|
POLÍTICA DE SEGURIDAD DE RRHH
IT-DOC-08 Versión: 1 Fecha de creación: 15/03/2021 Fecha de actualización: 11/05/2026 |
![]() |
Table of Contents
1. Scope
2. Definitions
3. HR Information Security Policy
3.1. Screening
3.2. Terms & Conditions of Employment
3.3. Security Awareness Training
3.4. Disciplinary Process
3.5. Termination / role Change
4. Roles & Responsibilities
5. Non-Compliance
1. Scope
This policy applies to MSC Technology employees and staff or contractors that are employed by or perform work on behalf of MSC Technology. Candidates, both direct hire and temporary contractors, are subject to this policy.
2. Definitions
To be added later or section may be removed.
3. HR Information Security Policy
IT Department at MSC Colombia has instituted a candidate selection process to ensure the most qualified candidates be considered by management prior to engagement. Information Technology staff may be required to meet specific criteria due to their elevated access and technical ability to change, delete, create, or access data at the company.
To ensure that employees and contractors understand their responsibilities, they must complete the on-boarding process, which includes training, policy sign-off and other expectations.
3.1. Screening
Background verification checks on candidates for employment shall be carried out in accordance with relevant laws, regulations and ethics and shall be proportional to the business requirements, the classification of the information to be accessed and the perceived risks.
3.2. Terms & Conditions of Employment
The employment agreement shall state their role in the organization and therefore their security responsibilities. As part of hiring, termination, or role changes within MSC workers may be governed by a Non-Disclosure Agreement or other confidential agreements.
3.3. Security Awareness Training
All employees and contractors shall receive appropriate awareness training and regular updates, as relevant for their job function. To ensure that employees and contractors are aware of their security responsibilities, management shall require employees and contractors to follow MSC Technology policies and procedures.
- Security Awareness training shall be conducted upon hire and afterwards as needed
3.4. Disciplinary Process
Employees and contractors must adhere to the stated requirements of all MSC policies. A formal disciplinary process is in place as indicated in the Policy Manual, to take action against workers who have committed a violation of MSC security.
3.5. Termination / role Change
For any termination or internal transfer, the Access Control Policy shall govern the revocation of user access and privileges.
4. Roles & Responsibilities
Matrix of Tasks and Responsible Groups.
|
Task |
IT Team |
HR Team |
Hiring Manager |
|
IT Job Descriptions |
X |
X |
X |
|
Perform Hiring Checks – References. etc |
X |
X |
|
|
Create Ticket for Service Desk |
X |
|
|
|
Add Employee to Training |
|
|
|
|
Add User to MSC Technology based on HR Communication |
X |
|
5. Non-Compliance
Employees and contractors must adhere to the stated requirements. Anyone found to have violated this policy may be subject to disciplinary action, up to and including, termination of employment.
