HR SECURITY EGBERT PESHA ALLOCIOUS RUZIWA AUTHER MAKUVAZA SAKARIA IINOLOMBO
WHAT IS HR SECURITY? Human resources security is part of personnel management and applies to pre-employment, the duration of employment, and termination of employment. It includes pre-employment checks and processes, documentation of security roles and responsibilities, and ongoing security and privacy awareness training. It also includes processes for changes in employment status i.e also security awareness
ROLES OF HR IN ENFORCING A SECURITY POLICY. Recruitment Code of Conduct
FUNCTIONS OF HR SECURITY? Job descriptions User awareness and training Disciplinary process
3 AREAS OF HR SECURITY A. Prior to employment. Defining roles and responsibilities of the job. Defining appropriate access to sensitive info. Determining depth of candidate’s screening levels.
B. During employment. Sending all the employees with access to sensitive information reminders of their responsibilities Conducting updated security awareness training
C. Termination and change of employment Preventing unauthorized access to sensitive information. Return of any assets of the organization that was held by the employees.
Intended outcomes regarding policies of HR security. These policies are enforced to ensure that-Risks to the security of government information resources are minimized. Security responsibilities are documented and communicated. Personnel are aware of their security and privacy responsibilities. Access to information resources is removed or reviewed when employment status changes. Management promotes security through hiring and supervisory practices at all times.
Duties of every personnel to ensure HR security success Attend security and privacy awareness and training events. Understand and abide by the Standards of Conduct. Follow the established processes and policies to maintain security and privacy. Consult managers or supervisors for guidance on security and privacy issues. When assigning work, ensure personnel are aware of security requirements. Consider security implications when making organizational changes which involve information resources
Things to avoid : Not asking for clarification or direction when unsure about information security, privacy and records management requirements. Things to pay attention to: Security and privacy requirements in job descriptions. Security is everyone’s responsibility. Things to report: Actions or activities which could circumvent or impair security processes. Actual and suspected security incidents and events as required by the Information Incident Management Process. File a General Incident or Loss Report (GILR) within 24 hours of a security incident.
Responsibilities of the organization management Things to do: Ensure information security requirements are included in job descriptions. Consult the Ministry Information Security Officer (MISO) for guidance on security issues. Understand and abide by the Appropriate Use of Government Resources. Support security awareness and education programs.
Things to pay attention to: Legislation and policy related to privacy, security and records management. Things to establish procedures for: Orientation programs for new personnel. Reviewing access rights of personnel when employment status changes occur. Things to monitor: That personnel support and follow security and privacy processes.
Things to report: Promptly contact the Ministry Information Security Officer (MISO) when actual or suspected breaches of privacy or security occur. Things to reinforce with personnel: The importance of understanding policies, adhering to standards and following approved processes for the protection of information. That everyone has a role in securing information resources
References. Roles of an HR. enforcing-security-policy html enforcing-security-policy html de/Human+Resources+Security de/Human+Resources+Security Information Security Policy policy/isp.pdf