home || catalog: SP800-53rev3 / class: Operational / family: (PS) Personnel Security ||
search controls:
search nistpubs:

AC
AT
AU
CA
CM
CP
IA
IR
MA
MP
PE
PL
PM
PS

PS-01
PS-02
PS-03
PS-04 *
PS-05
PS-06
PS-07
PS-08

RA
SA
SC
SI
MMMMM

  PS-04: Personnel Termination  

base control objective:
The organization, upon termination of individual employment:
a. Terminates information system access;
b. Conducts exit interviews;
c. Retrieves all security-related organizational information system-related property; and
d. Retains access to organizational information and information systems formerly controlled by terminated individual.

supplemental objective information:
Information system-related property includes, for example, system administration technical manuals, keys, identification cards, and building passes. Exit interviews ensure that individuals understand any security constraints imposed by being former employees and that proper accountability is achieved for all information system-related property. Exit interviews may not be possible for some employees (e.g., in the case of job abandonment, some illnesses, and non-availability of supervisors). Exit interviews are important for individuals with security clearances. Timely execution of this control is particularly essential for employees or contractors terminated for cause.

enhancements to the base objective:

(1) None.

mapping to FIPS199 baseline:

  LOW: base     MOD: base     HIGH: base  

related (regimented) controls:

None.

documents referenced in SP800-53rev3 for PS-04:

Document Date Status Title
NIST SP800-12 October, 1995 current   An Introduction to Computer Security: The NIST Handbook
NIST SP800-14 September, 1996 current   Generally Accepted Principles and Practices for Securing Information Technology Systems
NIST SP800-66 October, 2008 current   An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule

Search SP800-53rev3 catalog: