Personnel security policy

The personnel security policy establishes rules that have to do with ensuring that organizational team members can be trusted to perform sensitive IT work.

What the personnel security policy should address:

• Ensuring that inpiduals occupying positions of responsibility within organizations (including third-party service providers) are trustworthy and meet established security criteria for those positions
• Ensuring that organizational information and information systems are protected during and after personnel actions such as terminations and transfers
• Employing formal sanctions for personnel failing to comply with organizational security policies and procedures