Open Menu

information systems - controls over people

Intro.

Personnel Security

This covers aspects of job definitions and resourcing, to reduce the risk of human error and ensure that staff understand what their rights and responsibilities are concerning information security.

Most organisations require staff to keep client information confidential. They also ask staff to report security incidents and perceived weaknesses.

Appropriate personnel security ensures:


That employment contracts and staff handbooks have agreed, clear wording

Ancillary workers, temporary staff, contractors and third parties are covered

Anyone else with legitimate access to business information or systems is covered

It must deal with rights as well as responsibilities, for example:


Access to personnel files under the Data Protection Act

Proper use of equipment as covered by the Computer Misuse Act

Staff training is an important feature of personnel security to ensure the Information Security Management System (ISMS) continues to be effective.

Periodically, refreshers on less frequently used parts of the Information Security Management System (ISMS), such as its role in disaster recovery plans, can make a major difference when there is a need to put the theory into practice.


Teacher Subject Newsletters  |  Teacher Forums  | Online Store  | tutor2u News

tutor2u on Twitter:
JimGeoff | Others

Subject Blogs:
Economics  | Business Studies  | Politics  | History  | Law  | Sociology
Religious Studies  | IB Diploma  | The Hot Seat

About tutor2u  | Copyright  | Privacy  | Terms of Use  | Contact tutor2u

Our Development Partners:
Learning Curve Education |  Ednet Aberdeen | BK Design | Wisdomap

 

Tutor2u Search tutor2u website Buy digital learning resources, CPD & student workshops from tutor2u Economics Blog - Free Daily Resources for Economics Teachers and Students Learning and Teaching Resources for Business Studies Resources for Politics Teachers and Students