Beginning with the first day on the job and continuing through a process called “organizational socialization,” employees learn the ethics of the company culture—its rules, procedures, policies, and formal and informal expectations: what is said to be expected and what is actually acceptable, based on other employees’ behaviors. The company culture is the tabula rasa—the blank slate upon which all that follows depends. For information security, an honest company culture is vital. Standard 9 prepares this backdrop for first impressions of your company’s culture of security.
Goals: Evaluate, investigate, document, and modify (if necessary) your company’s honest company culture.
Specific Objectives: The four exercises in this chapter are progressive building blocks. They are, in ascending order:
Of these four objectives, the realistic job preview is the standard that carries forth the company’s policies for identity confidentiality. The traditional realistic job preview is simply a discussion, preempting false impressions of what is and what is not acceptable. However, when adapted ...