The organization: PS-7a.
Establishes personnel security requirements including security roles and responsibilities for third-party providers; PS-7b.
Requires third-party providers to comply with personnel security policies and procedures established by the organization; PS-7c.
Documents personnel security requirements; PS-7d.
Requires third-party providers to notify Assignment: organization-defined personnel or roles of any personnel transfers or terminations of third-party personnel who possess organizational credentials and/or badges, or who have information system privileges within Assignment: organization-defined time period; and PS-7e.
Monitors provider compliance.