Personnel Security Policy and Procedures
Personnel Security Policy for 18F
Agency Personnel Security Policy and Procedures
Personnel Security Policy is included in CIO P 2100.1 - GSA IT Security Policy, Chapter 4. Policy on Operational Controls. It states, "Developing, implementing, and overseeing personnel security controls for access to personally identifiable information."
18F Program Office Personnel Security Policy
The 18F Program Office develops, documents, and disseminates to all 18F staff, the 18F Personnel Security Planning which addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance and procedures to facilitate the implementation of the personnel security if information systems and associated planning controls. The 18F Audit and Accountability policy is listed within 18F’s GitHub repository https://github.com/18F/compliance-docs/blob/master/PS-Policy.md that is accessible to all 18F staff.
The GSA Office of the CISO is responsible for reviewing and updating the above documents annually, and notifying System Program Managers and Information System Security Officers and Managers (ISSO/Ms). The 18F Program Office will review and update the current 18F Personnel Security Policy at least every 3 years and any documented procedures at least annually.