Document Control
| Field | Value |
|---|---|
| Document Title | Remote Data Security Policy |
| Document Owner | Human Resources |
| Version | 1.0 |
| Effective Date | {{effective_date}} |
| Review Cycle | Annual |
| Classification | Internal Use |
Purpose & Scope
Protect {{company_name}}'s information assets when accessed or processed outside the corporate office, in line with ISO 27001 control objectives.
Definitions
| Term | Definition |
|---|---|
| Endpoint | Any laptop, desktop, tablet or phone used to access company information. |
| Restricted Data | Data classified as Confidential or Restricted under the Data Classification Policy. |
Endpoint Standards
- Full-disk encryption (BitLocker / FileVault) enabled
- Device enrolled in MDM
- OS patches applied within {{patch_sla}}
- Anti-malware active and updated
- Screen-lock ≤ 5 minutes
Network Standards
- Home Wi-Fi secured with WPA2/WPA3
- Public Wi-Fi only with VPN
- Default router credentials changed
- Separate guest network for personal devices
Data Handling
| Classification | Allowed on Personal Devices | Cloud Storage |
|---|---|---|
| Public | Yes | Any approved |
| Internal | Approved devices only | Approved corporate |
| Confidential | Managed devices only | Approved corporate, encrypted |
| Restricted | Managed devices only with DLP | Restricted shares only |
Incident Reporting
- Report suspected incidents to {{security_email}} within 1 hour.
- Do not attempt to remediate without guidance.
- Preserve evidence and follow instructions from the incident response team.
Audits
Compliance with this policy is audited at least annually and following any significant incident.
Roles & Responsibilities
| Role | Responsibility |
|---|---|
| Employee | Comply with the policy and complete required forms accurately. |
| Line Manager | Review, approve and document decisions in line with this policy. |
| HR Business Partner | Provide guidance, monitor adherence and maintain records. |
| Department Head | Ensure department-level compliance and resourcing. |
Review Workflow
| Stage | Owner | SLA |
|---|---|---|
| Submission | Employee | Day 0 |
| Manager Review | Line Manager | 2 business days |
| HR Review | HR Business Partner | 3 business days |
| Final Decision | Department Head | 5 business days |
| Communication | HR | Within 1 business day of decision |
Notes
Use this space to capture additional context, attachments referenced, or any deviations from standard process. All notes form part of the official record.
Governing Law & Jurisdiction
This document is governed by the laws of {{jurisdiction}} and any disputes will be resolved in the competent courts of that jurisdiction. Where local statute or collective agreement provides more favourable terms to the employee, those terms prevail.
Confidentiality & Data Protection
All personal data captured under this document is processed in accordance with {{company_name}}'s Data Protection & Privacy Policy and applicable data-protection legislation (including GDPR/UK GDPR where relevant). Records are retained for {{retention_period}} and accessed only on a need-to-know basis.
Signatures
Related templates
Office Petty Cash SOP
This SOP outlines the procedures for managing petty cash within the office, ensuring proper record-keeping and accountability.
Leave Application SOP
This SOP outlines the procedure for employees to apply for leave, ensuring a standardized and efficient process.
Customer Letter for Departed Employee
This letter template informs customers about an employee's departure and introduces their new point of contact. This should be used to maintain clear communication and assure customers of continued service.
Acknowledgment of Merchandise Returned for Repair
This template is used by businesses to formally acknowledge the receipt of merchandise returned by a customer for repair services. It confirms the item received, its condition, and outlines the next steps in the repair process.