5325    HUMAN RESOURCES SECURITY
(New 03/08)

Each agency is responsible to provide security roles and responsibilities to employees, contractors and third party users. This will ensure the users are informed of their roles and responsibilities for using agency information assets, to reduce the risk of inappropriate use, and a documented process to remove access when changes occur. Personnel practices related to security management must include:

1. Employment history and/or background checks on employees who work with or have access to confidential or sensitive information or critical applications may be necessary for particular agencies. Agencies should contact the Department of Personnel Administration for specific rules and regulations relative to employment history or background checks.
   
   
2. Training of agency employees, contractors, and third parties with respect to individual, agency, and statewide security responsibilities and policies.
   
   
3. Signing of acknowledgments of security responsibility by all employees.
   
   
4. Termination procedures that ensure that agency information assets are not accessible to former employees.

AUTHORITY          STANDARDS          GUIDANCE          FORMS          TOOLS