CPP-IT_0408-Clear Screen

CPP-IT_0408-Clear Screen

Info
Ref. No.: CPP-HR_0408_V1_Clear Screen
Prepared
D. Casoco
10/24/2025
Approved
W. Cundangan
10/24/2025




  1. Objective 

Clear Screen Policy aims to protect the confidentiality and integrity of all data in any information processing facility of the organization. 

 

 

2.0 Scope 

This policy shall apply to all team members. 

 

 

  1. Provisions 


  1. All devices must be centrally configured to activate a password-protected screen lock after a short period of inactivity (the maximum time-out is set by the IT based on risk, but shall not exceed 8 minutes).


  1. Personnel must manually lock their screen immediately any time they leave their device unattended, even for the shortest duration (e.g., brief break, moving to a meeting, or stepping away from work).


  1. Personnel must log off and/or shut down their device at the end of the workday or when leaving it unattended for an extended period.

  2. Reactivating a locked device must require strong user authentication (e.g., a strong password, PIN, biometric, or token). Passwords or access credentials must never be posted on or near the screen or device.


  1. Team members who use laptops must upload all their local files to their respective Google Drive or Sharepoint Folder


  1. Any sensitive or critical information written on a whiteboard, flip chart, or other shared display in an office or remote setting must be erased or removed immediately once it is no longer needed.

  2. All desktops and laptops are preconfigured with the standard desktop wallpaper and lockscreen wallpaper, and team members must not change them.  


  1. When the device is not in active use or the workspace is vacated for an extended period, the device (especially laptops, tablets, and removable media) must be stored in a locked drawer, cabinet, or secure storage area to prevent theft or tampering.

  2. Team members must ensure to clear their Recycle Bin  for Windows or Trash for Mac/iOS respectively whenever possible to maintain system efficiency and ensure compliance with data security protocols.


4.0 Responsibility  

  1. Vice presidents and Directors are responsible for ensuring that all staff and managers are aware of security policies and that they are observed. Managers need to be aware they have a responsibility to ensure staff have sufficient, relevant knowledge concerning the security of information and systems. Designated owners of systems, who have responsibility for the management of systems and inherent information, need to ensure that staff have been made aware of their responsibilities toward security. Designated owners of systems and information need to ensure they uphold the security policies and procedures.

  2. The IT Team is responsible for installing encryption technology on all IT mobile infrastructures. 


  1. Internal Auditors are responsible for conducting random audits to ensure this policy is enforced.


  1. Any immediate superiors or ISO Team members must report any violation. 


 

5.0 Breach of Policy 


      5.1 Breaches of this policy and/or security incidents can be defined as events which could have, or have resulted in, loss or damage to company assets, or an event which is in breach of the company’s security procedures and policies. All company employees, partner agencies, Third Parties and vendors have a responsibility to report security incidents and breaches of this policy immediately through the company’s QISMS reporting system (third parties, partners or vendors may relay the report to their direct contact. This obligation also extends to any external organization contracted to support or access the Information Systems of the Company.

       5.2 The Company will take appropriate measures to remedy any breach of the policy and its associated procedures and guidelines will be dealt with under the disciplinary procedures.


 

 

6.0        Distribution

  • Team Members

  • Team Leaders/ Managers/Directors

  • Execom


 

 

 

7.0 Usage – n/a 

 

 

8.0 References  

  1. ISO 19011:2011 Guidelines for Quality and/or Environmental Management Systems Auditing 


  1. ISO/IEC 27001:2013 Information Technology – Security Techniques – Information security management systems – Requirements 


  1. ISO/IEC 17799:2005 Information Technology – Security Techniques Code of Practice for information Security management 

    1. Table of Offenses 

    2. Code of Conduct 


 

9.0 Records 

Records of Violation 

Disciplinary Letter


    • Related Articles

    • CPP-HR_0701_Global Anti-Bribery and Corruption Policy

      Ref. No.: CPP-HR-0701_Global_Anti_Bribery_Policy Prepared P. Keegan 03/01/2020 Approved ELT 08/05/2020 OUR COMMITMENT TO ETHICAL BUSINESS Infinit-O Global, Limited (IOG) is committed to ethical business. It is part of who we are. IOG’s Policy is ...

    • CPP-HR_0211_Hepatitis_B_V2

      Version Approval Date Author Changes Approved by 1 May 22, 2017 P. Gregorio C. Baclayo 2 K.Bantoto 3.2.4, 3.3.2.1 3.3.2.2, 3.3.3.1 4.1.7, 4.2.2, 4.2.5 7.1, 7.2, 7.3, 7.4 9.0 R.Tan Objective Infinit-O Philippines Inc. promotes and ensures a healthy ...

    • CPP-HR-0311 Return to Work Order V3

      Version Approval Date Author Changes Approved by 2 August 6, 2020 M. Martinez F, Lenoir 3 G. Orbon 1.0 3.0 4.0 5.0 6.0 R. Tan Objective This policy is established to provide a set guideline to the leaders regarding the process for team members with ...

    • CPP-HR-0101_Recruitment and Selection V5

      Version Approval Date Author Changes Approved by 4 3/1/2017 J. Sandoval Version 4.0 C. Baclayo 5 Mark K. Baguisi 3.3,3.4,3.5,3.7 4.1 5.1,5.2 6.3,6.4 7.4,7.7,7.8,7.9 8.1,8.2,8.3,8.4 9.4,9.9,9.12,9.15 10 R.Tan Objective This policy aims to provide the ...

    • CPP-HR-0409 Performance Improvement Plan V4

      Version Approval Date Author Changes Approved by 2 5/25/2017 P. Gregorio Version 2.0 C. Baclayo 3 10/15/2020 M. Martinez Version 3.0 F. Lenoir 4 G. Orbon, C. Delfin 3.1 3.2.3 4.4.4 5.2 6.1.4., 6.1.12 R. Tan Objective To ensure that team members who ...