Introduction

The demand for qualified security risk assessors in South Africa has grown significantly, yet a formal training path remains unavailable. While many believe that a qualification in risk or security management is sufficient, the reality is quite different. Security risk assessment is not about theory or policy—it is about investigative insight, practical experience, and the ability to identify real-world vulnerabilities before they are exploited.

At Alwinco, we specialize in independent physical security risk assessments. We do not sell security products or services. Our expertise lies in uncovering security risks and guiding clients toward tailored, risk-specific solutions that address the root of the problem.

If you are uncertain whether your security has been properly assessed or wish to better understand what qualifies someone as a true risk assessor, we welcome the opportunity to speak with you. Contact us via email at andre@alwinco.co.za, set up a Microsoft Teams meeting, or arrange a phone consultation. Let’s ensure your security is built on a foundation of accurate diagnosis, not assumption.

Security Risk Assessor Qualifications.

For the past 18 years, the question has remained: Is there a course in South Africa that particularly prepares people to become risk assessors? In short, the answer is no.

Educational Background

Universities offer risk management and security management courses; however, these only include small portions on risk assessment and the function of the risk assessor. On my desk, I currently have 17 unique CVs with degrees in risk management or security management.

I have tested the candidates and assigned them to carry out a security risk assessment. Nobody could do it effectively. Some attempted to conduct assessments as a textbook exercise, citing outdated facts.

Others claimed experience in risk management but lacked the necessary knowledge of security hardware to deliver actual risk-specific solutions.

Attempts to Establish a Course

We’ve been trying to register a security risk assessment course with SESSETA for years. The planned course would last six months and contain both theoretical and practical components.

However, despite our best efforts over the last five years, we have been unable to register for this course with SESSETA. SESSETA also confuses the difference between a security risk assessment and a risk assessor’s duty.

Their emphasis remains on health and safety, risk management, and security management, with courses principally offered in the health and safety, building, and environmental departments. Nothing clearly addresses physical security.

Furthermore, they emphasize risk assessment in cybersecurity contexts, whereas we concentrate on physical security risk assessment. We are currently working to change this mindset, and it may be some time before we can establish unit standards for security risk assessments.

International Standards and Limitations

Current standards are limited and do not address actual demands. Internationally, security risk assessment employs ASIS certifications, but it also relies on a health and safety matrix approach, which is not applicable in our risk assessments.

Essential Experience

So, to answer your question, there is no facility in South Africa where you can train to become a security risk assessor.

The position necessitates considerable knowledge of crime scenes, modus operandi, security hardware, security profiles, and a grasp of both security and risk.

It involves prior experience conducting interviews with suspects and victims, a thorough awareness of the country’s criminal environment, and expertise with artificial intelligence (AI), control rooms, court procedures, evidence, and master copy processes.

Necessary Skills

A risk assessor must also comprehend communication and security, which encompass both human-to-human interaction and communication between various security devices.

They must also be skilled at interpreting body language, whether it is from a person, property, or business. It’s crucial to understand that security risk assessment is an investigative process, not a managerial one.

Many South Africans do not understand the distinction between these two procedures. People frequently underestimate the need for a thorough security risk assessment and instead focus on selling technology without first diagnosing and addressing the underlying security concerns.

A Unique Model

Currently, I am the only individual in South Africa and Africa who has completed security risk assessments using a unique technique based on 20 years of case studies. Other regions, such as America and Australia, do risk assessments, but their methods are similar to health and safety using the matrix system.

The problem with the matrix system is that it inherently permits an acceptable level of risk, such as 20% acceptable crime rates, which include 20% rape, murder, kidnapping, and so on.

This system implies that it is acceptable for a percentage of a business’s staff to be victims of crime, which is not in line with effective security risk assessment principles.

Security Risk Assessor Qualifications – written by Andre Mundell Independent security risk assessor Alwinco.

If you would like to learn more about our services or need additional information on security risk assessments, please send us an email or visit our website, Security Meetings, and subscribe to our newsletter.

Covering all of South Africa, Alwinco provides Security Risk Assessments, particularly in Gauteng (Menlyn, Braamfontein, Kyalami, Fourways, and Hatfield), Bloemfontein, Bluff, and Hout Bay.

Please click to read more on the difference between a Physical Security Audit Vs Health & Safety in terms of RISK.