According to Wikipedia’s entry on Polygraph Testing

In the American military and intelligence communities, polygraphs have been administered both as terms of qualifying for a security clearance and as part of a periodic reinvestigation to retain a clearance. There is no uniform standard for whether the polygraph is needed, as some methods of adjudication do not demand a successful polygraph test to earn a clearance.

The polygraph essentially simultaneously records changes in physiological processes such as heartbeat, blood pressure, and respiration to determine whether a subject is telling the truth or not. Proponents of polygraph testing feel that polygraph tests are the most reliable form of validation available today when recruiting new employees. Certainly there are statistics to prove that polygraph tests have had success rates of up to 95% when used with specific issues.

A 5% failure rate could mean the loss of the next star employee but perhaps that is an acceptable risk when you are protecting your organisation from potentially losing fortunes through reputational damage or intellectual property theft.

So can we therefore use a polygraph test to determine whether a future employee will commit internal theft?  Well the answer is “yes” and “no.”  The polygraph does not constitute a preventative measure, but rather only provides reference to previous behaviour. The polygraph cannot predict anything, and any conclusions will be drawn based on a candidate’s behavioural history. In other words, if you take the stance of “once a hacker always a hacker,”  then if the polygraph shows that a candidate is lying to a question such as “have you ever broken into a computer system,”  then this could be a big indicator that the candidate will also try and hack into your organisation’s systems.

Polygraph Negatives
So what is the downside?  Well barring the fact that unless applications are for specific military and government positions, candidates can refuse to have a polygraph test, note that the 95% success rate was only achieved with specific issues. As a result if the guidelines given by the EPPA (Employee Polygraph Protection Act) are not adhered to, many false positives can be created simply due to anxiety from the candidate. Candidates will be anxious anyway without the additional pressure of a polygraph test.

Further more according to the experiences of Stuart Okin, MD of Comsec Consultancy, a company that uses polygraph testing where-ever possible

"Polygraph testing can be a rather expensive method for filtering, and time-consuming too, as often ‘false positives’ require extra efforts to be invested by the HR staff to investigate simple non-malicious activity. For example, an individual who is very honest may perceive taking office supplies or using the phone for personal calls as stealing.

Polygraph testing may also have a bit of a boomerang effect, in that it’s important to impart a feeling of responsibility on the part of the employee. If they think that there are so many drastic measures in place, they may end up behaving less responsibly security-wise, as they think that big brother is always watching – which may not always hold true."

In fact the boomerang effect can cause the damage that the polygraph test was trying to prevent. The Wikipedia:Polygraph entry quotes this example;

The use of polygraph testing, where it causes desperation over dismissal for past dishonesty. For example, Edward Lee Howard was dismissed from the CIA after a polygraph screen, he truthfully answered a series of questions admitting to minor crimes such as petty theft and drug abuse. The CIA failed to see that the firing was an action that would logically anger Howard, and in retaliation for his perceived unjust punishment for minor offenses, he later sold his knowledge of CIA operations to the Soviet Union.

Beating The Polygraph Test
As the polygraph measures bodily responses, a candidate can attempt to change their bodily responses to beat the test. Double-agent Aldrich Ames who passed two polygraph tests while spying for the Soviet Union when asked how he passed the polygraph test, said that his Soviet handler had advised him to:

"Get a good night's sleep, and rest, and go into the test rested and relaxed. Be nice to the polygraph examiner, develop a rapport, and be cooperative and try to maintain your calm."

Other common ways to undermine the test include:  taking sedatives to reduce anxiety; using antiperspirant to prevent sweating; biting parts of the mouth after each question to demonstrate a constant physiological response.

In 2002, the National Academy of Sciences compiled a report, The Polygraph and Lie Detection, which was presented to Congress and the Department of Energy with the following conclusions as reported by the Electronic Privacy Information Centre on Polygraph Testing;

"Almost a century of research in scientific psychology and physiology provides little basis for the expectation that a polygraph test could have extremely high accuracy." 

and

"The inherent ambiguity of the physiological measures used in the polygraph suggest that further investments in improving polygraph technique and interpretation will bring only modest improvements in accuracy."

Summary
So can polygraph testing be used to reduce the internal theft by pre-screening potential employees? According to a Security Vibes interview with Stuart Okin, the answer is yes, providing it is used in conjunction with several other aspects of the recruitment process rather than taken in isolation.

References
Wikipedia: Polygraph pros and cons
Electronic Privacy Information Centre: Polygraph Testing
Polygraph Place: The Employee Polygraph Protection (EPPA) Act 1998
United States Department of Labour: EPPA
Security Vibes Videocast: Employ The Right People Part 2 – Testing Issues