Mandatory requirements

The core personnel security requirements that mandated government agencies must follow and other organisations should consider as best practice.

PERSEC1 - Recruit the right person

Ensure that all people working for your organisation (employees, contractors, and temporary staff) who access New Zealand Government information and assets:

• have had their identity established
• have the right to work in New Zealand
• are suitable for having access
• agree to comply with government policies, standards, protocols, and requirements that safeguard people, information, and assets from harm.

PERSEC2 - Ensure their ongoing suitability

Ensure the ongoing suitability of all people working for your organisation. This responsibility includes addressing any concerns that may affect the person’s suitability for continued access to government information and assets.

PERSEC3 - Manage their departure

Manage people’s departure to limit any risk to people, information and assets arising from people leaving your organisation. This responsibility includes ensuring that any access rights, security passes, and assets are returned, and that people understand their ongoing obligations.

PERSEC4 - Manage national security clearances

Ensure people have the appropriate level of national security clearance before they are granted access to CONFIDENTIAL, SECRET and TOP SECRET information, assets or work locations.

Manage the ongoing suitability of all national security clearance holders to hold a clearance and notify NZSIS of any changes regarding their clearance.

Page last modified: 4/05/2022