New employees, whether full-time contractors or non-employees, present a number of information security risks. These risks can be mitigated through well-designed and thorough interview and onboarding processes. An organization's human resources department should have guidelines in place for interviewers and hiring managers to follow to help screen potential high-risk candidates before hiring. The importance of information security as part of the hiring process is so important; The PCI Security Council has implemented a section in the Hits Reference Guide to maintain PCI compliance. PCI-DSS Section 12.7 states: “Screen employees before they are hired to minimize the risk of attacks from internal sources” (PCI Quick Reference Guide, 2009, p. 24). Interviews, background checks and, in the case of non-employee contractors. and certain employment scenarios, employment contracts are all used to identify new employees and contractors who pose minimal information security risks. An organization's information security department will work with human resources to develop policies and guidelines that will assist in the hiring selection process. The Need for Information Security When Hiring “People are often described as the weakest link in any security system” (“Human Resources Security (ISO 8) – Information Security Guide – Internet2 Wiki", nd). This quote summarizes the importance of verifying a candidate's risk level before hiring. An organization's information assets are essential to the operation and security of the organization. In addition to validate the legitimacy of a candidate, interviewers and hiring managers must be careful not to disclose too much information during the hiring process that could put the organization's system...... middle of paper ......access, information security should be continually communicated to employees through standard communication channels as well as through ongoing training. By using these tools, an organization can prevent potential threats to its information and employment. its physical assets. Human Resources Security (ISO 8) - Information Security Guide - Internet2 Wiki. (nd). Retrieved April 10, 2014, from https://wiki.internet2.edu/confluence/display/itsg2/Human+Resources+Security+(ISO+8)Nixon, WB and Kerr, KM (2008). Background Checks and Investigations: Managing hiring risks from a human resources and security perspective. Amsterdam: Butterworth-Heinemann Quick Reference Guide.PCI. (2009). Retrieved from https://www.pcisecuritystandards.org/pdfs/pci_ssc_quick_guide.pdf Whitman, ME and Mattord, HJ (2011). Information security principles. Boston, Massachusetts: Thomson Course Technology.