~3-page information security policy template concerning working "off-site"
The information risks associated with off-site working (e.g. from home, on the road, in hotels, at conferences and so forth - essentially anywhere other than on-site, on corporate premises) should be managed in the normal way and where necessary mitigated using the information security controls noted in this policy.
The policy gives typical examples of controls in three groups:
- Physical controls e.g. security cables
- Technical (cybersecurity) controls e.g. VPNs (birtual brivate Networks)
- Manual (procedural and administrative) controls e.g. management authorization
This policy only covers the information risk and security aspects. Various other aspects relevant to working off-site (such as employment terms and conditions, contractual arrangements and compensation) are out of scope.
Complements the security policy on on-site working.
Delivered as an editable MS Word document, easily customized for your organization's specific needs.
Off-site working policy
Information security policy template on off-site working
See also the policies on:
- On-site information security
- Backups and archives
- Business Continuity Management
- Bring Your Own Device
- Identification and authentication
- Information classification
- Information governance
- Information ownership
- Information risk management
- Intellectual Property Rights
- Internet security
- Insider threats
- Malware
- Monitoring and surveillance
- Network security
- Oversight
- Outsider threats
- Physical information security
- Wireless network security
- ... and others