What is employment screening?
Employment screening is the structured verification of employees, contractors and suppliers using publicly available sources before they are granted access to critical roles.
In critical infrastructure environments, pre-employment screening objectively verifies relevant facts so organisations can grant access with confidence and minimise insider risks while protecting people, assets and operations.
Why is this important right now?
How to minimise insider risk?
- Always maintaining clear oversight of who has or had access to critical infrastructure
- Consistent pre-employment screening across contractors, projects and suppliers to verify facts
Acting now means:
- Control over safety-critical roles
- Demonstrable compliance and adherence with regulations (KRITIS/BSI/EnWG)
- Preventing operational risk to the organisation
- Build trust and acceptance for employment screening through transparent, fair and candidate-friendly processes
The industry and energy sector are under increasing pressure due to stricter regulatory requirements.
Audits and compliance controls are also increasing, particularly for public projects and government contracts. This means that organisations must not only demonstrate who has access to critical infrastructure, but also ensure that this access is managed safely and responsibly.
This reinforces the need for consistent and transparent pre-employment screening decisions before access is granted.
Legislative and audit pressure explained
New German legislation and regulation, such as the KRITIS Umbrella Act (KRITIS-Dachgesetz), the BSI Act (BSI-Gesetz) together with the IT Security Act (IT-Sicherheitsgesetz), and the German Energy Industry Act (EnWG), place strict responsibilities on organisations.
What do these laws mean in practice?
This law prioritises the protection and resilience of critical infrastructures. Organisations must be able to demonstrate that risks to essential services are systematically identified, managed and controlled, and that access to critical environments is restricted to authorised and trustworthy individuals.
Operators of critical infrastructure are subject to binding cybersecurity and security governance obligations. Organisations are responsible for implementing organisation-wide risk management, ensuring secure access to systems and data, and maintaining verifiable security and reliability standards across their workforce and supply chain.
The EnWG focuses on the security and continuity of energy supply. This requires transparency over who performs which roles within energy operations, who has access to which systems and facilities, and how operational and employee-related (insider) risks are controlled.
These laws are by no means optional. They require defined processes, oversight and demonstrable compliance, particularly in environments with contractors and external employees.
Without proper organisational structures in place, audits, fines or operational disruptions can follow.
Control does not have to come at the expense of speed
Many organisations assume that a pre-employment screening process automatically leads to delays in recruitment. In practice delays are caused by manual checks, fragmented processes and a lack of visibility.
HR and Recruitment Managers need a verification process that supports fast, seamless and legally compliant screening of applicants and employees without scaring away candidates or requiring them to provide the same data twice.
Pre-employment screening without delay
- Time savings: less manual work for the HR department and fewer corrections afterwards
- Visibility: always know who has access to critical roles, verified at the source
- Assurance: demonstrable compliance during audits and assessments
- User-friendly: Seamless and transparent candidate experience that supports acceptance of screening
- Risk-avoiding: Consistent insider risk mitigation across employees and contractors