The Red Clay Board of Directors tasked the IT Governance Board to develop a new remote access policy for employees working remotely or traveling for business. This is necessary to protect customer information in their database and comply with PCI-DSS, HIPAA, and Red Flags regulations. The policy must address using VPN when accessing servers remotely via company or personal devices, and include consequences for inappropriate disclosure of customer data.