Security Screening

BS 7858

Security Screening

This British Standard gives recommendations for the security screening of individuals to be employed in an environment where the security and/or safety of people, goods and services, personal data or property is a requirement of the employing organisation’s operations and/or where such security screening is in the public and/or corporate interest.

Background

BS 7858:2019 has undergone significant revision from its initial 2012 version. This revision has brought about the following significant changes:

  • Scope widened allowing use in industries outside of recognised security sectors where employees work in a secure environment
  • More emphasis on risk assessment
  • Includes a clear objective to obtain background information allowing risk based informed decisions
  • More importance placed on the role of top management to deploy appropriate resources and taking responsibility for the acceptance of risk
  • Clarification the organisation has to review and take responsibility for outsourced processes
  • Automation recognised and requirement for character references removed
  • Roles of gaining information through social media and internet searches discussed
  • Annex A now informative with examples of forms that could be used/customised

BS 7858 provides a structured code of practice for companies to work to for security screening of individuals working in a secure environment where the security and/or safety of people, goods, and services, data or property (intellectual and physical) is a requirement of the employing organisations operations and/or where such screening is in the public interest.

The standard applies equally to all full and part time employees, sole traders, partnerships, temporary and permanent employees at all levels of seniority, including Directors.

Implementation

Some elements of the standard are mandatory and, during certification audits, any shortcoming against those will result in a “nonconformity” which will have to be remedied before a certificate is issued.  In other areas, the standard is less prescriptive giving recommendations for best practice. When assessing a company’s performance against those, an auditor can show greater flexibility and if there is room for improvement the report will include appropriate recommendations and these will be followed up during the next year’s audit.

Scope

The standard covers the following areas:

  • Top management – need to show commitment to standard, supply resources and infrastructure needed, direct and support persons to contribute to effectiveness and ensure roles, responsibilities and authorities are assigned and communicated
  • Risk management – looking at who you should and should not employ based on career and history
  • Individuals employed in screening – screening controller(s) and administrator(s) who must have signed confidentiality agreements (scope specified in standard), co-ordination of approach in large, multi-department organisations, training provision including annual review of competence requirements and ensuring any out-sourced screening meets the requirements of this standard
  • The screening process including:
    • Administration;
    • Provision of information;
    • Preliminary checks;
    • Conditional employment;
    • Period allowed for completion of full screening for individuals in conditional employment;
    • Completion of screening (verification of information) and
    • Review of the screening process
  • Subcontractors – all aspects of the standard apply if a subcontractor is engaged on behalf of the certificated organisation
  • Ancillary staff – recommendations of the standard applies where such staff have access to sensitive information, assets or equipment
  • Acquisitions and transfers – if the certificated organisation acquires other organisations where screening is required, that screening must be reviewed to ensure it meets the requirements of this standard
  • Records – the standard sets requirements for holding of records for unsuccessful candidates, employees and where individuals have ceased employment

Annex A

Five useful example forms are given which may be modified in convenient styles

When an organisation engages QSS to complete an assessment and certification process an “Initial Assessment” will be carried out to audit the company’s compliance against the entire standard. Following this (and subject to the clearance of any nonconformities) a certificate will be issued, usually valid for 12 months. Annual assessments are then carried out normally leading to renewal of certification for a further 12 months (subject to any nonconformities).

Costs

Please contact us for costs.

Call +44 (0)1923 699840,
email info@qssonline.co.uk, or
Contact us for more information Apply online today

© Quality Service Standards Ltd. Registered in England & Wales, Company No. 03804633. Registered Address: Tangent House, 62 Exchange Road, Watford, Herts WD18 0TG.