printer friendly version

A heart transplant in 20 minutes?

In today’s life, the first problem with the current form of security, in general, is that the clients, especially corporate clients, force the risk assessor to complete the work in a very short timeframe.

Andre Mundell

I believe that those who compile the tenders do not understand what a risk assessment is and the amount of work that goes into it. I often get told that the risk assessment must be done in a matter of weeks, come hell or high water.

Now, the first 10 days of any assessment project is mostly spent on establishing patterns, routines, work behaviour as well as the ‘ins’ and ‘outs’ of employees, security, clients and so on. The first 10 days cannot really be used to assess the security structure, protocols and the like. People pretend. They know there is an assessor on site and they always put their best foot forward. The guards are on time, shift changes happen according to schedule, communication is clear, the registers are completed, and everything is just perfect. You know how it is when you are told that the auditors are coming to conduct an audit.

It’s a smokescreen and how can I, as an independent assessor, base my findings on a smokescreen?

At times, the timeframe is so ridiculously short, and they expect you to travel, conduct the assessment, do the inspection, identify the risks, do research on the best solutions for the identified risks, and provide them with the security risk assessment report at the end of the day. Might I add that none of my assessments are less than 350 pages, per property.

In my professional opinion, this is not possible, especially if you are doing it right. Let’s put this into perspective.

If you visit the doctor and he said he will conduct a heart transplant in 20 minutes, would you trust him? If a builder tells you that he can build a double storey brick house in one day, would you want to live in that house? If your car service takes five minutes, will you be comfortable driving your car?

I believe you see where I am going with this. The same principle applies to a security risk assessment.

A security risk assessment is an in-depth investigation into your current security status, as well as the risks that provide the opportunity for crime. There are processes that need to be completed, and research needs to be conducted before any recommendations can be made. Risks need to be identified at different stages of the day and night, interviews need to be conducted, access protocol needs to be looked at, communication, the neighbourhood needs to be explored, and so many more aspects need to be completed before the report can be written and only then handed to the client.

The security risk assessment document is not a generic document with a one-size-fits-all label. It’s compiled as the assessment proceeds. It’s built-in layers to ensure that everything fits together and that the client receives a workable and risk-specific document that will mitigate and eliminate the opportunity for crime.

Now, would you trust a security risk assessor who promises to complete an assessment in a day or a week? Should you?

If you don’t trust the doctor who promises to do a heart transplant in 20 minutes, or the builder who can build your dream home in one day, or the mechanic who fixes your car in five minutes, why would you trust an assessor to conduct a proper security risk assessment in a very short timeframe?

The reason why companies push for time is because, as mentioned, they don’t understand the complexity of a risk assessment, as well as the fact that they very often leave the assessment to the very last minute and force the assessor to complete the assessment in a very short time to enable them to meet their deadline. This is not a very good idea at all.

Risk assessors are not given an adequate amount of time to conduct a proper risk assessment and the company ends up choosing the assessor who says that it can be done in a short time and presents this as the full security risk assessment. How can all of the processes and research and writing, as mentioned before, be done in a matter of days or a week?

When the pressure is on and the timeframe is short, you can be sure that people will cut corners to meet their deadline. Do you really want to cut corners when it comes to your security?

Share this article:

Further reading: