Standard Operating Procedure (SOP)

Table of Contents

1. Purpose
2. Scope
3. Responsibilities
4. Definitions
5. Procedures
o 5.1 Sending Emails
o 5.2 Receiving Emails
o 5.3 Organizing Emails
o 5.4 Archiving Emails
o 5.5 Deleting Emails
o 5.6 Confidentiality and Security
o 5.7 Out of Office Message
o 5.8 Auto Reply
o 5.9 Ownership of Email Accounts
o 5.10 Change of Email Custodian
o 5.11 Closing/Deactivation of Email Accounts
o 5.12 Email Storage Management
o 5.13 Prohibition of Personal Email Use
o 5.14 Cyber Security Measures
o 5.15 Virus Scanning of Attachments
o 5.16 Reporting Security Incidents
o 5.17 Email Formatting Standards
o 5.18 Two-Step Authentication
o 5.19 Accessing Emails During Absence
o 5.20 Secure Email Access Protocol
6. Training
7. Compliance
8. Review and Revision
9. Acknowledgment

1. Purpose

The purpose of this SOP is to provide clear guidelines for managing email communications at
M/s. Testing Solutions. Effective email management is essential for operational efficiency,
maintaining confidentiality, and ensuring cybersecurity.

2. Scope

This policy applies to all employees, contractors, and third-party service providers who
utilize company email accounts.

3. Responsibilities

 All Employees: Adhere to the guidelines established in this SOP.

 Department Heads: Ensure team members understand and comply with this policy.
  IT Department: Maintain the email system, manage email account changes, and provide
support.

4. Definitions

 Email Account: A digital mailbox assigned to employees for communication.

 Sectional Email: A shared email account not owned by an individual employee.
 Custodian: A designated person responsible for managing an email account.

5. Procedures

5.1 Sending Emails

1. Format: Use a professional font (e.g., Arial, Calibri) in size 11 or 12, with black color for text.
2. Subject Line: Clearly describe the email's purpose (e.g., "Project Update," "Meeting
Request").
3. Content Structure:
o Salutation: Address the recipient appropriately (e.g., "Dear [Name]").
o Body: Be concise and clear. Use bullet points for lists to enhance readability.
o Closing: Use a standard closing (e.g., "Best Regards," followed by your name).
4. Signature: Include a standardized signature block with your full name, title, department, and
contact information.
5. Attachments: Mention attachments in the body. Ensure they are virus-scanned before
sending.

5.2 Receiving Emails

1. Regular Monitoring: Check your email at least every 2 hours and respond within 24 hours.
2. Spam Filtering: Review spam/junk folders regularly and delete unnecessary emails.
3. Suspicious Emails: Do not open emails from unknown sources or that appear suspicious.
Report them immediately.

5.3 Organizing Emails

1. Folders: Create subfolders for projects, clients, or categories for efficient organization.
2. Tags: Utilize tags or flags for prioritizing important emails for follow-up.

5.4 Archiving Emails

1. Retention Policy: Archive emails not needed regularly but may be important in the future
according to the company's retention policy.
2. Periodic Review: Regularly review archived emails and delete those no longer required.

5.5 Deleting Emails

1. Routine Maintenance: Delete emails that are no longer relevant to keep the inbox organized.
2. Trash Management: Empty the trash folder weekly to free up storage space.
5.6 Confidentiality and Security

1. Sensitive Information: Never share confidential company information via unsecured email.
2. Two-Step Authentication: Enable two-step authentication on your email account to enhance
security.

5.7 Out of Office Message

1. Setting Automatic Replies: Configure an out-of-office message when away from the office.
o Content: Include the duration of your absence and alternative contact information
for urgent matters.

5.8 Auto Reply

1. Configuration: Set up an auto-reply feature to inform senders of your unavailability and

provide expected response times.

5.9 Ownership of Email Accounts

1. Shared Accounts: Ensure sectional email accounts are accessed only by designated
personnel.

5.10 Change of Email Custodian

1. Transition Protocol: If an employee retires, transfers, or is suspended, the IT department will

assign a new custodian for the email account.
2. Documentation: Keep a record of changes for accountability.

5.11 Closing/Deactivation of Email Accounts

1. Exit Procedures: Upon retirement, transfer, or termination, deactivate or delete the email
account following the company's exit protocol.
2. Data Archiving: Archive any necessary data before deactivation.

5.12 Email Storage Management

1. Default Limit: The default email storage limit is 50 GB.

2. Requests for Changes: Employees can request an increase or decrease in storage space to
the IT department when necessary.

5.13 Prohibition of Personal Email Use

1. No Personal Accounts: Employees must not use personal email accounts (e.g., Yahoo, Gmail)
for business communication on office devices.

5.14 Cyber Security Measures

1. Email Precautions: Always exercise caution when reading emails, especially when clicking on
links or downloading attachments.
2. Secure Connection: Do not access company email over unsecured Wi-Fi networks.
5.15 Virus Scanning of Attachments

1. Mandatory Scanning: All downloaded files, particularly email attachments, must be scanned
for viruses before opening.

5.16 Reporting Security Incidents

1. Immediate Reporting: Report any suspected phishing attempts or suspicious emails to

management and the cybersecurity team immediately.

5.17 Email Formatting Standards

1. Consistency in Formatting: Maintain a professional email format using standard font styles,
sizes, and colors to reflect company decorum.

5.18 Two-Step Authentication

1. Security Protocol: All email accounts must have two-step authentication enabled, including a
strong password and verification methods (e.g., OTP, biometric).

5.19 Accessing Emails During Absence

1. No Access: Do not open or access another employee’s email account if they are on leave or
absent without proper authorization.

5.20 Secure Email Access Protocol

1. Logout Requirement: Always log out from your email account when not in use, especially on
shared or public computers.

6. Training

All employees will receive training on this email management SOP during their onboarding
and periodic refreshers as required.

7. Compliance

Non-compliance with this SOP may result in disciplinary action, including termination of
employment. Regular audits may be conducted to ensure adherence.

8. Review and Revision

This SOP will be reviewed annually and updated as necessary to reflect changes in
technology, legislation, or company policy.
Standard Operating Procedure (SOP)
Biometric Entry and Attendance Management

Company: M/s. Testing Solutions

SOP Number: TS-SOP-004
Effective Date: [Insert Date]
Review Date: [Insert Date]
Prepared by: [Your Name]
Approved by: [Manager's Name]

Table of Contents

1. Purpose
2. Scope
3. Responsibilities
4. Definitions
5. Procedures
o 5.1 Registration of Employees
o 5.2 Data Entry in Biometric System
o 5.3 Daily Use of Biometric System
o 5.4 Attendance Recording
o 5.5 Server Room Access Protocol
o 5.6 Record Maintenance and Archiving
o 5.7 Verification of Records
6. Training
7. Compliance
8. Review and Revision
9. Acknowledgment

1. Purpose

The purpose of this SOP is to outline the procedures for biometric entry and attendance
management at M/s. Testing Solutions, ensuring security, accountability, and accurate
attendance tracking.

2. Scope

This policy applies to all employees, contractors, and authorized personnel accessing the
office and server room.

3. Responsibilities

 HR Department: Responsible for employee registration in the biometric system.

 IT Department: Responsible for maintaining the biometric system and its security.
  Security In-Charge: Oversees the enforcement of biometric access protocols.
 Admin Officer: Conducts regular verification of biometric records.

4. Definitions

 Biometric System: A device that uses fingerprint or facial recognition technology for
identification and attendance tracking.
 Authorized Personnel: Employees permitted to enter secure areas, such as the server room.
 Attendance Record: The log of entry and exit times of employees for attendance verification.

5. Procedures

5.1 Registration of Employees

1. New Employees and Contractors:

o HR will register new employees and contractors in the biometric system during their
onboarding process.
o Collect necessary documentation such as ID proof, employment contract, and other
relevant details.
2. Registration Process:
o The HR representative will input the employee's information into the biometric
system.
o The registration includes personal details such as:
 Full Name
 Employee ID
 Designation
 Department
 Contact Information
 Date of Joining

5.2 Data Entry in Biometric System

1. Biometric Details:
o Capture the employee’s biometric data, including:
 Fingerprint Scanning: Scan the employee’s fingers (usually the index and
middle fingers) to create a digital template.
 Facial Recognition: If applicable, capture a facial image for facial recognition.
2. Confirmation:
o The employee must verify their fingerprint and facial data to ensure accuracy.

5.3 Daily Use of Biometric System

1. Entry and Exit:

o Employees must use the biometric device to register their entry and exit at the main
entrance daily.
o Biometric authentication is mandatory; no entry will be granted without successful
biometric verification.
5.4 Attendance Recording

1. First and Last Entry Record:

o The biometric system will record the first and last entry of each employee daily for
attendance purposes.
2. Compulsory Check-In and Check-Out:
o Both entry (punch-in) and exit (punch-out) must be recorded for attendance to be
considered valid.
o Employees are responsible for ensuring their attendance is marked properly.

5.5 Server Room Access Protocol

1. Authorized Access Only:

o Access to the server room is restricted to authorized IT staff only.
2. Biometric Access Control:
o The biometric system for the server room will include only selected IT personnel.
This ensures that sensitive information and equipment are secure.

5.6 Record Maintenance and Archiving

1. Physical Record Maintenance:

o Maintain physical records of all biometric registrations and attendance logs in a
secure location.
2. Archiving Records:
o Upon transfer, termination, retirement, suspension, or death of an employee, their
biometric data will be archived to prevent unauthorized access.
o Archived records will be stored securely and can only be accessed by authorized
personnel for audit purposes.

5.7 Verification of Records

1. Regular Audits:
o The Admin Officer and Security In-Charge will conduct regular checks to verify the
accuracy and integrity of biometric records.
o Ensure that all registered employees are listed and that archived records are
properly maintained.

6. Training

All employees will receive training on the biometric entry system during their onboarding
and refresher training sessions as needed. Training will cover the registration process, daily
use, and security protocols.

7. Compliance

Non-compliance with this SOP may lead to disciplinary action, including termination of
employment. Regular audits will be conducted to ensure adherence to this policy.

8. Review and Revision

This SOP will be reviewed annually and updated as necessary to reflect changes in
technology, policy, or operational requirements.

9. Acknowledgment

I have read and understood the Biometric Entry and Attendance Management SOP.

Employee Name: ________________________

Signature: _____________________________
Date: _________________________________

This SOP provides a detailed framework for managing biometric entry and attendance at M/s.
Testing Solutions. Feel free to modify or expand on any sections to meet specific company
needs or compliance requirements!

==

Standard Operating Procedure (SOP)

Use of IT Peripherals

Company: M/s. Testing Solutions

SOP Number: TS-SOP-005
Effective Date: [Insert Date]
Review Date: [Insert Date]
Prepared by: [Your Name]
Approved by: [Manager's Name]

Table of Contents

1. Purpose
2. Scope
3. Responsibilities
4. Definitions
5. Procedures
o 5.1 Issuing of IT Peripherals
o 5.2 Custodian Form Filling
o 5.3 Maintenance and Cleanliness
o 5.4 Safety and Security
o 5.5 Proper Use of Devices
o 5.6 Reporting Device Issues
o 5.7 Daily Shutdown Procedures
o 5.8 Incident Reporting
 o 5.9 Replacement Requests
o 5.10 New Device Requests
o 5.11 Surrendering Devices
o 5.12 Data Management upon Surrender
o 5.13 Cybersecurity Measures
6. Training
7. Compliance
8. Review and Revision
9. Acknowledgment

1. Purpose

The purpose of this SOP is to establish a standardized procedure for the management and use
of IT peripherals at M/s. Testing Solutions to ensure their proper utilization, maintenance,
security, and compliance with cybersecurity policies.

2. Scope

This policy applies to all employees of M/s. Testing Solutions who utilize any IT peripherals,
including PCs, laptops, printers, scanners, and associated accessories.

3. Responsibilities

 IT Department: Responsible for issuing devices, maintenance, and addressing technical

issues.
 Employees: Responsible for the proper use, care, and reporting of devices assigned to them.
 Security Office: Oversees incident reporting and security measures.
 Admin Department: Manages records related to device issuance and surrender.

4. Definitions

 IT Peripherals: Devices that are connected to a computer to add functionality, including PCs,
laptops, printers, scanners, and input/output devices.
 Custodian: The employee responsible for the care and use of a specific IT peripheral.

5. Procedures

5.1 Issuing of IT Peripherals

1. Request Process:
o Employees must submit a request to the IT department for the necessary
peripherals.
o Requests should include the type of device, justification for the need, and expected
duration of use.
2. Approval:
o The IT manager reviews the request and grants approval based on availability and
need.
3. Issuance:
 o Once approved, the IT department will issue the requested device to the employee.

5.2 Custodian Form Filling

1. Form Completion:
o Upon issuance, the employee must complete a custodian form detailing the devices
received.
o The form includes the following information:
 Employee Name
 Employee ID
 Device Type and Serial Number
 Date of Issue
2. Acknowledgment:
o The employee signs the form, acknowledging their responsibility for the device’s care
and use.

5.3 Maintenance and Cleanliness

1. Device Cleanliness:
o Employees are responsible for maintaining the cleanliness of their assigned devices.
o Regular cleaning of screens, keyboards, and peripherals should be conducted using
appropriate cleaning materials.
2. Regular Inspections:
o The IT department will conduct periodic inspections to ensure devices are kept clean
and in good working condition.

5.4 Safety and Security

1. Physical Security:
o Employees must ensure that devices are secured when not in use, especially laptops
and portable devices.
o Lock devices and use cable locks when necessary.
2. Password Protection:
o Devices must be password-protected to prevent unauthorized access.

5.5 Proper Use of Devices

1. Usage Guidelines:
o Employees must use devices for work-related purposes only.
o Personal use should be minimized and in accordance with company policies.
2. Software Installation:
o Employees are prohibited from installing unauthorized software or making
significant changes to device settings without IT approval.

5.6 Reporting Device Issues

1. Issue Reporting:
o Employees must report any issues with their devices to the IT department
immediately.
o A helpdesk ticket may be generated for tracking purposes.
2. Service Response:
 o The IT department will assess the issue and dispatch AMC engineers for repairs if
necessary.

5.7 Daily Shutdown Procedures

1. End-of-Day Shutdown:
o Employees must properly shut down or log off their devices at the end of each
workday.
o All work should be saved before shutdown to prevent data loss.

5.8 Incident Reporting

1. Reporting Incidents:
o Any theft, damage, or unusual activity involving devices must be reported to the
security office immediately.
o Employees should complete an incident report form detailing the circumstances.

5.9 Replacement Requests

1. Device Replacement:
o If a device is damaged beyond repair, employees must submit a replacement request
to the IT department.
o The request should include the reason for replacement and any supporting
documentation.

5.10 New Device Requests

1. Request Submission:
o Employees requiring additional devices must submit a new request through the
established process.
o Justification for the additional device(s) must be provided.

5.11 Surrendering Devices

1. Device Surrender Process:

o Employees must surrender all assigned devices upon retirement, transfer,
suspension, or death.
o The surrender must be documented on the custodian form, including the date of
return.

5.12 Data Management upon Surrender

1. Data Deletion:
o Before surrendering PCs and laptops, employees must ensure all personal data is
deleted.
o The IT department will conduct a thorough data wipe to ensure confidentiality and
compliance with data protection policies.
5.13 Cybersecurity Measures

1. Adherence to Cybersecurity Policies:

o Employees must follow all cybersecurity protocols while using devices, including:
 Using strong passwords and changing them regularly.
 Enabling two-factor authentication where applicable.
 Avoiding public Wi-Fi for accessing sensitive information.
2. Safe Browsing Practices:
o Employees should refrain from downloading attachments or clicking links in
suspicious emails.
o Regular updates and antivirus scans should be conducted to protect against
malware.

6. Training

All employees will receive training on the proper use of IT peripherals, including
cybersecurity awareness and maintenance procedures. Refresher training will be conducted
annually or as needed.

7. Compliance

Failure to comply with this SOP may result in disciplinary action, including termination of
employment. Regular audits will be conducted to ensure adherence to these procedures.

8. Review and Revision

This SOP will be reviewed annually and updated as necessary to reflect changes in
technology, policy, or operational requirements.

9. Acknowledgment

I have read and understood the IT Peripherals Use SOP.

Employee Name: ________________________

Signature: _____________________________
Date: _________________________________

This SOP provides a detailed framework for the use and management of IT peripherals at
M/s. Testing Solutions. Feel free to modify any sections to better fit your company’s needs!