How Much Security is Enough? Does your Security, Loss Prevention and/or Workplace Violence Prevention and Response Program address your true Threats, Risks and Vulnerabilities? Does it fit your unique Culture, Values, Budgets and History?
Are you spending more on Security than you need to? Is your Security Program a random blend of varying components deployed over time in response to particular incidents and issues?
Is your security program cost effective?
Where to begin? How do you Measure and Evaluate your Security, Loss Prevention or Workplace Violence Prevention and Response Program?
A Comprehensive Security Assessment or Security Survey is the ideal First Step and can be a Powerful Countermeasure and Deterrent in itself - also called a Threat, Risks and Vulnerabilities Assessment (TRV Assessment)
Many firms and organizations have realized that it is timely and worthwhile to periodically perform security surveys, risk assessments, and/or security vulnerability assessments of their entire organization or a particular facility, department or process. A security assessment or survey, if performed in an objective, proactive, collaborative, comprehensive and professional manner, can:
- determine if your security program properly and cost effectively addresses your real risks and threats
- increase awareness and appreciation of security and loss prevention by all
- establish a baseline and prioritized perspective on where you stand, and plan for where you should be
- elicit involvement, understanding and support of other departments and staff
- mitigate security-related liabilities
- assure that the security program is reasonably defensible in court
- often reduce security-related expenditures while maintaining or even increasing levels of protection, and
- assure that every dollar you spend on security serves your objectives and needs
Why a Security or Workplace Violence Survey or Assessment?
Security assessments or surveys might be conducted because:
- There is a need to understand the real risks, threats and vulnerabilities and to evaluate the effectiveness of existing and planned security measures or a workplace violence program
- A security loss incident or breach, violence, theft, threat, attack or other compromise has occurred, and there is a need to prevent or mitigate recurrence
- There is the desire, especially in challenging economic times, to confirm that the security program is as cost effective as it can be
- A significant change is occurring, such as a new process or building, significant hiring or lay-offs, acquisition or merger, potential strike or work stoppage, etc.
- There is a heightened concern over a threat such as terrorism, internal theft, activist attack or workplace violence or threat
- The firm or organization wishes to evaluate, benchmark, validate and/or test existing security programs or assessment/audit methodologies, or
- The firm or organization wishes to develop a new assessment or audit process that can be self-administered by facility staff on an ongoing basis
How to Conduct a Security or Workplace Violence Assessment or Survey
Your security assessment or survey can be conducted in the traditional manner, and can optionally include the Team-Based Risk Assessment Methodology discussed below. We can also work with you to develop a security self-assessment or ongoing security audit and review process to be conducted by your own staff that would include guidelines and checklists geared to your particular risks, threats and vulnerabilities.
TheSecurity Survey or Security Assessment or Threat, Risks and Vulnerabilities Assessment (TRV Assessment) may involve the security expert:
- interviewing key staff (on all shifts) throughout the facility and organization (e.g. Security, Safety, EHS, Human Resources , IT/IS, Risk Management, Legal, Operations, Facilities Management, Maintenance, Shipping and Receiving, Finance, Warehousing, etc.) For hospitals, we would additionally interview representatives of Nursing, Emergency, Pharmacy, Supplies, Psychiatric, Maternity/Women's Services, Pediatrics, Food Service, etc. Interviews would also include key staff working late shifts.
- We can optionally provide a survey that can be shared with all employees to elicit their feedback and involvement
- observing the facility functioning at all hours and shifts,
- interviewing representatives of local law enforcement, emergency response and other relevant agencies,
- reviewing relevant materials (e.g. incident and activity reports, crime statistics, policies and procedures, post orders, contracts, plans, specs, police reports, emergency and crisis plans, past security assessments or surveys, etc.),
- meeting and touring with security officers (if any),
- evaluating existing and planned procedural and physical security countermeasures that could include:
- policies, plans and procedures
- employee awareness, involvement and ownership
- video - CCTV -interior and exterior
- lighting - interior and exterior
- lock and key control
- alarm systems - intrusion, egress and duress (panic)
- access control
- visitor control and management
- security staff, including guard force operations
- executive protection
- material receiving, shipping and inventory controls
- barriers and barrier detection
- background screening
- investigative procedures
- contractor and vendor screening and controls
- identification processes
- threat assessment and management
- communications and alert systems
- contraband detection
- mail and package controls
- emergency and crisis planning and response
- workplace violence policies and programs
- counter-terrorism planning and response considerations
- determining relevant security-related threats, vulnerabilities and risks,
- benchmarking the security program against comparable local and/or industry standards and best practices
- Distributing a questionnaire or survey to all or selected employees to elicit their concerns, issues and suggestions (optional)
- testing security systems, employee awareness and/or penetration testing (optional),
- researching, writing and presenting a comprehensive report of findings and recommendations based upon the security assessment.
We also consider Crime Prevention Through Environmental Design in our planning.
We also have experience with performing security assessments and developing related plans and policies.
We have also performed many Team-based Risk Assessment Workshops which can be applied to any size or type organization, facility, department or process and can be a stand-alone process or be a component of the traditional assessment or survey process discussed above. Usually we take over a conference or meeting room from a half day to several days, depending upon the size and complexity of the operation and the depth of the review. The value of this process is that it involves key corporate and facility staff and elicits their understanding and buy-in. The complexity of this process may be be anywhere from a fairly loose brainstorming session to a more structured set of questionnaires and exercises. The key component of this process is to encourage participants to look at their workplace from an unfamiliar perspective - through the eyes of one who wishes to do harm. This is also a particularly powerful counter-terrorism planning tool.
The steps of this methodology, facilitated by Quest Security, may include:
- A clear signaling of Management's support for the process
- Determining the Assessment's Scope as to whether the process will address the entire firm or organization, or a particular facility or process, a department, or a representative sampling
- Describing the Facility/Operation to be Assessed, much of which can be accomplished beforehand, that may include preparing and reviewing layouts of the property and facility, make-up of the employees and contractors (i.e. union/non-union, turnover, relative morale, work shifts and areas, etc.), facility functions/products/services, history of incidents and losses, area crime rates and trends, risks from neighbors, etc.
- Listing Critical Assets (to be later boiled down to primary Targets of Concern) that may include People, Information, Critical Processes, Chemical Storage, Food Storage and Processing, Process Control Systems, Emergency Room, Tools, Cash Handling, Mixing Rooms, High Value Equipment, Raw Material Storage and Flow, Pediatrics/Maternity, Utilities, HVAC, Transportation, Scrap, etc.
- Listing Existing Layers and Rings of Protection that represent procedural and physical countermeasures that protect identified assets and targets.
- Considering Types of Potential Threats or Losses that could include workplace violence, sabotage, terrorist attack, contamination, tampering, theft, robbery, assault, chemical release or explosion, abduction, shoplifting, counterfeiting, arson, activist disruption, etc.
- Considering Potential Adversaries or Attackers; such as insiders or outsiders or collusion of the two, one or two vs. organized teams, prepared vs. trained, etc.
- Considering Consequences or Effects of an attack, theft or other compromise as well as its Criticality to organization and community
- Considering Vulnerability, or ease of accomplishing compromise or attack
- Considering Accessibility of asset(s) by those who intend to do harm
- Considering Methods adversaries or attackers, whether internal or external, might use to achieve their attack, theft, sabotage or other compromise.
- Determining Attractiveness to Attack, Theft or other Compromise. For example, what is the potential for mass casualties/fatalities, extensive property damage, disruption of local or regional economy, effectiveness/proximity of local emergency response, ease of access to the facility or critical areas, potential for media attention, potential harm to the firm's or organization's reputation and value, etc.?
- Considering Recuperability, or ability of organization or system to recover from compromise or attack
- Evaluating Existing Countermeasures and Recommending New and Enhanced Measures based upon the above findings and perspectives. Typically, action items arise from this step for improvement to existing countermeasures and addition of new. Countermeasures considered should also include the often less costly and more impactful procedural measures (e.g. awareness, training, policies, hotlines, workplace violence programs, employee and contractor screening, etc.) as well as the more traditional physical and staffing measures (e.g. CCTV, fences, lights, access control and alarm systems, locks, security officers, etc.)
Your overall security and workplace violence prevention and response programs should be a synergistic system in which all measures, whether procedural or physical, logically and strategically contribute to the reasonable and cost effective protection of your people, assets, reputation and value. Security assessments and surveys, or Threat, Risks and Vulnerabilities Assessments (TRV Assessments), are ideal first steps to assure such a synergistic and strategic program.
We have successfully and satisfactorily performed dozens of Traditional and Team Security and Workplace Violence Assessments and Surveys throughout North America, Europe and the Caribbean.
Note that a security assessment or survey should not be a stand-alone process. There should be a follow-up and ongoing process of review, planning, implementation and re-assessments or audits.
Please call or write if you have any questions concerning security assessments or security surveys or would like to request a meeting or proposal. We can provide a list of client and professional references upon request.