Guidelines for Providing Effective Corporate Security

Most large and multi-national organizations have internal corporate security staff. Some organizations utilize a C-Level Officer carrying a Chief Security Officer title. Others have a D-Level officer, such as Director of Corporate Security. Banks and other financial institutions frequently staff a security professional at the V.P. level.

But what about smaller organizations that cannot afford corporate security professionals, are they free to stick their heads in the sand and hope that nothing ever happens?

Not if they want to protect themselves from civil and criminal liability, and the staggering losses than can occur from internal and external theft, embezzlement, and other threats against the organization’s safety, security and bottom line.

Any organization, regardless of its size, needs least one executive-level employee who is responsible for overseeing corporate security; even if that responsibility is not their primary task.

In many instances, that falls to the CFO or Controller. The rationale  is that someone savvy enough to protect the organization’s money, should also be able to protect the organization’s other assets. But that is not always the case.

Unless the person providing that service has a security mindset, and is familiar with the types and degree of risks faced by organizations operating in a post 9/11/ world, the most an organization is doing is paying lip service. It’s only a matter of time until an ugly incident rears its head.

Nonetheless, if your organization finds itself in this position, you will be better off if you keep these guidelines in mind:

•    You need to develop a written security policy. A committee should be formed consisting of all D-Level management personnel and higher. Include executives at the V.P. level if your organization employs any.

•    The policy should be drafted after a comprehensive review of the various threats your organization faces. These threats include, but are not limited to, theft, natural disasters, inventory shrinkage, riots, labor disputes, and domestic and foreign terrorism including bomb threats.

•    Once the policy is drafted, lower-level management personnel, who are often closer to the day-to-day issues an organization faces, should review the plan so they can offer suggestions for improvement. Don’t be surprised if personnel at this level identify potential risks senior management never considered.

•    Once the policy is considered complete, corporate or outside legal counsel should review it. Human Resources should be involved in order to ensure the plan does not impact EEOC requirements and labor contracts.

•    Once the plan has completed the internal vetting process, forward it to your insurance carrier’s Risk Management department to get their view.

Is your plan complete? Congratulations; you’re about 20% through the process of implementing an effective corporate security plan. There’s much more work to be done.

If you’re thinking right now that implementing a comprehensive plan was more work than you had expected, you’re not alone. That’s why so many organizations employ the services of a professional corporate security consultant to help them through this time-consuming and complicated process.