Personnel Security
This section contains the following sub-sections:

6.1 Security in job definition and resourcing - security responsibilities should be taken into account when recruiting permanent employees, contractors and temporary staff (e.g. by pre-employment screening), included in contracts (e.g. terms and conditions of employment) and monitored during employment.

6.2 User training - all employees and (if relevant) third party users should be trained in security policies and procedures, including regular updates.

6.3 Responding to security incidents and malfunctions - security incidents, vulnerabilities and bugs should be reported promptly to management through formal processes. Incident response procedures should also be established, including the ability to learn from incidents and, where appropriate, discipline employees who have violated security policies or procedures.

Recently Changed
Certification (ages ago)
risk treatment plan (ages ago)
Spanish (ages ago)