Many entities do not have trained, experienced, professional security staff immediately available to them. Conferences, events and other gatherings and venues where people are concentrated into a localized area can be targets, and effectively managing a crowd of attendees when a threat arises requires strategizing in advance.
Too often, security planning is undertaken in response to situations that have already occurred. In these cases an ad-hoc response is developed. That solution is then codified into a security policy designed to govern actions the next time the issue arises. But when a different situation happens, the enterprise goes through the same process, a new section of the security policy is added, and the policy can now address a second issue. This is a reactive methodology that does not take prudent assessment and analytical processes into account to prepare comprehensive security policies and crisis management plans.
When we identify the risks we may face, we can prepare sound contingency plans. When that risk becomes a threat, we can implement those contingency plans.
What is recommended to avoid an ad hoc approach is the development of a proactive strategy and the use of 3 distinct assessment processes:
Risk assessments are developed in advance of an event and utilized to determine the potential risks or hazards that may adversely affect the event or business operations in the case of a supplier. Risks are general in nature and have no identified time line.
Vulnerability assessments identify specific weaknesses in existing policies and practices in order to formulate the best measures to deter, detect and mitigate risks and threats. Without pinpointing vulnerabilities specific to a business, organization, venue or event, developing a safety and security plan is merely a generic exercise that might prove costly and ineffective.
A supplier business providing AV technology will have some similar vulnerabilities to a supplier providing mobile apps, but most vulnerabilities will differ. An event held at an outdoor venue will have different vulnerabilities than an event held at a hotel.
Threat assessments are the 3rd leg of the security planning “stool”. The purpose of conducting a threat assessment is to identify the possibilities of a threat and then prepare a plan of action with which to respond to or counteract it. Risk assessments provide the platform from which to then evaluate potential threats, determining whether any of those identified risks are escalating or could escalate to a pending threat.
The term risk is often confused with threat. Threats differ from risks because they have a suspected or predictable time line. We have experienced countless earthquakes in California, but we cannot determine when the next one will hit, exactly where it will originate, how long it will last or the number of aftershocks; therefore, earthquakes are a risk. Tornadoes are both a risk and a threat. Again, we cannot predict when or where the next one will develop, and they remain risks until one forms. Then it becomes a threat — an impending threat — when we look out the window and see the funnel cloud bearing down on us.
Threats typically arise in one of two forms: natural or human. Natural threats are largely unchanged over the course of history: environmental disasters such as hurricanes, earthquakes and tornadoes occur in the same form they always have. Threats posed by human intent have evolved in tandem with the evolution and spread of mechanization and technology.
When we identify the risks we may face and areas where our businesses, venues and events are vulnerable, we can prepare sound contingency plans. When a risk becomes a threat, we can implement those plans. Taking these planning steps in advance is cost-effective, proactive, and creates trust with our customers and guests .
About ITG Consultants
ITG Consultants, Inc., is a certified Veteran-owned small business based in Pennsylvania providing training, consulting, and security management services. David L. Johnson, president of ITG, is certified in Homeland Security – Level V, by the American Board for Certification in Homeland Security, and previously served on its Executive Advisory Board and has been awarded Diplomate Status by the organization. He also serves as Chairman of The American Board for Certification in Dignitary and Executive Protection. Gale R. Ericksen, vice-president of ITG, is a Certified Protection Professional by the American Society for Industrial Security. Combined, they have more than 70 years of experience in international law enforcement, executive and dignitary protection, conducting assessments, policy development and training.