The Role of Human Resources in Corporate Security

Security begins with recruitment and continues through the entire employment journey

Posted by Timothy Dimoff in on October 19th, 2016

I write a lot about corporate security and what the responsibilities of a company are to keep its employees and clients safe. Today, I would like to address the role of the Human Resources Department (HR) in this area.

You may ask, “What does the HR department have to do with security?” The answer is that your HR department is responsible for making sure that your company’s policies are followed. This means that they must make sure that all employees are aware of your rules, security policies, and procedures, as well as disciplinary measures to be taken in the event of a violation. It also means that if an incident happens, your HR department is responsible for working with management to investigate and deal with any violations. This includes cyber security, physical security, data security, employee conduct, and much more.  It all begins when your HR department is recruiting potential employees and continues for as long as they are employed.

Security and Recruitment

The HR department should conduct background checks that include criminal histories and credit reports.
Let’s start with recruitment. Before an employee is hired, your HR department is responsible for making sure the prospective employee meets your company’s standards, not only in education and employment history but also in criminal and financial areas.

After securing written permission from the prospective employee, the HR department should conduct background checks that include criminal histories and credit reports. These are especially important if the position being filled involves working with cash, checks, invoices, bookkeeping, or sensitive data.

Code of Conduct Training

Your HR department is responsible to share the Code of Conduct with every employee, new or established.
Once an employee is hired, HR is now tasked with making sure they and all employees are aware of the rules. This is commonly called establishing a “Code of Conduct”. It should contain instructions for protecting any sensitive or proprietary information.

Your HR department is responsible to share this information with every employee, new or established. They should make every employee sign a document stating that they have received this Code of Conduct. And if any changes are made, your HR department is responsible for making sure all employees are made aware of the changes, again in writing. If your HR department is not doing this, they are putting you at risk for monetary losses, as well as lawsuits or other legal issues if your information is compromised, either intentionally or otherwise.

HR and Cybersecurity

Your IT department must work closely with your HR department to safeguard all employee files.
Another area where your HR department’s responsibility is critical is cyber security. Your IT department must work closely with your HR department to safeguard all employee files. Ideally, they should be encrypted and secured. And, if you have employees who work remotely from home or in other offices, HR needs to be able to establish policies that cover how they can access your computers, data, files, etc.

The HR department is also responsible for establishing policies for accessing and posting to social media sites using company computers, phones, etc.

Handling Security Violations

HR is responsible for instigating and leading an investigation, notifying law enforcement when appropriate, and taking disciplinary action if warranted.
Even if you have all the previously mentioned Codes of Conduct and security features in place, there may come a time when you have a violation of your policies. If this happens, HR again takes center stage. They are responsible for instigating and leading an investigation into the situation, notifying law enforcement when appropriate, and taking disciplinary action if warranted. They must do this in order to prevent other employees from ignoring the rules as well as to protect your company from possible legal action.

Learn how to conduct a workplace investigation. Read How to Conduct a Workplace Investigation: Step-by-Step.

If you are a small business and you don’t have an HR department, it is vitally important that you still follow all of the above HR policies! If needed, bring in an outside HR consultant or attorney to help you craft your policies, handbook, conduct background checks, etc.


Timothy Dimoff
Timothy Dimoff

President, SACS Consulting & Investigative Services, Speaker, Trainer, Corporate Security Expert

Timothy A. Dimoff, CPP, president of SACS Consulting & Investigative Services, Inc., is a speaker, trainer and author and a leading authority in high-risk workplace and human resource security and crime issues.
He is a Certified Protection Professional; a certified legal expert in corporate security procedures and training; a member of the Ohio and International Narcotic Associations; the Ohio and National Societies for Human Resource Managers; and the American Society for Industrial Security. He holds a B.S. in Sociology, with an emphasis in criminology, from Dennison University.

Visit Website