Académique Documents
Professionnel Documents
Culture Documents
Introduction
Risk is a product of threats and vulnerability (risk = threat x vulnerability). A
structured security risk assessment will help to identify the likely threats, the
degree of vulnerability to them and will assist in making decisions about
whether the risks are acceptable and manageable. It is a thorough
examination of what could cause intentional loss or harm, in order to reduce
and manage the risks.
In many cases, risk can be effectively reduced and managed through having
and practising appropriate security strategies and guidelines. However,
effective risk reduction requires continual monitoring, reassessment and
revision.
The first step is to identify the different types of threats in the working
environment, to understand them and how they may affect staff and
programme. This information may be gathered from discussion with staff,
agency colleagues and local sources; brainstorming with staff is a simple way
to develop an initial list. Key areas are:
Frequency: which of the threats identified occur most often (bearing in mind
that some threats, such as rape, are under-reported).
Geography: where do the threats occur? Armed robbery might take place on
specific roads, harassment at specific checkpoints.
Is there a Pattern? are threats random or predictable e.g. is armed robbery
more likely after cash movements? Who tends to be the victims, did they have
specific vulnerabilities? Who are the perpetrators? Incidents viewed in
isolation may mean little, but if grouped with others, patterns may be
determined.
Future Trends: anticipating what may happen in the future requires a good
knowledge of the context and of current events. Key questions include:
• Are identified threats likely to increase or decrease over the next few
months?
• Are things changing over time, particular incidents occurring more
frequently, specific areas becoming more dangerous? Is the probability or
the severity of the threat increasing or decreasing?
• Given the context analysis, what currently unidentified threats may emerge
as a source of security incidents?
• Could XXX become a target for these new threats?
Vulnerability Analysis
Not all NGOs and staff are equally vulnerable to the threats identified.
Vulnerability analysis aims to establish why XXX, and specific team members,
might be at more or less risk. Vulnerability may be different depending on
issues such as:
The individual
• Who - gender, nationality, ethnicity.
• Where - specific job location, travel routes, location of residence.
• Role - responsibilities, representation, profile.
The organisation
• Image and behaviour of staff in the community, XXX’s reputation.
• Impact of the programme, who is XXX helping, who are XXX’s partners.
• XXX identity as a [Western] organisation, or association with [International]
affiliates.
• Communications, advocacy or lobbying – public messages.
• Location of office, residences, warehouse or programme sites, value of
assets.
Other agencies may accept a different level of risk from XXX; they may have
a different interpretation of the security situation, their vulnerabilities may be
different, or they may have a different mandate.
Conclusion
Hopefully, you now have a good understanding of the threats in the
environment, of XXX’s particular vulnerability to those threats, the overall level
of risk and the specific level of risk XXX will tolerate. Having completed the
risk assessment, the analysis must be translated into practical and relevant
risk reduction measures, through the design of an effective security
management system, including appropriate strategies and security
procedures.