COVID-19 Information Available - Click Here -- For Additional Information and Articles be Sure to Check Our Blog
Click outside the video to close
We value all our clients. Protecting your confidential information is our holy duty.
Our entire firm is connected. We work as a team so all our team members have access to all
documents so they can process work. We maintain a high standard of security and perform
thorough checks before we hire someone.
We run a comprehensive background check for each staff on the following:
Also, every staff member must sign a Non-Disclosure Agreement so they are legally bound to
protect your personal data. Only after these measures have been put into place do we put trust in
our team members to have access to your documents.
Moreover, we have a highly secure internal database, multiple backup protocols and a tech team,
all working to keep your private information secure. We work with top software vendors who
provide banking level security.
Rest assured, your confidential data will be safe with Tax Goddess Business Services, PC.
Tax Goddess, CPA, MTax, Certified Tax Coach
Tax Goddess Business Services, PC
Tax Goddess Business PC, IT Policy and Procedure Manual provides the procedures and policies for the selection and use of IT within the organization. These procedures and policies must be followed by all the employees within the organization. The Policy and Procedure Manual also includes guidelines that will be used by Tax Goddess Business PC, to administer all the policies within the organization and make sure that the correct procedure is followed.
All IT policies will be kept current and relevant by Tax Goddess Business PC. Therefore, there can be a need to update and modify existing sections of the procedures and policies along with adding new methods on specific intervals depending upon the requirement.
All the policies and procedures mentioned in this manual are open for feedback, suggestions, and recommendations.
The policies and procedures mentioned in this manual applies to all employees.
This policy includes guidelines required to purchase the software for the organization to make sure that the software used within the organization is relevant, cost-effective, and safe and, where applicable, can integrate with other technology used within the organization. This policy is applicable to software obtained in a hardware package or as the pre-loaded software.
Request for Software
All software including the non-commercial ones (freeware, open-source, etc.) needs to be authorized either by the Company Owner or by the Tech Team before downloading or using it within the organization.
Purchase of software
This policy will include guidelines to ensure that the software use is appropriate and that it is used efficiently by all the employees within the organization. In accordance with this Policy, all the freeware and the open source software will be used as per the procedures defined for the commercial software.
Every employee within the organization will abide by all the copyrights of the computer software and software license terms and conditions.
If licensing terms states limited usage of the software with respect to the number of users, computer systems, etc., then the Tech team is responsible to ensure that the software licensing terms and conditions are followed within the organization.
Tech team is responsible for completing the software licenses audit to ensure that only those appropriate employees are using the software licenses.
As per the requirement, the supplier should register all the software appropriately.
The registered owner of all the software will be Tax Goddess Business PC.
During the working hours, only the company software/apps will be used by the employees on the organization’s hardware.
It is strictly advised to take authorisation from Tech Team to install company-used apps on mobile devices
All software installation is to be carried out by the Tech team.
If a computer system does not have the original copy of the software installed on it, the software upgrade will not be loaded or installed on that system.
During the working hours, only the software and apps approved by the Tech Team are should run on the machine of an employee.
The employee shall be provided with directions on any software licensing arrangements, including any limitations to use the software, before actually using the software.
For all new software, all employees should be trained well. New employees will also be the part of the training as they should be educated to use the existing software. This is the Tech Team’s responsibility.
While working within the organization, employees should not be allowed to use non-org software and apps.
The software cannot be used by any employee for his/her personal work, unless approved by the Owner or VP Operations.
If an employee needs to use software at home, an evaluation should be carried out in the first instance to provide an employee with a portable computer. If the software is found compatible to be used on the personal computer of an employee, then the Owner needs to authorize the purchase of the separate software, if there are copyright restrictions and licensing on the software. If the software is purchased in such circumstances, the organization shall retain the ownership of the software and it shall be registered by the Tech Team in the software register.
The software which are not authorized will not be allowed to be used within the Organization. This will even include the software that has been owned by an organization’s employee and wanted to use it within the Organization.
It is prohibited to purchase or use the unauthorized copies of the software. Any employee who purchases or uses unauthorized software shall be referred for further consultation to the owner. Any unlawful software duplication or other copyrighted works shall not be condoned by the Organization and a disciplinary action, if such an event occurs shall be taken by the Owner/VP of Operations/Tech Team.
If an employee will breach this policy, he/she will be referred for further consultation to the owner.
If an employee inside and organization is aware of a breach under this policy with respect to the use of the software, then he/she should inform the Owner/VP of Operations/Tech team immediately for further actions. If in case the Owner/VP of Operations/Tech team determines that an employee who was aware of the breach failed to report it to the management then that employee shall be referred for further consultation to the owner.
This policy holds guidelines regarding how employees can use their personal laptops, tablets, smartphones, and SmartWatches for organizational purposes. The terms & conditions mentioned in this policy are for all the staff and the employees who use and access the hardware equipment or services provided by Tax Goddess Business.
Current mobile devices are approved to be used for organization purposes.
Personal mobile devices including Desktop, Notebooks, Smartphone and Smartwatch are approved to be used for organization purpose.
Employees who are using personal mobile devices for organizational purpose agrees to the following:
While handling the mobile computing devices including Notebooks and iPads, the following points must be noted:
Unless an exemption is granted by the Owner, this policy is mandatory to be followed. If exemptions is requested for any of these directives, it should straightaway be referred to the VP Operations/Tech team.
The Owner/Tech Team shall review and identify adequate consequences, including termination of employment, in the event of any breach of this policy.
This policy includes guidelines for the management of IT assets and resources within the organization.
The Tech team is responsible for maintaining and managing all organizational technology service agreements. Any service requirements must first be approved by the owner.
The Tech team shall carry out an annual staff workstation audit to ensure that all IT policies are followed within the organization.
The Tech team should be informed about any of the unspecified technology management requirements.
The guidelines for maintaining all relevant technical issues associated with the organization’s website are included in this policy.
To register website the following details must be recorded:
Webmaster will be responsible to keep the master sheet up to date.
It will be the responsibility of the webmaster to renew the items listed in the register.
Websites to Share Documents
The Webmaster will be responsible to appoint a representative who will control the site in contingencies, and allocate the required permissions at the time when the former is not available.
It will be the responsibility of the Tech Team to ensure that the content available on the organization’s website is accurate, appropriate, and up to date.
This policy holds the guidelines that will be responsible for all the emergency management of the information technology within the Organization.
IT Hardware Failure
If any of the hardware inside the organization fails, then the concern should be immediately reported to the Owner/Tech Team.
Virus or other security breaches
The actions listed below must be taken immediately if the information technology of the organization is breached in any case:
The data protection policy of our company represents our commitment to handle our client’s, employee’s and stakeholder’s information with the utmost confidentiality and care.
We ensure by using this policy that we are transparent and fair in collecting, storing and handling information with respect to the individual rights.
This policy will be applicable to all the job candidates, employees, vendors, clients, etc. who will be provide the information to us.
This policy must be followed by the employees of our organizations and the entities covered under this policy will be consultants, partners, contractors, including all other external entities. Our policy generally refers to any person with whom we collaborate or they act for us and may need occasional data access
We must obtain and process information as part of our operations. This information includes any information that makes a person identifiable, offline or online, such as names, addresses, usernames and passwords, digital footprints, pictures, numbers for social security, financial data, etc.
This information is collected by our organization in a transparent manner and only in full collaboration with and knowledge of stakeholders. The following rules apply once this information is available to us.
Our data will be:
Our data will not be:
The company has direct obligations towards the data owners in addition to the methods of handling the data. Specifically, we must:
In order to provide data protection we’re committed to the following:
All guidelines outlined in this policy must be followed strictly. Disciplinary and possibly judicial action will result in a breach of the data protection guidelines
If the website of the organization is interrupted, the following measures must be taken immediately:
This policy provides guidelines on the security of sensitive or limited data storage within the organization.
The Remote Desktop session of the organization runs on an encrypted channel. The following actions and measures are the responsibility of the Tech Team:
Passwords are the most important aspect when it comes to computer security. A poorly selected password could end up compromising the entire network of Tax Goddess Business PC. As a consequence, all the staff of the Tax Goddess Business PC (including contractors and suppliers with access to Tax Goddess Business PC systems) are responsible for selecting and securing their passwords, using the appropriate steps as described below.
This policy is designed to set the standard for strong password generation, password protection and frequency of change. Below are the guidelines:
Any employee who will be found breaching the policy will be subject to disciplinary action that can go up to an extent of termination of the employment.
This policy describes how we can attract and choose external employees or vendors. At every selection stage, we commit ourselves to our equality policy. Recruitment teams should be committed to an advanced hiring process without discrimination.
This recruitment and selection policy shall apply to all employees and vendors that are a part of the recruitment process of our company. The policy refers to all potential job candidates and vendors.
The recruitment and selection process: