Cybersecurity Insights | Blog | Foregenix

5 reasons why IT Shouldn't Lead HR Incidents or Policy Violation Investigations

Written by Mark Shelhart | 12/12/23 1:48 PM

In today's digital age, human resources (HR) incidents and policy violations are becoming increasingly complex and sensitive. It's not just about documenting issues and implementing policies; it's also about conducting impartial investigations that ensure fairness, transparency, and compliance. While many organisations often rely on their in-house IT departments to handle these matters, there are several compelling reasons why IT should not be leading these efforts. In this article, we'll explore these reasons and discuss why hiring an external Forensic/Incident Response (IR) firm might be the better approach.

 

  1. IT might know or have feelings towards the person involved. HR incidents and policy violations often involve employees or individuals within the organisation. IT staff may have personal connections or emotional ties to these employees, which can cloud their judgement and compromise the impartiality of the investigation. This can lead to biassed outcomes and create an atmosphere of distrust within the organisation.  At the very least, your IT person likely has had a personal experience with this person, even if it was just to set up their computer, or fix a printer issue, etc.

 

  1. IT might be one of the persons involved in the incident. In some cases, an IT staff member could be directly or indirectly involved in the incident or violation. In such instances, it becomes impossible for them to objectively investigate a situation in which they themselves may be implicated. An external Forensic/IR firm brings an independent perspective and ensures unbiased scrutiny.

 

  1. IT might not agree with the policy violation.  IT professionals may have their own opinions on HR policies or the severity of the violation. These personal beliefs can influence their investigative approach, leading to inconsistencies in how cases are handled. External experts, on the other hand, are trained to maintain objectivity and adherence to established policies and standards.  

 

  1. IT has the ability to modify, tamper, delete, or withhold evidence. IT departments typically have the technical knowledge and administrative access to manipulate digital evidence. While most IT professionals are honest and ethical, the potential for data tampering or misconduct remains a concern. By involving an external Forensic/IR firm, organisations can reduce the risk of data manipulation and ensure the integrity of the investigation.

 

  1. IT is busy. IT departments are already inundated with tasks related to maintaining the organisation's technology infrastructure. Asking them to handle HR incidents and policy violations in addition to their regular workload can be overwhelming and lead to delays in investigations. External firms, dedicated to handling such cases, can provide prompt and efficient services without disrupting IT's primary responsibilities.

 

In conclusion, when it comes to HR incidents and policy violations, it's crucial to maintain a fair and impartial investigative process. Relying on the internal IT department can present various challenges, including potential bias, conflicts of interest, and limited availability. By retaining an external Forensic/IR firm, organisations can ensure the integrity of their investigations, maintain employee trust, and foster a workplace culture built on transparency and accountability. While IT plays a critical role in many aspects of an organisation, HR-related investigations are best left to external experts who can provide a neutral and professional perspective in a timely manner.

 

If you need help with a cyber or HR related incident, the Foregenix team is always willing to help.