Which 20% of your employees are expendable?

September 2024 Security Services & Risk Management

If you want to distinguish between acceptable risk and unacceptable risk, perhaps you need to consider what security means to you. Health & Safety has taught us that there is an ‘acceptable risk’, and while that may be true in the Health & Safety world, it is most definitely not true in the security world.

When you have acceptable risks, you have acceptable crimes. Which crimes are acceptable? Theft? Rape? Murder? Kidnapping? Armed Robbery? Bribery and Corruption?

If you agree that no crime should be acceptable, you should agree that no security risk should be acceptable, and no reasonable solution should be unacceptable. This means that you should take all the necessary precautions and make every effort to eliminate all security risks, not just some of them in alignment with your duty, accountability, and responsibilities.

We pose two questions below.

Question 1

Which 20% of your employees are considered expendable? While you may feel relieved when the Risk Matrix indicates a low-risk percentage, have you ever pondered over the decision-making process regarding which 10% or 20% of your employees are deemed expendable?

Examining the Risk Matrix, you will notice five colour-coded categories ranging from ‘high to low’ risk. The dark green category represents low-risk areas, accounting for 20%, while the red category signifies the highest risk, amounting to 100%, with light green, yellow and orange in between.

In the realm of security, classifying something as low risk still implies the existence of a risk, even if it is only 20%. A risk remains a risk, regardless of its magnitude. Whether someone has stolen a car or taken a life, they are still considered a criminal. There is no grey area in between.

Furthermore, it is important to note that there is no standard formula for calculating the risk factor. The Risk Matrix, derived from the concept of Health & Safety, was applied to the security sector. Terms like probability and likelihood are two words that cannot and should not be used in the context of security.

Security should not be measured based on likelihood or probability; rather, it should be assessed in terms of opportunity. Many individuals make this common mistake. Even if a risk is deemed low, it remains a risk.

The concept of acceptable risk solely applies to Health & Safety and has no place in the security risk spectrum. Essentially, the Risk Matrix should not be used for anything related to security.

While certain security risks may require more immediate attention than others, it is crucial to recognise that any risk, regardless of its level, must be eliminated. Accepting a security risk provides an opportunity for criminal activities. Having a 20% risk rate means a 20% chance of becoming a victim of crime. Is that a risk you are willing to take?

Question 2

What exactly is an acceptable level of risk? Is stealing acceptable? Is corruption acceptable? Is it acceptable to steal public property and municipal assets? What about a hijacking? Do you consider rape to be an acceptable risk, or is it beyond the acceptable threshold? Who must become a victim of crime before action is taken? Most importantly, who decides what constitutes an acceptable risk, and what criteria are used to make such decisions?

If you asked anybody about acceptable crimes, they would most certainly say that no crime is acceptable. When you go into the paperwork, risk management, plans, proposals, and so on, you will come across the Risk Matrix, which indicates that certain percentages of risk are accepted.

Accepting the use of this matrix in any document supplied to you and working on its basis means accepting security risks that create opportunities for crime. As a result, you implicitly accept that some crimes are acceptable.

Acceptable risks will be integrated into your framework if:

• Security risks are not professionally identified.

• There are no risk-specific solutions to mitigate security risks.

• Standard operating procedures (SOPs) are not prepared for potential legal proceedings.

• Management procedures and processes are not established and not verifiable.

Despite years of fighting crime and investing in security equipment, it is troubling to see that our situation has not improved and may have even worsened. The statistics on crime support this statement, so it is not speculative.

We are losing the fight against crime and corruption in South Africa. The most common reason for poor security or security failures is ignorance and a lack of willpower to address them.


Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

SMARTpod talks to The Risk Management Forum
SMART Security Solutions Editor's Choice News & Events Security Services & Risk Management Videos Training & Education
SMART Security Solutions recently released its first SMARTpod podcast, discussing the upcoming Risk Management Forum Conference 2024, which will be held on 26 September 2024 at the Indaba Conference Centre in Fourways, Johannesburg.

Read more...
There is a SaaS for everything, but at what cost, especially to SMEs?
Editor's Choice Information Security Security Services & Risk Management
Relying on SaaS platforms presents significant cybersecurity risks as the number of providers in your landscape increases, expanding your attack surface. It is important to assess the strength of the SaaS providers in your chain.

Read more...
Unlocking new efficiencies in private security
Security Services & Risk Management Transport (Industry) Smart Home Automation Logistics (Industry)
Justin Manson, Sales Director at Webfleet, discusses how the urgent need to protect life, and to do so more efficiently, is driving continuous innovation in holistic home and residential security services in South Africa.

Read more...
Innovation and security go hand in hand
Technews Publishing Facilities & Building Management Security Services & Risk Management
In a world where the demand for tech innovation is matched only by the acceleration of cybersecurity threats, businesses face the challenge of balancing new product development and robust security measures.

Read more...
Bomb threat landscape in South Africa
Editor's Choice Security Services & Risk Management
Over the past 25 years, South Africa has faced thousands of bomb threats and explosive incidents annually, imposing a significant economic burden on the nation, costing billions of rand.

Read more...
Natural catastrophes and fire risks top concerns
Security Services & Risk Management Asset Management Residential Estate (Industry)
Natural disasters are the highest risk in the real estate industry, followed by fire and explosions, and then business interruption. Estates must prioritise risk management and take proactive measures to safeguard their assets, employees, and reputation.

Read more...
Building a solid foundation
Alwinco Security Services & Risk Management Asset Management Residential Estate (Industry)
Understanding the roles of a Risk Assessor and a Risk Manager is like building a solid and secure foundation in the security world. Andre Mundell makes it easy to understand.

Read more...
SA firms take nine months to detect data breaches
Information Security Security Services & Risk Management
A human being can be conceived and brought into the world at roughly the same time a South African small and medium-sized enterprise (SME) becomes aware of and reports a data breach.

Read more...
Be wary of these scams this tax season
News & Events Security Services & Risk Management
As we approach the end of August, millions of South Africans will log onto the SARS eFiling website or visit their closest branch to complete their tax returns, but scammers are also waiting to defraud with tax-related scams.

Read more...
Businesses battle for long-term sustainability
Security Services & Risk Management News & Events
KPMG International’s report reveals the three key risks to growth in 2024 and beyond: geopolitical uncertainty, trade restrictions, and divergence on AI. The energy and natural resources sector is the ‘most exposed’ industry group in 2024.

Read more...