Industry Magazine Source Security Spring 2016 | Page 8

THE ROLE OF SECURIT Y Scott Furlotte Scott Furlotte is a Business Psychologist and Management Consultant with over 14 years experience in leadership, management and consulting for the private, public and nonprofit sectors. THE ROLE OF SECURITY IN BUSINESS GOAL The Importance of Risk Management BUSINESSES face risk every day they are in operation. That risk can come from external or from internal sources. One of the best business decisions an owner can make, from an organizational perspective, is to hire a security or risk management firm to assist in their operations. Risk management is defined as the collective methods used to identify, assess, and prioritize risks and the management of resources used to help mitigate those risks. Risk, as defined by the standards in ISO 31000 (a codified list of risk management standards and best practices outlined by the International Organization for Standardization), are “the effect of uncertainty on objectives”. Within risk management, there is a standard framework outlined by ISO 31000 which is used for risk integration. The system itself follows three primary steps: communication and consultation, context and treatment, and monitoring and review. Each of these has a unique purpose and unique steps that must be undertaken by the risk management team. In the communication and consultation phase, it is important that security officers are able to maintain good records. The accuracy and fidelity of the records and reports that they keep are key to the SPRING 2016 provision of data to the client. The data provided helps the client make more accurate business decisions which can both help the business grow and protect specific risks and make decisions, based on context, of whether a given risk is actually just a normal situation. Qualifying information here would include assets, the THE ACCURACY AND FIDELITY OF THE RECORDS AND REPORTS THAT THEY KEEP ARE KEY TO THE PROVISION OF DATA TO THE CLIENT the business from potential risks that arise during that growth. Through monitoring and review, the operations of security personnel are consistently and thoroughly reviewed. Monitoring takes place to ensure not only that risk is being adequately mitigated at all stages of the process, but also to make sure that the activities the security personnel are partaking in are related to the goals and activities of the business they are working for. Without regular review, the door is open for the security operation itself to become a risk to the client business. The system sandwiched between consultation and monitoring, of course, is the meat of the security issue. This is where the context of the risk is established. Security officers work to determine which parts of the business could be dam