Internal Rules: Difference between revisions

From Secure Group Wiki
Jump to navigation Jump to search
Line 155: Line 155:
* Sending offensive or inappropriate emails to our customers, colleagues or partners.
* Sending offensive or inappropriate emails to our customers, colleagues or partners.


=== Cellphone ===
==== Cellphone ====


===== Policy elements =====
===== Policy elements =====

Revision as of 09:05, 22 January 2020

Internal Rules

Employee Probationary Period

Policy brief & purpose

This policy clarifies the rules, conditions, and expectations for employees during their probationary period.

Scope

This policy applies to all employees of our Company. The Company will make an effort to ensure that its hiring procedures serve the purpose of recruiting the best employees for each open position. The probation period gives both employees and employers enough time to find out if their new employment relationship will eventually work out to the benefit of both.

Policy Elements

Employees on Probation

Those who can be placed in an employee probationary period include the following

  • New employees
  • Current employees who are promoted to another position, including but not only when it comes to a position of higher responsibility

The length of the probationary period is up to 6 months. It will be clearly stated in the employment contract. uring the probation period, the parties shall have all rights and duties as under a final employment contract. In the probation period not included in the time during which the employee has been on statutory leave, or has not performed the work for which the contract has been concluded for other valid reasons. An employment contract with a probation period with the same employee of the Company for the same position may be concluded only once.

Meaning of the Probation Period

The probationary period is the time between signing an employment contract and being granted final employment status – i.e. till the employment contract signed is considered concluded for indefinite period of time or, as the case may be, concluded for the fixed period of time set forth in the contract (in case of a fixed-term contract with probation period). It is a “trial period” during which the employee is being evaluated as a suitable fit for the position and the Company. A trial period clause may be envisaged in contracts concluded for an unlimited period of time as well as in fix term contracts. The respective employee who is under probation period will be given consistent feedback and coaching to have the chance to learn their new job and improve during the probationary period.

Before the end of the probation period, the manager will determine if the employee should be retained in the organization. This decision will be made by appraising the following criteria:

  • The skills, competencies, and knowledge of the employee on the job
  • The employee’s progress on given assignments
  • Their reliability, trustworthiness and other relevant personality characteristics of the employee
  • The employee’s relations and collaboration with subordinates, supervisors, and peers

However, the Company does not have the duty to justify its decision to retain or not the employee.

Procedure

  • If the employee is deemed unsuitable while on a probationary period, the employee may be terminated without the minimum prior notice mandated by law or provided for in the individual employment contract.
  • Termination may occur before the ending of the probationary period.
  • The employee will be officially notified in writing for the decision to terminate them.
  • Employees may still have to be dismissed for various reasons, after the end of the probationary period. In such cases, the company will follow labor law, legal guidelines and its own separation of employment policy.

Policy violation

In case the employee does not comply with the conditions of our Probationary Period, the following action will be taken:

  • Termination of Employment

Employee Code of Conduct

Policy brief & purpose

As an employee, you are responsible to behave appropriately at work. This policy outlines our expectations towards employee's conduct. We can’t cover every single case of conduct, but we trust you to always use your best judgment. Reach out to your manager or HR if you face any issues or have any questions.

Scope

This policy applies to all employees.

Dress Code

Policy Elements

These dress code rules always apply:

  • All employees must be clean and well-groomed.
  • All clothes must be work-appropriate. Clothes that are typical in workouts and outdoor activities aren’t allowed.
  • All clothes must project professionalism. Clothes that are too revealing or inappropriate aren’t allowed.
  • Our company’s official dress code is Casual.
  • If you frequently meet with clients or prospects, please conform to a more formal dress code. We expect you to be clean when coming to work and avoid wearing clothes that are unprofessional (e.g. workout clothes, too short or too revealing).

As long as you conform with our guidelines above, we don’t have specific expectations about what types of clothes or accessories you should wear.

Policy Violation

In case the employee does not follow the Dress Code, the following action will be taken:

  • Disciplinary action

Cybersecurity and digital devices

Take security seriously: Everyone, from our customers and partners to our employees and contractors, should feel that their data is safe. We can all contribute to this by being vigilant and keeping cybersecurity top of mind.

Policy Elements

There are guidelines for using computers, phones, our internet connection, and social media to ensure security and protect our assets. This category, as an exception, applies to all our employees, contractors and anyone who has permanent or temporary access to our systems and hardware.

Confidential data

Confidential data is secret and valuable. Common examples are:

  • Unpublished financial information
  • Data of customers/partners/vendors
  • Patents, formulas or new technologies
  • Customer lists (existing and prospective)

All employees are obliged to protect this data. In this category, we will give our employees instructions on how to avoid security breaches

Protect personal and company devices

When employees use their digital devices to access company emails or accounts, they introduce security risks to our data. We advise our employees to keep both their personal and company-issued computer, tablet and cell phone secure. They can do this if they:

  • Keep all devices password protected.
  • Ensure they do not leave their devices exposed or unattended.
  • Log into company accounts and systems through secure and private networks only.
  • Avoid accessing internal systems and accounts from other people’s devices or lending their own devices to others.
Manage passwords properly

Password leaks are dangerous since they can compromise our entire infrastructure. Not only should passwords be secure so they won’t be easily hacked, but they should also remain secret. We use a password management tool that generates and stores passwords. Employees are obliged to create a secure password for the tool itself, following the abovementioned advice.

Transfer data securely

Transferring data introduces security risk. Employees must:

  • Avoid transferring sensitive data (e.g. customer information, employee records) to other devices or accounts unless absolutely necessary. When mass transfer of such data is needed, we request employees to ask our System Administrators for help.
  • Share confidential data over the company network/ system and not over public Wi-Fi or private connection.
  • Ensure that the recipients of the data are properly authorized people or organizations and have adequate security policies.
  • Report scams, privacy breaches and hacking attempts.

Our System Administrators need to know about scams, breaches and malware so they can better protect our infrastructure. For this reason, we advise our employees to report perceived attacks, suspicious emails or phishing attempts as soon as possible to our specialists. Our System Administrators must investigate promptly, resolve the issue and send a companywide alert when necessary.

Additional measures

To reduce the likelihood of security breaches, we also instruct our employees to:

  • Turn off their screens and lock their devices when leaving their desks.
  • Report stolen or damaged equipment as soon as possible to HR and Employee Experience Expert
  • Change all account passwords at once when a device is stolen.
  • Report a perceived threat or possible security weakness in company systems.
  • Refrain from downloading suspicious, unauthorized or illegal software on their company equipment.
  • Avoid accessing suspicious websites.
  • We also expect our employees to comply with our social media and internet usage policy.

Our System Administrators will:

  • Install firewalls, anti-malware software, and access authentication systems.
  • Arrange for security training to all employees.
  • Inform employees regularly about new scam emails or viruses and ways to combat them.
  • Investigate security breaches thoroughly.
  • Follow these policies provisions as other employees do.
Remote employees

Remote employees must follow this policy’s instructions too. Since they will be accessing our company’s accounts and systems from a distance, they are obliged to follow all data encryption, protection standards, and settings, and ensure their private network is secure. We encourage them to seek advice from our System Administrators.

Policy Violation

In case the employee does not follow the Cybersecurity measures, the following action will be taken:

  • Disciplinary action: if a minor violation
  • Corrective Action Plan (CAP)
  • Termination of Employment: if a severe violation

If we suspect employees are engaged in suspicious or unethical activities, we reserve the right of investigating any sort of communication that occurred inside the Company's facilities or through the Company's devices.

Internet usage

Policy elements
What is appropriate employee internet usage?

Our employees are advised to use our company’s internet connection for the following reasons:

  • To complete their job duties.
  • To seek out information that they can use to improve their work.
  • We expect our employees to remain productive at work while using the internet.
  • Any use of our network and connection must follow our confidentiality and data protection policy.
What is inappropriate employee internet usage?

Our employees must not use our network to:

  • Browse, download or upload obscene, offensive or illegal material.
  • Send confidential information to unauthorized recipients.
  • Invade another person’s privacy and sensitive information.
  • Download or upload copyrighted material and software.
  • Visit potentially dangerous websites that can compromise the safety of our network and computers.
  • Perform unauthorized or illegal actions, like hacking, fraud, buying/selling illegal goods and more.

We also advise our employees to be careful when downloading and opening/executing files and software. If they’re unsure if a file is safe, they should ask the System Administrators. Employees must not deactivate or configure anti-virus settings and firewalls without managerial approval. We won’t assume any responsibility if employee devices are infected by malicious software, or if their personal data are compromised as a result of inappropriate employee use.

Company-issued equipment

We expect our employees to respect and protect our company’s equipment. “Company equipment” in this computer usage policy for employees includes company-issued phones, laptops, tablets, and any other electronic equipment, and belongs to our company. We advise our employees to lock their devices in their desks when they’re not using them. Our employees are responsible for their equipment whenever they take it out of their offices.

Policy Violation

In case the employee does not follow the Internet usage measures, the following action will be taken:

  • Disciplinary action: if a minor violation
  • Corrective Action Plan (CAP)
  • Termination of Employment and legal action: if a severe violation

Examples of severe violations are:

  • Using our internet connection to steal or engage in other illegal activities.
  • Causing our computers to be infected by viruses, worms or other malicious software.
  • Sending offensive or inappropriate emails to our customers, colleagues or partners.

Cellphone

Policy elements

We allow the use of cell phones at work. Personal phone use is allowed for not more than 2 mins. This is to make sure you can take phone calls in case of an emergency related to your family. You must not get distracted from your work. You must not disturb the other people in the room by making personal phone calls. You need to always make them on your break. Employees use company-issued phones for business purposes only and preserve them in perfect condition.

We won’t allow employees to:

  • Play games on the cell phone during working hours.
  • Use their cell phone’s camera or microphone to record confidential information.
  • Use their phones in areas where cell use is explicitly prohibited
  • Speak on their phones within earshot of colleagues’ working space during working hours.
  • Download or upload inappropriate, illegal or obscene material on a company cell phone using a corporate internet connection.
Policy Violation

Our company will monitor employees for excessive or inappropriate use of their cell phones. If an employee’s phone usage causes a decline in productivity or interferes with our operations, we’ll ban that employee from using their cell phones during working hours and the following action will be taken:

  • Disciplinary action: if a minor violation
  • Corrective Action Plan (CAP)
  • Termination of Employment: if a severe violation

Examples of severe violations are:

  • Cause a security breach.
  • Violate our confidentiality policy.