We are updating our organization's security policies and found that we don't have a clear way of declaring an employee a security risk or procedures for taking away system access privileges. Do we specify that after a certain number of violations one is a security risk? Do we use personnel policy or some combination of the two? It is not easy to terminate an employee in my organization, so how should we handle an employee who has been...
declared a security risk, but has not yet been terminated?
To address such issues, the security group, HR and management should work together to define and enforce these policies. Let's review some employee termination procedures.
Before you begin, make sure you have management's support. Management is responsible for selecting the appropriate people to work together on this task. Management and HR should oversee the enforcement of proper employee behavior and the security group should help develop the necessary policies, standards, guidelines and procedures. The security group should also assist with the development of training procedures and conduct training seminars, so if an incident occurs, the organization will be able to handle the situation.
This Step-by-Step Guide provides specific strategies for building a structure for dealing with employees even before they are hired.
Ask the Expert Step-by-Step Guide: Employee termination procedure
Dig deeper on Information Security Policies, Procedures and Guidelines
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.