top of page

SecAware materials

SecAware logo

~3-page information security policy template concerning working "off-site".


The information risks associated with off-site working (e.g. from home, on the road, in hotels, at conferences and so forth - essentially anywhere other than on-site, on corporate premises) should be managed in the normal way and where necessary mitigated using appropriate information security controls.


The policy gives typical examples of controls in three groups:

  • Physical controls e.g. security cables for laptops;
  • Technical (cybersecurity) controls e.g. VPNs (Virtual Private Networks);
  • Manual (procedural and administrative) controls e.g. management authorisation, classification.


This policy only covers the information risk and security aspects.  Various other aspects relevant to working off-site (such as employment terms and conditions, contractual arrangements and compensation) are out of scope.  None of this is legal advice.


Naturally complements the security policy on on-site working.


Supplied as an MS Word document, readily customised for your organisation's specific situation.

Off-site working policy

bottom of page