Corporate security is a constantly growing area of the large field of
security services - globalization, growing crime rates, terrorism, fraud,
white-collar crime, theft, extortion, espionage, kidnap for ransom - these
are just some examples of the threats companies are facing today. It won't
come as a surprise to any modern management that more and more companies
need to use the services of security managers or risk managers.
Risk assessment and risk management mainly aims at loss prevention. Every
kind of crime against a company results in some form of loss. Risk
assessment and management is the method to identify precisely the risks
and all probable effects those risks will have on the company, persons or
organization that is to be protected. The goals are to minimize the risks
to an acceptable level and the proper implementation of pertinent
counter-measures to deal with the remaining elements associated with the
risks. A certain part of all possible risks cannot be totally eliminated,
but it can be managed.
It is the task of the professional risk manager to properly research and
analyze the actual situation (risk assessment), by assimilation of all
relevant data, and then develop a professional security plan which lays
out in detail how to implement actions designed to avoid, reduce, or
eliminate risks. The risk assessment phase cannot be done from behind a
desk. You will need a hands-on practitioner who get down and dirty in your
company. It is wise to use external experts to assess your company’s
security, as in-house security may not want to reveal own short-fallings
or mistakes. Thus, from time to time, a professional penetration test is
extremely important in order to reveal security weaknesses.
The risk manager must be able to identify risk on just about any level,
in each department of any given company. This ranges from the pure and
simple static guard at the gate and workplace security, fire fighting etc.
all the way up to each and every department (production, sale,
administration, archives, personnel screening etc.), fighting crime within
the company, and it includes the top management as well. The risk manager
will need to be able to properly investigate, proceed crime scenes and
handle evidence, have in-depth knowledge of law and economics, must be
able to counter espionage and support the own intelligence efforts,
coordinate and lead close protection efforts and communicate with law
enforcement agencies just as well, as with the press and many other tasks.
The modern risk manager can't be incident driven. He must always expect
the unexpected and never fall in along side those people who think bad
things only happen to other people. Just because a certain crime has not
yet happened, it doesn't mean it CANNOT happen. And just as the
range of possible crimes, accidents, incidents and crisis' is very broad,
the risk manager needs a very broad set of skills and intensive knowledge.
Brillstein risk assessment staff has the complete skill set in order to
successfully achieve the goals laid out above. Our risk management teams
also comprises lawyers and economists, able to assess, collect data,
analyze the data, formulate security plans and implement those plans.
Crisis management, crisis intervention, travel security, investigation,
intelligence/counter-intelligence, processing crime scene and evidence
collection, close protection and counter/anti terror strategies are the
main key words in this context.
issues of interest in this regard are
security audits and penetration
tests, due diligence,