While pre-employment screening helps ensure that an organisation recruits trustworthy individuals, people and their circumstances and attitudes change, either gradually or in response to events.
NPSA's collection of ongoing personnel security guidance and tools can be used to help an organisation develop and plan effective practices for countering the insider threat and maintaining a motivated, engaged and productive workforce.
The Ongoing Personnel Security - A Good Practice Guide can be used to help an organisation better understand the potential threats from insiders and then take the appropriate measures to mitigate the risk. An Ongoing Personnel Security - Infographic is also available.
NPSA has produced guidance to inform employers about the personnel security vulnerabilities of remote working, and a general overview of the overarching principles and key issues when using offshore centre.
More information and guidance can be found on the Remote and Overseas Working page.
Refer to our Contract Staff page to consider how contract staff may pose the same, or differing, security risks and how your organisation can effectively manage the risk of granting contractors access to your sites and assets.
The induction of new joiners is a key entry point at which their perception of security in the organisation is formed. This provides an opportunity to embed the desired security mind-set and behaviour in your employees from the outset, which is important in building and maintaining a good security culture.
Guidance on providing security information during the first 12 months of the employee lifecycle can be found on our Security messages for New Joiners webpage.
The point of exit is a significant stage in the employee lifecycle from a security perspective. There are a variety of reasons why an employee might be leaving an organisation and some of these reasons may give rise to a risk of confidentiality, integrity and availability of critical assets being compromised. Therefore it is important that effective exit and legacy controls are in place to detect and prevent any insider behaviours during the notice period and beyond.
This exit procedure guidance has been designed to support security managers, human resources advisers and others in your organisation responsible for exit procedures to encourage them to implement an effective process which helps to minimise the risks posed by employees leaving an organisation.
