Outline of the security risk assessment
Outline of the security risk assessment
In 20 years, I have not found a single property, whether it is a company, estate, government property, or any other enterprise, that has a security risk assessment. Some people even got this mixed up with the health and safety assessment.
We cannot, even if we wanted to, explain everything that we do for a security assessment in one document. It would be a minimum of 300 pages. The same goes for explaining the process of a risk assessment in Zoom or any other form of a virtual meeting. It will simply take too long.
It is important to keep in mind that the age of the security system will impact the risk assessment in the whole process.
We write an outline of what a security risk assessment consists of, which includes the basic principles of a risk assessment, but it still does not explain every aspect of what we do during the project.
A security risk assessment is a specialized investigation focused on the security risks that provide the opportunity for crime.
- There are not a large number of people who have the skill set to conduct a truly independent risk assessment, which is why very few people have risk assessments.
Security structures balance on four pillars.
As part of your risk assessment, we will discuss this topic in depth.
- Security Risk – This identified risk and mismanagement that create the opportunity for crime. We talk about Inner and Outer crime, public violence, disaster management because of crime, and so on are also forms of risk that need to be addressed.
- Risk-Specific Solutions – these are the ultimate solutions to eliminate the identified security risks.
- Processes and documents – communication and control form part of this section and are some of the most underestimated security aspects. Processes, documents, communication, and control are almost always a problem when it comes to corporate businesses. These components are the glue that keeps everything together. Homes are included.
I have done many security risk assessments and I can tell you today that I have never found a company whose SOPs and SLAs are in order. Most of the time, the contents of the documents are unclear and difficult to understand, or it is just poorly written. Most importantly, the documents are never court-ready.
- Management – this is a general problem, the bigger the company, the bigger the problem. Many thinks having one person to look after the security, health & safety, building, maintenance, and so on is acceptable. However, this is where the ball drops. Security is always on the losing side as it is not governed by law, as with Health & Safety. Naturally, all the attention will go to everything other than security. Management is where control and communication lie, although this is often overlooked. Homes security also needs management.
Between these pillars, the risk assessor follow hundreds of different routes, depending on the type of building, the area, the neighbourhood, the environment, and the history.
People often talk about a “vulnerability assessment, gap assessment, security analysis, security inspection, or security audit. Essentially, it boils down to a security risk assessment.
When you combine the four pillars, you will see that a security risk assessment covers every aspect of security, including those areas and specs that most people forget about.
A security risk assessment aims to identify all the security risks that provide the opportunity for crime. Once the risks are identified, the best-suited solutions can be identified and implemented accordingly.
We tell the truth about your security. Our document is not just a piece of paper, but a living document that will guide you to ensure that your security is successfully managed and maintained.
In-house vs Security risk assessments
In-house security risk assessments are often flawed from the onset because the assessors are typically part of the organization they are assessing, which can create bias and conflicts of interest.
Additionally, familiarity with the environment can lead the assessors to overlook crucial details, as people tend to stop noticing things they see every day, such as a potential security vulnerability. Furthermore, it can be difficult for an in-house assessor to assess their directors, who are the ones paying their salary.
Security company vs Security risk assessment
Security companies that conduct their own risk assessments are also problematic. Conducting an assessment on themselves is akin to conducting an in-house assessment, which creates similar issues of bias and conflict of interest.
This can lead to important security vulnerabilities being overlooked or downplayed, putting the organization and its stakeholders at risk.
Summary security risk assessment
Please note that the outline/summary is not cast in stone we still need to follow the risk.
From the neighbourhood, we move on to assess access risk, which includes access control, access security, the structure, the access process, the SOPs, and so on. We also assess the day and night factors followed by the management of access. Both businesses and homes have access control, it is just the processes that differ.
Then, we start with the property line. It is most likely that this is where the most security mistakes happened. A property line has a specific function, and we measure the risk in accordance with this function.
In addition to this, we measure:
- General security in the common areas of the property.
- This includes parking areas, gardens, and so on, and these are the areas where criminals “hide in plain sight.”
- We also look at the service providers and their efficiency, how they respond, what they do with the information, and so on.
- Further to this, we look at all aspects and forms of surveillance to identify the risks and shortcomings in these systems.
- The surveillance and Artificial intelligence (AI) mapping.
- The control is also assessed, and all risks are identified. The control room is the heart of any security structure, but it is hardly ever treated as such. It is often neglected and last in the line of importance.
Decision-making is a crucial aspect of security, and we assess this in detail. This includes the assessment of –
- instructions, and the like.
Amongst all these aspects, we also look at:
- the human key,
- the body language of the property,
- key functions,
- control functions,
- day and night risks, and a variety of other factors that have an impact on security, risk and crime.
- intangible opportunities
- unbalanced security
- silent communication
- SLAs, documents,
- SOPs, standard operating procedure (Security)
- Importance of evidence capture.
- sharing of data, decision-making processes, and such.
Your risk assessment will include a detailed discussion of all of these topics.
Documents and communication in security
We assess and explain the reasons:
- Incident register,
- SOP register, (Standard operating procedure)
- Download register,
- Master Copy register
A total of 12 registers/documents needs to be in place for businesses, estates, and so on. The paperwork in the security world has been neglected for the last 30 years and is one of the reasons we are losing the battle against crime.
For homes, it is softer but some of the information will be in place and available.
In the assessment, we discuss crimes like kidnapping, assassinations, hijacking, and other violent crimes.
Written by Andre Mundell