All organizations shall
develop, document, and implement policies and procedures for the
selection/recruitment, orientation, training and supervision of
employees who have access to the organizationís IT resources. This
is to ensure that a high level of integrity and satisfactory staff
conduct is achieved and maintained, and to promote an awareness of
security matters in the organization.