Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

PO7.6 - Personnel Clearance Procedures

This topic is intended to enable collaboration and sharing of information to facilitate a better understanding and approach to implementing this COBIT control objective based on the risk, value and guidance provided by its corresponding control practices.

COBIT Control Objective PO7.6 - Personnel Clearance Procedures is contained within Process Popup Manage IT Human Resources.

Learn more about COBIT and related publications.

Click “Join This Community” to be able to actively participate in discussions and contribute content. You must be an ISACA member to join this topic. Join ISACA now.

 
This Topic Has:
3 Members
0 Online
4295 Visits

 Recent Discussions

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Badge: Energizer


Personnel Clearance Procedures

Include background checks in the IT recruitment process. The extent and frequency of periodic reviews of these checks should depend on the sensitivity and/or criticality of the function and should be applied for employees, contractors and vendors.

View value and Risk Drivers  help

Hide value and Risk Drivers help


Value Drivers

  • Recruitment of appropriate personnel
  • Proactive prevention of information disclosure and confidentiality standards
  Risk Drivers
  • Increased risk of threats occurring from within the IT organisation
  • Disclosure of customer or corporate information and increased exposure of corporate assets

View Control Practices  help

Hide Control Practices  help

  1. Define the criteria for determining the roles that require clearance procedures.
  2. Undertake the clearance procedure for all staff members who perform a role that requires clearance. Maintain documentation in personnel records.
  3. For sensitive roles, if appropriate, periodically repeat the clearance procedure.

Discussions: 0 total

Must be a Topic member to contribute

No Results Found

Documents & Publications: 49 total

Must be a Topic member to contribute
View All »
Books
Posted by ISACA 17 hours ago
Books
Posted by ISACA 735 days ago
Books
Posted by ISACA 788 days ago

Events & Online Learning: 6 total

14 May 2018
ISACA International Event
Los Angeles, CA, USA
13 Aug 2018
ISACA International Event
Nashville, Tennessee, US
2018 GRC Conference - 13-15 August , Nashville, TN. Explore the future of Governance Risk and Control through expert-led workshops and sessions developed by the IIA and ISACA. Register early for our GRC learning tracks.

Journal Articles: 90 total

Volume 1, 2018
by ISACA | Reviewed by Diana M. Hamono, CISA, CGEIT, COBIT 5 Foundation
This guide explains, in a clear and easy-to-follow manner, the variety of privacy protection legislation and different legal models that exist in many regions of the world.
Volume 1, 2018
by Josh Joy
State-of-the-art cryptographic techniques and methods to protect data owners’ personal data have pros and cons and are continually evolving.
Volume 1, 2018
by William Emmanuel Yu, Ph.D., CRISC, CISM, CISSP, CSSLP
Large amounts of personal data can be exploited to initiate profiling and implement a surveillance economy, which also raises the risk of information leakage, cyberstalking and identify theft.
Volume 5, 2017
by Sudhakar Sathiyamurthy, CISA, CRISC, CGEIT, CIPP, ITIL Expert
Transforming business frontiers have created an expanding digital universe and explosive data growth, making organizations reservoirs and refineries of data.
Volume 4, 2017
by Larry G. Wlosinski, CISA, CRISC, CISM, CAP, CBCP, CCSP, CDP, CIPM, CISSP, ITIL v3, PMP
The root causes of privacy incidents include the outsourcing of data, malicious insiders, system glitches, cyberattacks, and the failure to shred or dispose of privacy data properly.
Volume 4, 2017
by Mathew Nicho, Ph.D., CEH, CIS, ITIL Foundation, RWSP, SAP, Shafaq Khan, Ph.D., CIS, PMBOK, PMP, SAP, and Ram Mohan, CRISC, CISM, CGEIT, ISO 27001, ITIL Foundation
A key issue often cited by information systems (IS) executives in the last three decades is aligning IT with business, which assists in realizing value from IT investments.

Wikis: 2 total

Blog Posts: 19 total

Have you experienced ransomware attack so far and, if yes, what did you do to resolve? I set up Twitter poll here: https://twitter.com/DPleskonjic/status/953608717399941120 It lasts for seven days. Thank you for taking part in the poll.
Posted By : Dragan Pleskonjic | 0 comments
Information Security and Privacy is hot issue at present time. Number of security breaches is rapidly increasing.  In case of late detection, costs of breaches are skyrocketing. In the same time Artificial Intelligence (AI), Machine Learning (ML) are fast...
Posted By : Dragan Pleskonjic | 0 comments
My previous blog under name "Dragan on Security" was at location: http://conwex.info/blog/. It was active from August 28, 2005 to October 3, 2012. By beginning of 2017 it is moved to new location http://www.dragan-pleskonjic.com/blog/. With possibility to...
Posted By : Dragan Pleskonjic | 0 comments
28 Sep 2017
Recently, I witnessed an interesting webcast by Scopism, an UK-based consulting and training company. They announced the publication of the SIAM(c) Foundation Body of Knowledge, available for free through their website www.scopism.com. Service Integration...
Posted By : Peter873 | 0 comments
'Data Privacy Day (known in Europe as Data Protection Day)  is an international holiday that occurs every 28 January.' [ https://en.wikipedia.org/wiki/Data_Privacy_Day ]   [ https://assets.pando.com/uploads/2013/05/fingerprint.jpg ]   ...
Posted By : Karoly Arnhoffer | 5 comments
For a long time, the main focus of most organization was to have a solid protected network perimeter, by installing the most powerful shiny firewall, IPS/IDS to avoid intruders to trespass inside their networks. The endpoint (host) protection was always c...
Posted By : Willian Guilherme | 1 comments