terms_and_conditions_of_employment
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revision | |||
| terms_and_conditions_of_employment [2025/08/15 09:09] – tijs | terms_and_conditions_of_employment [2025/08/15 09:11] (current) – tijs | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| **Terms and conditions of employment**\\ | **Terms and conditions of employment**\\ | ||
| - | ^ Control type ^ Information Security Properties | + | ^ Control type ^ Information Security Properties |
| - | | Preventative | + | | Preventative |
| - | **Definition**\\ | + | **Definition**\\ |
| - | The employment contractual agreements should state the personnel’s and the organizations responsibilities for information security. | + | |
| - | **What to include in the employment contract**\\ | + | **What to include in the employment contract**\\ |
| - | The following can be considered: | + | |
| - | • NDA, non-disclosure agreements | + | |
| - | • confidentiality agreements | + | • confidentiality agreements |
| - | • legal rights | + | • legal rights |
| **Additional guidance**\\ | **Additional guidance**\\ | ||
| - | • Classification of information | ||
| - | • management of information | ||
| - | • management of assets | ||
| - | • information processing facilities | ||
| - | • information services | ||
| - | • handling information you get from third parties and interested parties | ||
| - | • what actions will be taken if you don’t follow the information security requirements | ||
| - | **Communication**\\ | + | • Classification of information |
| - | You will communicate roles and responsibilities for information security during the pre-employment phase of your process. | + | • management of information |
| + | • management of assets | ||
| + | • information processing facilities | ||
| + | • information services | ||
| + | • handling information you get from third parties and interested parties | ||
| + | • what actions will be taken if you don’t follow the information security requirements | ||
| + | |||
| + | **Communication**\\ | ||
| - | **Agreement**\\ | + | **Agreement**\\ |
| - | Information security requirements should be agreed which usually is the case of the employee signing the contract and you having a copy of the contract on file. | + | |
| - | **Appropriateness of terms**\\ | + | **Appropriateness of terms**\\ |
| - | You want to make sure that any terms and requirements are appropriate to the person, their role, what they do and the access they have. | + | |
| - | **Review of terms**\\ | + | **Review of terms**\\ |
| - | As a process of continual improvement be sure to review the terms you have, especially if you change your policies or the laws, or regulations change. | + | |
| - | **Non-Disclosure Agreement**\\ | + | **Non-Disclosure Agreement**\\ |
| - | There are certain things that will remain in place after employment and this is usually defined for a set period of time. Consider things like an non-disclosure agreement and confidentiality agreement that you may want in place for 12 months post-employment ending. | + | |
| - | **Employee hand book /code of conduct**\\ | + | **Employee hand book /code of conduct**\\ |
| - | Having an employee hand book or code of conduct is a fantastic way to share and communicate information security responsibilities and key messages and I have seen this work well in many organizations. | + | |
| - | **Employees that come from agency / third party**\\ | + | **Employees that come from agency / third party**\\ |
| - | If you have employees that you do not employ directly but rather you use and agency of third party then the agency of third party should really enter into a contract on behalf of those people. | + | |
terms_and_conditions_of_employment.1755248959.txt.gz · Last modified: by tijs