Building ResilienceAbout the manual
Back to home

Onboarding Protocol for Digital Protection Facilitators

Trust between Digital Protection Facilitators is crucial to the Digital Protection Accompaniment Model. DPFs depend on one another for advice and support and often share information in confidence. With this in mind, we pay special attention to the onboarding and integration new DPFs. We recommend to follow these steps:

  1. The Digital Protection Lead ensures that the DPF has a contract, is introduced to all relevant administrative matters in a timely manner, and signs a Non-Disclosure Agreement.
  2. The new DPF has a first onboarding meeting with their manager. There, they are introduced to your organisation's history, mission, vision, funders, organisational chart, and other institutional matters. The manager is responsible for answering all questions that might arise.
  3. The new DPF is introduced to the rest of the team. If time and budget allow, an in-person team meeting is arranged. If not, an online meeting with the rest of the team is a good option.
  4. The new DPFs get introduced to the Tech Officer or person responsible to arrange a tech onboarding meeting and be invited into all digital communication platforms relevant to the DPF, and be presente to the internal documentation, folder structure, information sharing practices, etc.
  5. The new DPF ensures that their emergency folder is up-to-date with all the information needed in a crisis.
  6. New DPFs are ready to engage in initial training.
  7. It is suggested that the DPF's Manager checks in frequently and helps them to acquire content and methodology.

Tech Onboarding Checklist

This Tech Onboarding Risk Assessment Checklist aims at specifying the baseline around digital security practices we are expecting from Digital Protection Facilitators. We understand that the new DPFs may already be using some of the recommended tools, and others will be new. This is a checklist for the DPFs in charge of supporting onboarding their new colleagues to develop a security strategy tailored to the individual's current practices and threat model.

The checklist aims to define the staff member's threat model to ensure they do not need ad hoc measures to protect them from specific risks. The checklist should be run through by the DPL and the new DPF (it should not be submitted directly to the DPF) if needed, with assistance from other colleagues familiar with threat modelling and risk assessment.

Policies

Your organisatoin probably has a number of policies to organise your team and operations. New DPFs should be introduced to them:

  • Code of Conduct outlines the expectations for DDP team members, including Hivos employees working at DDP and those who may be contracted as remote consultants or via an implementation partner.
  • Internal Complaints Procedure provides a protocol to take when preventive measures prove insufficient and tension, conflict, or inappropriate behaviour between DDP team members is experienced.
  • Digital Security and Privacy Policy sets the organisation's information management framework.
  • Crisis Management Procedure to respond swiftly and efficiently to crises affecting their team members. Make sure to read this procedure and have it at hand.

Resources

Generating PDF...
Building resilienceDigital Defenders Partnership
Digital Defenders Partnership
Building Resilience is a Digital Defenders Partnership Project licensed under Creative Commons Attribution-ShareAlike 4.0 International License