From Traditional Security
Part of Position of Trust - Local Policy Covering Employee Personal Standards of Conduct Responsibilities
Associated with IA controls: PRRB-1
Failure to inform personnel of the expected standards of conduct while holding a position of trust
Checks: Check to ensure that a local policy exists and is readily available to employees that informs them about pertinent security regulations and standards of conduct required of persons holding positions of trust, including (and especially) the requirement to report derogatory information to their local security manager. SOPs should be readily available to all employees in a common reading library or more efficiently, accessable on line in a common file or organization intranet. TACTICAL ENVIRONMENT: The check is applicable for fixed (established) tactical processing environments where procedural documents (SOPs) should be in place. Not applicable to a field/mobile environment.
Fix: Ensure that a local policy exists and is readily available to employees that informs them about pertinent security regulations and standards of conduct required of persons holding positions of trust, including (and especially) the requirement to report derogatory information to their local security manager. SOPs should be readily available to all employees in a common reading library or more efficiently, accessable on line in a common file or organization intranet.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer