PS - Personnel Security
(PS-1) Personnel Security Policy and Procedures
The university develops, disseminates, and periodically reviews/updates formal, documented procedures to facilitate the implementation of the Personnel Security policy and associated personnel security controls.
(PS-2) Position Risk Designation
The university identifies and classifies personnel positions based on risk category in order to determine the risk level associated with the position, thereby determining the controls that must be implemented for the position.
(PS-3) Personnel Screening
The university screens individuals, to authenticate identity, before authorizing access to university information resources.
(PS-4) Personnel Termination
In the event of termination of individual employment, the university terminates information resource access, retrieves all university information system-related property, and provides appropriate personnel with access to official records created by the terminated employee that are stored on university information resources.
(PS-5) Personnel Transfer
The university reviews information resource/facility access authorizations when personnel are reassigned or transferred to other positions within the university and initiates appropriate actions as identified by Human Resources.
(PS-6) Access Agreements
The university completes appropriate signed access agreements for individuals requiring access to university information and information resources before authorizing access.
(PS-7) Third Party Personnel Security
The university establishes personnel security requirements including security roles and responsibilities for third-party providers and monitors provider compliance.
(PS-8) Personnel Sanctions
The university employs a formal sanctions process for personnel failing to comply with established information security policies and procedures.