The document outlines the importance of personnel security policies and procedures as essential controls for protecting organizational assets. It emphasizes candidate screening, employment agreements, employee departure protocols, and handling duress to mitigate risks. Additional controls include job rotation, separation of duties, and need-to-know/least privilege access to ensure adherence to security policies throughout the employment lifecycle.

1. #
l
e
a
r
n
t
o
r
i
s
e
www.infosectrain.com

2. 1.9 CONTRIBUTE TO AND ENFORCE PERSONNEL SECURITY
POLICIES AND PROCEDURES
CISSP DOMAIN 1
Overview
Importance
Personnel Security
Controls
Essential for organizational asset protection.
Involves candidate screening, employment
agreements, employee departure, and
handling duress.
Mitigates risks with new hires.
Safeguards organizational assets.
Ensures adherence to security policies.
www.infosectrain.com
#
l
e
a
r
n
t
o
r
i
s
e
Employment Agreements: New employees
agree to security policies.
Employee Departure:
Disables access and notifies departments.
Candidate Screening: Mitigates risks
with new hires.
Handling Duress:
Implements duress signals for employee safety.

3. 1.9 CONTRIBUTE TO AND ENFORCE PERSONNEL SECURITY
POLICIES AND PROCEDURES
CISSP DOMAIN 1
www.infosectrain.com
#
l
e
a
r
n
t
o
r
i
s
e
Additional
Controls
Enforcement
Job Rotation and Mandatory Vacation:
Prevents fraud and provides leave.
Separation of Duties:
Distributes critical tasks.
Need-to-Know/Least Privilege:
Limits access to essential personnel.
Spans from hiring to post-employment.
Incorporates agreements and ethical guidelines.
Crucial for maintaining security.

4. To Get More Insights Through Our FREE
FOUND THIS USEFUL?
Courses | Workshops | eBooks | Checklists | Mock Tests
LIKE FOLLOW
SHARE