Commit 890f038f authored by Jeff Burrows's avatar Jeff Burrows 👶

Merge branch 'sttruong-add-sg.4.01' into 'master'

Add SG.4.01 to handbook

See merge request !42443
parents adf3159a 33125436
Pipeline #122560435 passed with stages
in 14 minutes and 44 seconds
layout: handbook-page-toc
title: "SG.4.01 - Proprietary Rights Agreement"
## On this page
{:.no_toc .hidden-md .hidden-lg}
{:toc .hidden-md .hidden-lg}
# SG.4.01 - Proprietary Rights Agreement
## Control Statement
All GitLabbers consent to a proprietary rights agreement.
## Context
All GitLabber's are required to sign a proprietary rights agreement prior to starting their employment with GitLab. This agreement is sent to employees in conjunction with their employment offer letter and both documents are required to be signed.
## Scope
The scope of this control is all GitLabbers.
## Ownership
* Control Owner: `Legal`
* Process owner(s):
* Legal: `90%`
* PeopleOps: `10%`
## Guidance
The GitLab Legal team owns the proprietary rights contractual language that all GitLabbers are required to acknowledge. PeopleOps is responsible for issuing the proprietary rights document for signature upon sending an employment offer to a candidate. For details of the agreement, refer to the [PIAA Agreements]( section of the [Contracts]( handbook page.
## Additional control information and project tracking
Non-public information relating to this security control as well as links to the work associated with various phases of project work can be found in the [Information Security Program control issue](
### Policy Reference
* [PIAA Agreements](
* [Contracts](
\ No newline at end of file
......@@ -299,7 +299,7 @@ The GitLab compliance team is responsible for ensuring the consistency of the do
* Privacy Program
* Privacy Readiness Review - `Not yet rolled out`
* Workforce Agreements
* Proprietary Rights Agreement - `Not yet rolled out`
* [Proprietary Rights Agreement](./guidance/SG.4.01_proprietary_rights_agreement.html)
* Review of Confidentiality Agreements - `Not yet rolled out`
* Key Custodians Agreement - N/A (not required for PCI SAQ-A due to utilizing external payment processor) PCI only control
* Information Security Management System
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment