“When you do the common things in life in an uncommon way, you will command the attention of the world.” – George Washington Carver
After rigorously questioning myself on whether to screen employees pre or post joining, my conclusion follows:
The key to improve control is the way we make it more puissant and effective. It’s conventional practice in industries to begin the process of background screening after employee joins. In majority of cases (on purpose I don’t use average since outliers ruin the use of averages), background check reports consumes 40 days before a final report is submitted. Leaving the company and its employees vulnerable to unprecedented risks.
In 40 days or even in 1 day an employee may detriment a company by hacking into critical systems or worse launch a terrorist plot with company’s resources employed at best. Intention of the employee matters, probability of a terrorist joining a company is very rare but still there is a probability. Similarly, a passenger to die of an airplane accident is rare but still airplane accident occurs.
The uncommon way is to verify and validate potential employees before joining. The offer acceptance ratio to amount lost in background checks do have a positive correlation but the cost is justified by avoidance of just one or any of the potential vulnerability. It’s like you bungee jump with cheap straps on and risk your life or invest in a good gear and reduce the probability of your death.
A company pre-filters education, employment and residence records. Criminal records too can be obtained before hand and thus the surety of employee joining clean is high. To make this control stronger, make SDN checks mandatory and these background verification agencies must undergo audits at least once a year.
This still doesn’t guarantee that employee who cleared the background check would never afflict an organization, but focus now shifts to Organizations ability to make Physical and logical security more powerful and efficacious.
Banks conduct KYC before an account is opened, Insurers conduct medical examination before issuing the policy, so why background screen after employee joins?