BACKGROUND SCREENING [DP230]
        Back to Table of Contents

        Scope: Enterprise
        Distribution: Executive Leadership Team; Director of Information Technology, Privacy and Data Security; Directors, Managers and
        Supervisors
        Purpose: To reduce the likelihood of hiring people who are at high risk of abusing access to sensitive information.
        External Regulation or Standard: ISO 27001 A.8.1.2

        Who is Responsible     Statement     Policy, Standard, or Procedure Statement
                                Number
        Chief Human Resources    DP230.1     New employees who will have access to privacy‐restricted information must
        Officer                              complete and successfully meet GESMN conditions prior to accessing PRI or
                                             beginning employment.
        Chief Human Resources    DP230.2     The Chief Human Resources Officer will determine the criteria of a successful
        Officer                              background checks in a way that is consistent with the organization’s mission
                                             and will manage the contracts with background‐check providers.
        Directors, Managers      DP230.3     Directors, managers and supervisors will verify that staff members have
        and Supervisors                      completed successful background checks prior to granting access to privacy‐
                                             restricted information. The organization's hiring managers and supervisors will
                                             determine if employees have met the criteria for successful background checks
                                             and will accept responsibility within the organization for those hiring decisions.


















































                                                                                                         11 | P a g e
        GES CONFIDENTIAL