Owner: CHRO, with CISO and IT
Effective Date: May 8, 2026
Reviewed: Annually
Frameworks: SOC 2 CC1.4 / CC6.1–CC6.3; ISO/IEC 27001 A.6.1–A.6.3. Implements the Human Resources Security Policy and Access Control Policy.
Effective Date: May 8, 2026
Reviewed: Annually
Frameworks: SOC 2 CC1.4 / CC6.1–CC6.3; ISO/IEC 27001 A.6.1–A.6.3. Implements the Human Resources Security Policy and Access Control Policy.
Before day 1
CHRO:- Send signed offer letter, IP agreement, NDA, and Code-of-Conduct acknowledgement.
- Trigger background check via Checkr.
- Trigger device order via the device-procurement process in SharePoint (IT Operations).
- Schedule security-awareness training in Vanta.
- Provision identity in Rippling (with role-based group membership as the source of truth).
- Issue laptop with full-disk encryption + endpoint protection enrolled.
- Set up MFA enrollment.
Access-grant gate (background check)
Per the Human Resources Security Policy → Screening, production-scope and customer-data access is not granted until the Checkr background check returns aclear adjudication, or until the General Counsel records an individualized-assessment decision under the FCRA / fair-chance procedures in the Background Checks procedure. The CISO assigns each new role to a background-check tier (T1 / T2 / T3) under the Background-check tiers table; the tier determines both the Checkr package ordered and which access bucket below is reachable on clearance:
| Bucket | Examples | Requires Checkr clearance? |
|---|---|---|
| Onboarding-only access (granted on day 1, pre-clearance) | Personal Microsoft 365 mailbox, Rippling self-service, Vanta training enrollment, this docs site | No |
| Internal-collaboration access (granted on day 1 if Checkr T1 is already complete; otherwise held until clearance) | Slack, Linear (read-only), team SharePoint sites | Yes — held if Checkr pending |
| Production-scope access (gated behind Checkr T2 clearance — or T2+T3 for fiduciary roles) | GitHub neuroscale org, AWS Identity Center, Vultr, Better Stack, KMS / secrets-manager consoles, production databases, customer-data-bearing tools | Yes — never granted before T2 clearance |
Day 1 (you, the new hire)
- Sign in to your Neuroscale email and acknowledge the company policies.
- Enroll in MFA. See MFA setup.
- Set up your laptop. See Laptop setup.
- Sign in to the onboarding-only tools above. If your Checkr clearance is on file, you will also have access to Slack and team SharePoint sites — if not, you will receive an invitation as soon as clearance returns.
Within first week
(or on Checkr clearance, whichever is later, for production-scope items)- Complete security-awareness training in Vanta.
- Read all policies in /policies/ — linked from the home page — and acknowledge each in Vanta.
- Read the Code of Conduct.
- Read Incident reporting.
- Sign in to GitHub, Linear, Dashlane (these are gated behind Checkr clearance per the table above).
Within first 30 days
- Complete role-specific access onboarding (engineers: production access training; sales: CRM training; etc.).
- Meet with your manager to confirm any additional access needed.
Tracking
Onboarding is initiated through the Onboarding intake form and completion is tracked in the resulting CHRO onboarding workflow in Linear. Items not completed within their target window are escalated to the new hire’s manager.Version history
| Version | Date | Description | Author | Approved by |
|---|---|---|---|---|
| 1.0 | May 8, 2026 | Initial version | Cameron Wolfe | Ishan Jadhwani |