Personnel Security Assurance
Role overview
The role of Personnel Security Assurance is to establish the appropriate Personnel Security organisational posture to deliver an effective risk-based approach to mitigate the
insider risk.
Role level
Typical role expectation
- Deliver Personnel Security assurance processes, including providing audit information to risk owners
- Monitor and report on the delivery of Personnel Security processes against requirements, with the use of key performance indicators
- Review current personnel risk reduction methods, including those which are technological or procedural, and highlight areas of concern
- Ensure alignment with government and/or industry objectives and standards, proactively reviewing and assuring security risk and highlighting non-conformance
Typical role expectation
- Manage delivery and life cycle of Personnel Security assurance processes, including sharing audit information to senior leadership, and setting assurance standards
across government
- Manage the assessment, recording and monitoring of Personnel Security processes
- Review reporting, including key performance indicators, and act as key decision maker for the delivery of Personnel Security processes against requirements
- Ensure alignment with government and/or industry objectives and standards, and liaise with senior stakeholders on how these objectives and standards can be met
Skills
| Skill | Lead | Principle |
|---|---|---|
| Applied Personnel Security | Practitioner | Expert |
| Legal and regulatory environment and compliance | Practitioner | Expert |
| Risk understanding and mitigation | Practitioner | Expert |
| Protective security | Awareness | Working |
| Threat understanding | Awareness | Working |
Core learning
Lead
Certified ISO27001 Practitioner
NPSA – Security Culture
QACSRM (Certified Security Risk Manager)
Principal
Certified ISO27001 Practitioner
(ISC)2 Certified Information Systems Security Professional Training (CISSP)
BCS Practitioner Certificate in Information Risk Management (CIRM)