D. HR Security

This domain covers the security controls you have implemented to mitigate security risk from your employees.

01) Does your organisation perform background checks on staff and contractors?

Answer yes if background checks are performed against staff before they join your organisation. Please outline the types of checks completed in the notes or provide a supporting document (as a PDF file) as evidence.

HR Security
Background Checks
Read more

02) Do employment contracts include consenting to all information security responsibilities in line with organisational policies and procedures?

Answer yes if your organisation's employment contracts include a clause in which the employee must consent to abiding by all of your organisation's security policies. Please provide a template contract (as a PDF file) as evidence or copy the clause into the notes section.

HR Security
Policies
Consent
Read more

03) Do employees receive an information security training programme?

Answer yes if your organisation runs an information security training programme for all of your employees. Please outline the nature and frequency of the training programme in the notes section.

HR Security
Training
Awareness
Read more

04) Is there a formal disciplinary process for employees who have intentionally breached information security policy?

Answer yes if your organisation has a formal disciplinary process that is followed if an employee is found to have intentionally breached information security policy. Please provide a document outlining the process (as a PDF file) as evidence (this may be covered by your organisation's Disciplinary Policy).

HR Security
Disciplinary Process
Read more

05) Does your organisation have arrangements in place to provide an alternate resource when a member of staff is not available for an extended period of time?

Answer yes if your organisation has a process in place to source additional staff if one of your organisation's employees is not available for an extended period of time. Please outline the process in the notes section.

HR Security
Alternative Resources
Read more