In the world of security, consistency and ethics are critical. That’s why our newly updated Investigations Standard delivers a solid foundation for you to build on, outlining the principles, processes, and best practices needed for robust and compliant investigations.
With the right framework in place, your investigations can stand up to scrutiny—and deliver real value to your organization.
A key focus of this Standard is on the fundamental principles guiding investigations, including impartiality, independence, fact-based analysis, timeliness, and confidentiality. It highlights the vital importance of investigators maintaining high ethical standards and ensuring that investigative findings are well-documented, legally defensible, and actionable. The Standard provides detailed guidance on managing an investigations program, from defining objectives and policies to monitoring and continuously improving investigative processes. It also underscores the importance of aligning investigative activities with an organization’s broader risk management and compliance strategies.
Additionally, the Standard provides a step-by-step guide for conducting individual investigations, covering critical phases such as planning, evidence collection, witness interviews, documentation, and post-investigation activities. It stresses the significance of using structured methodologies, especially as it relates to topics such as maintaining a chain of custody for evidence and applying best practices in report writing and stakeholder communication. The framework also incorporates risk management principles, ensuring that investigative findings contribute to organizational learning, regulatory compliance, and security enhancements.
Security awareness content should always align with the organization’s mission, vision, and core values. Some valuable topics to cover include the organization’s code of conduct; personnel security policies; bullying and harassment; workplace violence warning signs and prevention; travel security; access control; emergency procedures; and IT security, including password management, social engineering, scams, phishing, and other online threats.
By implementing the principles and methodologies outlined in this Standard and by meeting the requirements it establishes, organizations can improve the effectiveness, credibility, reliability, and defensibility of their investigative processes and outcomes. The guidance promotes a proactive approach to identifying and mitigating risks, strengthening corporate governance, and fostering a culture of accountability and transparency.
6 Roles to Consider for Your Fraud Investigation Team
During fraud investigations, it’s not uncommon for security teams to work with the organization’s internal audit team. These are six roles that should be considered for the team.
Read the Article
Essentials of Security Project Management Certificate
Project management is essential to virtually every field—and it requires strong organizational, relationship-building, communication, and strategic-thinking skills. The Essentials of Security Project Management Certificate offers a comprehensive overview of the project management process, equipping security professionals with the knowledge of how a project should be managed.
Earn Your Certificate
