In a world fraught with unceasing security threats, security risk assessment has become a mandate for both the Government and private entities for the reasons of safety, mitigation of possible financial losses and business continuity. Regulatory obligations and insurance prerequisites aside, investment in security risk assessment will ultimately see benefits trickle down to the triple bottom line of a socially responsible corporate organization.
Wong Kan Seng, deputy prime minister and minister for Home Affairs Singapore, proposed that every person, business and building owner take a direct responsibility to ensure their own safety and security (Ministry of Home Affairs, 2010). He emphasizes that “embracing a security mindset” in the form of wider community’s involvement and contribution are equally vital on top of the necessary measures and infrastructure put in place by the Government, both in preventing and mitigating a terrorist attack.
Further, the importance of incorporating security considerations from the very beginning of the building design process greatly minimizes the cost of security and preserves the architectural vision of the building, as opposed to retrofitting a building to implement security measures.
We can parallel the cost of security risk assessment with that of quality conformance under quality cost reporting, usually averaging 30 to 35 percent of revenues for a profit-orientated organization. Quality conformance in the form of security risk assessment necessitates incurrence of prevention and appraisal costs, which are often far lower than the costs and negative exponential effects of non-conformity such as internal and external failures, i.e. actual terrorists threats that are not mitigated.
Reasons for non-conformance
A general consensus of reasons for not implementing security risk assessment include high sunk costs without direct returns on investment, lack of buy in from stakeholders, inertia in implementation, lack of awareness and absence of regulatory obligations.
There are also myopic perspectives that safety and security are the Government’s responsibility or that private entities are not primary targets for terrorist attacks. Refuting the latter argument is the case of the terrorist attack on Taj Mahal Palace hotel on 26 November 2008, a private entity perceived as a fairly neutral ‘non-primary target’ but ultimately targeted, as it was perceived by Islamist ideologues as a symbol of Western decadence. These days, increasing competition for differentiation has dictated headquarters of private entities become genius feats of architecture, thus how many of these would be categorized as ‘symbols of Western decadence’?
Most security risk assessment these days are plagued by manual time-consuming requirements, unproductive processes, inaccurate data collection, subjective judgments, unreliable and unproven techniques, and complex systems.
Security risk assessment renewed
With prohibitive costs and a laundry list of procedural drawbacks, can the arguments for security risk assessment outweigh the arguments against?
As new security risk assessment tools emerge on the market addressing the issues outlined above, the question of uniformity becomes a huge issue. There is a need for a uniquely-designed methodology ensuring consistency in application across different scaled infrastructures and eradication of user subjectivity.
1. Homefront Security Division – Ministry of Home Affairs (2010). “Guidelines for Enhancing Building Security in Singapore: pp. 1.
Written by Mr. Asaf Amedi:
Mr. Amedi is Lotan HLS & Defense’s Director of Business Development in Singapore and has years of operational experience in special security assignments for senior politicians, international executives, diplomats and high profile personnel. He has also undertaken high-level security assessments for large-scale private and government facilities, while working with El-Al security and the Israeli Ministry of foreign Affairs.