By clicking on the "Download archive" button, you will download the file you need completely free of charge.
Before downloading this file, think about those good essays, tests, term papers, dissertations, articles and other documents that are lying unclaimed on your computer. This is your work, it should participate in the development of society and benefit people. Find these works and submit them to the knowledge base.
We and all students, graduate students, young scientists who use the knowledge base in their studies and work will be very grateful to you.
To download an archive with a document, enter a five-digit number in the field below and click the "Download archive" button
Similar documents
Types of threats and methods of their implementation. Division of physical security of personnel, goals and objectives of its activities. Technical means of security and personal safety. Personal safety rules. Safety measures in extreme situations.
course work, added 04/09/2004
Basic concepts, essence and definitions of labor safety. Principles, methods and means of ensuring operational safety. Foreign experience managerial labor safety. Analysis of the formation of a labor safety system using the example of the Surgut Federal Migration Service.
course work, added 11/02/2014
The essence and concept of personnel safety in a modern organization. Socio-economic significance and sources of financing of labor protection. Analysis and features of management of activities to ensure occupational safety at AvtoVector LLC.
course work, added 06/16/2014
Rational regime of work and rest. Economic efficiency main measures to ensure industrial safety. Standard procedures for creating a security service for a business entity. The essence of the economic security of an organization.
test, added 05/17/2010
Forms and types retail. The essence and basic principles of ensuring occupational safety. Standardization of occupational safety. Security scheme for the head of the enterprise. Organization of interaction with local government law enforcement agencies.
course work, added 01/23/2012
The concept of security is a state of protection of the vital interests of the individual, society and state from internal and external threats. The axiom of potential danger and the concept of acceptable risk. Security objects and subjects, security principles.
presentation, added 06/24/2015
The essence and criteria for assessing the level of information security. Features of the organization of wars and terrorism in this area, assessment of the role and significance in the national security system. Human security in the information space. Self-defense weapon.
Introduction………………………………………………………………………………3
Chapter 1. Threats to the enterprise from personnel and methods of preventing them…………………………….………..5
1.1 Types and causes of threats………………………..5
1.1.1 Personnel fraud…………………………………......6
1.1.2 Thefts committed by employees……………………….20
1.2 Factors influencing the reliability of employees…………...25
1.2.1 Motivation……………………………………………………25
1.2.2 Impact on staff loyalty and on the quantity and quality of control measures………………………………………………………..27
Chapter 2. Safety issues and organization of work with personnel………………………………………………………..30
2.1 Personnel policy and security…………………………..30
2.1.1 Personnel security - representatives of risk groups in organizations……………………………………………………….31
2.1.2 Features of verification of management personnel……………...34
2.2 Stages of work of the economic security service with employees of the enterprise……………………………………….35
2.2.1 Main stages and procedures for professional selection of personnel in commercial structures………………………………………….35
2.2.2 Employee’s work in the company……………………………..38
2.2.3 The process of dismissal of personnel from commercial structures....40
Chapter 3. Preventive work of the economic security service with personnel…………………………..………….46
3.1 Material liability as a tool for preventive measures…………………………………………..48
3.2The role of the security service in banking……………..51
3.3 Recruiting and competitive intelligence………………………….55
Conclusion……………………………………………………..63
Sources and literature used……………………66
Appendix……………………………………………………….68
INTRODUCTION
Ensuring security is one of the most important problems facing any domestic enterprise. In the overall enterprise management system, the security subsystem is closely connected with the personnel management subsystem.
Over the past five years, the number and scale of economic crimes have increased significantly, and the most dangerous and widespread type of crime is “crime” committed by company managers and employees. An employee of an enterprise can find access to all or almost all assets of the enterprise, has the ability to overcome the facility’s security system, database protection, and can simply hear necessary information and make identifying what happened almost impossible.
Thus, more than three quarters of crimes in organizations are committed by employees, while more than half of the crimes are discovered by chance. No one can cause more damage to an organization than its employee, who has access to almost all the means and secrets of the enterprise.
Thus, now the vast majority of enterprises in all sectors of the Russian economy are faced with the acute problem of creating and applying a system for assessing and ensuring economic security as a mechanism for mobilizing and optimal control corporate resources of a given enterprise in order to use them most effectively and ensure the sustainable functioning of this enterprise, its active counteraction to all kinds of negative phenomena.
Analysis and synthesis of literature data and the experience of a number of enterprises in personnel management in order to ensure economic security, carried out by the authors, showed that at the enterprise level the following should be distinguished:
Internal and external threats to the enterprise;
Intentional and unintentional on the part of the person committing the crime;
Selfish (fraud, theft, robbery, robbery, extortion) and unselfish (negligence);
Technical (professional) errors (random or systematic).
The purpose of personnel management in the economic security system of an enterprise, as well as the purpose of the work done, is to find ways to minimize risk and threats from employees.
When discussing this topic, the task is, first of all, to display the main threats from the enterprise’s personnel and preventive measures before they arise and in the process of resolving them by the economic security service. That is, to show the need to create dedicated structures at the enterprise that, in conjunction with human resources departments and directly with management, would solve problems of building a system of personnel motivation, influence on staff loyalty, and prevent actions of employees that may pose a potential danger to the company’s activities, and the use of personnel as a competitive intelligence tool.
Chapter 1. THREATS TO THE ENTERPRISE FROM PERSONNEL AND METHODS OF PREVENTING THEM
Types and causes of threats
It is necessary to distinguish between external and internal threats. External negative impacts- these are actions, phenomena or processes that do not depend on the will and consciousness of the employees of the enterprise and entail damage. In turn, internal negative impacts include actions (intentional or careless) of enterprise employees, which also entail damage.
Insider threats include:
· inconsistency of employee qualifications with the requirements placed on them;
· insufficient qualifications of employees;
· weak organization personnel management systems;
· weak organization of the training system;
· ineffective motivation system;
· errors in personnel resource planning;
· reduction in the number of rationalization proposals and initiatives;
· care of qualified employees;
· employees are focused on solving internal tactical problems;
· employees are focused on respecting the interests of the unit;
· absence or “weak” corporate policy;
· poor quality checks of candidates when hiring.
Examples of external threats include:
· Competitors have better motivation conditions;
· setting up competitors to lure away;
· pressure on employees from the outside;
· getting employees into different kinds addictions;
· inflationary processes (it is impossible not to take into account when calculating wages and forecasting its dynamics).
Undoubtedly, all these negative impacts of the external environment have an impact on the processes within the enterprise, in general, on its safety in terms of personnel.
Personnel fraud
Most of the losses of enterprises are the result of very specific actions of personnel. The cause of these actions may be intent or negligence, but the root of evil is in people, in their attitude to their duties.
“Fraud, i.e. theft of someone else’s property or the acquisition of rights to someone else’s property through deception or abuse of trust...” Art. 159 of the Criminal Code of the Russian Federation
A legal concept that involves knowingly acting with intent to deceive. This concept includes deliberate deception, abuse of enterprise assets, manipulation of financial data in order to benefit the person performing these actions. These include any actions either by the employees themselves, or committed with their complicity and aimed at using the assets of the enterprise for personal purposes. Its forms come in various forms: theft, embezzlement, misappropriation, and acquisition of rights to someone else’s property. The main ways for fraudsters to achieve their goals are deception, misrepresentation, and abuse of trust.
There are three categories of internal fraud, characterized by such constituent features as misappropriation of assets, corruption and fraudulent statements. Asset misappropriation is the leading form of internal fraud, accounting for more than four-fifths of known violations, with institutional cash and check violations equaling the total loss share of all other assets (inventory, supplies, equipment, and information). This is getting "profit" from the sale of "unaccounted for goods", illegal write-off, blatant seizure, etc. Corruption, in the sense of internal fraud, usually involves an official, manager, or employee of an organization colluding with outsiders. There are several main types of internal corruption that lead to damage to the interests of the enterprise: bribery, prohibited monetary rewards, kickbacks in settlements, special inflated prices by agreement, etc.
Before preventing a phenomenon, it is necessary to understand the reasons why it occurs and the methods for its implementation. Therefore, we need to understand what are the causes, what are the opportunities, and how to eliminate them.
Reasons for committing fraud.
The economic security service, as well as the head of the enterprise, must clearly understand that an employee commits theft when two factors are combined - the desire to steal and the opportunity to steal. The opportunity to steal is available to those who have control and administrative functions and/or access to material assets and at the same time enjoy a certain lack of control. And the desire to steal arises under the influence of reasons:
a) personal:
Financial difficulties employee, which may be due to greed, debt, influence of family members, addiction to drugs, alcohol, gambling, etc.
Communication problems at work, e.g. settling scores with superiors, personal and professional reassessment, team relationships, etc. (creating positive and open conditions labor, the organization can reduce such incentives for employees)
b) external, as a result of influence from criminal and competitive structures, emergency circumstances, obvious non-accounting for inventory, etc., with the ensuing consequences.
Counteraction subsystem.
The task of this subsystem is to identify facts of “sabotage” and suppress them. This subsystem must work constantly. Its work is based on the same elements as the previous one. But unlike the first, the emphasis is not on forecasting, but on monitoring current processes. This is, first of all, control over the performance by employees of their job responsibilities; naturally, for this, these responsibilities must be developed and approved accordingly. The control itself can be carried out in several ways. The official part includes control of working hours, control of reporting, etc. The unofficial part consists of secret monitoring of the performance of duties (video, audio). Separately, it should be noted the importance of monitoring the working contacts of employees (when, with whom, on what issue were negotiations carried out and what was the result); this can be obtained through appropriate reporting. And the standard of living of workers (monitoring in everyday life, comparison of income/expenses, adequacy of behavior to income).
In this regard, accounting and financial reporting occupy an important place. It is thanks to this type of bureaucracy that facts of theft can be identified and documented.
For example, you need to organize control over the activities of a sales manager. To do this, it is necessary to carry out the following activities:
a) control of working hours
This is carried out by the security guard recording the time of arrival and departure of employees in the appropriate journal. This log also indicates when and where the employee went away during the working day. If an employee is absent for work, the purpose of the absence and by whom it was authorized is recorded in the same journal. Electronic working time control systems, such as Cordon, have proven themselves to be excellent.
b) reporting control
It is necessary to introduce a reporting system. Its meaning boils down to the fact that all employees, after a certain period of time (usually from one day to a month), provide reports on the work done to their immediate supervisor. Accordingly, the report of the next level of managers is based on the reports of their subordinates. When analyzing reports, it becomes clear who is working and who is pretending to be working. The report form can be varied. For our example, we need to reflect in the report: the number of clients called, the number successful transactions, the number of unsuccessful transactions (indicating the reasons for the failure and the client’s coordinates), the number of calls to the client for advertising and effectiveness, transaction amounts, etc.
c) contact control
This area The activity is quite delicate. In case of insufficient documentation A sticky situation may arise. Therefore, before starting implementation, it is necessary to conclude an agreement with each employee, the meaning of which boils down to his consent to control. Easier this agreement make it part of an agreement on non-disclosure of trade secrets, but it is better if it is a separate document with approximately the following content: “I, Ivan Ivanovich Ivanov, agree that my work (activities during working hours) can be controlled by specially designated employees of the company, including my reporting, my negotiations, telephone communication, etc.” After signing such agreements, you can begin to create the system itself. Firstly, you can enter reports on contacts with clients, partners and competitors into the reporting system. Then equip the place (room) for negotiations with an audio and, if possible, video recording system. It is also a good idea to equip informal communication areas with an audio monitoring system (smoking areas, dining room). It is also necessary to install a telephone conversation monitoring system. But at the same time, we must remember that to control everything and everyone, you will have to hire a staff of controllers of the same size. Periodic reconciliation with partners on ongoing transactions also gives positive results, preferably without delay.
d) control of the adequacy of behavior
It is also a rather complex activity related to observing how employees behave and, most importantly, how their behavior changes over time. When these observations are superimposed on the transaction chart, you can see certain patterns and draw some conclusions. Particular attention should be paid to such indicators as a sharp change in the employee’s well-being, a significant and prolonged deterioration in mood, isolation, absent-mindedness, etc. The appearance of such symptoms is a signal for a deeper study of the employee. Namely, observing him outside of work, collecting feedback from colleagues, neighbors, etc.
In the procurement process
Possible options fraud: making purchases at an inflated price and receiving a kickback; you can buy much more goods than you need and play on the difference wholesale prices, you can buy from the same seller - have a discount and take the difference for yourself; You can buy from your intermediary company. These methods are identified through periodic analysis of product purchase prices based on data in the accounting system. In addition, it is sometimes advisable to change the person involved in procurement to another employee for a short period of time and compare the prices of purchasing goods. Based on accounting data, the “intermediary” company can be easily identified by the following parameters- changes in prices in both directions for the same product, higher purchase prices for goods, predominantly cash payment methods, a “universal” range of company products, lack of contact information, excessively large volumes of purchases with a shipment period of more than one month.
During the goods receipt process
Possible variants of fraud: When accepting goods to the warehouse, the warehouseman, for a certain percentage of the cost of the goods, may not accept it into the warehouse, but leave it in the supplier’s car. With this method of fraud, the goods are not removed from the enterprise, but there is a shortage in the warehouse. To detect such fraud, it is necessary to maintain the enterprise's warehouse in computer system“day to day” without a lag, and the storekeeper should not be able to correct documents entered once. Or you can do something more cunning - give the storekeeper the opportunity to make changes, but record all these changes programmatically - then it immediately becomes clear who changes what and when. Critical groups of goods for which methodical write-off is not carried out should be inventoried weekly, and before carrying out large transactions, sufficient balances should be removed expensive goods and the composition of their shipment. The invoice for receiving goods from the warehouse must be signed materially responsible persons directly upon transfer of the goods, and not “retroactively”. Also, in the process of storing and releasing goods from a warehouse, artificial creation of surpluses due to deception of persons receiving the goods, and such a phenomenon as misgrading of goods, often occurs.
During production
When producing goods, there is a real opportunity to save on the cost of goods due to non-compliance with technological processes, inflated percentages of waste in costing cards, or under-investment (underfilling). But to receive additional income Production workers need to remove and sell saved ingredients or additionally produced products. Therefore, special attention is paid to controlling the quantity of products produced and preventing their removal from production sites.
In the process of implementation
Possible fraud options:
● selling to various small clients under the guise of one large one, receiving a good discount for this order and receiving a kickback from clients;
● selling to customers not their own products, but those purchased from another company without the participation of the company;
● banal deception of the client.
Since the sale of surplus products requires an agreement between the one who produces and the one who sells, or the seller and the buyer, periodic comparisons are made of data on the ratio of sales volumes between different managers, as well as the ratio of sales various groups goods between different shifts of managers. Periodically, the remains of expensive product groups are removed at the point of sale. Sharp fluctuations in surpluses and shortages of the same product within a month indicate the possible sale (removal) of surpluses of this product or products from the kitchen. Since there is practically no consumption of products when selling services, the only way to control is to use computer cash registers (terminals) and visually compare the volume of services provided with the current data in the system. Services provided on a time basis are controlled using special devices or by turning on the service only after it is recorded in the client’s account at cash register(terminal). Cash reports are periodically compared with the service usage protocol. It is possible to check using operational methods: test purchase, reconciliation with the client on a specific transaction.
Unfortunately, the scope of the thesis does not allow us to cover all aspects of identifying and suppressing personnel fraud in enterprises. In addition, each enterprise has its own characteristics; fraudsters are constantly looking for new ways to steal and hide their actions. Each case must be considered individually.
Motivation
The basis of motivation reflects both the historical transient nature of management concepts and the socio-historical conditionality of the development of motives. Consideration of “enterprise security” in connection with the motivation of people’s behavior seems more constructive than its narrow interpretation (ways of maintaining trade secrets). Therefore, managing employee motivation by means of personnel policy (assessment, control, formation) is one of effective measures ensuring security along with others.
The strategy for building a motivation system that would keep employees from unexpectedly moving to another job or from deliberately transferring commercial information to competitors depends on its goals, capabilities, selected personnel and their needs.
Human needs are limitless, and any level of wages will eventually seem insufficient. Resources that can be used to pay employees are limited, and managers, willy-nilly, have to look for non-material ways to motivate and stimulate staff, as shown in Table 1.1. (see Attachment)
Now in the incentive system, already half-forgotten attributes of the Soviet era are experiencing a rebirth: diplomas, “Rolls of Honor”, competitions between departments, work groups, etc. The criterion of “labor evaluation” with the growth of professional competence quickly becomes decisive. A person simply needs his work to be appreciated and praised; it is important to realize his own importance. Without requiring any material costs, this method of motivation, when used skillfully, can easily compete with the results achieved with its help with material incentives.
Others, already modern tools motivation are trainings, for example, on communication, psychological compatibility, sales, etc., which allow you to unite employees into a team, increase sales efficiency or labor productivity. Each training must be accompanied by a report, which is then analyzed:
The situations that occurred at the seminar are considered,
Detailed characteristics of the participants are given,
Analysis of strengths and weaknesses each participant on the topic of the training. This analysis will allow both the manager, the personnel service and security guard employees, not only to identify the weaknesses and strengths of employees, but also to evaluate their behavior in different situations, including extreme ones.
However in the best possible way Personnel motivation is the identification of the employee and the company. “My goals are the goals of the company. My interests are her interests.” If employees think this way and share the goals and mission of the company, then it will be almost impossible to lure them to the side or extract confidential information from them. However, this is only possible if people are confident that their careers will develop the best way exactly in this company. Moreover, its development will not depend on the whims of higher management, but will be subject to a long-term plan that provides for both material interest and professional growth of the employee.
Chapter 2. SAFETY ISSUES AND ORGANIZATION OF WORK WITH PERSONNEL
Job description
A job description is a document that defines the entire range of issues related to its labor activity in this organization. A well-written instruction allows you to define the duties, rights and responsibilities of personnel and protects them from performing unusual functions, emphasizing the system of relationships between managers and their subordinate employees.
The job description usually contains:
· full name of the position;
· to whom the position is subordinated;
· to whom the position gives orders;
· requirements for an employee for this position (education, specialty, work experience);
· the goals that the company’s management puts forward for this position;
· functions that the employee must perform in this position;
· the responsibility that the employee bears in this position;
· procedure for assessing employee work.
The job description may also determine the procedure for employees to access confidential information: for each of them, a list of information is determined that they have the right to become acquainted with as part of their job duties. Exceeding the volume specified in the instructions is considered a violation and poses a certain threat to the security of the company. The list of information constituting a commercial secret of an enterprise is determined by its head or a commission specially created for this purpose.
In addition, in many cases it makes sense to limit the physical access (movement) of personnel to premises and areas not related to the functional responsibilities of employees. Visiting closed areas can only be done with permission from management.
Another way to limit access to information is to split homogeneous information into separate independent fragments and familiarize employees with only one of them, which does not allow the latter to compose complete picture about the state of affairs in this area.
Preparing for a conversation with dismissed employees
When receiving an oral or written notice of resignation, it is recommended, in all cases without exception, to have a conversation with the employee with the participation of a representative of the personnel department and one of the managers of the commercial structure. However, before the conversation, it is advisable to take measures to collect the following information about the resigning employee:
The nature of his relationships with colleagues in the team;
Attitude to work;
Level vocational training;
The presence of conflicts of a personal or professional nature;
Previous statements or wishes to move to another place of work;
Access to information, including that constituting a trade secret;
The probable period of obsolescence of information constituting a trade secret for a given enterprise;
The expected future place of work of the resigning (dismissed) employee.
For recruitment agencies
For a recruiting agency, companies' "intelligence games" can turn into "cheat games" and can become a source of additional funding. It is important for the agency to understand that a candidate from the core market is of interest to the company, regardless of whether he is hired or not. That is, for agencies working without prepayment, it makes a lot of sense to negotiate a separate fee for providing “profile” candidates. Moreover, this can become a separate service - without working for a company for a specific vacancy, it can send candidates from competing companies there for “intelligence conversations.” Thus, the agency expands the range of services provided, and the employer (represented by the security service) receives an additional channel of information at its disposal.
For the applicant
The applicant in this situation is the most suffering party. It is considered solely as a source of information, and no question of compensation for this information usually arises. At the same time, being in a job search situation, the applicant does not have much freedom of choice - he is supposed to answer questions during the interview. But the realization that the advertised vacancy may not be a vacancy at all already helps to look at the situation differently and be easier to relate to the fact that in the end the negotiations did not end in anything. There is another aspect. The fact that you have the information that the company needs can even become a subject of bargaining (if we are not talking about some very simple information). Sometimes you can offer your advice, but not directly, but more subtly, referring to significant experience in the field of interest, knowledge of the peculiarities of organizing the process in different companies, etc. In addition, having assessed you as a competent specialist who actually has valuable information, the company may reconsider the initial setting and hire you. One way or another, additional understanding of the possible incentives of the employing company gives you a trump card in the difficult game called “Searching for a job in your specialty.”
However, I remember one young marketer who could not find his way around his market price. He solved this problem quite professionally - he posted several “fake” job advertisements on the Internet and analyzed the resumes received. By comparing applicants' salary expectations with their skill level, he was able to better determine the level of income he could qualify for. So, the applicant can use recruiting methods for his own pleasure.
In conclusion, I note that the methods described above are the reality of the modern situation. This is largely determined by the intensive development of a wide variety of markets and the intensification of competition between companies developing the same industry. Simply put, this is a natural stage in business development.
CONCLUSION
In this diploma work The main issues related to the problems of ensuring the safety of commercial structures when working with personnel are considered. As follows from the above, personnel have a significant, and in most cases even decisive, influence on the economic security of the enterprise. In this regard, the selection of personnel, their study, placement and qualified work during dismissals significantly increase the resistance of commercial enterprises to possible third-party negative influence and undercover penetration of illegal elements.
Regular study of all categories of personnel, understanding the objective needs of employees, their leading interests, true motives of behavior and the choice of appropriate methods for uniting individuals into an efficient team - all this allows managers to ultimately solve complex production and commercial-financial problems, including those related to ensuring economic security.
Obtaining, within the framework of the current Russian legislation, the maximum amount of information about job candidates, thoroughly checking the submitted documents through both official and operational capabilities, including the security service of the company (firm), systematic analysis of information collected on the relevant candidates;
Carrying out a set of verification measures in relation to job candidates, their relatives, former colleagues, and immediate associates in cases where the issue of their hiring to managerial positions or access to information constituting a trade secret is being considered;
The use of modern methods, in particular interviews and testing, to create a psychological portrait of job candidates, which would allow one to confidently judge the main character traits and predict their likely actions in various extreme situations;
Assessment using modern psychological methods diverse and multi-order factors that may hinder the hiring of candidates or their use in specific positions;
Definition for candidates for work in commercial structures of some probationary period for the purpose of further verification and identification of business and personal qualities, other factors that could interfere with enrollment in the position;
Introducing regular and unexpected comprehensive checks of personnel, including through the capabilities of security services;
Training employees of personnel departments and security services in modern psychological approaches to working with personnel, social, psychoanalytic, ethical and moral methods, skills in using modern technical means for recording the results of interviews, techniques for conducting targeted conversations “in the dark” and procedures for information and analytical work with documents of candidates;
Selecting a human resource supervisor from among the top managers of commercial structures to monitor the activities of personnel departments and security services when working with personnel.
In addition, it seems possible to identify the following basic principles that should be followed when working with personnel:
Introduction of an effective system of material incentives;
Providing each team member with long-term and creative work;
Forming in employees a sense of responsibility for the work performed and independence as a performer;
Ensuring the participation of all personnel, of course, in cases where this is possible, in the development of fundamental, strategic development decisions, the formation of social incentive and insurance funds, and the distribution of profits of commercial structures;
Creating opportunities for advanced training and education, as well as career advancement;
Arrangement of personnel in accordance with abilities, qualifications, education, length of service, health status and other factors influencing the career of employees and their appointment to positions;
Implementation in practice of a flexible, non-injury system of personnel dismissals.
So, we can draw a definite conclusion that Russian entrepreneurs are increasingly changing their attitude towards the “human factor”, putting it into the arsenal of their personnel departments and security services modern methods work with personnel. It is obvious that further development in this area is associated with the active use of the significant potential of methods of psychoanalysis, psychology and management ethics, conflictology and a number of other sciences and a more complete integration of relevant specialists into commercial enterprises.
Magura M. Search and selection of personnel. – M.: Intel-Sintez, 2003. – 303 p.
Shlykov V. Theory and practice of economic security of an enterprise. – M.: Arsin, 2000. – 218 p.
Genne O. - Non-transferable key // Information protection. Confidential. 2003. - No. 3.
Glushko V.I. - Removal from work: procedure and order of registration // Personnel of the enterprise. 2003. - No. 3. - p.33-39
Gorshkova L. Assessment of management personnel: parameters and methods // Person and work. 2003. - No. 3. - p.79-85
Trukhanovich L.V. Disciplinary action: commandments for the personnel officer // Personnel of the enterprise. 2003. - No. 3. - pp. 19-32
Chumarin I.G. Personnel security - representatives of risk groups in the organization // Personnel-Mix. 2002.- No. 6-7.
Chumarin I.G. Functions and tasks of the personnel service in the field of ensuring economic security. // Enterprise personnel. 2003. - No. 3. - p.47-51
Chumarin I.G. What is personnel security? // Enterprise personnel. 2003.- No. 2.
Chumarin I.G. – Thefts committed by employees // DP-Personnel. 2001.-№9.
Fukolova Yu. One hundred factors of trustworthiness // The secret of the company. From December 16 – December 29, 2002. - No. 7.
Tarelkina T., Ryzhkova T. Motivation in the “Retro” style // Personnel Management. 2002. - No. 1.
Chumarin I.G. Be careful, they are using their own or internal fraud at the enterprise // BDI. 1996.- No. 4.
Chumarin I.G. What is cadre
3. Threats to staff
The legal status of an employee at an enterprise is determined by the provisions of the Constitution of the Republic of Belarus, as well as the terms of the contract ( labor agreement) and organizational and administrative documents in force at this enterprise, incl. and in terms of ensuring safety at your work site. The employer is obliged to take measures to protect the employee from possible threats to his health, life, interests, and the employee, in turn, is obliged to conscientiously fulfill the obligations assumed when drawing up a contract during hiring.
Threats to Personnel (persons) can be expressed by phenomena and actions such as:
1) Natural disasters;
2) Harmful working conditions; attempts to make changes to technological production processes in order to prepare and commit technological accidents; man-made accidents;
3) Psychological terror, threats, compromising evidence, dissemination of false information (either he stole it or was stolen from him), intimidation, blackmail, extortion;
4) Assault with the aim of seizing funds, valuables, confidential information and documents;
5) Introducing changes hazardous to health into the environment (radioactive, chemical, bacteriological contamination, etc.);
8) Murders accompanied by violence, bullying and torture and others.
The methods used to carry out threats to personnel are varied and depend on the perpetrator of the threat, his training and equipment.
4. Threats to material resources
The valuable resources of an enterprise with a physical form of existence may be threatened by:
· Natural disasters;
· Theft is an unlawful gratuitous seizure and (or) conversion of someone else’s property for the benefit of the perpetrator or other persons, committed for mercenary purposes, causing damage to the owner or possessor of the property;
· Damage – a change in the properties of property, in which its condition significantly deteriorates, a significant part of it is lost beneficial properties and it becomes completely or partially unsuitable for its intended use. Damage is carried out through arson, explosions, gunfire and other methods of fencing, entrance doors, gates, grilles, shop windows, etc.; vehicles, technological transport and equipment; communication and signaling means and systems; enterprise life support systems.
· Destruction - external influence on property, as a result of which it ceases to exist physically or is rendered completely unfit for use for its intended purpose. Destroyed property cannot be restored through repair or restoration and is completely removed from economic circulation.
· Infection with radioactive, chemical, bacteriological substances;
· Picketing, blocking entrances, invasion, capture and others.
The methods of carrying out threats to valuable resources existing in physical form are also varied and depend on the executor of the threat, his training and equipment.
5. Threats to information resources
5.1. Classification of threats to information resources.
Threats to information resources can be generally classified:
1). According to the purpose of threat implementation:
Confidentiality threats:
Theft (copying) of information and means of processing it (media);
Loss (unintentional loss, leakage) of information and means of processing it (media);
Availability threats:
Blocking information;
Destruction of information and means of processing it (media);
integrity threats:
Modification (distortion) of information;
Denial of the authenticity of information;
Imposition of false information, deception
Wherein:
Theft and Destruction of information is understood similarly as applied to material valuable resources. Destruction of computer information – erasing information in the computer memory.
Copying information is the repetition and permanent imprinting of information on a machine or other medium.
Damage is a change in the properties of a storage medium, in which its condition significantly deteriorates, a significant part of its useful properties is lost and it becomes completely or partially unsuitable for its intended use.
Modification of information – making any changes, except those related to the adaptation of a computer program or database for computer information.
Blocking information is an unauthorized obstruction of user access to information not related to its destruction;
Unauthorized destruction, blocking, modification, copying of information - any not permitted by Law, the owner or competent user of the specified actions with information.
Deception (denial of authenticity, imposition of false information) is a deliberate distortion or concealment of the truth in order to mislead the person in charge of the property, and thus obtain from him the voluntary transfer of property, as well as reporting knowingly false information for this purpose.
2) Based on the principle of impact on information carriers - the information processing and transmission system (APS):
Using the access of an intruder (attacker, ASOI user, process) to an object (to a meeting room, to a data file, a communication channel, etc.);
Using covert channels - using memory, memory, information transmission paths that allow two interconnected processes (legitimate and introduced by an attacker) to exchange information in a way that leads to the loss of information.
3) By the nature of the impact on the information processing and transmission system:
Active threats associated with the offender performing any actions (copying, unauthorized recording, access to data sets, programs, password recovery, etc.);
Passive threats are carried out by the user observing any side effects processes of information movement and their analysis.
4) Based on the presence of an exploitable security error, the threat may be due to one of the following reasons:
Inadequacy - non-compliance with the security regime for protecting the security zone.
Errors in administrative control - security mode;
Errors in program algorithms, in the connections between them, etc., which arise at the stage of designing programs or a set of programs and because of which these programs can be used completely differently than described in the documentation.
Errors in the implementation of program algorithms (coding errors), connections between them, etc., which arise at the stages of implementation, debugging and can serve as a source of undocumented properties.
5) By the method of influencing the target of attack (with active influence):
Direct impact on the target of the attack (including using privileges), for example: direct access to audibility and visibility, to a set of data, program, service, communication channel, etc., taking advantage of any error;
Impact on the permissions system (including privilege hijacking). In this case, unauthorized actions are performed regarding user rights to the object of attack, and access to the object itself is then carried out in a legal manner;
Indirect impact (through other users):
- "masquerade". In this case, the user appropriates to himself in some way the powers of another user, impersonating him;
- "blind use". With this method, one user forces another to perform the necessary actions (for the security system they do not look unauthorized, because they are performed by a user who has the right to do so), and the latter may not even be aware of them. A virus can be used to implement this threat (it performs the necessary actions and reports their results to the person who introduced it).
The last two methods are very dangerous. To prevent such actions, constant monitoring is required both on the part of administrators and operators over the operation of the ASOI as a whole, and on the part of users over their own data sets.
6) According to the method of influencing the ASOI:
Interactively – in progress long work with the program;
In batch mode - after long-term preparation by the rapid implementation of a package of targeted action programs.
When working with the system, the user always deals with some of its programs. Some programs are designed in such a way that the user can quickly influence the progress of their execution by entering various commands or data, while others are designed in such a way that all information must be specified in advance. The first include, for example, some utilities, database management programs, mainly user-oriented programs. The second group includes mainly systemic and application programs, focused on performing any strictly defined actions without user participation.
When using programs of the first class, the impact is longer in time and, therefore, has a higher probability of detection, but is more flexible, allowing you to quickly change the order of actions. Exposure through second-class programs (for example, viruses) is short-term, difficult to diagnose, much more dangerous, but requires a lot of preliminary preparation in order to foresee in advance all possible consequences of the intervention.
7) By object of attack:
ASOI in general: an attacker tries to penetrate the system in order to subsequently perform any unauthorized actions. They usually use “masquerade”, password interception or forgery, hacking or access to ASOI via a network;
ASOI objects - data or programs in random access memory or on external media, the system devices themselves, both external (disk drives, network devices, terminals) and internal (RAM, processor), data transmission channels. Impact on system objects is usually aimed at accessing their contents (violating the confidentiality or integrity of processed or stored information) or disrupting their functionality (for example, filling the entire computer's RAM with meaningless information or loading the computer's processor with a task with unlimited execution time);
ASOI subjects are user processors. The goal of such attacks is either a direct impact on the operation of the processor - its suspension, changing characteristics (for example, priority), or a reverse impact - the attacker uses the privileges and characteristics of another process for his own purposes. The impact may be on user processes, systems, networks;
Data transmission channels - listening to the channel and analyzing the graph (message flow); substitution or modification of messages in communication channels and relay nodes; changing the topology and characteristics of the network, switching and addressing rules.
8) By means of attack used:
Using standard software;
Using specially developed programs.
9) According to the state of the target of attack.
The object of attack is stored on disk, magnetic tape, RAM or any other place in a passive state. In this case, the impact on the object is usually carried out using access;
The object of attack is in a state of transmission over a communication line between network nodes or within a node. Impact involves either access to fragments of transmitted information (for example, interception of packets on a network repeater), or simply eavesdropping using covert channels;
The target of the attack (user process) is in the processing state.
The above classification shows the difficulty of identifying possible threats and how to implement them.
Sources of threats to information resources are similar to the previously discussed sources of threats to material resources and can be presented in the table as:
| ANTHROPOGENIC SOURCES |
| - Criminal structures |
| - Potential criminals and hackers |
| - Unfair partners |
| - Representatives of supervisory organizations and emergency services |
| - Representatives of law enforcement agencies |
| -Key personnel (users, programmers, developers) |
| - Representatives of the information security service (administrators) |
| - Support staff (cleaners, security) |
| - Technical personnel (life support, operation) |
| TECHNOGENIC SOURCES |
| Communications (information transfer) |
| Networks engineering communications(energy supply, water supply, heating, ventilation, sewerage) |
| INTERNAL TECHNOGENIC SOURCES OF THREATS |
| Poor quality technical means information processing |
| Poor quality information processing software |
| Auxiliary equipment (security, alarm, telephony) |
| Other technical means used in the institution |
| NATURAL THREATS |
| Fires |
| Earthquakes |
| Floods |
| Hurricanes |
| Various contingencies |
| Other force majeure circumstances** |
* Special group internal, man-made sources are made up of specially deployed and recruited agents from among the main, auxiliary, technical personnel and representatives of the information security service. This group is not considered as independent, but when analyzing, in the event of the potential for the introduction of agents, it is necessary to take into account the features of protection from such sources when considering the possibilities of internal anthropogenic sources.
** In this case, the term “other force majeure circumstances” means the legal component of force majeure, that is various solutions higher state bodies, strikes, wars, revolutions, etc., leading to force majeure circumstances.
Depends on the power and level of development of the social communication system. All this is important to take into account when managing society’s information resources. 3. Technology of formation and use of information resources in information production In each information production there are technological positions specific to it. Each research team uses its own...
Production or limit sales if the unrest is directed against a foreign-owned plant or product. Practical part 1. Brief description of PKF Iva-S LLC and external environmental factors 000 PKF Iva-S was created in 1997 for the production and wholesale trade paint and varnish materials in the city of Rostov-on-Don. Full name of the enterprise - Society with...
1. 2. Purpose of the work The purpose of this abstract is to consider models of threats to the security of systems and methods of their implementation, to analyze the criteria for the vulnerability and resistance of systems to destructive influences, to describe monitoring tools for identifying facts of the use of unauthorized information influences, to consider the nature of the development of methodology and methodological apparatus for assessment. ..
Introduction
For most managers and managers, the security of any enterprise - large and small, commercial and non-profit, industrial and operating in the service sector, does not fall under the purview of human resource management services. The security of an organization is most often handled by the enterprise security service. In the understanding of the management of the enterprise, security is not protecting the organization from threats and risks from a legal point of view, but only protecting the enterprise from the physical aggression of criminals. The possibility of using one’s official position for personal purposes, for example, by an employee holding a key position in a company, is not taken into account. Risks that can bring a lot of financial and time costs, such as incomplete or poor performance of official duties, theft, dissemination of confidential official information, trade secrets, etc., are often not taken into account.
IN modern conditions, when the practice of unfair competition is widespread, such a negligent attitude of management towards protecting the enterprise from risks and threats emanating from the main resource and wealth of the organization - already working “assigned” personnel, results in millions in losses, and often bankruptcy.
In organizations, there is often a special service for this, which comes into contact with personnel, mainly when it is necessary to “break through the database” of key employees hired, or to suppress, for example, fights between employees during a corporate holiday, as well as to protect the building from penetration of strangers, etc. Basically, the tasks of “security” of a company lie not inside, but outside of it, starting with physical protection from undesirable persons and ending with clever measures to prevent threats from criminals or unscrupulous competitors. For this purpose, it is often not the internal division of the organization that is used, but an external, often completely third-party security company, which performs its duties only within the strictly limited framework of the contract for the provision of paid services. The performance of non-standard security functions against threats emanating from the company’s own personnel remains on the “conscience” of its management. And each time, in each new specific case, the enterprise is faced with the need to find means for a possible solution to the problem that has arisen and neutralize its consequences. Often such a “catch-up” policy results in the liquidation of the enterprise.
In reality, in addition to external threats to the company’s security, there are also internal threats arising from its main resource – its personnel. We are talking not only about someone’s negligence or incompetence, but also about completely conscious theft, sabotage, bribery, disclosure of trade secrets and other dishonest actions of employees. Such actions actually cause more damage and harm to enterprises than, for example, industrial espionage.
Managers think about external threats more, prepare for them more thoroughly, and ultimately experience their consequences more easily. They obviously perceive the environment as hostile; they do not expect mercy or handouts from it. The internal environment of the organization is our divisions, our people whom we hired and whom we trust. And accordingly, internal threats become more unexpected for us and cause greater moral and psychological damage.
Therefore, it is reasonable to create a management structure at the enterprise, which will be obliged to perform the functions of checking employees, protecting the enterprise from risks and threats emanating from personnel. Modern enterprises, faced with abuse of their legal rights, forgery of documents, disclosure of trade secrets of the enterprise and other intentional and unintentional “sabotage” on the part of their employees, create their own security service within the HR department or legal service, assign these functions to it and legally prescribe management procedures taking into account the specifics of personnel. Practice shows that a preventive personnel policy in the field of protecting an organization from risks and threats associated with the actions or, conversely, inaction of personnel, turns out to be not only economically beneficial for an enterprise in the modern market, where information security is becoming increasingly important, but also often from it The very existence of the organization in principle depends.
The presented work is devoted to the topic “Protecting the enterprise from risks and threats emanating from personnel.” The problem of this study has relevance in the modern world. This is evidenced by the frequent study of the issues raised: personnel control, assessment of the level of staff loyalty, as well as the selection and hiring of reliable personnel. This topic is studied at the intersection of several interrelated disciplines. These are psychology, management and sociology.
Many works are devoted to research questions. These include the works of such famous people as Shipilova O., in the field of personnel loyalty, Borodina I.A., in the field of corporate security, Chumarina I.G. – Director of the Fraud Research and Prevention Agency and Nezhdanov I.Yu. There are also many works by foreign authors: Michael Levy, Barton A. Waitz.
Further attention to the issue of “Protecting the enterprise from risks and threats emanating from personnel” is necessary in order to more deeply and substantively resolve particular current problems of the subject matter of this study. This is the selection of reliable personnel, personnel support and painless dismissal of personnel, both for the company and for the employee.
The relevance of this work is due, on the one hand, to the great interest in this topic in the modern world, and on the other hand, to its insufficient development. Consideration of issues related to the topic of protecting an enterprise from risks and threats has both theoretical and practical significance. The results can be used to develop methods for protecting an enterprise from risks and threats posed by personnel.
Personnel security is a dominant element of the economic security of an enterprise, due to the fact that employees are the primary element of any organization. Therefore, personnel are the object of this study.
At the same time, the subject of the study is the system of protecting the enterprise from risks and threats emanating from personnel. The purpose of the work is to study the topic “Protecting the enterprise from risks and threats emanating from personnel” from the point of view of the latest domestic and foreign research, as well as developing management methods for protecting the enterprise from risks and threats emanating from personnel.
As part of achieving this goal, I set the following tasks:
a) study theoretical aspects and identify the nature of risks and threats posed by personnel;
b) show that ensuring internal security should be a constant, purposeful and clearly understood component of the enterprise’s personnel policy;
c) outline possible measures to protect the enterprise from risks and threats posed by personnel.
The work has a traditional structure and includes an introduction, a main part consisting of 4 chapters, a conclusion and a bibliography.
The introduction substantiates the relevance of the choice of topic, sets the goal and objectives of the research, characterizes research methods and sources of information.
Chapter one covers general issues. It defines basic concepts, describes theoretical aspects and the nature of risks and threats posed by personnel.
Chapter two examines the consulting company NOU “Baikal Institute of Training”, gives its characteristics, organizational structure, and considers potential threats from personnel.
Chapter three is of a practical nature and, based on individual data, an adequate regulatory system is being developed that will allow the enterprise to experience fewer threats and suffer fewer losses from personnel actions.
The fourth chapter describes the safety and environmental friendliness of the project.
The sources of information for writing the work were basic educational literature, theoretical works of thinkers in the field under consideration, articles and reviews in specialized and periodical publications devoted to the topic “Enterprise Safety”, reference books, and other relevant sources of information.
1 Risks and threats associated with personnel
Own personnel, which are the primary component of any company, are often capable of causing harm hundreds of times greater than unscrupulous competitors or attackers. An unscrupulous employee, being in a team, ruins and destroys the company from the inside, and no one will ever suspect him of this. He does not have to be a person who wants the enterprise to go bankrupt or who harms the manager. He can simply act “according to the situation,” or even be confident in the correctness of his actions, absolutely not repenting of them.
It is necessary to distinguish between the concepts of risks and threats. Let us fix the concepts: “risk” is the possibility of danger, failure. The company risks hiring an employee who does not perform his duties in good faith. A "threat" is a potential danger. Threats of theft of confidential information (material or financial assets), corporate fraud, loss of clients, etc. can be considered as threats. The list of threats is quite diverse. Intentional harm to employees creates a greater threat to the safety of the company than, for example, dishonest performance of duties.
Description of the risks associated with the work of personnel
1.1.1 Unfair performance of duties due to the employee’s lack of adaptation
Unfair performance by an employee of his duties ranks high among personnel-related problems. After all, the work of the organization as a whole depends on how an individual employee works.
In conditions of fierce competition, it is very important that the service offered by the company is higher than that of other companies. Therefore, how the staff works is very important. Does he perform his duties correctly, does he know what his functions are. Otherwise, the risk of losing customers increases.
Incorrectly organized management procedures, first of all, are the reason for the employee’s dishonest performance of his professional duties. Adaptation of employees in a company is the first management procedure that we will consider.
The main reason for an employee’s failure to perform or incorrect performance of their duties is the following aspect: often no one is involved with the newcomer, in best case scenario it is provided to colleagues and asked to familiarize themselves with job descriptions. Most companies don't even have basic onboarding programs. However, the impressions of the first days in a new place usually leave a deep mark and can have a negative impact on motivation and attitude towards the team, and most importantly, towards the employee’s responsibilities.
It is precisely because of the lack of an adaptation system that an employee may experience a feeling of alienation and take a negative attitude towards the company right from the first day of work.
A new employee, as a rule, lacks certain professional knowledge. It is precisely in order to replenish this knowledge and remove the difficulties of the initial period that technology is needed, a system for training a new employee, covering all areas of adaptation: organizational, professional and socio-psychological.
Organizational adaptation, in our opinion, is the acceptance by a new employee of his status in the company, understanding of its structure and existing management mechanisms.
For beginners, at best, local regulations, instructions, and structural diagrams are offered for study. However, practice shows that usually acquaintance with such documents is of a formal nature, since in a short time it is difficult to assimilate a large amount of information, apply it in practice and assess the importance of certain provisions.
Under personnel security understand the process of preventing negative impacts on the economic security of an enterprise through risks and threats associated with personnel, their intellectual potential and labor relations in general. The essence of the impact of personnel on economic security can be illustrated by the following diagram (Fig. 1).
Figure 1 - Directions of influence of the human factor on the economic security of an enterprise (animation: volume - 40.4 KB; size - 400x300; number of frames - 7; delay between frames - 100 ms; delay between the first and last frames - 500 ms; number repetition cycles - endless)
Personnel security is not a result. This is an ongoing process to prevent unwanted actions on the part of personnel that could cause harm to the company.
If, in general, the security service of the organization should be responsible for security, then responsibility for ensuring personnel security falls on the shoulders of the HR manager. According to statistics, the ratio of external and internal threats to a company is 20 to 80. That is. 4/5 of all problems arise within the company, among its own employees.
Classify threats personnel security enterprises can be based on several parameters. For example, according to the stage of interaction between the employee and the enterprise - those that arise during hiring, during the employee’s work at the enterprise and upon dismissal. You can also classify them according to the types of destructive behavior of personnel - violation of safety regulations, theft and fraud, destruction of a cohesive moral climate. By type of examples of ineffective work of the HR department - in the absence of monitoring, the fallacy of any conclusions, the absence of a control system. The classification can be given according to parameters that depend on the nature of the specific problem under consideration.
For any enterprise, it is undesirable to have workers in the team - at production, in the management bodies of the organization - who are or could potentially be included in one or another risk group. In general understanding risk group– these are people who have fallen under the influence of the most common types of addictions, as a result of which they have deviant behavior (from the Latin Deviatio - “evasion”).
This behavior is associated with a person’s desire to escape reality by changing the state of his consciousness. Escaping reality is always accompanied by strong emotional experiences. A person actually depends not on the object itself, but on emotions. Emotions are part of addiction. Once you put a person on an “emotional hook”, it is very easy to control him.
The risk is as follows:
The ability to control an employee who is at risk from the outside, which can be aimed at destabilizing the organization (obtaining secrets, withdrawing clients, etc.).
Constant attempts by the addict to spread the influence of his addictions and habits to others, searching for or forming a circle of like-minded people, that is, increasing the number of representatives of the risk group in the organization.
Satisfaction of one's addictions by an individual at the expense of the employer's time and material resources.
Destruction of a stable, efficient collective (team).
Tendency to criminal acts and violations or advice, or as a result of satisfying one's addictions.
The main risk groups include members of religious formations, alcoholics, drug addicts, gamblers, and participants in financial pyramids.
The inability to carry out an almost complete verification of candidates (due to legal and other factors) leads to the emergence of so-called risk groups in the organization (Fig. 2). These are people who have fallen under the influence of any of the addictions, as a result of which they become unreliable and demonstrate illegal destructive behavior.
Figure 2 - Threats to personnel security created by risk groups.
Unscrupulous behavior by front-line workers can be prevented through direct observation, the use of technical controls (for example, video cameras and special computer software that allow you to check what employees are doing on the job) and based on the measurement of work output (for example, the number of parts produced). As for managers, direct monitoring of their behavior is ineffective, and assessing the results of their work is very difficult.
The most reliable way to protect yourself from unscrupulous managers is to limit relationships around trusted partners whose reliability there is no doubt.
To prevent threats emanating from personnel (and from managers in particular), it is recommended to analyze both internal performance indicators of the enterprise and external ones - the competitiveness of products, the reputation of the company. Internal indicators are based primarily on profit, while external indicators act as market indicators that reflect the welfare of shareholders - the dynamics of the company's share price, the amount of dividends paid. It is much more difficult to manipulate these indicators, since the assessment of the enterprise’s activities is given by the market from the outside.
For example, the most important criteria for economic security are the indicators of the company’s financial and economic activities. This group of indicators includes characteristics of liquidity, financial condition, turnover and profitability. The parameters of these categories are included in the financial component of the economic security of the enterprise, and are derived from the corresponding management accounting and reporting.
Main groups criteria personnel security are:
1) indicators of the number of personnel and its dynamics;
2) indicators of qualifications and intellectual potential;
3) indicators of personnel efficiency;
4) indicators of the quality of the motivational system.
The Labor Code of Ukraine specifies a number of documents that directly affect the safety of the enterprise, and the personnel service is precisely obliged to ensure their availability, correctness, operability and the absence of negative legal consequences.
To such documents primarily include:
employment contract;
internal rules labor regulations;
agreement on full individual (collective) financial responsibility;
labor protection documentation, etc.
Based on specific risk groups, one can trace the possibility of the emergence of specific types of threats to an enterprise and then also classify methods for their prevention (Table 2).
Table 2 - Classification of threats to the enterprise by risk groups and methods of their prevention
|
Threats |
Sources |
Prevention Methods |
|
Attack on financial and other resources of the enterprise |
Members of religious formations, drug addicts, gamblers, participants in financial pyramids, unscrupulous employees, careerists, workers whose income level clearly does not correspond to their income |
Accurate accounting and financial management activity accounting, documentation audit, careful attention to personnel selection and its condition, analysis of profitability indicators and profitability of the enterprise |
|
Destabilization of the organization, destruction of a stable, efficient team (team) |
All risk groups |
Careful selection of personnel, supervision of relationships in a team, for communications in the enterprise, checking all suspicious employees for belonging to any risk group, statistical supervision and analysis of personnel movement |
|
Deterioration of discipline in the team, violation of safety regulations and internal labor regulations |
Employees with addictions (alcoholics, drug addicts, etc.), unscrupulous employees. |
Supervising relationships within the team communications at the enterprise, checking all suspicious employees for belonging to any risk group, prevention and solutions any conflicts in the team, clear regulation of subordination and labor regulations |
|
Carrying out secret illegal activities at the enterprise |
Drug addicts, gamblers, participants in financial pyramids, unscrupulous employees |
Control over all communications in the enterprise, attention to relationships in the team, audit documentation, mandatory reporting requirement for any business transactions within the enterprise |
|
Promoting the formation of conflicts |
Highly conflict-prone team, overly ambitious employees, careerists |
Supervision of relations in the team, the activities of the team and individual workers, clear regulation of relations, use of mediator services, assistance team cohesion, increased staff commitment |
It is advisable to insure some risks associated with personnel security. These risks include:
Possible losses as a result of mistakes and miscalculations of company employees;
Possible losses as a result of the transfer of commercial information to competitors by disloyal employees of the company;
Possible losses as a result of failure to fulfill obligations by subcontractors, suppliers, partners;
Probable losses as a result of the possible death or illness of a manager or leading employee of the company.
But one of the most important factors ensuring personnel security at the enterprise and, as a result, a method of preventing threats is to educate employees in loyalty and commitment to the enterprise. Social technologies lead to the achievement of the following parameters:
Increasing the level of commitment or loyalty of the enterprise team; - Increasing the level of enterprise management; - Improving the quality of human capital development used in the enterprise; - As a result, the company’s value increases.
Organizational Commitment- this is a psychological education that includes a positive assessment by the employee of his stay at the enterprise, intends to act for the benefit of this enterprise for its goals and maintain membership in it. Lack of commitment is a factor in insufficient, inept management of the enterprise, a factor in the functioning of weak social technologies and is expressed in the alienation of the employee from the enterprise. In the organization of propensity, 3 main components can be distinguished.
1. Identification- awareness of organizational goals as their own, and it depends on the extent to which employees are informed about the state of affairs at the enterprise, about the prospects for solving matters that are important to them, or whether they are proud of the very fact of working at this enterprise, whether they consider the assessment of their work to be fair.
2. Engagement– the desire to make one’s own efforts, to contribute to achieving the goals of the enterprise, involvement involves readiness, if the goals of the enterprise require it, and additional efforts, not limited to job responsibilities, a sense of self-esteem based on satisfaction with one’s professional achievements and one’s work, interest in achieving significant for the enterprise of work results, responsibility for the results of their work.
3. Loyalty- emotional attachment to the enterprise, the desire to remain a member of it, it provides that this work generates in employees: satisfaction with the content of the work, a feeling of attention and care from the enterprise, satisfaction with their career at the enterprise, confidence in the advisability of continuing to work at this enterprise, trust in management.
Research has shown that committed employees have a higher level of respect for themselves and others, they are willing to accept new things without panic or resistance, they consider the interests of other people and are less susceptible to propaganda, conditioning and manipulation.
CONCLUSIONS
At this stage, personnel security is not yet a comprehensively covered topic. It is in active development and is of interest to most entrepreneurs who apply progressive, effective, scientifically based management methods.
Personnel security determines how confident the head of a company can be in the competence of his employees, that the enterprise will not succumb to danger due to the fault of the personnel.
The process of protecting an enterprise from danger begins at the stage of selecting workers for existing vacancies. Namely, literally from the first minute when the person involved in personnel selection sees a candidate for employment. And this protection process exists continuously throughout the entire period of operation of the enterprise, just as its personnel continuously function there.
Analyzing the available data, we can conclude that at this stage there is no generally accepted, “optimal” scheme for domestic enterprises to analyze and take measures on personnel security. During the master's thesis, it is planned to conduct a study of the current situation, justify and calculate some indicators (as well as conduct a number of observations), which will fairly reliably indicate the state of personnel security at the enterprise. The following are the relevant conclusions and recommendations.