This section explains the personnel security lifecycle used to reduce insider threats, minimize risk, enforce confidentiality, and improve organizational security culture. CISSP candidates must understand and apply controls throughout the employee lifecycle.
Candidate screening and hiring Onboarding, transfers, and termination processes Employment agreements and policy driven controls Vendor, consultant, and contractor agreements and requirements