Find an Independent Security Risk Assessor
We have received quite a large number of calls pertaining to research that is being done to find a Security Risk Assessor.
Whilst this is a step in the right direction, and I always encourage people to do due diligence, the type of questions I receive does not truly relate to researching a Security Risk Assessor.
I cannot understand how these questions will help them to find the best Security Advisor.
They might be asking the wrong questions because they are unfamiliar with the industry, and they could potentially be approaching the matter like they would approach finding the best Security Company. This is not the right way to go about it as there are vast differences between a Security Risk Assessor/Advisor and a Security Company.
In this page, we will be addressing and discussing the right type of questions to ask when you are looking for the right Independence Security Risk Assessor.
One of the first things that you need to know is that any person who works with any security-related products or services must be registered at PSIRA. This means that the person who is doing the work, whether it is installing, servicing, guarding, selling, or advising, AS WELL AS the company that this person is employed at, must be registered at PSIRA.
When you employ someone to install security hardware at your premises, they need to provide you with two PSIRA certificates: one for the company and one for the employee who is doing the installation.
The security law pertinently states that if you make use of an unregistered security person, you make yourself guilty and could be fined. The security law further states that it is expected of a person to ensure that the security persons are registered at PSIRA before they take them into their employ.
Vetting is another important aspect that must be taken into consideration when searching for a Security Risk Assessor. One way to vet an Assessor is to see how many articles they had published online as well as in magazines.
Remember, as an Assessor, I can tell you anything you want to hear, but I have to be able to back it up with something credible. There are too many people who can sell themselves, but they do not have the actual experience or knowledge to do the job. Articles regarding security that the Assessor has written and published in various independent sources is a good indication of what this person is capable of.
Keep in mind that if you write an article and publish it for everyone to see, you will get a lot of questions, criticism, possibly some backlash, and so on. An Assessor will not publish an article if they cannot back it up. When the ‘sales pitch’ is the same as the articles, you know that this person can do what he says and that he is legitimate. People will know about him and you can be sure that if the information in the articles and the information about the Assessor does not match, he will be called out.
In addition to this, a Security Risk Assessor needs to have crime scene experience. I am talking about real-life crime scenes, not those explained in a handbook or on television.
Experience in interviewing criminals, suspects, and victims alike is essential as this gives you another viewpoint regarding crime.
Understanding risk is a vital aspect of being a Security Risk Assessor.
A Security Risk Assessor needs to understand all five different viewpoints, and he also needs to understand how to utilise them to his advantage when it comes to crime and security.
The five viewpoints:
- Property Owner
- Service Provider
- Security Manager
All five of these viewpoints need to be considered when assessing risk.
A Independent Security Risk Assessor needs to understand the goal of security. The goal is created by identifying the risk factor. Once the security risk factors are identified, you can find risk-specific solutions.
An especially important aspect to always remember is that a Security Risk Assessor/Advisor is never part of the solution, nor will they sell or install any security hardware, software, or services.
The moment that a Security Risk Assessor sells hardware, software, or services such as guarding, he cannot be unbiased. He will focus on selling his products rather than finding the risks and getting suitable solutions.
Another approach to researching the Assessor/Advisor is to type his/her name into Google and see what pops up. You can also search the company name for information. This will give you an indication of how active and up to date this person and company is in the security world.
A Security Risk Assessor or Advisor cannot be part of or affiliated to any Security Company. This individual needs to be independent.
The Security Risk Assessor/Advisor’s income should solely be derived from the Assessments that he/she conducts. The Assessor/Advisor cannot receive any kickbacks from a Security Company or a hardware supplier.
Understand the difference
It is also important that the Assessor or Advisor understand the difference between a Security Risk Assessment and Risk Management, as well as the difference between a Security Risk Assessment and Health & Safety.
Another indication of a good Security Risk Assessor is to find out if he/she is involved in public speaking events relating to security. If this person has enough knowledge, information, and the necessary backup to prove what he is saying, you know that this person is credible, reliable, and able to do the work.
A clearance certificate from the Security Risk Assessor/Advisor should also be supplied as this indicates that he/she is not involved in any crime-related activities. Clearance certificates should be updated yearly.
Having these documents (PSIRA and the Clearance Certificate) gives you an advantage as you have more than just a person’s name and company name. Now you have their fingerprints as well. The clearance certificate number will give you access to the fingerprints when needed.
A Security Risk Assessor also needs to understand the functionality of a Security Matrix and that it cannot be used to measure Risk. Risk is measured by opportunity, not from high to low.
Confidentiality is another essential aspect that the Risk Assessor/Advisor should respect at all times. Confidentiality does not have a sell-by date. When a Risk Assessor/Advisor gives you a list of all his previous and current clients, you should reconsider because that is a breach of confidentiality. Giving a list of names is, in essence, a huge security risk. Our article, ‘Loose lips sink the ship’ has reference.
I believe that the POPI act that will take effect might prevent Assessors/Advisors to disclose their client’s names.
In addition to this, the Risk Assessor/Advisor should understand Public Violence as this has become part of a South African culture.
We have said this in one of our articles previously, but it is important, and I would like to share it again. To get someone from your current Security Provider to conduct a Security Risk Assessment on your property is like asking your mother if you are fat. She will tell you that you are beautiful or handsome and that you have never looked better because she loves you and she does not want to hurt your feelings, even if you do look like an elephant.
A little white lie from your mom about your appearance will not shatter your life into pieces, however, a ‘little white lie’ from an in-house assessor, might just rip several lives to pieces if crime strikes.
An in-house assessor is the same. They are not going to want to step on toes or make their managers and the security company unhappy, so they will say what they need to say to keep everyone happy. Keeping everyone happy will not eliminate the risks. A good Security Risk Assessor knows that it is sometimes worth stepping on toes if this means that the security risks will be eliminated.
I truly hope that this guide will give you the information you need to make the right decision regarding an independent Security Risk Assessor.