Cody Lardizabal
$35/hr
COO-As-A-Service and OBM Specializing in Operations | More than 10 years of Operations experience
- Reply rate:
- -
- Availability:
- Full-time (40 hrs/wk)
- Age:
- 41 years old
- Location:
- Bangkok, Bangkok, Thailand
- Experience:
- 10 years
Operations Mgmt: Security Compliance
Program XYZ Security and Zero Tolerance Policy
AGENDA
OBJECTIVES
PROCESS MAP AND TIMELINE
TIMELINES AND PROCESS
GUIDELINES AND POLICIES
AUDIT PROCESS
CONSEQUENCE MANAGEMENT
ATTACHMENT
OBJECTIVES
Ensure Program XYZ employees and leaders are calibrated on and compliant to Security Policies impacting the customers and “the
Client” as a business.
Provide a structure on the compliance audit process that includes process, resources, owners, timelines and communication of results.
Ensure we have Zero Tolerance for non-compliance and execute Corrective Action for those who fail to comply as aligned with
Company ABC.
PROCESS MAP AND TIMELINE
Item / Activity
Details / Resources
Owner
Participants
Timeline
Rollout to Leaders
Program XYZ Security Policy and Zero
Tolerance Policy Discussion with
leaders
Operations
Manager/
Shift Manager
Team Managers
April 12 to April
14 MNL
Rollout to Leaders
MS Program XYZ Security Policy and
Zero Tolerance Policy Discussion with
SPs and support employees
Team Managers
SPs
Senior SPs
Workforce Analysts
April 15 to April
16 MNL
Floor and
Employee Audit
Check for understanding across SPs
and support employees and floor /
workstation audits
Operations
Manager/
Shift Manager
Team Managers
Starting April 16
MNL
Audit Results
Communication
Communication of Policy Rollout
Completion Rate and Audit Results to
Stream Upper Management and Client
POCs
Operations
Manager/
Shift Manager
N/A
Bi-weekly
starting April 21
MNL
GUIDELINES AND POLICIES
1)
2)
3)
Paperless Environment
a. No SPs are allowed to bring in or use any paper within the operations area as well as bring out any paper from operations
unless documents such as those issued and approved for hard copy distribution by the HR Team.
b. All team manager documents in hard copy (coaching logs, meeting notes, notebooks, cheat sheets, etc.) are to be kept
and locked in individual pedestal drawers provided to them by the company.
No Personal Belongings
a. No SPs are allowed to bring in any personal belongings into the operations area, these are to be kept in lockers that have
been issued to them by the company.
No Recordable Gadgets
a. No SPs are allowed to bring any recordable gadgets (mobile phones, music players, camera, netbooks, laptops, etc.) into
the operations area
Owner: Carlo Denis Lardizabal, Process Lead Manager, Program XYZ
Date: April 22, 2013
b.
4)
5)
6)
Only Managers and Support POCs who have been provided authorization through the Security Process and by the Security
Group are allowed to bring in Stream-issued mobile phones or laptops into the operations area
Customer Information Protection
a. All employees (SPs, support employees, managers) are not allowed to save in soft or hard copy any customer-related
information such as Personal Identifiable information (customer name, billing address, contact numbers, email address),
credit card number and/or the last 4 digits of the customer’s credit card number
b. Fortification – all employees (SPs and/or managers) must not ask any Personal Identifiable Information within any chat
interaction
Use of Company and Client Equipment
a. All employees (SPs, support employees, managers) are not allowed to use any company equipments such as PCs or hard
phones for non-business related activities
b. Client proved PCs and Crash Boxes are strictly for business related use and cannot be used for the following activities:
i. Social Network Websites browsing
rd
ii. 3 Party Websites / Search Engines
rd
iii. 3 Party Browsers
c. Locking of Workstations – all employees (SPs, support employees, managers) are required to lock their workstation upon
leaving their work area and are required to log-off from their workstation upon ending their shift daily
Credentials Security
a. All employees (SPs, support employees, managers) are not allowed to share any Company or Client credentials
(workstation login, HR login, payroll login, Case Management login)
AUDIT PROCESS
1)
2)
3)
A Security Checklist will be updated and submitted by each TM daily to the Shift Manager and daily audits across employee
workstations will be run by Operations Manager and Shift Manager.
Stream Security Personnel will also continue doing their daily and regular floor checks within the Program XYZ operations area.
The Operations Manager and Shift Manager will be responsible for ensuring audits are happening daily and audit results are being
communicated to the Clients twice-a-month. This is set to be sent every Monday MNL shift covering audit results for the previous
2 weeks.
CONSEQUENCE MANAGEMENT
1)
2)
3)
Any employee found to be non-compliant to the Program XYZ Security and Zero Tolerance Policy will be issued Disciplinary Action
as aligned with the Company’s Code of Discipline.
Any Manager who fails to issue Disciplinary Action to any direct report who has incurred a Security Infraction following the process
and the timeline required by the HR Group will undergo Disciplinary Action as aligned with the Company’s Code of Discipline.
An immediate pullout from the account shall be implemented for any employee (SPs, support employees, managers) who has
incurred an infraction against the Security and Zero Tolerance Policy deemed by the Client as either fraudulent or critical in nature.
ATTACHMENTS
1)
2)
Audit Checklist
Discussion Acknowledgement Sheet
Owner: Carlo Denis Lardizabal, Process Lead Manager, Program XYZ
Date: April 22, 2013
Program XYZ TM Daily Security Checklist
Team Manager Name
Shift Manager Name
Week Starting
Security Item
Shift Date (MNL)
1) No SPs with mobile phones,
recordable gadgets, personal
belongings or paraphernalia
2) No SPs have any pens or paper,
no SP workstations with pen or
paper
3) No TM documents (coaching log,
clipboard, etc.) have not been left
on agent workstations
4) No PII saved in soft or hard copy
by any SP as audited through sideby-sides, service observes and
MBWA
5) No Company or Client
credentials being shared as audited
through side-by-sides, service
observes and MBWA
6) No workstations or Client
provided Crash Boxes being used
for non-business related activities
as audited through MBWA
7) No workstations left unlocked by
SPs going on break
8) No workstations left without
logging off by any employee
9) No documents, pens or paper
left on TM workstations by end-ofshift
Comments
(Specific Infraction and Name of
Employee with Infraction if any)
Owner: Carlo Denis Lardizabal, Process Lead Manager, Program XYZ
Date: April 22, 2013
Shift Date (MNL)
Shift Date (MNL)
Shift Date (MNL)
Shift Date (MNL)
Acknowledgment Sheet
This is to acknowledge discussion of the items noted below, its rationale, scope, definition of terms, guidelines and procedures and the
Corrective Action for any infraction against policies included on the discussion. I understand it is my responsibility as an employee of the
Company to respect & abide by the given Policies & that failure to do so shall lead to proper Disciplinary Action.
TOPIC: Program XYZ Security and Zero Tolerance Policy
Employee
ID
Last Name, First Name
TM Name: _______________________________
TM Signature: ____________________________
Shift Manager Name: _________________________
Shift Manager Signature: ______________________
Operations Manager Name: _________________________
Operations Manager Signature: ______________________
Owner: Carlo Denis Lardizabal, Process Lead Manager, Program XYZ
Date: April 22, 2013
Signature
Date (MNL)
