Differences

This shows you the differences between two versions of the page.

--- screening [2025/08/15 08:12] – tijs
+++ screening [2025/08/15 08:21] (current) – tijs
@@ Line 4: / Line 4: @@
 | Preventative    | Confidentiality, Integrity Availability     | Protect        | HR security       | Governance and ecosystem        |
-**Definition**
+**Definition**\\
 Background verification checks on all candidates to become personnel should be carried out prior to joining the organization and on an ongoing basis taking into consideration applicable laws, regulations and ethics and be proportional to the business requirements, the classification of the information to be accessed and the perceived risks.
-**Background Check Requirements**
+**Background Check Requirements**\\
 The level of background checks is going to be proportionate to need and risk but to consider the common requirements:
@@ Line 16: / Line 16: @@
 	• Where appropriate, criminal or finance checks.
-**Enhanced Vetting**
+**Enhanced Vetting**\\
 The level of checks is going to be proportionate to the role and the risk posed. Not everyone will go through a full and rigorous check but there are roles that are inherently risky and require additional checks to be put in place. Common examples of roles requiring enhanced vetting include:
@@ Line 26: / Line 26: @@
 	• Those processing highly confidential or protected characteristic data
-**Information Security Roles**
+**Information Security Roles**\\
 For people in information security roles you will make sure people are competent to do the job and can be trusted. Ensure that an up to date job description with requirements is available.
-**What if you can’t do the checks in time**
+**What if you can’t do the checks in time**\\
-f you cannot do the checks in time the standard has some pretty harsh guidance. The approach, according to the standard, is around delaying them joining, not giving them company stuff, allowing them only limited access or even sacking them.
+If you cannot do the checks in time the standard has some pretty harsh guidance. The approach, according to the standard, is around delaying them joining, not giving them company stuff, allowing them only limited access or even sacking them.
-**Screening Process**
+**Screening Process**\\
 Screening procedures must clearly identify responsible personnel and the purpose of the screening process.
 Ensure that a process is in place and be able to show that process during an audit.
@@ Line 38: / Line 38: @@
-**Audit Checklist**
+**Audit Checklist**\\
-- Is there a HR Screening Policy
+	• Is there a HR Screening Policy
-- Are Screening procedures documented
+	• Are Screening procedures documented
-- Assess Background Check Providers
+	• Assess Background Check Providers
-- Audit Checks on References and Credentials
+	• Audit Checks on References and Credentials
-- Review Documents and Records
+	• Review Documents and Records
-- Assess Ongoing Monitoring and Review
+	• Assess Ongoing Monitoring and Review
-**Common Mistakes**
-- Employing Friends, Family or acquaintances
-- Lack of Documentation
-- Inadequate Document and Version control
+**Common Mistakes**\\
+	• Employing Friends, Family or acquaintances
+	• Lack of Documentation
+	• Inadequate Document and Version control