Over the last 20 years, I have read hundreds, if not thousands, of ‘so-called’ Risk Assessments that was done by various people such as Security Managers, Security companies, Risk Managers and so on.
The truth is that I have not found a single assessment that is even remotely close to right.
A lot of crucial information is missing and most of the people who have conducted these assessments don’t have crime scene experience, let alone security experience.
The Risk Matrix is wrong
This becomes a problem when they must identify the risks. Most Risk Managers makes use of the Risk Matrix System to ‘grade’ the risk which is impossible to do as a risk is a risk. Whether the risk is great or small, it remains a risk. Risk creates the opportunity for crime to happen.
A Risk Matrix applies to Health and Safety, not to crime and security risk.
I can make this statement because I have the first-hand experience of incorrect Risk Assessments.
A true Risk Assessor only focuses on identifying the risks. He does not sell or install security hardware, nor is he part of the ‘solution’ in any way.
He also doesn’t form part of the management team that is responsible for the rollout of the solutions. He is a consultant. He is there to identify the risks, provide solid solutions for the identified risks and to provide guidance where needed.
I have yet to find a Risk Manager who has assessed the management component of the security portfolio. I have never found a Risk Manager who has told the Management team or the Board of Directors that they are part of the problem.
Security and Management go hand-in-hand and when security is not right, you can just look to the management structure and you will find the risk. This is not an easy thing to say to your management team, especially if they pay your salary.
This statement is also true for homeowners assessing their security and to the Board of Directors at Estates.