How to better protect the business
- Introduction based on findings of SUPPORT
Delft, May 9, 2012
Henk van Unnik
Senior advisor, Securitas Maritime & Logistics Security Solutions
Introduction
• Picture of crime and terror
• What has influenzed the corporate invironment
• Risks related to Ports and Port facilities
• What drives Crime and what drives Terror
• SUPPORT´s 11 points of attention
• How is Security perceived and organized to day
• How can SUPPORT improve this
• A proposed Model
Picture of Crime and Terror
• Corruption and bribe
• Infiltration through joint ventures
• Growth in violence
• Underworld interwoven with the overworld
• Loss of integrity in the business climate
• Loss of a Ports reliability
• Damage to supply chain, economy, and the rule of law
What has influenced the Stakeholders
Changes at Corporate level
• structure and pace of corporate life and - security
• more global trade and - economy
• new business practices
• risks more complex
• interdependence between risk and business
• higher security profile
Risks related to a Port
A Port is vulnerable to crime due to
• concentration of valuable goods
• limited number of people present during night time
• poor control over stocks and data
• poor awareness of risks
• lack of transparency and inspections of corporate processes
• blind faith in people, insufficient recruitment processes
• too much confidence in social control between employees
Risks related to a Port facility
A Port Operator is extra vulnerable to crime due to:
• placing too much trust in people and effectiveness 80 – 20 rule
• lack of awareness
• lack of efficient security procedures
• weak systems of internal control
• inadequate pre- employment and background checks
• inadequate protection of information and IT systems
• lack of business partner requirements
• shift in norms and values
What drives Crime
Mechanisms that drives crime
Demand driven by:
Supply driven by:
Greed
Own use
Global disease
Crime as profession
shift in norms / values
Need
created by PR & sales activities
Poverty
Crime opportunities by
ineffective and insufficient
processess, procedures,
risk perception and mitigation
exploitation /exclusion / culture
Can demand be influenzed
Little to nothing
Can supply be influenzed
By reducing vulnerabilities throug adequate
security management
What drives Terror
Mechanisms that drives terror
Selecting a terror object is based on the circle of 3 V’s
•
Visibility of an object
•
Value of an object
•
Vulnerability of an object
The only V that can be influenzed to break this circle is Vulnerability
11 points of attention
•
Managing security (WP2) (WP5) (manual 2)
•
Threat and vulnerability assessments and control measures (WP4)
•
Access control
•
Inspections at access control
•
Screening of staff
•
Standards for fencing, alarm systems and CCTV (WP3)
•
Monitoring and surveillance performances
•
Handling of cargo in cooperation with Customs
•
Checking of personnel at the facility
•
Training and awareness programs
•
High resilience concepts (WP5)
(WP3)
How is security perceived
From a business perspective
A defensive approach focused on protection and `loss prevention` stopping
people to do their jobs instead of enabling the business to function and grow.
From a security perspective
Only two components are considered to be addressed the most important
components are hidden, leading to a wrong risk perception, a wrong risk
coverage and ineffective risk methods.
Physical security
Process and procedure
How to align perception and development
Characteristics of alignment
•
Convince colleagues that the role is to deliver security to support every day decisions
•
Initiate the view that security is also there to improve management
•
Help the organization by taking and mitigate risks
•
Make sure that security developments respond to market developments
•
Help departments to align strategic and operational activities from a security perspective
•
Emphasize that legitimacy of security not only comes from expert knowledge but also
from
–
Business understanding
–
Skills of people
–
Management ability and
–
Communication expertise
Improvements by SUPPORT
Security performance of an organization is as good as its processes and procedures
To create a model we looked at two different approaches
-
one, a top down approach where the top management is responsible for security and
instigator and facilitator of a model like Corporate Security Management
OR
-
two, a bottom up approach where the PFSO / PSO supported by instruments, that enables
him to do so, takes the initiative for Process Improvement Management
A process improvement model
Provide the PFSO / PSO, based on the provisions of the ISPScode, the AEO guide
lines, the IMO`s “ Guide to Maritime Security and the ISPScode” and other best
practices with a TOOLKIT that makes it possible to:
•
Monitor risks related to crime and terror
•
Monitor risks related to corporate processes and procedures
•
Monitor an instigate education and training
•
Prepare and execute drills and exercises
Model, work in progress
Identify risks related to crime and terror based on example
procedures best practices and a cost calculation model
Identify risks related to organizational processes and procedures
and measures how to mitigate or improve them based on example
procedures and process risk matrix
Provide standards for education, training, drills & exercises based
on best practices and examples how to implement them
Recommend changes and implement improvements, by a clear
statement why change is necessary, a clear vision how this will
affect the organization, an implementation strategy, communication
planning
Questions?