Internal investigations in corporations are typically conducted by the human resources (HR) department, internal compliance teams, and/or the IT department. Some cases may also require the involvement of outside third parties like forensic experts, consultants, law or accounting firms, or security experts.
These are often complex matters from a legal, process, and technical perspective. Depending on the nature and extent of the potential misconduct, the stakes can be very high, with risks that include legal jeopardy, large fines or damages, negative publicity, and damage to company culture and morale. Speed and efficiency are vital: organizations need to understand the extent of the problem and act immediately to prevent further damage.
To read about the key phases of an internal investigation and best practices, click here to access the article on Help Net Security.