Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

PO7.6 - Personnel Clearance Procedures

This topic is intended to enable collaboration and sharing of information to facilitate a better understanding and approach to implementing this COBIT control objective based on the risk, value and guidance provided by its corresponding control practices.

COBIT Control Objective PO7.6 - Personnel Clearance Procedures is contained within Process Popup Manage IT Human Resources.

Learn more about COBIT and related publications.

Click “Join This Community” to be able to actively participate in discussions and contribute content. You must be an ISACA member to join this topic. Join ISACA now.

 
This Topic Has:
3 Members
0 Online
4191 Visits

 Recent Discussions

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Badge: Energizer


Personnel Clearance Procedures

Include background checks in the IT recruitment process. The extent and frequency of periodic reviews of these checks should depend on the sensitivity and/or criticality of the function and should be applied for employees, contractors and vendors.

View value and Risk Drivers  help

Hide value and Risk Drivers help


Value Drivers

  • Recruitment of appropriate personnel
  • Proactive prevention of information disclosure and confidentiality standards
  Risk Drivers
  • Increased risk of threats occurring from within the IT organisation
  • Disclosure of customer or corporate information and increased exposure of corporate assets

View Control Practices  help

Hide Control Practices  help

  1. Define the criteria for determining the roles that require clearance procedures.
  2. Undertake the clearance procedure for all staff members who perform a role that requires clearance. Maintain documentation in personnel records.
  3. For sensitive roles, if appropriate, periodically repeat the clearance procedure.

Discussions: 0 total

Must be a Topic member to contribute

No Results Found

Documents & Publications: 50 total

Events & Online Learning: 10 total

21 Sep 2015
ISACA International Event
06010 Mexico City, Panama
La Conferencia Latinoamericana CACS/ISRM
9 Nov 2015
ISACA International Event
Copenhagen, Denmark
Stay on top of the trends and opportunities of the dynamic technology industry at EuroCACS/ISRM —the leading European conference for IT audit, assurance, security and risk professionals.
16 May 2016
ISACA International Event
Los Angeles, CA, USA
17 Oct 2016
ISACA International Event
Las Vegas, NV, US
16 Aug 2017
ISACA International Event
Grapevine, Texas, US
2017 GRC Conference - 16-18 August , Grapevine, TX. Explore the future of Governance Risk and Control through expert-led workshops and sessions developed by the IIA and ISACA. Register early for our GRC learning tracks.

Journal Articles: 86 total

Volume 4, 2107
by Larry G. Wlosinski, CISA, CRISC, CISM, CAP, CBCP, CCSP, CDP, CIPM, CISSP, ITIL v3, PMP
The root causes of privacy incidents include the outsourcing of data, malicious insiders, system glitches, cyberattacks, and the failure to shred or dispose of privacy data properly.
Volume 4, 2017
by Mathew Nicho, Ph.D., CEH, CIS, ITIL Foundation, RWSP, SAP, Shafaq Khan, Ph.D., CIS, PMBOK, PMP, SAP, and Ram Mohan, CRISC, CISM, CGEIT, ISO 27001, ITIL Foundation
A key issue often cited by information systems (IS) executives in the last three decades is aligning IT with business, which assists in realizing value from IT investments.
Volume 4, 2017
by Guy Ngambeket, CISA, CISM, CGEIT, ITIL v3 , PMP
Remote working has a lot of advantages, both for the company and the employees. In the past years, it has become increasingly used by companies as a perk.
Volume 3, 2017
by Vasant Raval, DBA, CISA, ACMA, and Rajesh Sharma, Ph.D., ITIL-F, Six Sigma Black Belt
Success does not teach much, if anything; it is the failure that provides lessons to do better in the future.
Volume 1, 2017
by Graciela Braga, CGEIT, COBIT Foundation, CPA
When discussing the impact of IT on cities, some questions arise: How have cities been transformed by IT? Can this transformation be measured? What are the benefits and risk factors of the transformation?
Volume 6, 2016
by Wanbil W. Lee, DBA, FBCS, FHKCS, FHKIE, FIMA, Wolfgang Zankl, Ph.D. and Henry Chang, CISM, CIPT, CISSP, DBA, FBCS
Privacy breaches disturb trust and run the risk of diluting or losing security; it is a show of disrespect to the law and a violation of ethical principles.

Wikis: 2 total

Blog Posts: 15 total

'Data Privacy Day (known in Europe as Data Protection Day)  is an international holiday that occurs every 28 January.' [ https://en.wikipedia.org/wiki/Data_Privacy_Day ]   [ https://assets.pando.com/uploads/2013/05/fingerprint.jpg ]   ...
Posted By : Karoly Arnhoffer | 5 comments
For a long time, the main focus of most organization was to have a solid protected network perimeter, by installing the most powerful shiny firewall, IPS/IDS to avoid intruders to trespass inside their networks. The endpoint (host) protection was always c...
Posted By : Willian Guilherme | 1 comments
“Enterprise architecture is now a strategic componentof every forward-thinking organization around the world.”Source: http://feapo.org/press-release-ea-perspectives-white-paper/ Related Article: Common Perspective on Enterprise Architecture: http://feapo....
Posted By : SA | 1 comments
Let us have positive inspirational slogans for every situation. Last week I started the project meeting like this: I don't know you are all so good at tuning the website. The performance is now is wonderful. I could witness reduction of stress, anxiety an...
Posted By : Jayakumar Sundaram | 1 comments
Yesterday’s security technology will not keep your network safe today, nor will today’s solutions protect you tomorrow. Network security must evolve. And at a rate that keeps it always one step ahead of the threats. These could include factors such as you...
Posted By : rasoolirfan | 1 comments
11 Feb 2016
The Author of this blog is not a Lawyer, and even if he was, he is not YOUR lawyer. Nothing that is written here should be considered Legal advice or opinion. The information presented hereafter represents the author's personal opinion and current under...
Posted By : HPMahan | 0 comments