Q. I recently joined my company as CSO. Personnel and executive protection is one of the areas where I see a dire need for improvement. Historically, the personnel protection program has essentially been a babysitting and hobnobbing service for executives, with little emphasis on core risk assessments and preventive measures. What advice can you give me on where to start the turn-around process for creating an effective program to protect personnel?
A. Some organizations have a tendency to focus on executive protection at the expense of "all personnel protection" (employees, vendors, contractors, visitors and guests). This is not to say executive protection is not important as your executives are probably high profile and receive the most attention for negative occurrences (real or perceived). However, corporate liability receives unnecessary exposure when there is not consistent application of personnel security policies. Consistency of application also applies from facility to facility within a corporation. I recommend you have discussions with the legal department prior to final approval and implementation of a corporate personnel protection policy.
It appears the best place to start is with the "basics" of personnel (executives, employees, contractors, visitors and customers) protection. A key consideration is your authority and responsibility beginning at your property line. Anything beyond that can lead to unnecessary liability exposure and questions of consistent application of security resources. The easiest and most efficient way to protect personnel is through a well thought out access control policy and procedure. This may include utilization of electronic and personnel resources such as CCTV, an access control system, security officers, photo ID badge requirements, visitors ID badges and an escort policy or a combination of the above. The definitions of these resources are very broad in nature and will require implementation to "blend" with your corporate culture. Partnering with others in your corporation (e.g., legal department and the people you are protecting) is absolutely necessary to achieve long term success. I recommend you conduct a study/assessment of your current access routes, current controls and potential methods to reduce the number of usable entrances to a minimum.
Secondly, I recommend you assess the locations within your facility where the threat to personnel may be the greatest. This threat assessment should go beyond "personnel" protection issues and look at "business considerations," such as business interruption, integrity of brand name, etc. Planning may include internal usage of electronic and/or security personnel.
Thirdly, I recommend you understand that you can plan, implement, train and operate your security protection system the right way and "bad" things can still happen. Therefore, I recommend you prepare a well thought out response plan. Again, this will require "partnering" with other disciplines within your corporation. It will also require extensive training of your security personnel, as well as timely table top and/or real time training exercises for your security personnel.
Lastly, I recommend you review and revise (as necessary) this personnel security plan at least annually. Circumstances and personnel change and your security plan must be flexible.
Keep in mind the above thoughts are very basic in nature. There is no "cookie cutter" plan you can implement. Any security plan, to be successful, must be tailored to your corporation and a specific location or facility.
Answer supplied by Randy Uzzell, Security Executive Council Emeritus Faculty