should respect the privacy and the
feelings of others.
√ If a staff member thinks something on their blog, micro blog or website
gives rise to concerns about a conflict of interest, and in particular
concerns about impartiality or confidentiality, this must be discussed with
their reporting manager.
√ If a staff member is offered payment to produce a blog or microblog for a
third party, this could constitute a conflict of interest and must be
discussed with their reporting manager.
Users :
√ Shall comply with country/region specific moral codes at all times
www.greythr.com