Rotate staff and contractors
Rotate staff and contractors in and out of roles to avoid familiarity. Staff and contractors can become too familiar with processes, customers or vendors, which can lead to insider threats.
Why this countermeasure matters
Leaving staff and contractors in positions for too long can lead to:
- less visibility of fraud and corruption risks
- staff or contractors taking advantage of positions of trust to act corruptly, commit fraud and avoid exposure
- staff and contractors getting familiar with processes and learning how to exploit weaknesses
- fraud or corruption going undetected for a long period of time
- staff being targeted and coerced to process fraudulent claims or invoices for another person or entity such as pressured to pay a fraudulent invoice.
How to put this countermeasure in place
Some ways to implement this countermeasure include:
- regularly rotating staff in high risk positions
- rotating contract managers so they do not develop a conflict of interest with vendors.
How to measure this countermeasure's effectiveness
Measure the effectiveness of this countermeasure by using the following methods:
- Confirm the existence of a rotation or mobility policy or best practice guidelines.
- Confirm that the occupation of high-risk roles is reviewed regularly.
- Review procedures or guidance to make sure it clearly specifies requirements for rotation and contractor engagement.
- Review statistics or reports on staff and contractor positions and durations.