Page tree
Skip to end of metadata
Go to start of metadata

Last review date: April 2020, version 1.0.2

Purpose

The purpose of the Bethel University Personnel Security Policy is to ensure adequate checks are established to determine and/or confirm, within appropriate legal and professional limits, the qualifications and suitability of a job candidate for roles within Bethel University.

Audience

The Bethel University Personnel Security Policy applies to all Bethel University applicants and employees; full-time and part-time.   

Policy

General

  • For all roles within Bethel University, the hiring process should ensure the candidate has the necessary competence to perform the role and can be trusted to take on the role, especially for roles related to the use, management, or protection of information security.
  • Information security responsibilities must be communicated to employees as part of the on-boarding process. 
  • Observed violations of the information security policies should be communicated through the employees reporting structure or by emailing information-security@bethel.edu with the concerns. 

Background Checks

  • Background checks are required prior to employing Bethel University employees, regardless of whether or not a competitive recruitment process is used. 
  • Background checks may be required for employees who change positions in the company, obtaining more sensitive duties, as determined by Human Resources or the hiring manager.
  • Background checks may be required for employees at any time after the employment start date, at the discretion of Human Resources or Executive Management.
  • Contractors with access to Bethel University confidential information must have a process in place for conducting background checks on applicable staff. An agreement must be put in place specifying the responsibilities for conducting background checks if a procedure is not currently being followed or in question. 

References

  • ISO 27002: 7, 13
  • NIST CSF: PR.IP, DE.CM

Waivers

Waivers from certain policy provisions may be sought following the Bethel University Waiver Process.

Enforcement

Personnel found to have violated this policy may be subject to disciplinary action, up to and including termination of employment, and related civil or criminal penalties.  

Any vendor, consultant, or contractor found to have violated this policy may be subject to sanctions up to and including removal of access rights, termination of contract(s), and related civil or criminal penalties.

Version History

Version 

Modified Date

Approved Date

Author

Reason/Comments

1.0.0

October 2016


FRSecure

Document Origination

1.0.1

February 2018


Andrew Luchsinger

Bethel Modifications

1.0.2

April 2020

June 2020

InfoSec Committee

Committee Review