3.2 Personnel


This Chapter states the generic IT baseline protection safeguards which, on a standard basis, should be implemented with regard to personnel matters. A wide variety of safeguards are required, commencing with the taking on of new staff until the termination of their employment. Personnel-related safeguards linked to a specific function, e.g. the appointment of a system administrator of a LAN, are listed in the IT-specific chapters.

Threat Scenario

In this Chapter, the following typical threats (T) are considered as regards IT baseline protection:

Force Majeure:

Organisational Shortcomings:

Human Failure:

Deliberate Acts:

Recommended Countermeasures (S)

For the implementation of IT baseline protection, selection of the required packages of safeguards ("modules") as described in chapters 2.3 and 2.4, is recommended.
In the following, the safeguard package for "Personnel" is set out:


© Copyright by Bundesamt für Sicherheit in der Informationstechnik 2000

Last Update on 6 April 2000