Effective CISSP Questions

You are working for an IC design house. Confidentiality of customer privacy and research and development data is the most concern. Jack, as a disgruntled security administrator, received a new job offer from a company and notified the human resources department of resignation one week before. The HR staff considers it is an unfriendly leave. As a security professional, which of the following will you least likely suggest?
A. Terminate his access to systems immediately
B. Assign him to a restricted area during the notice of resignation
C. Require him to prepare handover documentation
D. Remove him from the offices and ask him to stay home

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is C. Require him to prepare handover documentation.

How to manage the unfriendly departure of a disgruntled employee? It is a complicated situation, and this question is designed to trigger more thoughts on this issue.

  • From the perspective of security, the first decision is whether to allow the employee to work out through the notice period. If so, assigning him to a restricted area during the notice of resignation is an option. If not, payment in lieu of notice (PILON) or garden leave (to ask him to stay at home) is also feasible.
  • Terminating access to systems immediately is common and appropriate.
  • The handover arrangement should be taken into consideration. However, the immediate manager or supervisor typically will take care of this, and this issue has fewer security concerns.

Common Practices

  • Notice period
    • Pay in lieu of notice
    • Garden leave
  • Handover Notes
  • Reference
  • Exit Interview



Leave a Reply