TSP Logo TSP Wiki
Docs
TSP Wiki

    TSP CCTV Management - Bandung Office

    Objective

    To establish clear guidelines and procedures for the effective utilization, monitoring, and access control of Closed-Circuit Television (CCTV) systems within The Software Practice (the company). This policy aims to ensure the security, privacy, and proper use of CCTV resources, covering aspects such as footage requests and the user access management.

    Scope

    This policy applies to all employees, contractors, and authorized personnel who require access to the Bandung Office’s CCTV resources.

    CCTV Footage Request Process

    1. Request Initiation
    A. Complete the CCTV Footage Request Form (Appendix A) .

    B. Clearly state the purpose of the request, including the date, time, and location of the incident or activity in question.

    2. Approval
    A. Submit the completed CCTV Footage Request Form to the Operations team by sending the form to email operations@thesoftwarepractice.com.

    B. Operations team will review the request for validity and ensure that it complies with organizational requirements.

    C. If the request is approved, the Operations team will provide written authorization via email.

    3. Submission of Request
    A. Operations team will submit the approved request to the IT Operations staff who are responsible for managing the CCTV system.

    B. Date and time range for the footage required to be clearly stated.

    4. Retrieval Process
    A. The IT Operations team will retrieve the requested CCTV footage.

    B. The footage will be copied onto a secure storage device for further analysis.

    5. Access and Analysis
    A. The requester will then be granted access to the secured storage device for viewing and analysis purposes.

    B. The requester is responsible for ensuring the privacy of individuals not relevant to the investigation.

    6. Reporting
    A. If the footage reveals pertinent information that contains any details, observations, or findings within the CCTV footage that are relevant, significant, or important to the matter under investigation or review, the requester is required to provide a detailed report to the Operations team.

    B. Reports should be submitted to email operations@thesoftwarepractice.com within 2 weeks after the footage access granted to the requester.

    7. Data Retention
    The CCTV footage will be retained for a period of 1 month, after which it will be securely deleted.

    8. Confidentiality
    Requesters are obligated to maintain the confidentiality of the CCTV footage and related information. Unauthorized sharing or distribution of CCTV footage is strictly prohibited and may result in disciplinary actions.

    9. Record Keeping
    All CCTV footage requests, approvals, and related communications will be documented and stored in the Ops OneDrive. Only the Operations Team and The Management have the access to that folder.

    CCTV User Access Management

    1. User Access Level
    There are three types of the CCTV user access level:

    • Home Owner
      • Highest level of user access.
      • Can view CCTV recordings via the Bardi mobile application.
      • Can add and remove users.
      • Only this user access level can elevate a normal member’s access to Administrator.

    • Administrator
      • Has access to view CCTV recordings via the Bardi mobile application.
      • Can add and remove users.

    • Normal Member
      • Has access to view CCTV recordings via the Bardi mobile application.
      • Cannot add or remove users.

    2. User Addition Authorization
    Only individuals designated as Home Owner or Administrators are authorized to add new members to the CCTV system.

    3. Access Request
    A. Any user seeking access to the CCTV system must submit an access request to a designated Administrators or the Home Owner

    B. The request should include the new member’s full name, type of the user access level, and the reason for access. Note: Administrators user access level can be only granted by the Home Owner

    4. Approval Process
    A. The designated Home Owner or Administrators will review the access request for validity and appropriateness.

    B. If approved, the new member is added to the CCTV system through the mobile app.

    5. User Data Security
    A. Home Owner or Administrators are responsible for safeguarding user data within the mobile app.

    B. Data, including personal information, must be handled in compliance with relevant data protection and privacy regulations.

    6. Removal of Access
    The Administrators is responsible for promptly removing access for any member who no longer requires CCTV system access. Note: Administrators user access can be only removed by the Home Owner

    7. Record Keeping
    Records of user access requests, approvals, and removals will be documented and stored in the Ops OneDrive. Only Operations Team the The Management has the access to that folder. These records are to be maintained for audit and compliance purposes.

    Appendix A

    CCTV Footage Request Form
    VersionDateComments
    1.08 Mar 2024First Version
    Edit this page on Gitlab