Investigations: Internal vs. External Resources

This VERSUS document is provided to you and your organization as a starting point or maturity checkpoint for existing policies, procedures, and equipment. It is brought to you on behalf of Jim McConnell, Principal Owner, and Ask McConnell, LLC — A Converged Security Services Provider. The content is not meant to cover every circumstance, industry, law, regulation, contractual requirement, threat, environment, or risk, but it provides a starting point for any organization. Please consult with your legal counsel and insurance provider about added requirements. We are not legally protecting these documents; we just ask for credit, shout-outs, and referrals if you find them helpful.

Jim McConnell | info@askmcconnell.com | askmcconnell.com

Investigations: Internal Resources vs. External Resources

Updated: 12 June 2026

One person’s perspective — weigh it against your law, insurance, culture, and context.

Investigations begin the moment your organization becomes aware of a threat or incident — past, present, or anticipated. That scope is broader than most realize: theft, fraud, workplace violence, cyber incidents, violations of organizational rules, and criminal activity all qualify. Before you assign the investigation to an internal team member, consider what objectivity, legal privilege, and investigative integrity actually require.

For context, these are the definitions used throughout:

  • Security — The prevention, detection, and response to a crime or a violation of organizational rules.
  • Safety — The prevention, detection, and response to an accident (spilled water, broken glass, a trip hazard, etc.).
  • Investigation — The collection, analysis, and reporting of facts to prove or disprove an allegation of wrongdoing or an incident. Facts can include any evidence detectable or produced by the five senses. Investigations can cover many areas of an organization and are not limited to any specific group of victims or perpetrators.

Internal Resources

Pros

  • The organization’s governing leadership controls the scope, speed, and flow of information.
  • No need to share confidential information externally at the outset.
  • Leadership can engage with legal and insurance teams on the organization’s own terms.
  • Leadership controls the reporting details.
  • Leadership controls the discipline structure, outcome, and any re-establishment parameters.
  • If a senior leader is the subject, leadership can control timing to prepare for any transition plans.
  • The base cost of the investigation will be low and more controllable.

Cons

  • Very difficult to maintain confidentiality of information and data.
  • If government or legal elements may come into play, the organization will need a trained — and ideally certified — investigator in the relevant subject matter.
  • Very difficult to control scope and guardrails: what should be the focus, and what should be set aside for the protection of people or parts of the organization.
  • In the eyes of most, an internal investigation will not be considered independent — introducing potential for bias, favoritism, evidence issues, errors, and omissions.
  • It takes time away from the organization’s core mission, and the cultural disruption can be significant until the investigation concludes.
  • The organization may not have the expertise needed in areas such as investigative interviewing, forensics, fraud examination, or evidence preservation.

Also Consider

  • How will you track the investigation and mitigations on a strict need-to-know basis? (A shared drive set up by your IT department will not meet the need-to-know standard.)
  • How will you maintain chain of custody?
  • What do you say to your members, staff, or the public if there are leaks?
  • How might this impact the budget — both expenses and incoming revenue or giving?

External Resources

Pros

  • The organization’s governing leadership maintains their governing role with a foundation of independence.
  • Reduces legal and insurance risk for the organization.
  • Provides access to specialized expertise without limits.
  • External investigators can maintain confidentiality and integrity of evidence while keeping an arm’s-length position from the organization’s culture and internal politics.
  • Would be licensed and trained in current investigative techniques.
  • Well accepted by legal counsel, insurance carriers, and risk advisors.

Cons

  • Controlling the cost of an external investigation is difficult.
  • Scope is difficult to contain — external investigators follow a “see something, say something” standard.
  • The report of facts stands as written; it is difficult to edit to the organization’s preferences.
  • The facts may reveal significant changes needed in the organization that will impact culture, mission, strategy, people, and costs — especially mitigation costs.
  • The investigation will move at the pace of the investigative process, not at the pace of the organization’s impatience.

Also Consider

  • Will this arrangement be on retainer?
  • Do you have the elements in place for evidence retention, records retention, and legal holds?
  • What do you say to your members, staff, or the public if there are leaks?
  • How might this impact the budget — both expenses and incoming revenue or giving?

Related Resources

← Return to the Versus Library

🖶 To save or print this document, use your browser’s Print function (Ctrl+P / Cmd+P) and select “Save as PDF” if needed.