Purpose

The purpose of this policy is to set out the background checks which are undertaken on employees to give the Institute a level of assurance as to their trustworthiness when they join CISI on a contract or permanent contract of employment.

Depending on the role the employee is undertaking, the CISI operates a two-tier Pre-Employment Security policy:

• Standard Pre-Employment Checks
• Enhanced Pre-Employment Security Checks

All employees will be subject to the standard pre-employment checks and, if the role requires it, enhanced pre-employment security checks will also be undertaken. 

Risk Management

Managers must also employ a risk management approach, ensuring that security controls are in place to reduce the risk of damage, loss, or compromise of the integrity and reputation of CISI.   The Department Director should be informed of any breaches or threats to this.

They should also ensure that employees are aware of the confidential nature of some of the information to which they may have access, and that they are required to bring to the attention of their line manager any incidents that might be considered a threat to the security and confidentiality of such information.  This includes but is not limited to personal and professional relationships with third parties, conflicts of interest and situations where undue influence could arguably be brought to bear.

Standard Pre-Employment Checks

The following standard pre-employment checks are undertaken for all staff:

• Employment references to cover previous two roles (this may be extended if the previous two roles do not cover up to 5 years employment).
• If this is the employee’s first or second job and / or they have been studying, volunteering, or not working (during the past 5 years) character and academic references can be provided.
• ID check (ideally passport or ID card, as this is also required to check the person can work in the Country, or birth certificate with a further document to verify they have the right to work in the Country)
• Verification of address(s) (e.g. original utility bill, credit card bill showing their address, not more than three months old)
• Where relevant: membership of a professional bodies and academic qualifications
• Completion of the Conviction Declaration Form
• Completion of the Social Media Declaration (See Appendix 1).   This is referred to in the UK contract of employment, relevant letter in other countries, and sent to all employees (and relevant Consultants) to sign before they join CISI
• Satisfactory Medical Report (where a third-party provider is available to provide this service, UK Only)

Enhanced Pre-Employment Checks

• These are in addition to the above standard pre-employment checks. Employees who fall under one or more of the following three categories will be subject to an enhanced check: Employees that are granted ‘access all areas’, senior employees that must be seen as above reproach and/or employees that hold legal accountability at CISI.  Employees in these categories have the potential to affect the integrity and reputation of CISI. This group will include, but is not limited to staff in the following posts:
• All members of the Executive Team
• Country Heads (overseas offices)
• HR department
• Finance employees with unrestricted access to process payments
• IT employees
• Website development Manager  

In addition to the standard pre-employment checks, an enhanced pre-employment security check will also include:

• A Credit Check: which in the  
  • UK – credit report which will include checking for County Court Judgements
  • Sri Lanka - Credit information Bureau of Sri Lanka ‘CRIB’ report
  • or where available a local Government credit report
• Police Report:
  • UK - DBS
  • Sri Lanka - Police report (English Translation) and Gramasevaka Certificate – reference (English Translation)
  • Or local police report
• Extended reference requirements covering more than 5 years of employment history if applicable to the role.
• HR will conduct a search of the social media pages in addition to the Social Media Declaration.

Unsatisfactory Security Reports

Prospective employees are informed that references and security checking will be undertaken and must be satisfactory in the Institute’s opinion, or they may not be employed, or their employment may be terminated.

A commonsense approach will be taken on the receipt of the checks / report, with where necessary the Director of Finance & HR making a final decision, or Chief Executive for Senior roles.

Prospective employees are not eligible to appeal against the Institute’s decision to not employ them due to the results of the security checking.  However, they may, if they feel they have received an unfair reference from a previous employer, be able to challenge this through legal avenues with their previous employer.

Current Employees

Promotion / Moving to a new role

If an employee is offered a promotion or moved to a role which requires an enhanced security check, they must agree to all of the enhanced checks before the position can be confirmed.

Ongoing Security Management

As the pre-employment checks only provide a snapshot of an individual record at a particular time, for good practice, employees that are subject to enhanced security checks, will have these repeated every five years, including re-signing the social media declaration.  Employees are required to complete the required documents within three weeks of receiving the request.

Issues which arise when employees are asked to complete a check or with the report CISI receives will be dealt with individually with the employee.  In extreme cases this may involve the employee moving to a less sensitive role, or where redeployment is not possible leaving the Institute.

 

 

The Institute in principle has no objection to the employment of relatives or where employees are in a relationship.  However this should be avoided in manager/ subordinate, or Head of Department / team member situations. The employment of relatives is subject to agreement of the Chief Executive Officer.

The Institute may advertise vacancies internally to encourage existing employees to apply, and may also or exclusively place the advert externally.

The Institute would usually expect an employee to have served a minimum of 1 year in a post before being considered for an internal vacancy.  If you have been in your current role for less a year, you will need your Director’s sign off before your application is accepted.

To apply for a vacancy, an employee should submit an application to the HR, together with a copy of their most recent appraisal and inform their manager of their application.  

The Institute does not issue open references or testimonials to employees who leave but provides information on a confidential basis to prospective employers at their request, unless you have specifically withdrawn your authorisation for this purpose, in writing, on leaving employment. 

Only HR and Directors should provide authorised references on the Institute's behalf.  Any other member of staff who is asked to provide a reference should make it clear to the recipient that their reference is given on a personal basis and not on behalf of the Institute.

 

This policy covers the steps taken by the Chartered Institute for Securities & Investment and its subsidiary companies to manage potential conflicts of interest arising from its examining and training operations. The aim of the Policy is to protect the integrity of the Institute’s examinations.

1. The Institute has implemented a number of structural and procedural measures to establish proper division of duties between examinations and training activities.

    

2. Barriers to the flow of confidential examination information have been established between all relevant department functions.  Information technology security has been enhanced to ensure data security and integrity.

    

3. Procedures and working practices are communicated to new staff and Invigilators during induction. Procedures are communicated in the form of written guidance notes and line management/Executive Director supervision.

    

4. Confidentiality agreements have been established for all staff, Invigilators and exam practitioner working groups.

    

5. Exam question papers are transmitted to the printer/distributor by secure means. Exam question papers are delivered from the printers in sealed packages either direct to exam venues or to the Institute. The printer/distributor contracted to undertake this work has signed a confidentiality agreement.

    

6. The exam delivery and course delivery functions are managed and directed under the control of separate Executive Directors.

    

7. Secure areas have been designated for authorised Exams dept. staff under restricted card-key access.

    

8. No information regarding exam paper content is communicated to unauthorised personnel. No examination paper is sent by external e-mail, with the exception of password-restricted e-mails, which are sent to the printer/distributor.  Any examination paper sent to a Senior or Chief Examiner is sent by secure means

    

9. A physically separate secure storage area has been assigned for all confidential exam documentation.

    

10. Information technology systems have restricted access controls to prevent unauthorised access to exam data. Passwords are changed frequently.

     

11. Exam question papers that are returned from venues in sealed packages are received directly by the Exams dept. staff and are either immediately shredded in confidential waste bins or locked in the secure exams area, pending secure disposal.

     

12. Exams dept. staff are not permitted to access all exam question banks. Exams department managers have access to only part of the question bank that they compile the exam for.  

     

13. The procedures within this policy and their effectiveness are reviewed by the Executive Directors.

All information of a personal nature held on your personal file is confidential and will only be processed in accordance with the the General Data Protection Regulation (“GDPR”) and the Data Protection Act 2018 (“DPA”), and any successor legislation to the GDPR or the DPA.

You may see the information held on your file, with the exception of information provided on a confidential and privileged basis, for example, employment references.

Requests to see your personal file should be made to HR in the first instance.

For more information on what the CISI collects on you please refer to the Employee Privacy Policy.

Desks should be cleared of all sensitive information each evening.

In addition, all outstanding work, and especially any important / irreplaceable documents, should be locked away at the end of each working day.

All employees should ensure that papers are not left in meeting rooms after meetings.

Non-confidential papers to be destroyed should be torn up before putting them into a wastepaper basket.  All confidential papers should be shredded.

Employees shall, upon termination of employment, deliver to the Institute all documents, papers and other property belonging to the Institute or its Members, which may be in their possession, or under their control, and shall not retain any copies thereof, unless the written consent of an Executive Director or the HR Department has been obtained.

Please also refer to the Acceptable use policy.

1.1          Introduction

1.1               This Acceptable Use Policy (AUP) for IT Systems is designed to protect CISI, our employees, customers and other partners from harm caused by the misuse of our IT systems and our data. Misuse includes both deliberate and inadvertent actions.

The repercussions of misuse of our systems can be severe. Potential damage includes, but is not limited to, malware infection (eg, computer viruses), legal and financial penalties for data leakage, and lost productivity resulting from network downtime.

Everyone who works at CISI is responsible for the security of our IT systems and the data on them. As such, all employees must ensure they adhere to the guidelines in this policy at all times.  Should any employee be unclear on the policy or how it impacts their role they should speak to their manager or the Head of IT.
This policy has been reviewed and updated in 2018 ahead of the EU General Data Protection Regulation (GDPR) coming into force.

1.2          Definitions Used

Users - Everyone who has access to any of CISI’s IT systems. This includes permanent employees and also temporary employees, contractors, agencies, consultants, suppliers, customers and business partners.

Systems - All IT equipment that connects to the corporate network or accesses corporate applications. This includes, but is not limited to, desktop computers, laptops, smartphones, tablets, printers, data and voice networks, networked devices, software, electronically-stored data, portable data storage devices, third party networking services, telephone handsets, video conferencing systems, and all other similar items commonly understood to be covered by this term.

CISI computers - All CISI-built desktop PCs and laptops. It does not include CISI-owned Apple devices, such as iPhones or iPads.

Work time - Employee working hours as per contract of employment or any formal change agreed with CISI.

1.3          Scope

This is a universal policy that applies to all Users and all Systems. For some Users and/or some Systems where a more specific policy exists: in such cases the more specific policy has precedence in areas where they conflict, but otherwise both policies apply on all other points.

This policy covers only internal use of CISI’s systems, and does not cover use of our products or services by customers or other third parties.

Some aspects of this policy affect areas governed by local legislation in certain countries (eg, employee privacy laws): in such cases, the need for local legal compliance has clear precedence over this policy within the bounds of that jurisdiction. In such cases local teams should develop and issue users with a clarification of how the policy applies locally.

Staff members at CISI who monitor and enforce compliance with this policy are responsible for ensuring that they remain compliant with relevant local legislation at all times.

2.0          Computer Access Control – Individual’s Responsibility

2.1          Access to the CISI IT systems is controlled by the use of User IDs, passwords and/or tokens. All User IDs and passwords are to be uniquely assigned to named individuals when joining and consequently, individuals are accountable for all actions on CISI IT systems.

Individuals must not:

• Allow anyone else to use their username and password on any CISI IT system.
• Leave their user accounts logged in at an unattended and unlocked computer.
• Use someone else’s username and password to access CISI’s IT systems.
• Leave their password unprotected (for example writing it down).
• Perform any unauthorised changes to CISI’s IT systems or information.
• Attempt to access data that they are not authorised to use or access.
• Exceed the limits of their authorisation or specific business need to interrogate the system or data.
• Physically connect any non-CISI authorised device to the CISI network or IT systems.
• Store CISI data on any non-authorised CISI equipment.
• Give or transfer CISI data or software to any person or organisation outside CISI without the authority of CISI.

2.2          Line managers must ensure that individuals are given clear direction on the extent and limits of their authority with regard to IT systems and data. Please see Appendix A for further details.

3.0          Password Strength Policy

3.1          All CISI domain user accounts will require the use of ‘strong’ passwords to ensure the security and integrity of the CISI network.

3.2          The password policy is set as a rule within Active Directory and requires all passwords to comply with the following requirements:

• Must be at least 8 characters long
• Contain at least 1 uppercase character
• Contain at least 1 numeric
• Contain at least 1 symbol, i.e. £ or $

3.3          If not already in place, users will be prompted to strengthen their passwords when their existing password expires.

4.0          Internet and email Conditions of Use

4.1          Use of CISI’s internet and email is intended for business use. Personal use of the internet is

permitted where such use does not affect the individual’s business performance, is not detrimental to CISI in any way, is not in breach of any term and condition of employment and does not place the individual or CISI in breach of statutory or other legal obligations. No personal web mail sites may be accessed via a standard CISI networked device. However, personal email may still be accessed on a personal device via the CISI WiFi outside of work time. All individuals are accountable for their actions on the internet and email systems.

Individuals must not:

• Use the internet or email for the purposes of harassment or abuse.
• Use profanity, obscenities, or derogatory remarks in communications.
• Access, download, send or receive any data (including images), which CISI considers offensive in any way, including sexually explicit, discriminatory, defamatory or libellous material.
• Use the internet or email to make personal gains or conduct a personal business.
• Use the internet or email to access betting sites.
• Use the email systems in a way that could affect its reliability or effectiveness, for example distributing chain letters or spam.
• Place any information on the Internet that relates to CISI, alter any information about it, or express any opinion about CISI, unless they are specifically authorised to do this.
• Send unprotected, commercially sensitive or confidential information to an external email address. Even if the data has been password protected the target email addresses still need to be verified as legitimate.
• Make unauthorised official commitments through the internet or email on behalf of CISI.
• Download copyrighted material such as music media (MP3) files, film and video files (not an exhaustive list) without appropriate approval.
• In any way infringe any copyright, database rights, trademarks or other intellectual property.
• Download any software from the internet without prior approval of the IT Department.
• Connect CISI devices to the internet using non-standard connections.

Please see Appendix A for further details.

5.0          Social Media Sites

5.1          The CISI has a number of cyber security measures in place to help protect our systems from malicious external attacks, including antivirus software and firewall protection. Our antivirus software also provides an additional layer of security on all web browser activity without compromising the legitimate use of the internet.

5.2              Social media sites should not be accessed during work time, unless your manager has authorised you to use them for business use.

5.3              Under no circumstances should commercially sensitive information regarding the CISI be disclosed on personal and social media sites.

5.4              Please remember you are personally responsible for the content you publish on social media sites and you need to be mindful that messages will be public for many years. What you find funny, may look different to others and seem inappropriate in the future. If you feel even slightly uneasy about something you are about to write, then chances are you should not do it. If inappropriate content is found to have come from CISI machines, further action will be taken.

5.5          Our web filtering tool details the category of sites a user is able to access and a list of blocked categories. Blocked categories include using personal webmail accounts such as Hotmail, Gmail and Yahoo on CISI PCs.

6.0          Clear Desk and Clear Screen Policy

6.1          In order to reduce the risk of unauthorised access or loss of information, CISI enforces a clear desk and screen policy as follows:

• Computers must be logged off/locked or protected with a screen locking mechanism controlled by a password when unattended.
• Care must be taken to not leave confidential material on printers or photocopiers and employees should ensure papers are not left in meeting rooms after meetings.
• All business-related printed matter must be disposed of using confidential waste bins or shredders.
• All outstanding work, and especially any sensitive/irreplaceable documents, should be locked away at the end of each working day.

7.0          Working Offsite

7.1          It is accepted that laptops and mobile devices will be taken offsite. The following controls must be applied:

• Equipment and media taken offsite must not be left unattended in public places and not left in sight in a car.
• Laptops must be carried as hand luggage when travelling.
• Information should be protected against loss or compromise when working remotely (for example at home or in public places). Laptop encryption must be used.
• Particular care should be taken with the use of mobile devices such as laptops, mobile phones, smartphones and tablets. They must be protected at least by a password or a PIN and, where available, encryption.
  
  

7.2          The Institute encourages and supports staff in maintaining an optimal work-life balance.

Many staff have laptops and/or company provided software for their home computers which allow them to continue to work out of the office or at home.  However, it is not expected staff should work anymore, or any fewer, than their contracted and core hours.  Staff are also not expected to work whilst on holiday, and any non-business-related data or call fees incurred on company devices whilst on holiday may be charged back to the member of staff.

8.0          Mobile Storage Devices

8.1          Mobile devices such as memory sticks, CDs, DVDs and removable hard drives must be used only in situations when network connectivity is unavailable or there is no other secure method of transferring data. Only certain CISI staff who have registered with IT have access to USB ports on their Desktop PCs. All other users’ USB ports have been locked down and cannot be used for transferring data to mobile storage devices such as memory sticks and CDs.

8.2          Data transported on mobile storage devices should be encrypted using a password.

9.0          Software

9.1          Employees must use only authorised software on CISI computers. Authorised software must be used in accordance with the software supplier's licensing agreements. All software on CISI computers must be approved and installed by the CISI IT department.

Individuals must not:

• Store personal files such as music, video, photographs or games on CISI computers.
• Download unauthorised 3^rd party software.

10.0        Viruses

10.1       The IT department has implemented centralised, automated virus detection and virus software updates within the CISI network. All CISI PCs and laptops have antivirus software installed to detect and remove any virus automatically.

Individuals must not:

• Remove or disable anti-virus software.
• Attempt to remove virus-infected files or clean up an infection, other than by the use of approved CISI anti-virus software and procedures.
  

11.0        Telephony (Voice) Equipment Conditions of Use

11.1        Use of CISI voice equipment is intended for business use. Individuals should keep to a minimum the use of CISI’s voice facilities for sending or receiving private communications on personal matters. All non-urgent personal communications should be made at an individual’s own expense using alternative means of communications.

Individuals must not:

• Use CISI’s voice for conducting private business.
• Make hoax or threatening calls to internal or external destinations.
• Accept reverse charge calls from domestic or international operators, unless it is for business use.

12.0        Smart and Mobile phone usage

12.1        Individuals supplied with company mobile phones must abide by the following:

• These devices remain the property of the Institute and this IT policy governing the use of applications and the internet still applies. These devices must be password protected at all times.
• The individual should take care of the Smart or Mobile phone, and return it to the Institute in the condition in which it was issued (save normal wear and tear).  If it is lost or broken due to gross negligence, the member of staff may be asked to make a contribution towards its replacement.
• An individual with a Smart or Mobile phone is neither expected, nor under any obligation, to initiate, read or respond to any message or email received on their device, outside the hours of 08:00 to 18:00 Monday to Friday (UK times or the equivalent if on business overseas).    
• An individual is free to choose to operate their device outside these hours but that is their choice and not a requirement.
• The Institute will only pay for the data bolt-on, when a member of staff is travelling aboard on business and you must ensure you inform the Operations Director when the trip is being planned.
  
  

12.2        Company mobile phones may be used for personal use on condition:

• The majority of the calls are made for business use.
• They are not used as a mechanism for payment from the contract, i.e. texting donations, entering competitions, etc.
• Usage thresholds are not breached. These are regularly monitored.

13.0        Actions upon Termination of Contract

13.1       All CISI equipment and data, for example laptops and mobile devices including telephones, smartphones, USB memory devices and CDs/DVDs, must be returned to CISI at termination of contract. This also applies to documents, papers and any other CISI property.

13.2       All CISI data or intellectual property developed or gained during the period of employment remains the property of CISI and must not be retained beyond termination or reused for any other purpose.

14.0        Monitoring and Filtering

14.1       All data that is created and stored on CISI computers and CISI owned digital devices is the property. Wherever possible, CISI will avoid opening emails which appear to be of a personal nature and will need to seek authorisation from HR or the Chief Executive Officer in order to do so.

14.2       IT system monitoring will take place where appropriate, and investigations will be commenced where reasonable suspicion exists of a breach of this or any other policy. CISI has the right (under certain conditions) to monitor activity on its systems, including internet and email use, in order to ensure systems security and effective operation, and to protect against misuse.

14.3       Any monitoring will be carried out in accordance with audited, controlled internal processes, the GDPR, the UK Data Protection Act 1998 (as amended for the GDPR), the Regulation of Investigatory Powers Act 2000 and the Telecommunications (Lawful Business Practice Interception of Communications) Regulations 2000.

14.4        This policy must be read in conjunction with:

• Computer Misuse Act 1990
• Data Protection Act 1998
• EU General Data Protection Regulation

15.0       Responsibilities

15.1       It is your responsibility to report suspected breaches of security policy without delay to your line management, the IT department or via the IT Help Desk.

15.2       All breaches of information security policies will be investigated. Where investigations reveal misconduct, disciplinary action may follow in line with CISI disciplinary procedures.

16.0       Enforcement

16.1       CISI will not tolerate any misuse of its systems and will discipline anyone found to have contravened the policy, including not exercising reasonable judgment regarding acceptable us.

16.2       While each situation will be judged on a case-by-case basis, employees should be aware that consequences may include the termination of their employment.

16.3       Use of any of CISI’s resources for any illegal activity will usually be grounds for summary dismissal, and CISI will not hesitate to cooperate with any criminal investigation and prosecution that may result from such activity.

Document Owner and Approval

The Data Protection Officer (DPO) is the owner of this document and is responsible for ensuring that the policy is reviewed in line with the requirements stated above, and at least annually.

Change History Record

Issue	Description of Change	Approval	Date of Issue
1	Initial draft	Brian Cave	17 Jan 2018
2	Second draft	John Preston	1 Mar 2018
3	Final	John Preston	1 May 2018

 

Appendix A – Device Usage Summary

Below is a grid summarising what is acceptable in terms of use by device type:

Device Type	Use for company Email?	Use for personal email?	Internet Access?	Password protected?	Emailing personal data externally?
Personal digital devices, i.e. smart phones, laptops, tablets	*Only Outlook Web App (webmail)	Yes	Yes	Recommended	No
CISI Desktop PCs	Yes	No	Yes	Yes – policy governed	No – unless data is password protected and/or encrypted and the external email address has been verified
CISI Laptops	Yes	No	Yes	Yes – policy governed	No – unless data is password protected and/or encrypted and the external email address has been verified
CISI Apple devices, i.e. iPhones, iPads, etc	Yes	Yes	Yes	Yes – minimum 4 digit passcode	No – unless data is password protected and/or encrypted and the external email address has been verified
CISI Smart phones	Yes	Yes	Yes	Yes - minimum 4 digit passcode	No – unless data is password protected and/or encrypted and the external email address has been verified

 

*The CISI email account may be set up on those personal smart phones where the owner has sought authorisation from their line manager/IT and they have agreed to password protect their device. If the device is subsequently lost or stolen CISI has the right to remotely wipe the data from the device.

Benefit Summary

Insurance Claims Submission Procedure

Unapproved Hospitals List

Empaneled Hospitals List

Annual medicals are available to the Chief Executive and members of the Executive Team. This benefit is only available to permanent employees. The medicals are carried out by doctors at a suitable medical centre approved by the Institute and the cost of the medical is met by the Institute. A copy of the report prepared is sent to you and at your request to your own doctor. They are not sent to the Institute.

The CISI provides employees with Eye Care Vouchers to cover the cost of a VDU eye test and, if required, a voucher to cover the cost of a basic pair of corrective glasses. Vouchers are available by completing the relevant Eyecare Voucher Request Form:

UK Eyecare Voucher Request Form

UK Eyecare Glasses Voucher Request Form

Eyecare vouchers are currently provided by EdenRed and can be used at a large number of opticians including Boots & SpecSavers- click here to find nearest optician that accepts these vouchers.

In the event that the employee needs corrective glasses, specifically for display screen equipment work, they will be given a voucher to cover the cost of basic frame corrective glasses although they may contribute extra if they wish to buy from a wider choice of frames. If they already wear glasses or contact lenses it may be that these are adequate for the type of screen work you perform, and this is something the optician will advise on. Where they require glasses for general use including VDU, a voucher for corrective glasses will not be supplied.

                                       

 

Permanent employees with 12 months service are eligible to join the private medical insurance scheme. 

CISI pays the premium for the employee, their partner, and children (subject to the scheme rules), and as this is classed as a taxable benefit the employee pays tax (at their normal tax rate) on the premium. 

For employees who have arranged their own private medical insurance cover, and are unable to move schemes, for example due to pre-existing medical conditions, the Private medical insurance allowance can be offered.

The private medical insurance allowance is

• Based on the annual premium for the employee to join CISI’s private medical insurance scheme, after any shared responsibility discount is applied
• The premium is paid as a monthly amount via the payroll and subject to statutory deductions
• The employee can opt to join CISI’s scheme at any time
• If the employee cancels their private medical insurance cover, they need to inform CISI and the allowance will stop
• As the employee will pay tax on the allowance via the payroll, it will not appear on their annual P11d form
  

If you would like to apply for this allowance, please send the following information to HR:

 

Name
Who is covered by your scheme (we need this information as the allowance is based on the annual premium, with CISI’s current provider): Partner Children
Proof of your PMI cover for the current tax year
Date of application

 

The long service awards are as follows:-

3 years’ service     - an appropriate local gift and letter from the CEO

5 years’ service     - an appropriate local gift, a letter from the CEO, a payment (Rs. 15,000 in Sri Lanka/ AED1,200 in Dubai) paid via the payroll and subject to any statutory deductions, increase in annual leave by 1 day or pro-rata if work part-time and lunch to mark the occasion during the CEO’s next scheduled visit to the office

10 years’ service - an appropriate local gift, a letter from the CEO, a payment (Rs. 30,000 in Sri Lanka) paid via the payroll and subject to any statutory deductions, and lunch to mark the occasion during the CEO’s next scheduled visit to the office

15 years’ service - an appropriate local gift, a letter from the CEO, a payment (Rs. 60,000 in Sri Lanka) paid via the payroll and subject to any statutory deductions, and lunch to mark the occasion during the CEO’s next scheduled visit to the office

 

As an education professional body, the Institute provides the following support to employees who are school governors.

If meetings are held during the day, which you need to attend to perform your duties as a school governor, an additional one paid day off per annum will be given. This can be taken as a day or as two half days.

 If you need to leave the office early or come in late to attend meetings, this should be agreed in advance with your line manager. While a reasonable amount of time, up to two hours is allowed, you may be asked to make up the time within a reasonable period. If you need to leave more than two hours early or will be arriving at work more than two hours after your normal start time, when you must take half a day annual leave.

 If requested you will need to provide further information, and all leave must be requested in advance via E-DAYS.

CISI recognises that staff have a civic duty to participate in Jury service. Where in the Institute’s view, your release for jury service would cause staffing difficulties, assistance will be given in writing to the court to re-arrange or cancel your service. You will not suffer a financial penalty for fulfilling your legal obligation. However, you should claim for loss of earning, which is paid up to a maximum limit, and you should give HR the ‘certificate of loss of earning form’ the court will send you. HR will complete the form, which you should be taken to the court on your first day of jury service.

After your jury service you will receive a payment from the court and a breakdown of the payments. You should give HR a copy of the breakdown of the payments and the amount, less any out of pocket expenses i.e. for subsistence you have claimed for, will be deducted from your next month’s salary.

If you give or are given notice you must repay the money before you leave the Institute.

While you are on jury service, you should keep your line manager informed about how long you are likely to be away from work. On the days when you are not required at court you should come in to work. You should also attend work if:

- you are not required in court for a morning

- you are released during the day and after taking travel time into consideration, you are able to be at work by 4pm or an hour before your normal finishing time.

CISI encourages staff to take their annual leave, however there may be occasions when you have no leave left or you would like to take a ‘CISI Day’. A ‘CISI Day’ is where you have the option to borrow up to two half days a year, and then repay the hours by working either earlier and/or later than your normal hours.

You need to agree with your line manager when you will work these hours, which should be within five working days after your ‘CISI Day’. A half day is equal half your normal daily working hours (e.g. if you work 7 hours a day it is 3 ½ hours).

Employees, who work 3 days or less, have the option to take one CISI Day a year (i.e. half a day).

Employees need to be performing their role at a ‘Good’ or above rating, as defined in the Performance Management Scheme, to take a ‘CISI Day’.

‘CISI Days’ should ideally be booked in advance on E-DAYS, unless this is not practical, but must be agreed with your line manager, and retrospectively be added to E-DAYS. This is not available for employees on contracts of less than one year. 

 If you are a member of the Armed Forces Reserve, you may be able to take additional paid time off to attend an annual training camp. A maximum of 5 days per annum will be given and this leave must be agreed in advance with your manager and you may be required to provide further information.

Urgent family leave is available to all staff, to help you deal with unforeseen emergencies involving a dependant. Requests for family leave must be made to your Line Manager and HR, giving details of how long you expect to be away from work.

Wherever possible, such requests should be made in advance. Where the reason for the request is family illness, a medical certificate may be required.

Time off taken as family leave is unpaid.

Family leave may be granted for pressing matters which occur suddenly and for important family reasons such as:
• a dependant falling ill or becoming injured
• the death of a dependant
• a breakdown in a dependant's care arrangements
• an incident involving the employee's child during school hours.

 We would expect that in the majority of cases, one or two days would be enough to deal with an immediate problem and make any longer-term arrangements. No more than 5 days’ family leave should be taken at a one time.