CISSP Domain 1: Personnel Security (Hire to Fire)

On the CISSP, separation of duties PREVENTS fraud by requiring collusion, while job rotation and mandatory vacation DETECT fraud that is already happening - and the exam writes its distractors to punish anyone who blurs the two. This Domain 1 deep-dive walks objective 1.8, personnel security, as one continuous control across the whole employee lifecycle: screening before hire, the agreements signed at onboarding, the three classic fraud controls, transfers and privilege creep, and the most security-sensitive moment of all, termination. With Isabella, Erica, Liam, and Mei, we cover the people-and-policy controls that the heaviest domain on the current exam leans on, and the question-reading reflexes that turn scenario stems into quick, defensible answers.

In this video:

• Why the employee lifecycle, hire to fire, is itself a security control
• Candidate screening and background checks before access is granted
• The NDA, non-compete, and acceptable use policy signed at onboarding
• Separation of duties versus job rotation versus mandatory vacation
• Privilege creep on transfer, and the access review that fixes it
• The 1st action on termination, and how to handle a hostile exit
• Managing vendors, consultants, and contractors by contract and SLA

The next video in the series moves into security awareness, education, and training. Anchored to the (ISC)2 CISSP Detailed Content Outline effective April 15, 2024.

Presented by Professor Erica — CISSP, CISM, PMP, M.S. Project Management, D.B.A. in progress.

▶ Watch next: CISSP Domain 1: Risk Assessment & the ALE Formula https://www.youtube.com/watch?v=kEYgBZDhbpc

📺 Full playlist: CISSP (2026) v2 https://www.youtube.com/playlist?list=PLlIAFxS2964_K3g6WysWnLpifoxilduGi