Professional Documents
Culture Documents
[Company Name]
Document Owner:
Effective Date:
Updated:
Disclaimer: This sample policy has been provided by Apptega, Inc. as a generic document to support the
development of your compliance program. It is unlikely to be complete for your organization without
customization. This document is not legal advice and Apptega is not a registered CPA firm.
Personnel Security Policy
Version 1.0
[Updated Date]
[Company Name]
Personnel Security Policy
Effective Date: Document Owner:
Revision History
Revision Rev. Date Description Prepared By Reviewed By Date Approved By Date
1.0
1. Overview.............................................................................................................................................1
2. Purpose................................................................................................................................................2
3. Scope...................................................................................................................................................2
4. Policy...................................................................................................................................................2
4.1............................................................................................................................................................2
4.2............................................................................................................................................................2
5. Audit Controls and Management........................................................................................................2
6. Enforcement........................................................................................................................................2
7. Distribution..........................................................................................................................................2
8. Related Standards, Policies, and Processes.........................................................................................2
9. Related Sub controls............................................................................................................................3
10. Definitions and Terms......................................................................................................................3
1. Overview
All staff, (including permanent, temporary, and contractor) interact with and in company
systems and processes to accomplish tasks. Some personnel may have access to
proprietary, or other highly sensitive information. Part of being a secure organization
includes addressing the potential risks posed by all personnel, in the events they use
their legitimate information, power, or authorization in malicious ways. Properly
managing personnel authorization, screening, transfer, and termination – among other
things – can mitigate the risks of personnel with malicious intentions.
CONFIDENTIAL
Personnel Security Policy
Version 1.0
[Updated Date]
2. Purpose
This policy provides procedures and protocols supporting an effective management of
personnel procedures and processes that ultimately protect the organization.
3. Scope
This policy applies to all company officers, directors, employees, agents, affiliates,
contractors, consultants, advisors or service providers that initialize, change, or monitor
any system configuration settings. It is the responsibility of all the above to familiarize
themselves with this policy and ensure adequate compliance with it.
4. Policy
4.1
It is <Company> policy to screen individuals prior to authorizing access to
organizational systems containing CUI.
4.2
<Company> is responsible for ensuring that organizational systems containing
CUI are protected during and after personnel actions such as terminations and
transfer.
6. Enforcement
Staff members found in policy violation may be subject to disciplinary action, up to and
including termination.
7. Distribution
This policy is to be distributed to all staff.
CONFIDENTIAL
Personnel Security Policy
Version 1.0
[Updated Date]
CONFIDENTIAL