ISO 27001 Annex : A.7.2 During Employment
ISO 27001 Annex : A.7.2 During Employment Its objective is to make sure that employees and contractors are conscious of and fulfill their information security responsibilities. A.7.2.1 Management Responsibilities Control- Management should mandate all employees and contractors to exercise information security in accordance with established policies and procedures set by the organization. Implementation Guidance- Responsibilities for management should include ensuring employees and contractors are: Are adequately briefed about information security role and responsibilities before given access to confidential information or information systems; Shall provide proper guidelines stating the information security expectations from their roles in the organization. Motivated to comply with the organization’s information security policies; Achieving the level of information security awareness relevant to their organizational positions and respon...