When to use this
Use this register to track who is authorized to work remotely, from what location type, for which activities, with which data, equipment, and controls.
Related controls
- A.6.7 Remote Working
- A.5.15 Access Control
- A.5.18 Access Rights
- A.5.9 Inventory of Information and Other Associated Assets
Register
| Person/role | Location type | Authorized activities | Data allowed | Device/equipment | Required controls | Verified? | Review date | Owner |
|---|---|---|---|---|---|---|---|---|
| TBD | Home / public / customer site / temporary office | TBD | TBD | TBD | MFA, VPN, encryption, privacy screen, no printing | Yes / No | TBD | TBD |
Use notes
Authorization boundary
Remote access being technically possible is not the same as remote working being authorized.
- Template
- Iso27001
- Remote working
- People controls
Note Metadata
Aliases: Remote Work Register
Source: 90 Templates/Remote Working Authorization Register.md
Related Notes
- ISO 27001 A.5.15 - Access Control
- ISO 27001 A.5.18 - Access Rights
- ISO 27001 A.5.9 - Inventory of Information and Other Associated Assets
- ISO 27001 A.6.7 - Remote Working
- A.6 People Controls MOC
- A.6.7 Audit Evidence Pack
- A.6 People Controls Implementation Guide
- A.6 People Controls Audit Guide
- A.6 People Controls Implementation Audit Risk Mapping
- ISO 27002 Annex A Control Interpretation Map
- A.6.7 Audit Checklist
- Remote Working Security Checklist
- Templates MOC