Assessment Task 3: PERSONNEL SECURIY AND INFORMATION

SECURITY

1.) Distinguished between Personnel Security and Information Security?

-Personnel security refers to the precautions taken to ensure that those with access to sensitive or
confidential information are reliable and trustworthy. Background checks must be performed, their
employment history and credentials verified, and any potential criminal or financial difficulties must
be investigated in order to do this. Information security, on the other hand, is the protection of data
from unauthorized access or disclosure. This includes, among other things, ensuring that data is
encrypted, putting access controls in place to restrict who can view or modify it, and conducting
regular security audits to identify and address any risks or vulnerabilities.

2.) What is the importance of Information Security in the application of Personnel Security in an
organization?

-Two essential elements for establishing secure operations within a company are information security
and personnel security. In order to effectively implement personnel security, information security is
crucial. Information security guarantees that sensitive data belonging to a company and its employees
is shielded from illegal access, use, disclosure, alteration, or destruction. Any compromise of this
information runs the risk of damaging an organization's reputation and eroding trust, both of which
have a big impact on its capacity to stay financially stable. Information security also aids in
maintaining confidentiality by implementing access rules to restrict the disclosure of sensitive
personnel data.

3.) Explain the importance of “Due Diligence” as one of the element of Personnel Security?

-In Due Diligence is an element of Personnel Security which provides for the verification of the
personal information disclosed by the applicants in the personal History Statement. It also provides
for others sources of information that will enable the team to conduct a thorough appraisal of the
applicant’s qualifications, competency, suitability, reliability, character, reputation and other personal
circumstances. Due diligence is often times called Background Investigation. Good governance
provides that a verification of the applicant’s declarations must be done before he is even considered
for employment. The extent as to how far back the investigation would go depends on the sensitivity
of the position applied for. Due diligence is also ensuring that the product or service of the provider
meets the security requirements and customers' expectations before engaging in a contract.
Implementing due diligence can be expensive, however it is a necessary cost that every organization
should assume.

4.) What is the importance of information in an organization? What are the possible means of safe
keeping information?

-Information Security is that aspect or means of security that prevents the destruction, loss,
distortion or disclosure of classified, critical and sensitive proprietary information to unauthorized
individuals. Information is the life-blood of any organization. It is an idea created that deals toward
achieving the organization’s objective in the fastest and easiest manner with the least possible cost. It
is conveyed from one team member to other, electronically, orally and/or visually with the objective
of accomplishing the organization’s mission and achieving its goals. A body of information that is
written, stored and read physically or electronically is called a document. This is why in some
applications information security is sometimes called Document Security. Information is basically
represented by a physical or digital document. A physical document represents information whose
text is written in ink on a surface. Digital document represent information that is written, stored
electronically and is read as light image on a digital screen.