Personnel Security Assurance
Find out what the Personnel Security Assurance role in government does and the skills you need to do the role at each level.
Role overview
The role of Personnel Security Assurance is to establish the appropriate Personnel Security organisational posture to deliver an effective risk-based approach to mitigate the
insider risk.
Role level
Typical role expectation
- Deliver Personnel Security assurance processes, including providing audit information to risk owners
- Monitor and report on the delivery of Personnel Security processes against requirements, with the use of key performance indicators
- Review current personnel risk reduction methods, including those which are technological or procedural, and highlight areas of concern
- Ensure alignment with government and/or industry objectives and standards, proactively reviewing and assuring security risk and highlighting non-conformance
Typical role expectation
- Manage delivery and life cycle of Personnel Security assurance processes, including sharing audit information to senior leadership, and setting assurance standards
across government
- Manage the assessment, recording and monitoring of Personnel Security processes
- Review reporting, including key performance indicators, and act as key decision maker for the delivery of Personnel Security processes against requirements
- Ensure alignment with government and/or industry objectives and standards, and liaise with senior stakeholders on how these objectives and standards can be met
Skills
| Skill | Lead | Principal |
|---|---|---|
| Applied Personnel Security | Practitioner | Expert |
| Legal and regulatory environment and compliance | Practitioner | Expert |
| Risk understanding and mitigation | Practitioner | Expert |
| Protective security | Awareness | Working |
| Threat understanding | Awareness | Working |
Core learning
Lead
Certified ISO27001 Practitioner
NPSA – Security Culture
QACSRM (Certified Security Risk Manager)
Principal
Certified ISO27001 Practitioner
(ISC)2 Certified Information Systems Security Professional Training (CISSP)
BCS Practitioner Certificate in Information Risk Management (CIRM)