7. POLICIES AND PROCEDURES TO ASSESS THE EFFECTIVENESS OF CYBERSECURITY RISK-MANAGEMENT MEASURES
8. BASIC CYBER HYGIENE PRACTICES AND SECURITY TRAINING
9. CRYPTOGRAPHY

10.3 Termination or change of employment procedures

10.3.1. The relevant entities shall ensure that network and information system security responsibilities and duties that remain valid after termination or change of employment of their employees are set out, enforced, communicated and understood.

10.3.2. For the purpose of point 10.3.1., the relevant entities shall:

(a) include in the individual’s terms and conditions of employment, contract or agreement the responsibilities and duties that are still valid after termination of employment or contract, such as confidentiality clauses;
(b) put in place access control policies which ensure that access rights are modified accordingly upon the individual’s termination or change of employment;
(c) ensure that, after a change of employment, the employee can perform the new tasks.

Stand: 27.06.2024

Holen Sie sich den NIS2-Umsetzungs-Fahrplan und unseren Newsletter!