Risk Identification

Identifying of risk when conducting risk management surveys on behalf of a customer is comparatively straight-forward should the advisor have a sound history of operating within a security focused organisation and having conducted a range of both planned and dynamic assessments. Experience gained will build up versatility and a knowledge-base to draw on when ‘anomalies’ are encountered, as they often do. While there are countless books and courses offering exhaustive resources on risk management, I believe that first and most importantly, experience has no equal in this field and when backed up by relevant guidance and methods, will result in a credible end-product, adding value to the organisation’s operations.

The advisor must be well read as an absolute minimum regarding the area in which the task is focussed and have a pretty good working idea of the region. Planning for the task must take place ahead and should ideally include, as a matter of priority, a detailed statement of requirement from the customer. This will negate any misunderstandings regarding expectancies. The risk management consultant should make sure that induction and introductory briefings regarding the client organisation is undertaken to completely understand the client. As a minimum I would suggest the following as necessary before starting the work:

• Understand the customer and what they do.
• Understand where they operate, are preparing to operate and the duration.
• Know what assets the operation involves – employees, equipment, real estate.
• Understand the organization’s expectancies – statement of requirement.

Awareness of the above will give the risk management consultant with a useful’ Know Your Client Folder’ to plan and make initial preparations but much more should follow. Research regarding the customer organisation should also include any history of problems encountered during, or as a result of, prior operations. This is of relevance when working out the risks particularly if hostile actions followed. For instance, if the population of an area could have objected to certain aspects of an operation inside their region or does the organization have a ‘reputation’ that has followed them and is the operation being undertaken by the client controversial in any way?

The value of local information is invaluable and having the chance to engage with knowledgeable local people often supplies information crucial to the task that might otherwise be missed. Take the opportunity, should it present itself, to talk about matters with influential and well placed local members of the population. It has furnished me many times with an accurate indication concerning future developments of issues. In addition, it results in relationship forming with local people and perhaps even local authorities like the Police which is invaluable.

Be methodical and thorough in your risk management survey. Whereever it is feasible prove the information that you are handing over to your client. Take photos, drive routes, visit locations and test, test, test! Your customer is paying for a service and expects convincing and factual results and that of course includes furnishing him with any ‘bad news’ where it becomes necessary.

To summarise: A well-planned, well conducted and well-presented risk management survey is potentially of critical importance to your client. Failing to plan is planning to fail and your paying customer deserves the best from his consultant’s endeavours.

Craig Jones is the MD of Advanced Training and Security Solutions Limited, an independent company established to supply a bespoke security and resilience service. Craig has worked for a considerable number of organisations in a variety of roles. ATSS operate from Cheshire, UK with a presence in London and a global reach. They have experience with working in the Middle East, North Africa and Eastern Europe. Graig is a prolific author of articles concerning risk assessment, emergency planning, business continuity and security management.

Identifying Risk, Risk Assessment, Risk Management, Risk Management Consultant

Business