With so much happening in the security environment at the moment it’s a good time to reflect on what leading organisations are doing to reassure their personnel and ensure that realistic security risks are being mitigated. The term ‘security’ is a broad one, so characterising it here, and especially in view of statements made at the Commonwealth level, is important.
Within the security industry practitioners tend to regard security in the ‘protective’ sense; that is, what we do to protect the safety of people. It is natural enough given that the very legal obligation stems from workplace health and safety laws. Of course security also plays a major role in the protection of assets (think equipment, information, buildings etc.), operations, brand and reputation, through a range of methods.
Within the current environment, proactive security managers will have, shortly after the National Terrorism Alert Level was increased to HIGH (a terrorist attack is likely), communicated to employees a statement of the current situation and what it means for them. The Prime Minister’s website (www.pm.gov.au) contains a range of media releases and even a YouTube video articulating how people should react to the statements. So too does the National Security website (www.nationalsecurity.gov.au), which is maintained by the Commonwealth Attorney General's Department.
Prudent security managers will have considered and may have put into effect procedures designed to be implemented in a heightened threat alert environment. This may be as simple as communicating measured statements to staff and engaging more actively with intelligence sources for information (think Police contacts, ASIO’s Business Liaison Unit website etc.). In higher risk environments, such as mass transport hubs, the focus will naturally be on keeping crowds moving, reducing the number of places where harmful devices could be stored and raising the tempo of surveillance activities to detect threats early, among other activities.
Security metrics will have been examined to identify trends derived from past security incidents, the realisation of both identified and previously unforseen risk events, and the risk profiles of various assets and key personnel. Some religious organisations will have identified the need to minimise branding to avoid events such as the recent attacks on both Jewish and Islamic schoolchildren, adults and facilities.
Dashboard: Agilient Security and Business Continuity Launchpad
The common thread underpinning all of this is activity is that proactive security managers will have already developed systems that enable the reporting of security incidents, will have assessed critical assets and created plans for dealing with environments such as that presenting. The aggregated data available to them as a consequence will be proving invaluable in deciding the most appropriate recourses as the security situation evolves. And it will continue to evolve.
As Protecht's security partner, Agilient has developed a comprehensive tailored security risk management application using the Protecht.ERM risk management system. This is for use primarily by corporate security managers. In addition to its risk management capabilities, security industry standards and compliance requirements have been embedded within the system. From methodologies for conducting asset, threat, vulnerability and risk assessments, to the integration of audit criteria for both private sector and Government Departments, the systems is now the most comprehensive corporate security management tool on the market.
Compared to representatives of other organisational functions, such as HR, IT and finance etc., the security ‘profession’ is relatively new, with key practitioners only reporting directly to the Executive and Board in the last 10-15 years. Now, and many would say ‘finally’, the tools are available for security managers to protect personnel and other assets in what is proving to be an increasingly complex and challenging environment.
Are you looking for an end-to-end security, risk and resilience solution for your company? Contact the team at Agilient to discuss the tools and strategic insights necessary to implement resilience management and better practice security and risk arrangements.