Security: Approach
We develop security policies and translate these into operational practice through business processes, risk assessment and risk mitigation strategies.
We have experience of developing and implementing polices - for example integrating the Voluntary Principles on Security and Human Rights into best practice - across very large organisations. To do this we rely on our DNA Model in order to be able to influence the behaviours of people, aligning policies, processes and procedures so that they work together.
The holistic identification, prioritisation and management of security risk is key. To do this effectively requires a breadth and depth of security and relevant industry experience. Our approach has been well tested in large multinational organisations by our highly experienced team.
As a first step we seek to understand the organisation's strategy and operational and regulatory environment. This should be done in the appropriate international, regional, country and local context. We identify risks through a combination of assessments, usually site visits, and a series of workshops. Site visits are conducted by experienced security professionals, with a background in security professions. To be most effective, the workshops should include a range of expertise and knowledge. Our process applies structure to the identification of specific risks - if risks are poorly specified, prioritisation and mitigation is made more difficult in subsequent steps.
Following a holistic risk assessment, a plan to mitigate potential risk is required. We can develop detailed action plans to mitigate risks and support the implementation of these plans.
We develop performance measures that are linked to security objectives and design the appropriate reporting and monitoring processes for these. We support the ongoing improvement and change necessary to assure compliance and effectiveness.
