Timecard Policy and Instructions
An original timecard/timesheet MUST be turned in before your hours can be processed. Hours MUST be turned in before 10:00 a.m. on Monday to have your paycheck/direct deposit slip available on Thursday If your time card is turned in after noon on Wednesday, you will be paid the following week. We CANNOT guarantee paycheck availability for LATE TIMECARDS. The timecard is our invoice; YOU MUST BE ACCURATE!
As with most BOX Group clients, you must work 40 straight time hours in a week before you can get overtime pay. All hours should be listed in the regular hours column until you reach 40. After you have worked 40, all hours should go in the overtime column. Overtime (premium rates) are based upon the terms of BOX Group’s purchase order and any applicable tax codes. Because of this, policy may vary from company to company or depending upon your position, pay rate, etc. Specific overtime rates will be discussed and agreed upon prior to starting your assignment. If you have any questions regarding overtime, contact your branch office.
When you do not work a full 40 hours straight time during the week, Saturday’s hours must go toward straight time until you reach the necessary 40 hours.
ONLY write the hours you actually work on the timecard.
When you have a week in which a holiday occurs, you should leave the space blank instead of hours in the regular hours column. The hours for a holiday are not counted toward your total hours worked for that week. If no overtime hours are worked this week, your timecard total would be 32 hours. During a week in which a holiday occurs, most BOX Group clients pay overtime over 32 hours in that week.
If you miss a day of work, hours should not be entered for that day. Copies of timecard: (Client timecard copies differ.)
Yellow/White Copies: Payroll/Invoice copies. Return to BOX Group Pink Copy: Branch copy. Return to BOX Group
Blue Copy: Customer copy. Company you are working for/Supervisor Goldenrod Copy: Employee copy Keep your copy
IMPORTANT! Please note that your check will not be generated without the original timecard.
This policy is written in a condescending manner and gives the impression that these highly skilled contractors are dummies. Write in a positive tone and instruct the reader as to what is expected. It is important to identify the consequences of noncompliance, but channel that into a specific subsection that identifies “Noncompliance.”
8ADDITIONAL HINTS
To have even the slightest hope of being successful, the policy must receive some level of visibility. Visibility takes a number of forms. The first, and probably most important
form, will be management support. The issue of information security is not contained within the Information Systems organization. It is an enterprisewide concern and, thus, any policy relating to the protection and security of organization information must come from the highest possible level within the enterprise. In Chapter 9, “Understanding How to Sell the Policies, Standards, and Procedures,” strategies used to gain management and employee support are discussed. For now, one should begin to formulate a plan on how to get senior management support.
As discussed in Chapter 2, one needs a communication plan to take the message policy and all of its ramifications to the employees. This plan should include an employee awareness program. The program should include all existing and incoming (new hires) employees. If the organization wants contract personnel to be compliant with the policies, then this must first be negotiated through the language of the contract. It is permissible to include contract personnel in the list of those who must comply with the policy; however, the actual compliance piece must be included in the language of the purchase order and the contract.
9PITFALLS TO AVOID
“Effective policy statement” is not an oxymoron. If properly drafted, a policy statement can actually improve productivity rather than add to organizational overhead. The following is a ten-step approach to help improve the likelihood of having a successful policy implementation process.
1. Review existing policies. Before writing a new policy, review what already exists. It is
easier to update an existing policy than to gain acceptance of a totally new concept. 2. Make the organization’s business objectives or mission an active part of the policy.
There is a reason that policies are created, and that is to support the activities of the enterprise. To help gain acceptance, use the language in your organization’s “Shared Beliefs” or “Corporate Vision” section of the policy statement.
3. Make policies look like policies. Take the time to ensure that whatever is created looks
like existing policies. All too often, the message gets lost because the format is unfamiliar. Save the development team some grief and research the policy format of the organization.
4. Watch out for grammar and spelling. The worst thing that one can do is send out a
draft document that has not been edited for spelling and grammar. Show the user community that proper care has been taken, by looking out for the “little” things; the chances of success will be increased.
5. Streamline the language. Most advanced writing courses have the students explore all
the elements of language. Painting pictures through the use of prose: while this might be effective in a class in writing fiction, it will not help in a policy document. 6. Security is not attainable. Be realistic about policy implementation. The most secure
computer system is one that is turned off, locked away, and unplugged. A computer in this condition is secure but productivity is probably going to be impacted. Seek out an acceptable level of security.
7. Remember the audience. Whenever writing, remember who the intended audience is.
The majority of the readers will not be technical or security professionals. Ensure that the words are understandable.
8. Sell the policy prior to introduction. This is discussed later; but for now, remember that
senior management must be fully aware of the policy and understand how it applies to their organization before it is submitted to them for approval.
9. Keep the message brief. Long-winded or complicated policies often lead to trouble.
Keep the policy as simple as possible. This will allow for a limited variation on interpretation and, by being brief, there will be a better chance that someone will actually read the policy.
10. Take the message to the people. Be prepared to develop employee awareness
programs for the implementation of the policy.
10SUMMARY
The policy is the cornerstone of an organization’s information security architecture. A policy is important to establish, both internally and externally, what an organization’s position on a particular topic might be.
This chapter defined what a policy is and what it is not. Also included were definitions for:
• Policy • Standard • Guideline • Procedure
Next, there was an examination of the key elements of a policy: • Be easy to understand • Be applicable • Be do-able • Be enforceable • Be phased in • Be proactive • Avoid absolutes
• Meet business objectives
This chapter also provided a review of what the policy format might be and then discussed the three basic types of policy:
1. Program policy 2. Topic-specific policy 3. Application-specific policy
The chapter also looked at the policy content and a checklist based on the elements found in a journalism class:
• Who: employee responsibilities and obligations
• Where: the scope of the policy
• How: compliance
• When: when the policy takes effect
• Why: the selling of the policy
Finally, five actual policy statements were examined and critiqued, based on the checklist and some helpful hints and pitfalls to avoid.