Skip to main content

πŸ’Ό PS-7 External Personnel Security

  • Contextual name: πŸ’Ό PS-7 External Personnel Security
  • ID: /frameworks/nist-sp-800-53-r5/ps/07
  • Located in: πŸ’Ό PS Personnel Security

Description​

a. Establish personnel security requirements, including security roles and responsibilities for external providers; b. Require external providers to comply with personnel security policies and procedures established by the organization; c. Document personnel security requirements; d. Require external providers to notify [Assignment: organization-defined personnel or roles] of any personnel transfers or terminations of external personnel who possess organizational credentials and/or badges, or who have system privileges within [Assignment: organization-defined time period]; and e. Monitor provider compliance with personnel security requirements.

Similar​

  • Internal
    • ID: dec-c-cf263de2

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό FedRAMP High Security Controls β†’ πŸ’Ό PS-7 External Personnel Security (L)(M)(H)
πŸ’Ό FedRAMP Low Security Controls β†’ πŸ’Ό PS-7 External Personnel Security (L)(M)(H)
πŸ’Ό NIST CSF v2.0 β†’ πŸ’Ό DE.CM-06: External service provider activities and services are monitored to find potentially adverse events27
πŸ’Ό NIST CSF v2.0 β†’ πŸ’Ό GV.RR-04: Cybersecurity is included in human resources practices

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags