Personnel Security Policy

The University of Oxford is committed to maintaining an open yet secure environment where the security of all its students, staff and visitors is balanced with the rights and academic freedoms of individuals.

The University expects all members of the University community to assume their individual and collective responsibilities to make the University a place that is free of crime, fear and disorder, and to provide a civil and open environment that fosters learning.

The University Security Policy Framework defines the way in which all aspects of security will be managed across the University. Underpinning the Framework are a number of supporting policies and procedures that provide more detailed guidance on how the University aims to ensure the security of its estate, its information and its staff and students. The Policy Framework has been approved by Council and applies throughout the University. The Policy Framework will be reviewed on an annual basis by the University’s Security Sub-Committee of the General Purposes Committee of Council.

Personnel Security Policy

The aim of the Personnel Security Policy is to provide a level of assurance as to the trustworthiness and integrity of University employees, casual workers and agency staff both before appointment and during employment.

The University will employ a proportionate and risk-based approach to protective security principles, seeking to reduce the risk of harm by the application of personnel security controls before and during employment.

Intention

Although background checks can provide some assurance about an individual’s suitability for employment, good personnel security is also dependent on effective and continuous risk assessment and mitigation measures, well-considered processes and appropriate supervision and management of all staff throughout the University.

General principles

Minimum recruitment controls

Pre-employment checks are a crucial part of the recruitment process. Checks help the University to determine whether a candidate is suitable for a particular role and that they possess the required qualifications, skills and experience. Undertaking pre-employment checks also allows the University to comply with legal obligations such as confirming that the applicant has the right to work in the UK or, if the work involves regulated activity with children or vulnerable adults, that the individual is not barred from doing so.

University HR publish advice, guidance and regulations on pre-employment screening processes and procedures which can be found on the HR Support website.

Additional recruitment controls

The level of checks will be determined by the requirements of the role. Some posts within the University involve access to highly sensitive information, valuable items, dangerous materials, or working with animals or “at risk” groups. In such cases appropriate additional checks may be necessary to prevent inappropriate recruitment of those who may intend to cause harm. Applicants for additional checks should understand and consent to the process taking place.

The guidance will be subject to regular review and linked directly to the University Strategic Security Threat Assessment. This offers a dynamic assessment of the security threats, risks and vulnerabilities the University faces and will ensure that the level of checking, and any rechecking that is required, remains proportionate.

Advice and guidance on the appropriate level of vetting required for posts is available from the HR Support website.

Compliance

The University Security Sub- Committee (SSC) has been established to define the strategic security requirements necessary to protect the interests of the University, staff and assets. Central to this is ensuring that all elements of information, personnel, technical and physical security are integrated and balanced to provide ‘defence in depth’ and resilience.

Personnel security measures should be fair, transparent, proportionate and carried out in line with the University guidance on pre-employment screening and General Data Protection Regulations. However, any screening measures will only provide a snapshot of a moment in time and an holistic approach to personnel security should be applied involving risk assessment and mitigation measures as appropriate, particularly in sensitive areas. The SSC will take responsibility for monitoring compliance with this policy and procedures and will support an annual audit and inspection ensuring that our approach delivers against our agreed security objectives and remains confidential, fair and balanced.

Interaction with other policies, procedures and regulation

This Policy and its supporting procedures and guidance interact and overlap with a number of other University policies and procedures, including but not limited to:

Further guidance

Pre-employment checks