Investigations

What makes a good investigator great? According to some, personal attributes such as determination, self confidence, persistence, critical thinking, and patience can be determining factors. Others look at results: has the investigator thwarted a potential adversary, uncovered details on criminal activities directed toward a client, or provided key details that enabled an employer to avoid or prevail in litigation?

All would agree, however, that a great investigator relies on a plethora of resources that build personal attributes and lead to positive results. An array of resources from ASIS International is provided here with both goals in mind.

» View Past Security Spotlight Topics

 Login Required (free)

Content requires free account.

Proper Persuasion
Article from Security Management, August 2015

Investigations
Selections from the ASIS Standard
Annex D: Types of Investigations
Annex E: Determining the Need for an Investigation

Open Source Intelligence: How to Use Open Source Information as Intelligence (2012)
Webinar

Management Issues in Investigation
Selections from the Protection of Assets manual: Investigative Functions, Investigative Resources, Unit Management

 ASIS Members Only

Content requires ASIS Membership

International Corporate Investigations: Success Is Easier Than Your Think
Education session from ASIS 2014

Investigations
ASIS Standard providing guidance for conducting investigations

Management Issues in Investigation
Selections from the Protection of Assets manual: Case Management, Legal Issues, Liaison, Criminal Intelligence Analysis, Protecting Investigative Information

Sources of Information on Investigations
ASIS IRC Reference Guide

​Free Resources

Proper Persuasion
Security Management, August 2015
Author: David M. Buckley, Senior Instructor, John E. Reid & Associates, Inc.

The author first discusses three interview techniques that investigators can use to elicit the truth: using a non-accusatory tone, convincing the subject that it is in his or her best interest to tell the truth, and using positive persuasion. When setting the tone, writes Buckley, an investigator will use three types of questions in an interview, biographical, investigative, and behavior provoking. If the investigator feels the subject is withholding or falsifying information, he or she can resort to positive persuasion to clarify or resolve inconsistencies. Buckley defines three building blocks essential to the development of effective persuasive statements:

  • Allow the subject to save face.
  • Understand how and where the subject is shifting blame for their actions.
  • Understand what behaviors the subject perceives as worse than the crime in question.

Buckley provides specific examples of how an investigator can use these building blocks through an actual case where an employee embezzled $20,000 from a pharmacy.


Investigations, an American National Standard
ANSI/ASIS INV.1-2015
Pages 85 to 88
ASIS International, July 2015

In more than 100 pages, this ANSI/ASIS Standard details the many processes involved in both internal and external investigations. The standard was developed over seven years by more than 200 Committee and Working Group members representing various disciplines, including security, psychology, human resources, academia, lawyers, and business owners. Using a consensus-driven process, the resulting standard provides guidance on establishing investigative programs as well as the conduct of individual investigations, including the competence and evaluation of investigators.

Following an introduction, investigative concepts are separated into seven sections supported by another eight annexes. The pages in this example constitute Annex E, Determining the Need for an Investigation.

Most investigative units (IUs) focus on a particular function or set of functions. IU managers (security directors) must understand how the investigative capability fits into the organization and how the executive leadership envisions its application. Annex E provides a basis for organizations to develop and implement an Organizational Investigations Policy (OIP) to help an organization prepare for events that might require an investigation. Specifically, the OIP will:

  • Facilitate decision-making on whether, how, and when to establish and conduct an investigation and what constitutes resolution.
  • Identify the triggers and parameters for an investigation.
  • Help both the organization and the investigators understand the need for and expectations of an investigation.

Annex E includes an OIP template with steps on how to use it and tips on how to implement it.


Open Source Intelligence: How to Use Open Source Information as Intelligence
Recorded Webinar, July 2012
Sponsored by the ASIS International Investigations Council
Speaker: Sandra Stibbards, Owner and President, Camelot Investigations

Based on her 20 years of investigative experience, Stibbards presents a detailed review of publicly available Internet resources useful to investigators. She urges listeners to “think outside the box,” meaning the search box on such sites as Google. Entering such bits of information such as an email address, surname, organization, or phone number can lead an investigator to new sources with pertinent facts. Stibbards discusses the expectation of privacy on the Internet and shows how to use proxy (intermediary) sites to protect the source of a search. She spends the most time identifying various online sites that are rich sources of investigative information on people, public records, and social networks. For example,

  • Blackbookonline.info—gives access to records on corporations and property and includes a SSN validator.
  • Searchengingcolossus.com—is an international directory of search engines that can be accessed by country.
  • Tweetgrid.com—searches as many as nine threads posted on Twitter in real time.

In the Q&A portion of the presentation, Stibbards offers ways to come up with a new angle when an investigation appears to have stalled.


Management Issues in Investigation
Protection of Assets, ASIS International 2011
Michael E. Knoke, CPP, Managing Editor
Pages 29 to 37

Following a peer review by more than 150 security professionals, academicians, and subject matter experts, each volume of the Protection of Assets provides a comprehensive resource on topics relevant to the security profession. Throughout 236 pages separated into five chapters, Investigation covers the major components of an effective investigation program, including investigation management, undercover investigations, due diligence, background investigations and pre-employment screening, and interview and interrogation.

The pages referenced here address managing investigations through four topics: investigative functions, investigative resources, unit management, and case management.

The section begins with a list of 25 types of investigative functions in the corporate and organizational arenas, including employee misconduct, substance abuse, sabotage, industrial espionage, and workplace violence. The principal resources used by an investigative unit (IU) are people, information, physical assets, and financial assets. The primary function of an investigation dictates how the resources are allocated and applied. Admittedly, justifying an investigative budget can be daunting. But carefully tracking operational and overhead costs can significantly improve the response to funding requests. As a result, IU managers face a significant challenge in balancing their administrative and operational responsibilities.

A Figure, The Investigative Life Cycle, depicts the four elements of the investigative process: initiation/source, investigation, reporting, and results/follow-up. This final section emphasizes the following points:

  • Investigative results should not only resolve the issue at hand but also correct conditions that allowed the incident to occur in the first place.
  • Results should be retained in databases for statistical purposes and trend analyses.
  • Training, both internal sessions and outside courses, is essential for maintaining a professional investigative staff.​​

Members Only Resources

International Corporate Investigations: Success Is Easier Than Your Think
Seminar Session 2217, September 2014
Speakers: Eugene Ferraro, PCI, CPP, Convercent, Inc.; Siti Subaidah Naidu, Past President, World Association of Detectives

Both speakers underscore the premise that international investigations require an approach that varies from nation to nation. In addition to language barriers and time zone differences, the challenges include understanding local laws, particularly those dealing with privacy, and knowing how to ethically navigate the red tape. Being sensitive to cultural norms and business practices means knowing what a client expects the final result to be, how it should be delivered, and what are the consequences of a misstep. The keys to success, the speakers point out, is to cooperate with pre-screened resources, act professionally, network with reliable colleagues, and provide leadership by guiding the investigation to a successful outcome. They also underscored the following points:

  • There is a global move toward privacy and just obtaining a signed release can be meaningless.
  • Investigators must establish a global network that they can tap into on a moment’s notice.
  • Corporate investigation is very underdeveloped in Asia, but the work is tremendously needed.

Investigations, an American National Standard
ANSI/ASIS INV.1-2015
ASIS International, July 2015

In more than 100 pages, this ANSI/ASIS Standard details the many processes involved in both internal and external investigations. The standard was developed over seven years by more than 200 Committee and Working Group members representing various disciplines, including security, psychology, human resources, academia, lawyers, and business owners. Using a consensus-driven process, the resulting standard provides guidance on establishing investigative programs as well as the conduct of individual investigations, including the competence and evaluation of investigators.

Following an introduction, investigative concepts are separated into seven sections, including the following:

  • Investigative Principles, such as impartiality, relevance, confidentially, and continuous improvement.
  • Performing Individual Process-driven Investigations, including post-investigation activities.
  • Confirming the Competence of Investigators.

Another eight annexes cover such topics as the use of external resources and legal issues and litigation avoidance with examples of the differences in regulatory, law enforcement, and private sector investigations. Figures include a Plan-Do-Check-Act (PDCA) Model, an Investigation PDCA Flow Diagram, and a graph depicting Reporting Lines During the Investigation Process.


Management Issues in Investigations
Protection of Assets, ASIS International 2011
Michael E. Knoke, CPP, Managing Editor
Pages 38-47

Following a peer review by more than 150 security professionals, academicians, and subject matter experts, each volume of the Protection of Assets provides a comprehensive resource on topics relevant to the security profession. Throughout 236 pages separated into five chapters, Investigation covers the major components of an effective investigation program, including investigation management, undercover investigations, due diligence, background investigations and pre-employment screening, and interview and interrogation.

The pages referenced here address two investigative concerns. Case Management covers such topics as setting primary and secondary objectives for the investigation (which may change) and following the progress of a case, including using supervisors and other investigators as sounding boards and for brainstorming.

Other Investigative Management Issues include Legal Issues (including local licensing requirements), Liaison (internal and external, formal and informal), and Criminal Intelligence Analysis. The final part of this section, Protecting Investigative Information, includes a Process Flow Chart for that purpose. The following points are also underscored:

  • Define the critical information needed at the outset of an investigation.
  • Assess adversary capabilities and motivation to collect information on the activity.
  • Determine the adversary’s likely (possible or probably) methods of collection.
  • Apply countermeasures to prevent, neutralize, or mitigate the collection effort.

Sources of Information on Investigations
ASIS IRC Reference Guide

A comprehensive review of the Standards, books, Security Management articles, a CRISP Report, recorded Webinars, and recorded Annual Seminar Educational Sessions available through ASIS International that can assist security professionals in conducting investigations for their employer or client.