Personnel Security
Personnel security is a system of policies and procedures, which seeks to manage the risk of staff and/or contractors exploiting their legitimate access to an organization’s assets or premises for unauthorized purposes.
For the purposes of this guide, individuals who have legitimate access to an organization’s assets, but who are not staff or contractors – for example, postal delivery workers with temporary site access – fall outside this definition of an “insider.” There are many different measures that can be used in a program of personnel security. Most of them will fall into the following categories:
- Assessing insider potential
- Behavioral assessment
- Ongoing personnel security measures
- Post–employment personnel security measures
- Pre-employment check updates
- Pre-employment checks
- Pre-employment personnel security measures
- Screening
- Security vetting
- Security vetting and regular security checks post employment
- Access controls
- Investigations
- Promoting effective security culture
- Protective monitoring and intrusion detection
- Social Engineering