Small to medium business Security Risk Management
Why? = Save your insurance!
There are many small to medium businesses with little or no Security Risk Management policy or procedures in place. Your business may be a franchise, partnership, new business or existing business with 3-300 people or greater. You have spent much time, money, and effort to make the business a success, now is the time to protect it.
I have observed many small to large businesses over the years, and have seen first hand the consequences of lack of risk procedures: loss of money, insurance liability, compensation payments, theft – external and internal, and major incidents, because there has been none, or minimal security risk management polices and procedures in place.
The word security is usually associated with security guards, or simply locking the front door. Correct security management travels much deeper than popular belief. I would unofficially estimate from what I have seen first hand, that a possible 20%-30% of revenue (or occasionally greater) is lost due to poor security risk management.
Some facts you may not know:
Up to 80% of site theft is usually from internal sources
Due to lack of training and knowledge, most staff are unwittingly the cause of most building security breaches.
Technological advances have also often lead to untrained staff not securing sensitive company information from outside forces
These are just some of the consequences that come from insufficient or inept security procedures Security threats are evolving, leading to greater insurance liability and reduced safety of staff. Insurance can be expensive, particularly if your premiums continue to rise from repeated theft.
Compliance = security, safety and continuity of business practices.
Case Study:
A company ravished by internal theft.
This company lost thousands along with sensitive information and equipment. During investigations, it was apparent that too many people had access, keys, codes and knowledge of the companies running procedures.
External parties were assisting staff in this theft; however, there were no monitoring stations inside or out of the company’s premises.
As the business was successful, this theft was not apparent for a long time. The perpetrators continued to compromise the entire organisation not only in monetary values but also in safety to individuals.
This medium sized company had no Security risk management policy or procedures in place.
Unfortunately having security risk management policies and procedures does not protect your company 100%. Companies must utilise these procedures and train their staff to understand and practice them.
The procedures must be easy to locate, clear in their definition and most importantly practical to fit the abilities and numbers of staff.
Successful security companies – guards/systems etc can have very poor security risk management procedures. This largely depends on staff training, understanding and adherence to procedures. If this does not occur these companies suffer internally and are not able to best service the client. This can result in double efforts/man hours for the security company to meet the client’s needs. The consequence of which is loss f time, money and industry confidence
Security risk management and procedures are like good tyres, make sure you have them in place, rotate them, review them, update them, and use them.
