POLÍTICA DE SEGURIDAD DE RRHH

 

IT-DOC-08

Versión: 1

Fecha de creación: 15/03/2021

Fecha de actualización: 11/05/2026

 

 

                    

Table of Contents

 

1. Scope 

2. Definitions

3. HR Information Security Policy 

3.1.  Screening 

3.2.  Terms & Conditions of Employment

3.3.  Security Awareness Training 

3.4.  Disciplinary Process 

3.5.  Termination / role Change 

4. Roles & Responsibilities 

5. Non-Compliance 

 

 

 1. Scope

This policy applies to MSC Technology employees and staff or contractors that are employed by or perform work on behalf of MSC Technology.  Candidates, both direct hire and temporary contractors, are subject to this policy.

 

2. Definitions

To be added later or section may be removed.

 

3. HR Information Security Policy

IT Department at MSC Colombia has instituted a candidate selection process to ensure the most qualified candidates be considered by management prior to engagement. Information Technology staff may be required to meet specific criteria due to their elevated access and technical ability to change, delete, create, or access data at the company.  

To ensure that employees and contractors understand their responsibilities, they must complete the on-boarding process, which includes training, policy sign-off and other expectations.

3.1. Screening

Background verification checks on candidates for employment shall be carried out in accordance with relevant laws, regulations and ethics and shall be proportional to the business requirements, the classification of the information to be accessed and the perceived risks.

3.2. Terms & Conditions of Employment

The employment agreement shall state their role in the organization and therefore their security responsibilities.  As part of hiring, termination, or role changes within MSC workers may be governed by a Non-Disclosure Agreement or other confidential agreements.

3.3.  Security Awareness Training

All employees and contractors shall receive appropriate awareness training and regular updates, as relevant for their job function.  To ensure that employees and contractors are aware of their security responsibilities, management shall require employees and contractors to follow MSC Technology policies and procedures.

  • Security Awareness training shall be conducted upon hire and afterwards as needed

3.4. Disciplinary Process

Employees and contractors must adhere to the stated requirements of all MSC policies.  A formal disciplinary process is in place as indicated in the Policy Manual, to take action against workers who have committed a violation of MSC security.

3.5. Termination / role Change

For any termination or internal transfer, the Access Control Policy shall govern the revocation of user access and privileges.

 

4. Roles & Responsibilities

Matrix of Tasks and Responsible Groups.

Task

IT Team

HR Team

Hiring Manager

IT Job Descriptions

X

X

X

Perform Hiring Checks – References. etc

 

X

X

Create Ticket for Service Desk

 

X

 

Add Employee to Training

 

 

 

Add User to MSC Technology based on HR Communication

X

 

 

 

5. Non-Compliance

Employees and contractors must adhere to the stated requirements. Anyone found to have violated this policy may be subject to disciplinary action, up to and including, termination of employment.