Printer Friendly

Proactive vs. Reactive security: performing a risk assessment ensures a proactive approach to crime and loss prevention.

How well does your business manage its security risks? Many businesses will, at some point, consider security processes to protect assets, people, property (tangible and intangible), and information. Will you be proactive and prepared before something happens, or will you simply react to the situation after something occurs?

[ILLUSTRATION OMITTED]

Prevention vs. Reaction

There's a difference between crime prevention and crime reaction, though many take the reactive approach and don't consider purchasing an alarm system, for example, until after they've been burglarized or property has been stolen.

We need to change the way we think. To be effective, crime prevention and security (both policy and procedure) must be a part of the business operation and accepted by everyone in the company. Security policies are objectives, and they list the responsibilities and expectations for personnel. Security procedures are detailed instructions outlining how personnel will carry out the objectives. To meet the changing needs of an organization, security procedures change more often than security policies. For instance, the security policy may state that a particular area is restricted; only authorized personnel are allowed. A security officer is placed at the entrance, visually identifies those who can enter, and allows them access. At some point, this system may become automated; each employee wanting access must place his/her hand or finger on a biometric reader, and physiological characteristics determine admittance. Video surveillance may also monitor the area for an attempted unauthorized entry. In this situation, the policy remains the same, but the procedure changed.

Changing procedure to meet new needs is an excellent way to be proactive, but the security process shouldn't be so cumbersome that it impedes business operations--instead, it should operate in conjunction with workflow.

Three-Part Security

There are three parts to achieving the desired level of security (the goal of this three-step approach is to reduce the likelihood that a loss will occur and, if a loss does occur, to minimize it):

1. A vulnerability assessment, which is completed by a security professional to identify the deficiencies and excesses in the security process. In essence, the security professional will consider the probability that an incident will occur and make recommendations to address vulnerabilities and "harden the target."

2. A cost/benefit analysis, which will determine if the recommendations are affordable, feasible, and practical. At this point, countermeasures are put into place to reduce or eliminate the deficiencies identified in the vulnerability assessment. These countermeasures may consist of hardware (fencing and locks), software (electronic access control), and people (security officers or employees) who will take on the role of guardian of the company's assets.

3. A test of the system, which ensures that everything is working properly, to determine if changes need to be made to achieve the desired level of security.

The key to an effective security process is having the appropriate mix of physical security, electronic security, and personnel to meet security goals. It's important that there are "layers" in your security process so the weaknesses are outweighed by the strengths of another component. You may have security policies and procedures in place, a fence around your property, security officers on patrol, exterior lighting, steel doors, high-quality mechanical locks, an intrusion detection system, and video surveillance--but at what point in the process will an intruder be detected?

A professional security risk assessment determines the best way to "harden your targets" and integrate all components of the security process so you have the appropriate level of security.

Marianna Perry is director for the National Crime Prevention Institute (NCPI) at the University of Louisville in Louisville, KY. She can be reached at marianna.perry@louisville.edu.
COPYRIGHT 2010 Stamats Communications, Inc.
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2010 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:Safety&Security
Comment:Proactive vs. Reactive security: performing a risk assessment ensures a proactive approach to crime and loss prevention.(Safety&Security)
Publication:Buildings
Date:Mar 1, 2010
Words:605
Previous Article:Coming in the April issue of buildings ...
Next Article:Fantastic foam: cushion adds years to carpet and comfort to the workplace.
Topics:

Terms of use | Privacy policy | Copyright © 2020 Farlex, Inc. | Feedback | For webmasters