ÃÛ¶¹ÊÓƵ

Category I

This category means those external staff having

• a GPN or ÃÛ¶¹ÊÓƵ Logon ID; AND
• access to ÃÛ¶¹ÊÓƵ systems[1]/ÃÛ¶¹ÊÓƵ valuables (e.g. treasury room); AND/OR
• access to ÃÛ¶¹ÊÓƵ's confidential information
  

^[1]ÃÛ¶¹ÊÓƵ systems means any software, hardware, telecommunications or other systems or equipment owned by ÃÛ¶¹ÊÓƵ or a ÃÛ¶¹ÊÓƵ affiliate or licensed, leased or provided as a service by a third party to ÃÛ¶¹ÊÓƵ or a ÃÛ¶¹ÊÓƵ affiliate.

Staff in this category

• must be registered in ÃÛ¶¹ÊÓƵ's HR system and therefore have a GPN (Groupwide Personnel Number)
• may not necessarily have access to a ÃÛ¶¹ÊÓƵ building

Groups concerned are

• staff augmentation onsite or offsite, billable (contractor and offshore development center with ÃÛ¶¹ÊÓƵ Logon)
• staff augmentation onsite, non-billable (supplier account manager with ÃÛ¶¹ÊÓƵ Logon)
• managed services onsite or with ÃÛ¶¹ÊÓƵ Logon (driven by delivery of a service)
• auditors engaged by ÃÛ¶¹ÊÓƵ to fulfil services (e.g regulatory requirements)
• professional services onsite or with ÃÛ¶¹ÊÓƵ Logon (consultants, advisory, audit, legal, facility management for sensitive infrastructure)

Category II

Suppliers who engage ÃÛ¶¹ÊÓƵ category II staff are contractually bound to warrant that any and all such staff have completed background screening before providing services to ÃÛ¶¹ÊÓƵ. For this category of staff, suppliers are not required to follow ÃÛ¶¹ÊÓƵ staff vetting process as no onboarding on ÃÛ¶¹ÊÓƵ system takes place. Background screening requirements may differ depending on the service provided to/roles performed for ÃÛ¶¹ÊÓƵ.

This category includes external staff with

• access to confidential / strictly confidential information, data or physical documents, AND
• no access to IT applications / systems / infrastructure (without ÃÛ¶¹ÊÓƵ Logon) or sensitive infrastructure, AND
• may have limited access to ÃÛ¶¹ÊÓƵ premises for facility management duties or construction work

Staff of this category

• have no ÃÛ¶¹ÊÓƵ Logon
• are not registered in the ÃÛ¶¹ÊÓƵ HR system and therefore do not have a GPN
• could have limited access to a ÃÛ¶¹ÊÓƵ building via access control system (CH only)

Groups concerned are

• Professional services offsite and without ÃÛ¶¹ÊÓƵ Logon (consultants, advisory, audit, legal, business process outsourcing, software as a service) with access to confidential / strictly confidential information
• Construction workers
• Event staff onsite or offsite
  

Category III

This category includes external staff with

• unsupervised physical access to ÃÛ¶¹ÊÓƵ premises, AND
• no access to IT applications / systems / infrastructure (without ÃÛ¶¹ÊÓƵ Logon) or sensitive infrastructure, AND
• no access to confidential / strictly confidential information, data or physical documents

Staff of this category

• must be registered in the ÃÛ¶¹ÊÓƵ HR system and therefore must have a GPN
• have no ÃÛ¶¹ÊÓƵ Logon

Groups concerned are

• Staff augmentation onsite, non-billable (supplier account manager without ÃÛ¶¹ÊÓƵ Logon; badge holder)
• Managed services onsite and without ÃÛ¶¹ÊÓƵ Logon
• Professional services without ÃÛ¶¹ÊÓƵ Logon (facility management)
• Benefits services onsite (hair dressers / fitness trainers / dry-cleaning worker / massage services / physiotherapists / dentists / doctors / etc.)
• Business University trainers