Implementing personnel security policies and procedures can help to mitigate the risk of individuals using their legitimate access to an asset for unauthorized purposes.
Center for Development of Security Excellence provides security education, training, and certification for DoD and Industry. This example directive can assist organizations that are required to meet the personnel security (PS) controls as stated in NIST SP 800-53. The Fair Credit Reporting Act (FCRA) governs pre-screening reports from outside agencies that creates a Consumer Report. This example EPA procedure describes how the agency meets control requirements for the NIST SP 800-53 Personnel Security control family. This article provides an overview of how to conduct, maintain and dispose of employee background checks to improve personnel security. This is a sample policy for enterprise wide employee background checks from Society for Human Resource Management. This article discusses what enterprises can do to reduce the growing threat of data theft by departing insiders.
This document provides assessment guidance for Level 1 of the Cybersecurity Maturity Model Certification (CMMC). This document provides assessment guidance for conducting Cybersecurity Maturity Model Certification (CMMC) assessments for Level 3 and Level 2. This Handbook provides a step-by-step guide to assessing a small manufacturer’s information systems against the security requirements in NIST SP 800-171 rev 1. The purpose of this publication is to provide procedures for assessing the CUI requirements in NIST Special Publication 800-171.