Policy statement:
Security is ensured against any error or misuse of information manually or electronically

Security responsibilities will be addressed at the recruitment stage, interviews, hiring/selection, orientation and training and included in staff contracts, and monitored during an individual’s employment

Incidents affecting information security are reported and managed through a proper mechanism

Scope:
This system is restricted to organizational personnel security and user end security

This system also covers incidents reporting as well as staff training

Objective:
To reduce the threat of human error, theft, fraud or misuse of facilities

To propose personal security controls that address staff interaction with critical assets

Propose detailed procedures and mechanism to ensure security of assets

Desription:
Strict controls are in place to ensure information security requirements with respect to recruitment, staffing and hiring of new employees

The security roles and responsibilities are well defined through their JDs (job descriptions)

Stringent screening process is being followed at the time of recruitment that covers candidates’ background, references and documents verification

Terms and conditions of employment are documented and duly signed by all KKI staff

Continuous awareness, education, training & orientation programs on ISMS for new and existing employees is being given

Accountability in case of any serious security breach on the part of any staff member

Return of all assets in use, revoking access rights with immediate effect in case of resignation/termination of any staff member