Importance of Onboarding agreement

As it was concluded in the previous Lecture, the Onboarding Agreement is a legally binding document between the Teleworker (employee, partner) and the Company. The agreement defines the rules of participation of each Teleworker in the collaboration space of the Company, as it was demonstrated in the Lecture Collaboration space design completed.

As you have noticed in the previous lecture the Novitech agreement structure in principle follows the Telework support process template. They customized it to their own company terminology and relevance, which is a good practice.

The purpose of the Agreement:

  • To specify the rules of participation with indicating the clear commitment of the parties for each item (responsibility: Company, Employee C+E jointly).
  • In a readable natural language form with a clear interpretation of the rules to all concerned stakeholders.

Concerned Stakeholders of the Onboarding agreement:

  1. The Teleworker, to know what his/her rights and duties (including NDA) are.
  2. HR Unit acting in the name of the company (aspects, education, social services). Approval needed.
  3. Finance unit: to notify eligible overtime and connection costs categories of the Teleworker for reimbursement.
  4. Supervisor of Teleworker: to be informed the agreement scope is in line with the job description of the Teleworker. Approval needed.
  5. IT Security specialist: to transfer the access rules defined in a natural language to a computer language (setting access rights and service security setups). Setup confirmation required.
  6. Telework help desk: to notify what help is the Teleworker is entitled to.
  7. Other relevant stakeholders: leader of the project(s) where the Teleworker is participating (matrix organization).
  8. Clients: in case Teleworker cooperates with clients and his/her access rights are changed by this Onboarding Agreement (or termination of the employment contract, etc.).

And at last and not least: The Telework Process Manager (TPM) of the company:

  • First, shall supervise the Onboarding processes are completed and duly documented as it is prescribed in the Onboarding process company standard.
  • Shall follow, stakeholder comments/approvals to Agreement with Teleworker and then grant final approve/reject or initiate a change of the proposed Agreement.

The approval and notification workflow among the 8 (or more) stakeholders shall be automated to ensure the process is performed correctly. But some of the issues (e.g. notification of Clients, change of agreement,…) may require personal interventions of TPM with stakeholders.

In addition to workflow automation management, the strategic task of TPM is to ensure and facilitate efficient and secure collaboration. In this view the TPM shall:

  • Mitigate the security leak risks, by organizing regular (quarterly) efficiency and security audits of the Collaboration digital space by independent auditors
  • Assess the Telework maturity level of the company (described in Module M1) and propose Telework innovation actions for the CEO and to the Board of Directors.
  • Promote win-win tangible and intangible benefit examples of the extended collaboration workspace of the Company.

And our last hint for TPM indeed should be the first one, "BE READY FOR PLAN B", for the following scenarios which can happen sooner or later:

  • Your collaboration platform (Content and services) is attacked by hackers
  • Internal error in your service developed internally causes data and financial damages (recently a reimbursement workflow error of an insurance company caused 2.9m euro overpayments to clients )
  • Leak of sensitive information (e. g. list of client data) by a wrong profile setup (enabled client report download)
  • Breach of Onboarding agreement discipline by a stakeholder (leaving from a restaurant forgot login data in his purse on the table what was then stolen)

Unfortunately, an extension of the collaboration space (de facto for work from anywhere) also increases the risk and vulnerability of your platform.

How to be ready to act immediately when these scenarios happen? Develop action plans with your team TPM team members and prevention against these scenarios:

  • Implicit organizational prevention. There is a good example of Luxembourg Financial Supervision Authority (CSSF): Governance and security requirements
  • Regular archive of everything if your content is not maintained in the cloud
  • Perform regular stress tests of your platform resilience

In the next lecture, you will learn about further defense approaches, too.

Complete and Continue  
Discussion

0 comments