>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

PS-8Personnel Sanctions

PBMM (P2)
Secret (P2)
Operational

>Control Description

(A) The organization employs a formal sanctions process for individuals failing to comply with established information security policies and procedures. (B) The organization notifies organization-defined personnel or roles within organization-defined time period when a formal employee sanctions process is initiated, identifying the individual sanctioned and the reason for the sanction.

>Supplemental Guidance

Organizational sanctions processes reflect applicable GC legislation and TBS policies directives, and standards. Sanctions processes are described in access agreements and can be included as part of general personnel policies and procedures for organizations. Organizations consult with their legal counsel regarding matters of employee sanctions.

Related controls: PL-4, PS-6

Ask AI

Configure your API key to use AI features.