02) Do employment contracts include consenting to all information security responsibilities in line with organisational policies and procedures?
HR Security Policies Consent
Written by Haydn Brooks
Created on March 18, 2019
Modified on August 28, 2019

Answer yes if your organisation’s employment contracts include a clause in which the employee must consent to abiding by all of your organisation’s security policies. Please provide a template contract (as a PDF file) as evidence or copy the clause into the notes section.

It is important that your employees have read and understood all of your organisation’s security policies. By including a clause in each employee’s employment contract that makes them consent to abiding by your company’s policies you both increase awareness of the policies and reduce the legal risk of the company if the contract was ever taken to court.

As evidence please upload a template employment contract with the relevant clause highlighted.

How to implement the control:
To ensure that your contracts have all of the clauses required to mitigate any legal and security risk to your business it can sometimes help to engage a law firm to undertake a review of your template contract. They will be able to highlight any gaps and ensure that the contract is fit for purpose. A clause which can be included in your contracts has been included below: “During the term of employment, the Employee shall comply with all applicable Company rules and policies as a condition of employment. The Employee’s attention is especially draw to the Company’s security policies.”

If you would like to contribute to this article or provide feedback, please email knowledge@riskledger.com. Contributors will be recognised on our contributors page.