This domain covers the security controls you have implemented to mitigate security risk from your employees.
Answer yes if background checks are performed against staff before they join your organisation. Please outline the types of checks completed in the notes or provide a supporting document (as a PDF file) as evidence.
Answer yes if your organisation's employment contracts include a clause in which the employee must consent to abiding by all of your organisation's security policies. Please provide a template contract (as a PDF file) as evidence or copy the clause into the notes section.
Answer yes if your organisation runs an information security training programme for all of your employees. Please outline the nature and frequency of the training programme in the notes section.
Answer yes if your organisation has a formal disciplinary process that is followed if an employee is found to have intentionally breached information security policy. Please provide a document outlining the process (as a PDF file) as evidence (this may be covered by your organisation's Disciplinary Policy).
Answer yes if your organisation has a process in place to source additional staff if one of your organisation's employees is not available for an extended period of time. Please outline the process in the notes section.