Which of the following would be LESS likely to prevent an employee from reporting an incident?
Click on the arrows to vote for the correct answer
A. B. C. D.B.
The reporting process should be centralized else employees won't bother.
The other answers are incorrect because : They are afraid of being pulled into something they don't want to be involved with is incorrect as most of the employees fear of this and this would prevent them to report an incident.
They are afraid of being accused of something they didn't do is also incorrect as this also prevents them to report an incident.
They are unaware of the company's security policies and procedures is also incorrect as mentioned above.
Reference : Shon Harris AIO v3 , Ch-10 : Laws , Investigatio & Ethics , Page : 675.
Among the given options, option B, "The process of reporting incidents is centralized," is the least likely to prevent an employee from reporting an incident.
Centralizing the process of reporting incidents means that there is a designated point of contact or a centralized system in place that employees can use to report security incidents. This can make the reporting process more streamlined and efficient, reducing the barriers to reporting incidents.
On the other hand, options A, C, and D are more likely to prevent an employee from reporting an incident:
A. They are afraid of being pulled into something they don't want to be involved with. This could be the case if the employee is worried that reporting the incident could lead to them being implicated in the incident or being pulled into an investigation that they would rather not be involved with.
C. They are afraid of being accused of something they didn't do. If an employee is worried that they may be wrongly accused of causing the incident, they may be hesitant to report it.
D. They are unaware of the company's security policies and procedures. If an employee is not familiar with the company's security policies and procedures, they may not know how to report incidents or may not even realize that an incident has occurred.
Therefore, it is essential for companies to have clear policies and procedures in place for reporting security incidents and to communicate them effectively to all employees. Companies should also create a culture that encourages and supports employees in reporting incidents without fear of reprisal or retaliation.