Do your people appreciate your security program, and do they understand their duties under the program, or do they assume security is not their responsibility? Will they question or report strangers, and report suspicious situations or the early indicators of potential workplace violence?
Security Awareness is the most powerful, least costly and most often neglected of all security measures.
Security Awareness is instilling a sense of ownership, protectiveness and involvement in the security program among all employees
We have found that, in most businesses and organizations, employees, and even entire departments, make the assumption that security is the responsibility of someone else. There is little sense of ownership, of duty to be protective of one's workplace and fellow employees.
Unless explained otherwise, employees will justify or rationalize their lack of action and involvement by making assumptions such as:
- This stranger got past the receptionist/guard/fence/access control system, so therefore he or she must belong
- If I speak up about improper activities I observe, I am a "squealer" or "snitch"
- If I report a fellow employee who is acting in an unstable, intimidating or threatening manner, I will be getting the person in trouble
- Let someone else speak up
- Everyone else does it, so it must be OK
- Management won't do anything if I do speak up
- Taking small items isn't really stealing
- Propping open this door for ventilation or so I can smoke won't hurt
- We have nothing to lose here
- Management doesn't really care about security
- This really isn't so serious or dangerous
- It's probably nothing - it will probably blow over
- It's not my job - it's the job of the security department or security officers
Ideally Security Awareness is:
- Each employee's sense of protectiveness for and ownership of his or her work area, fellow employees and other people legitimately in the workplace.
- Employees willing and able to question and/or report unidentified/unescorted persons or other suspicious activities or situations.
- Employees who understand it is their duty to report threatening, harassing or other malicious acts or words by other employees or contractor employees.
- Employees who understand and appreciate that it is wrong to steal or otherwise act unethically or maliciously.
- Employees who understand how to communicate their concerns and issues to management, and how to communicate by alternate means (e.g. hotline or ombudsman) if the traditional lines are perceived to be blocked or compromised.
- Employees, contractors and others within the facility who understand their responsibilities before, during and after emergencies and crises
- Employees who understand how to be safe and secure while working, commuting, walking, traveling, and in situations of conflict and confrontation
- Supervisors, managers and department heads who appreciate the value of security, understand their specific duties, and are supportive of the program
A good security awareness program builds upon and complements existing strengths and processes including safety and environmental awareness and training, policies and procedures, hotlines, employee communications (including intranets), new employee and contractor orientations, identification and access control systems, emergency training and drills, etc.
A good security awareness program is a positive and proactive process that builds upon the employee's existing ethical base and sense of fair play. The program may tie personal and family safety and security advice (e.g. at home, in the car, while traveling) to further relate personal protection with business/organization protection. The program might be tied to contests in which aware employees are recognized and rewarded.
We have found, since 9/11, that employees, and even unions, are much more responsive to and cooperative with new security measures and security awareness training than they might have been pre-9/11.
No canned or off-the-shelf security awareness program can adequately address your particular issues, culture, values, history, location, function and risks.
As an independent security consultant, we can assist you in developing and presenting Security Awareness programs geared to your organization's unique culture, mission, function, history, risks and vulnerabilities. Our security awareness programs can also meet the C-TPAT security criteria as well as the recent TSA Regulations on Air Cargo Security Training Programs.
We can also test security awareness or conduct penetration testing to gauge the true level of security and awareness.