ISO:HR Security

From Hornbill
Revision as of 10:45, 25 September 2018 by Keiths (talk | contribs) (Created page with "== HR Security == Recruitment of new staff can only be undertaken with the approval of the Chief Technical Officer. This approval may be recorded in minutes or by e-mail. Ea...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

HR Security

Recruitment of new staff can only be undertaken with the approval of the Chief Technical Officer. This approval may be recorded in minutes or by e-mail.

Each position has a Job Description which includes any relevant security requirements. Master copies of Job Descriptions are held by the HR Department.

New positions are advertised or a suitable agency appointed dependent upon the role being considered.

Interviews are arranged as necessary along with appropriate practical tests with likely candidates who are usually identified from CV review.

For suitable candidate(s) an offer is made in writing. This offer is dependent upon satisfactory screening and completion of a probationary period (normally a minimum of 3 months).

A minimum of one reference is taken up and the persons’ right to work in the UK is validated. Education achievements are also checked/validated.

Should these checks indicate an issue then the HR Dept reviews the circumstances with the Chief Technical Officer and whoever else is relevant prior to determining a suitable course of action. Records of the vetting are retained by the HR Dept.

A New Starter Checklist is completed during the induction process and is retained by the HR Dept during the period of employment.

Employees are provided with and sign a Contract of Employment which includes a confidentiality agreement covering the various responsibilities and actions required of signatories in order to avoid unauthorized information disclosure, the permitted use of the information, the signatories’ rights in respect of that information and the required actions on termination of the agreement. A copy of the signed contract is retained within the employee personnel file.

All new starters are inducted with information security training as well as other appropriate training. This is recorded on the New Starter Checklist.

All employees receive appropriate training including information security awareness as relevant. Such training is recorded as necessary.

Employees are reviewed by the appraisal process.

If a member of staff changes roles (e.g. following a promotion) then any alteration in access rights is notified to the IT Department by e-mail by the person’s manager. A copy of this e-mail is retained by the IT department for a minimum of one year. Any such change will normally require Chief Technical Officer approval.

Assets given to employees in order to perform their duties either at start or during employ are noted as relevant by the IT department (e.g. for laptops) or the Quality Engineering Manager.

Should an employee leave then the Leavers checklist is completed by the HR Dept and retained for a minimum of 3 years following cessation of their employment.

The Leavers checklist includes a list of items to be returned (such as keys, building fob, credit card etc).

Retrieved from "https://wiki.hornbill.com/index.php?title=ISO:HR_Security&oldid=19359"