Secure your business by evaluating physical security threats with a risk assessment
Without even realizing it, most people assess risk in their everyday lives. This looks like anything from deciding which route to take to work, to choosing to leave your front door unlocked while you walk around your neighborhood.
However, if you own a business, you have probably put a little more thought into the kinds of risks that may threaten the safety and security of your establishment. If you own a local restaurant, a boutique, a non-profit or any other business that takes place in an office or physical location, you have likely put procedures in place for emergency response and implemented elements of physical security for keeping your establishment, your employees, and your assets safe.
What Are Vulnerability and Risk Assessments?
Vulnerability and risk assessments go hand-in-hand, but it’s important to understand the difference between the two and how they work together. A vulnerability assessment for physical security is the process of assessing and understanding the vulnerabilities of your establishment and how prepared you are to handle any threat that would exploit those vulnerabilities. Physical vulnerabilities can include physical elements of your building as well as gaps in procedures that should be in place to respond to physical threats.
A vulnerability assessment is just one part, albeit a crucial piece, of an overall risk assessment for physical security. Once vulnerabilities are identified, a complete risk assessment would involve quantifying the likelihood of those vulnerabilities being exploited by any possible threats, and then it would provide solutions to meet the uncovered security needs.
Typically, a risk assessment is done in 5 steps.
- Step 1: Identify the hazards.
- Step 2: Decide who might be harmed and how.
- Step 3: Evaluate the risks and decide on precautions.
- Step 4: Record your findings and implement them.
- Step 5: Review your risk assessment and update if necessary.
Assessing your vulnerabilities is naturally incorporated into steps 1 and 2 above, while the rest of the steps involve evaluating risk and implementing precautions based on the findings.
What Kinds of Physical Threats Are Considered During a Risk Assessment?
Not all physical threats come from people. While the most commonly considered threat is typically a burglary, many physical threats come from unintentional human actions or even the environment around an establishment. That’s why it’s important to consider all types of physical vulnerabilities.
For example, if you own a restaurant on a busy street, and the street-facing wall is made of mostly glass, the inability of that glass to stop a swerving vehicle would be considered a physical vulnerability. Another physical vulnerability could be the lack of an emergency response procedure for a natural disaster such as an earthquake. Identifying the various types of physical threats to your establishment is key when assessing vulnerabilities and the overall risk your business faces.
Why Should You Conduct Regular Risk Assessments?
Conducting regular risk assessments not only provides you with peace of mind regarding the security of your business, but it lessens the impact of a threat if one arises. Additionally, the safety of your employees is vital to your business’s success, and it’s important to properly prepare them and the establishment for any type of physical threat. A properly done risk assessment protects the quality of your business and your most valuable asset: your employees.
When Is It Appropriate to Seek a Risk Assessment?
For optimal physical security, a risk assessment should be done every 1 to 5 years. Additionally, you should have one done if your business has experienced a known breach in physical security, or if there is some sort of modification done to the building in which you conduct business.
What Would a Risk Assessment Look Like?
A proper risk assessment would include taking into account all of your policies and procedures regarding disaster recovery and emergency response. It would also examine the critical infrastructure of your business and any physical systems in place to protect it (including cameras, gates, alarms, locks).
Then these aspects of your security would be tested to uncover any vulnerabilities. Those vulnerabilities would then be measured against the likelihood of potential threats in and around your business (such as natural disasters, social unrest, power outages, etc.) to quantify the overall risk your business faces. The findings of the risk assessment and how you should respond to those findings would be presented to you in a report that gives you actionable next steps in how to further secure your business.
Who Is Qualified to Do Risk Assessments?
There are a number of companies who conduct third-party risk assessments. Alarm companies or camera system companies can offer assessments; however, it’s sometimes difficult to get an unbiased assessment from a company that sells security systems. Certain companies could use the assessment as a sales tactic to upsell you beyond what you really need.
There are also independent contractors who are Physical Security Professional (PSP) Certified through the American Society for Industrial Security (ASIS), and this certification is an important factor in receiving a trusted, valuable assessment.
The Value of a Third-Party Assessment
While your business can conduct its own risk assessment, you may not have a risk or asset protection department dedicated to examining your security. Even if you do have a dedicated department for security purposes, having a fresh eye on all aspects of your physical security can help identify vulnerabilities that those who are close to the business wouldn’t likely see.
What a Good Risk Assessment Should Include
A good third-party risk assessment ensures that all vulnerabilities, threats, and risks are accounted for, and it provides you with logical next steps. The findings of a good assessment should include security upgrades that match the level of risk outlined in the assessment. If the solution seems like overkill or if it’s “salesy” is nature, it’s probably wise to get a second opinion.
As you consider your business needs and the value of regular risk assessments, you’ll want to find the right security partner that provides the proper solutions for upgrading your physical security. Adamo Security is a trusted security partner, and you can contact us today for a physical security consultation.