Security screening has long been essential ‘hygiene’ for professional installers. And rightly so, since it signifies that businesses are taking seriously the risks associated with rogue employees in their contractors’ midst. Screening is more than a ‘rubber stamp’, it independently and transparently demonstrates installers’ credentials to buyers of security systems.
Updated changes to BS 7858, the British Standard Code of Practice covering screening of individuals working in a secure environment, are already taking effect in anticipation of prospective new employees to be appointed from April onwards. These changes offer a more effective and realistic means of helping manage risk exposure, through a robust process for individual screening.
For installers, compliance with the incoming BS 7858:2019 – Screening of individuals working in a secure environment – Code of Practice offers the chance to show to organisations that, as an NSI approved company, they conform to best practice in this area. In practical terms, screening means obtaining sufficient information to enable organisations to make an informed decision on employing an individual in a secure environment.
This could involve, for instance, those employed in areas with access to sensitive information, materials or technology. It might include facilities management companies, human resource departments, the retail and sports/entertainment sectors, local government, as well as contracted staff working in sensitive areas such as critical infrastructure sites.
Why screening is needed
The vast majority of employees and contractors are honest and act with integrity, yet organisations are vulnerable to insiders who have secure access and who operate in positions of trust. Indeed, the government’s Centre for the Protection of National Infrastructure warns almost all physical and electronic attacks can be assisted or conducted by an insider. Some attacks can only be committed by insiders, such as the unauthorised release of proprietary information, or the sabotage of assets that only employees can access.
Additionally, there are some tactics that insiders are likely to use in the course of preparing or conducting attacks, including deliberate attempts to acquire information or access by manipulating their colleagues – i.e. other staff. The good news is that these risks can now be mitigated, by adopting a more robust screening process for employees in some roles.
The revised BS 7858:2019 provides recommendations for the screening of individuals working in a secure environment where the security and/or safety of people, goods, services, data or property (intellectual or physical) is a requirement of the employing organisation’s operations and/or where such screening is in the public interest.
Read the full article in the March 2020 edition of PSI magazine