Personnel Security Policies and Practices
CISSP candidates must have a basic understanding of various employment policies and practices, as well as how these policies achieve information security objectives. You should also know the various information security roles and responsibilities within an organization.
Background checks and security clearances
Pre- and post-employment background checks can provide an employer with valuable information about an individual whom an organization is considering for a job or position within an organization. Such checks can give an immediate indication of an individual’s integrity and can help screen out unqualified applicants.
Basic background checks should be conducted for all personnel with access to sensitive information or systems within an organization. A basic background check should include
Reference checks: Personal, professional, and employment
Verification of data in employment applications and resumes: Social Security numbers, education, professional/technical certifications, military records, and previous employment
Other records: Court, local law enforcement, and ...