Your organization has made the decision to resume operations, but there are a lot of steps that an organization needs to accomplish to have employees return to “normal”. The specific amount of effort involved will vary depending on the organization’s response to COVID-19. For some organizations that resisted the concept of Work From Home (WFH) prior to COVID-19, their response may have been a complete reversal of corporate standards. The task list below is a list of Information Technology related topics that most organizations need to consider when bringing their teams back to the office:Loaner
Equipment – Some of your employees may have needed to borrow some piece of equipment to allow them to effectively WFH. This includes extra monitors, printers, laptops, speakers, web cameras, etc.
Coordinate with Human Resources – Working with associates who have brought corporate assets to their home should be coordinated with Human Resources involvement.
o Formal Loan Process – Organizations should have a specific Standard Operating Procedure (SOP) for loaning equipment. If you have documentation of the equipment (Asset Tag, Serial Number, etc), make sure to record what has been received and/or missing. Communicate any discrepancies with Human Resources to discuss next steps.
o Informal Loan Process – Some organizations are not typically in the process of loaning equipment so their process may be very informal. In this scenario, it’s imperative to involve Human Resource in the retrieval of corporate assets.
Access Requests – With COVID-19 requiring quick responses to ensure business continuity, some typical SOP steps may not have been followed. With employees back in the office, it’s time to audit any system access that was granted without the formal documentation steps being followed. It’s necessary to get those request forms completed and filed for posterity in the event of an audit. It’s also highly recommended that some type of notation is on the form to indicate that the form was completed during the COVID-19 outbreak in case an auditor questions the timing of this activity.
Security Policy Adherence – If your organization opted to bypass your standard security policies, it’s time to correct these deficiencies once users are back in the office. For example, if your organization did not follow the password policy calling for mandatory password changes during the COVID-19 event, it’s time to flag those accounts so that the password change cadence is maintained according to your typical security policy.
Education/Information – Your organization may have scaled up the WFH environment and so there is a chance this environment may be modified going forward. It is important to keep the lines of communication open with your employees to ensure they aren’t assuming that all the same functionality exists from when the Information Technology team was mitigating the COVID-19 situation.