Pre-trust measures

This chapter describes the pre-trust personnel security measures (also known as pre-employment screening or due diligence) that can be applied before a person is trusted with access to an organisation’s assets. The four main types of pre-trust measures are interviews, record checking, open-source intelligence, and psychometric testing. Most insiders become insiders after they join their organisation, which means that pre-trust measures alone cannot provide a robust defence against insider risk. An unstructured interview is a weak tool for detecting potential insider risk. Record checking is only as good as the records that are checked, and it is only valid on the day the check is made.