Security-related+human+resources

--For all new applicants. · Applicants will be informed of some of the responsibilities they will be under taking for the specific position; · protect all company assets from unauthorized access, modification, or destruction; · report all security events, suspicious activities, and potential risks to TART and its assets; and · point the finger at who is to blame when everything blows up. --All applicants must submit to the TART screening process. Which includes, · a background verification check; · a mandatory drug test; and · a completely random answer from the G1’s Yes/No machine. --Applicants will be hired if, · they are in good standing with the national authorities; · they pass the Mandatory drug test · they understand that they don’t have to comply with but must agree with the TART work ethic; and · the g1’s Yes/No machine says yes. --Management will be responsible for the following, · appropriately informing all employees of their information security roles and responsibilities, before granting access to sensitive information or information systems; · providing all employees with guidelines/rules that state the security control expectations of their roles within the organization; · <span style="font-size: 10pt; line-height: 115%; font-family: 'Arial','sans-serif'; mso-fareast-font-family: 'Times New Roman';">achieving an appropriate level of awareness of security controls among all employees relevant to their roles and responsibilities, and an appropriate level of skills and qualifications, sufficient to execute those security controls; <span style="font-family: Symbol; mso-list: Ignore; msofareastfontfamily: Symbol; msobidifontfamily: Symbol; msolist: Ignore;">· <span style="font-size: 10pt; line-height: 115%; font-family: 'Arial','sans-serif'; mso-fareast-font-family: 'Times New Roman';">assuring conformity to the terms and conditions of employment related to security; and <span style="font-family: Symbol; mso-list: Ignore; msofareastfontfamily: Symbol; msobidifontfamily: Symbol; msolist: Ignore;">· <span style="font-size: 10pt; line-height: 115%; font-family: 'Arial','sans-serif'; mso-fareast-font-family: 'Times New Roman';">motivating adherence to the security policies of the organization, such as with an appropriate sanctions policy; and <span style="font-family: Symbol; mso-list: Ignore; msofareastfontfamily: Symbol; msobidifontfamily: Symbol; msolist: Ignore;">· <span style="font-size: 10pt; line-height: 115%; font-family: 'Arial','sans-serif'; mso-fareast-font-family: 'Times New Roman';">mitigating the risks of a failure to adhere to policies, by ensuring that all persons have appropriately-limited access to the organization's information and information facilities. --Within the first week of hiring, <span style="font-family: Symbol; mso-list: Ignore; msofareastfontfamily: Symbol; msobidifontfamily: Symbol; msolist: Ignore;">· <span style="font-size: 10pt; line-height: 115%; font-family: 'Arial','sans-serif'; mso-fareast-font-family: 'Times New Roman';">A formal orientation process that includes information security training, Before all new hires are given access to company resources <span style="font-size: 10pt; line-height: 115%; font-family: 'Arial','sans-serif'; mso-fareast-font-family: 'Times New Roman';">; <span style="font-size: 10pt; font-family: Symbol; mso-list: Ignore; msofareastfontfamily: Symbol; msobidifontfamily: Symbol; msolist: Ignore;">· <span style="font-size: 10pt; line-height: 115%; font-family: 'Arial','sans-serif'; mso-fareast-font-family: 'Times New Roman';">ongoing training in security control requirements, legal-regulatory-certificatory responsibilities, and correct procedures generally, suitable to each person's roles and responsibilities; and <span style="font-size: 10pt; font-family: Symbol; mso-list: Ignore; msofareastfontfamily: Symbol; msobidifontfamily: Symbol; msolist: Ignore;">· <span style="font-size: 10pt; line-height: 115%; font-family: 'Arial','sans-serif'; mso-fareast-font-family: 'Times New Roman';">periodic reminders that cover both general security topics and specific issues of relevance to the organization given its history of security incidents; and <span style="font-size: 10pt; font-family: Symbol; mso-list: Ignore; msofareastfontfamily: Symbol; msobidifontfamily: Symbol; msolist: Ignore;">· <span style="font-size: 10pt; line-height: 115%; font-family: 'Arial','sans-serif'; mso-fareast-font-family: 'Times New Roman';">other appropriate efforts to raise and maintain awareness of security issues. --A formal disciplinary process for employees who have committed a security breach. <span style="font-family: Symbol; mso-list: Ignore; msofareastfontfamily: Symbol; msobidifontfamily: Symbol; msolist: Ignore;">· <span style="font-size: 10pt; line-height: 115%; font-family: 'Arial','sans-serif'; mso-fareast-font-family: 'Times New Roman';">A reasonable evidentiary standard to initiate investigations (reasonable suspicion that a breach has occurred); <span style="font-family: Symbol; mso-list: Ignore; msofareastfontfamily: Symbol; msobidifontfamily: Symbol; msolist: Ignore;">· <span style="font-size: 10pt; line-height: 115%; font-family: 'Arial','sans-serif'; mso-fareast-font-family: 'Times New Roman';">appropriate investigatory processes, including specification of roles and responsibilities, standards for collection of evidence and chain of custody of evidence; <span style="font-family: Symbol; mso-list: Ignore; msofareastfontfamily: Symbol; msobidifontfamily: Symbol; msolist: Ignore;">· <span style="font-size: 10pt; line-height: 115%; font-family: 'Arial','sans-serif'; mso-fareast-font-family: 'Times New Roman';">disciplinary proceedings that observe reasonable requirements for due process and quality of evidence; <span style="font-family: Symbol; mso-list: Ignore; msofareastfontfamily: Symbol; msobidifontfamily: Symbol; msolist: Ignore;">· <span style="font-size: 10pt; line-height: 115%; font-family: 'Arial','sans-serif'; mso-fareast-font-family: 'Times New Roman';">a reasonable evidentiary standard to determine fault, that ensures correct and fair treatment for persons suspected of a breach; <span style="font-family: Symbol; mso-list: Ignore; msofareastfontfamily: Symbol; msobidifontfamily: Symbol; msolist: Ignore;">· <span style="font-size: 10pt; line-height: 115%; font-family: 'Arial','sans-serif'; mso-fareast-font-family: 'Times New Roman';">sanctions that appropriately take into consideration factors such as the nature and gravity of the breach, its impact on operations, whether it is a first or repeat offense, whether or not the violator was appropriately trained, whether or not the violator exercised due care or exhibited negligence; an overall process that functions both as deterrent and sanction. **Termination or Change of employment** --In the event that an employee if voted to be terminated the following events should occur. <span style="font-size: 12pt; font-family: Symbol; mso-list: Ignore; msofareastfontfamily: Symbol; msobidifontfamily: Symbol; msolist: Ignore;">· A remote shutdown procedure will be executed of any machine the employee is logged into. Security will watch employee empty desk into supplied clear bin to be later searched for confidential material. Employee will be required to sign document that states he does not have any company information in his possession or any other location. Employee will be escorted to car. <span style="font-size: 12pt; font-family: Symbol; mso-list: Ignore; msofareastfontfamily: Symbol; msobidifontfamily: Symbol; msolist: Ignore;">· Management will be notified of the employee’s change in status. <span style="font-size: 12pt; font-family: Symbol; mso-list: Ignore; msofareastfontfamily: Symbol; msobidifontfamily: Symbol; msolist: Ignore;">· Work related tasks of the former employee we be divided among the current team responsible for those tasks as delegated by manager. <span style="font-size: 12pt; font-family: Symbol; mso-list: Ignore; msofareastfontfamily: Symbol; msobidifontfamily: Symbol; msolist: Ignore;"> --All of the following must be returned immediately upon notification of termination. <span style="font-family: Symbol; mso-list: Ignore; msofareastfontfamily: Symbol; msobidifontfamily: Symbol; msolist: Ignore;">· Lab tops <span style="font-family: Symbol; mso-list: Ignore; msofareastfontfamily: Symbol; msobidifontfamily: Symbol; msolist: Ignore;">· Blackberries <span style="font-family: Symbol; mso-list: Ignore; msofareastfontfamily: Symbol; msobidifontfamily: Symbol; msolist: Ignore;">· G1’s Yes/No machines <span style="font-family: Symbol; mso-list: Ignore; msofareastfontfamily: Symbol; msobidifontfamily: Symbol; msolist: Ignore;">· routers <span style="font-family: Symbol; mso-list: Ignore; msofareastfontfamily: Symbol; msobidifontfamily: Symbol; msolist: Ignore;">· switches <span style="font-family: Symbol; mso-list: Ignore; msofareastfontfamily: Symbol; msobidifontfamily: Symbol; msolist: Ignore;">· pens <span style="font-family: Symbol; mso-list: Ignore; msofareastfontfamily: Symbol; msobidifontfamily: Symbol; msolist: Ignore;">· red Swingline staplers <span style="font-family: Symbol; mso-list: Ignore; msofareastfontfamily: Symbol; msobidifontfamily: Symbol; msolist: Ignore;">· key cards --After the occurrence of an employee termination; <span style="font-family: Symbol; mso-list: Ignore; msofareastfontfamily: Symbol; msobidifontfamily: Symbol; msolist: Ignore;">· The user account will be deleted. <span style="font-family: Symbol; mso-list: Ignore; msofareastfontfamily: Symbol; msobidifontfamily: Symbol; msolist: Ignore;">· The profile folder will be archived. <span style="font-family: Symbol; mso-list: Ignore; msofareastfontfamily: Symbol; msobidifontfamily: Symbol; msolist: Ignore;">· Permissions to current project files will be transferred to department manager. <span style="font-family: Symbol; mso-list: Ignore; msofareastfontfamily: Symbol; msobidifontfamily: Symbol; msolist: Ignore;">· A kill switch will be sent to the Blackberry that was in use. <span style="font-family: Symbol; mso-list: Ignore; msofareastfontfamily: Symbol; msobidifontfamily: Symbol; msolist: Ignore;">· Key card codes will be erased.
 * Prior to employment**
 * Rules and responsibilities **
 * Screening **
 * Terms of conditions of employment **
 * During employment**
 * Management responsibilities **
 * Information security awareness, education and training **
 * Disciplinary process **
 * Termination responsibilities **
 * Return of assets **
 * Removal of access rights **

Derived in part from:
 * <span style="font-size: 10pt; font-family: 'Arial','sans-serif'; mso-fareast-font-family: 'Times New Roman';">[] **