Security and Investigations Advice for HR Professionals

No one said human resources investigations were easy.

By John D. Thompson, CSO Executive Council
Fri, August 03, 2007

CIOMisconduct allegations are an unfortunate fact of corporate life. Security is not always the first department contacted with allegations of this type, but it's usually the department whose staff has the necessary investigative skills. Attorney John Thompson  provides help for non-security colleagues in handling complaints effectively in his book The Human Resources Response to Misconduct Allegations (published by The Security Executive Council). Here he summarizes key tips for human resources professionals approached with misconduct concerns.

"I need to tell you about this guy who's been harassing me, but I won't tell you unless you promise not to do anything about it." The employee who tells you this seems very upset, yet very insistent that you promise not to act upon the information she wishes very much to tell you. How do you handle this as a human resources professional?

If you don't agree to keep quiet, you may never learn the information necessary to stop what could be illegal or even criminal activity committed in your workplace. The legal ramifications--not to mention the effect upon your employment status--could be tremendous. On the other hand, if you make the promise and keep it, you could be complicit in that same illegal or criminal activity. What if you make the promise, then break it, and the harasser finds out the woman complained and assaults her? These sound like lose, lose and lose propositions.

There are other approaches to the above dilemma, but they often require sophisticated interviewing and counseling skills.

Let's begin with the end in mind: The complainant has put the company on notice, and you must resolve the problem. Your failure to obtain the facts and prevent future harassment would create an enormous risk of legal liability for the company and possibly yourself. For example, if the harassment is sexual harassment under the law, the company would be liable because you knew or should have known about the harassment and failed to take prompt and appropriate corrective action.

Of course, there is no cookie-cutter solution to this dilemma because complainants come in a variety of shapes and sizes. Let me suggest several approaches, in order of preference, that might allow you and your company to obtain the information you need without running inappropriate risks.

The first approach is to convince the complainant to withdraw her (in my example) demand for inaction on your part. Consider the following techniques:

  • Ask her what her goal is; she probably will say she wants the behavior to stop. Explain that you cannot help her achieve that goal unless you are free to take appropriate action.
  • Explain that, legally, she has put the company on notice and you must act. If she knows that her promise would put the company and you in a tough spot, she might be more inclined to provide information.
  • Explain that if you cannot stop the harasser, he (in my example) could hurt others. Most harassers are "serial" harassers, and there will be other victims unless she helps you stop this person. In other words, appeal to her desire to protect and help others.
  • Explain that you will do everything you can to protect her privacy, consistent with the needs of your investigation. Make sure she knows that you understand her desire for privacy and assure her that you will limit disclosure of information to those who truly need to know.
  • Ask her why she doesn't want you to do anything; she probably will express a fear of retaliation by the harasser. Explain that she has a legal right to be free from retaliation and that you can help protect her from any type of retaliation.

Continue Reading

White Papers »
Open the Doors to Open Source
Are you ready to diversify? The business needs of companies are changing often and rapidly. Open virtualization offers compelling business advantages and shows even greater potential as companies choose diversification over proprietary vendor lock-in.
Measuring up: A Global Benchmark Defining IT Asset and Service Management
Find out how your IT department's IT asset and services management strategy compares to that of your peers by using this unique tool. Click on the link below to begin our 10-minute assessment and see how your IT organization measures up!
Top Solutions and Tools to Prevent Devastating Malware
Custom malware frequently goes undetected. According to Forrester Research, the best way to reduce risk of breach is to deploy file integrity monitoring (FIM) tools that provide immediate alerts. This white paper has been brought to you by NetIQ, the leader in solving complex IT challenges.
Identity Governance: The Business Imperatives
This white paper describes the business challenges and opportunities that are driving interest in Identity Governance while discussing considerations your organization should make to help achieve project success.
CA Technology Brief: CA Point of View: Content Aware Identity & Access Management
This paper explores the concept of content-aware IAM, describes the integrated architecture for this new approach, and highlights the benefits that this approach provides.
Measuring the Business Value of CI in the Data Center - IDC-HP White Paper
One of the key strategies that IT teams are pursuing to reduce capital costs while boosting asset utilization and employee productivity is the transition to highly virtualized data centers. However, IDC finds that expectations for further boosts in IT asset use and operational efficiency often surpass the actual results for a variety of reasons. These problems can quickly overwhelm any hoped-for benefits as the scope of virtual server deployment expands.
Webcasts »
Banish Poor Application Performance: Eliminate Business Disruptions, Increase End User Productivity
End User Experience, 30-Min Webinar
Wed. Feb. 22nd ~ 11 AM ET

Are you ready to gain the proactive ability to rapidly respond to end user problems (before they call the help desk)? Then you won't want to miss a webinar that will show you the latest innovation in end user monitoring.
Apps QuickStart Series Part 2: Designing and Deploying SQL Server on VMware vSphere
Download this webcast to learn about the design considerations for virtualizing SQL workloads, performance and scalability information and high-availability options, as well as support considerations
Quantifying the Business Value of VMware View - Webcast
Many enterprises have discovered that the use of virtualization to support desktop workloads creates a range of significant benefits. These benefits include price efficiencies, improved IT management and greater agility and choice for end users.

This VMware sponsored webcast with IDC will provide both quantitative measurement of the business value -- defined as the expected ROI -- and qualitative analysis associated with the use of VMware View™. IDC will also provide an analysis of the View Composer and ThinApp™ features of VMware View, including the business value of these solutions and an overview of how they work.

Attend this webcast to learn about:
- Challenges and barriers that might impede the adoption of desktop virtualization
- Navigating roadblocks to facilitate a strategic implementation
- Optimizing qualitative and quantitative benefits to IT and your business
Architecting a Modern Approach to Data Management
Applications are changing - they're increasingly web-oriented, global in nature and run from multiple device types. Additionally, the volume of data is growing exponentially every year. How do you ensure your applications have fast, accurate, up-to-date information in this new world? Modern applications are data-intensive; delivering data the old way using monolithic databases isn't working. What's needed is a modern approach to data. One that scales-out as needed and delivers predictable high performance, but without sacrificing data consistency or integrity.
Introduction to VMware View 5
VMware View™ 5 simplifies IT management while increasing end user freedom by delivering desktop services from your cloud. Building upon VMware's leadership in desktop virtualization, VMware View 5 delivers a high-performance user experience while giving IT greater policy control.

View this webcast and find out how VMware View 5 can help you:
- Deliver the highest fidelity experience of desktop services across any device and any network
- Simplify and automate IT management, security and control of desktop services
- Reduce the costs associated with your desktop environment
The CIO's View: Time-to-Value Through Automation
IT professionals are being asked to deliver faster "time-to-value" than ever before. An IDG Research survey found that CIOs are eager to invest in technologies that will enable them to get new applications and services up quickly, achieving faster time-to-value.
Newsletter Sign-Up »

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter
  11. View all Newsletters | Privacy Policy
White Papers » All White Papers

BPM for Insurance: Four Paths to Outdistancing Your Competition

Open the Doors to Open Source

Measuring up: A Global Benchmark Defining IT Asset and Service Management

Top Solutions and Tools to Prevent Devastating Malware

Identity Governance: The Business Imperatives

CA Technology Brief: CA Point of View: Content Aware Identity & Access Management

Measuring the Business Value of CI in the Data Center - IDC-HP White Paper

Accelerate time to application value

Business Value of Blade

HP CloudSystem Matrix: Managing at a Higher Level

Virtual Infrastructure Yields Real TCO and ROI Advantages

Quantifying the Business Value of VMware View

TechRepublic: Cloud Computing - Potential Value for Your Company?

Forrester: Economic Impact of Switching to Google Apps

HBR: What Every CEO Needs to Know About the Cloud

VMware Delivers a Modern Approach to Data Management: Solutions Brief

VMware View 5 Performance and Best Practices

Desktop Total Cost of Ownership: 2011 Update - Gartner Research

The Next Step in the Evolution of SaaS-Managed TMSĀ®

A Power Brand Gains Strength Through Managed TMS
Sponsored Links

Push the limits of virtualization with HP. Get the tech dossiers and learn how you can put an end to runaway virtual sprawl.

Splunk translates machine data into "aha" moments for IT and the business.

Evolving Your Data Center for the Cloud

Get Ethernet speeds from 1 Mbps to 10 Gbps - Comcast Business Class

Gain cutting-edge insights at MIT in 2-5 day executive programs.

Converge your infrastructure with HP. Access a valuable case study in the CI Resource Center now.

Redefine Software support with HP

Click to see how Accenture has delivered high performance to clients

Learn how Accenture helps clients become high-performing businesses.

Join the Conversation. Follow Oracle EPM & BI on Twitter Today.

Check Point Trusted by the Global 100

Customized information views & Twitter events at New Fulcrum Point

ShoreTel UC cuts costs like no other. Mobilize your business today.

E-book: Discover Business-Ready Storage Systems For Oracle Environments

Managed Hosting Buyer's Guide - Benefits to key considerations

Discover how integration of operations mgmt and service mgmt enhances productivity.

Converge your infrastructure with HP. Access white papers, case studies, videos and more.

High performance. Delivered. Click to see Accenture's client successes

See how Accenture helps clients perform at the highest levels

Compare risk and TCO in single and multivendor networks on Feb 23.

Connect with global CIOs now at Enterprise CIO Forum

Upcoming Webinar: Managing Cost in the Cloud

Resource Center
buy a link »
Ads by TechWords