Personnel Management 5.1 Flashcards
Business Policies
Mandatory vacations will happen. If there is funny business going on in the company, this is the best chance to identify fraud. The longer the vacation, the better. Especially important in high-security environments.
Job Rotation
Keep people moving between responsibilities. No one person maintains control for long periods of time.
Separation of Duties
No one person has all of the details. Like having 2 keys to the nuke. Two people to open the safe.
Clean Desk Policy
When you leave, nothing is on your desk. Computer turned off. Limits the exposure of sensitive data to third-parties.
Background Checks
Pre-employment screening. Verify the applicant’s claims. Discover criminal history, worker compensation claims, etc. Legalities vary by country.
Adverse Action
An action that denies employment based on the background check. May require extensive documentation. Can also include existing employees.
Personnel Security Procedure
Non-disclosure agreement (NDA). Legal contract that defines what is confidential. Prevents the use and dissemination of confidential information. Train new employees coming into the organization. Initial security training is a must, but you have to have continuing education because security is constantly changing.
Acceptable Use Policy (AUP)
This defines what is acceptable use of company assets. This may also be documented in the Rules of Behavior. This is used by an organization to limit legal liability. If someone is dismissed, these are well-documented reasons why.
Exit Interview
Employee is leaving, you can ask them questions about why they are leaving etc. This is a very formal process and is documented for data tracking and feedback.