Balancing commercial and security objectives

April 2016 Security Services & Risk Management

It is clear from the various incidents being reported in the media across South Africa that the commercial sector still has a huge opportunity to develop effective Facility Security Level Determination Framework and Operational Response strategies.

Christopher Cobb.
Christopher Cobb.

All facilities face a certain level of risk associated with various threats. These threats may be the result of natural events, accidents, or intentional acts to cause harm. Regardless of the nature of the threat, the commercial sector and facility owners/administrators have a responsibility to limit or manage risks from these threats to the extent possible.

Risk is a function of the values of threat, consequence and vulnerability. The objective of risk management is to create a level of protection that mitigates vulnerabilities to threats and the potential consequences, thereby reducing risk to an acceptable level. A variety of models can be used to calculate risk and to illustrate the impact of increasing protective measures on the risk equation.

Facility owners/administrators and in particular owners of public facilities, should develop and implement a security risk management methodology standards while also supporting the security needs of the organisation.

In order to achieve this Risk Management Process for Commercial Facilities, a set of standards need to be developed. Standards will need to be defined including the criteria and processes that those responsible for the security of a facility should use to determine its facility security level (FSL) in order to provide an integrated, single source of physical security countermeasures.

Commercial facilities need to introduce a risk management process that outlines the approach necessary to:

• Identify,

• Assess, and

• Prioritise the risks to facilities.

This should be followed by a coordinated application of countermeasures to:

• Minimise,

• Monitor, and

• Control the probability and/or impact of an unfortunate event from occurring.

Risk management decisions need to be based on:

• Application of risk assessment,

• Risk mitigation, and when necessary and/or

• Otherwise reasonably unavoidable-risk acceptance

The development of a Facility Security Level Determinations Framework for commercial facilities should involve obtaining information and process required when designating a FSL determination to a facility. The FSL determination must be utilised to create a set of baseline security and operational standards that are customised to address site-specific conditions and should include:

• Basis for the factors and criteria.

• Facility security level matrix.

• Facility security level scoring criteria.

• Mission criticality.

• Symbolism.

• Facility population.

• Facility size.

• Threat to tenants.

• Intangible factors.

• Level V facilities.

• Changes in the facility security level.

• Co-location of tenants with similar security needs.

• Integration of physical security.

• Apply the physical security criteria.

• Identify baseline level of protection.

• Identify and assess risks.

• Decision point: are risks adequately addressed by the baseline level of protection?

• Determine the level of protection necessary to adequately mitigate risk(s).

• Decision point: is the existing level of protection sufficient?

• Decision point: is the level of protection achievable?

• Determine the highest achievable level of protection

• Decision point: is the risk acceptable?

Take for example, the integration of the physical security criteria that should provide an overview of how the application of physical security criteria is predicated on a FSL designation. Once a FSL has been determined, commercial facilities can then follow a decision-making process needed to identify an achievable level of protection that is commensurate with – or as close as possible to – the level of risk, without exceeding the level of risk.

Conclusion

Without security processes (which is much more than a guarding mentality programme so prevalent in business today) being in place, an organisation’s reputation / brand trust can be so easily destroyed, not only by those criminal elements external to one’s business but especially so for new employees whose ethical outlook is unknown to any company.

Whatever the outcome, if companies are to protect their assets, market share, brand trust reputation then they must adopt a strategic all-inclusive proactive preventative approach to all forms of crime. The current responsive approach to crime, where business fail to perform effective risk assessments and wait for their assets to be stolen before attempting to catch a culprit, will result in placing their business their tenants, customers and employees at risk.

The integration, in a formal, collaborative and strategic partnership framework of the cumulative security resources of an organisation and other vested stakeholders is needed in order to deliver enterprise wide benefits through enhanced risk mitigation, increased operational effectiveness, efficiency, cost savings and brand trust.

For more information contact Christopher Cobb, UWC, +27 (0)72 633 2339, ccobb@uwc.co.za.





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Identity recovery matters most
Security Services & Risk Management
As cyberattacks grow more targeted, more destructive, and increasingly aimed at the very fabric of trust within the enterprise, the ability to restore identities has become just as critical as restoring data.

Read more...
ISO 27701 helps demonstrate privacy compliance beyond POPIA
Security Services & Risk Management
ISO 27701 include privacy-specific controls and provides a structured way to manage Personally Identifiable Information (PII) throughout its lifecycle, giving organisations a way to demonstrate how privacy is managed.

Read more...
Echoes of 2018? Follow-up on Woolworths explosions
Technews Publishing News & Events Security Services & Risk Management Retail (Industry) Facilities & Building Management
SMART Security Solutions follows up with Jimmy Roodt to find out more about an old connection to the Woolworths bombings from 2018. The investigation remains ongoing.

Read more...
Increase in cyberattacks on the manufacturing sector
Security Services & Risk Management News & Events Industrial (Industry)
According to a new Kaspersky ICS CERT report, in the first quarter of 2026, the percentage of industrial control systems (ICS) on which malicious objects were blocked reached 19,6% globally.

Read more...
Next-generation cash-in-transit vehicle
News & Events Security Services & Risk Management
Fidelity Services Group has unveiled a new, purpose-engineered Cash-in-Transit (CIT) vehicle designed to redefine crew protection, deter threats, and enhance operational resilience in an increasingly complex criminal environment.

Read more...
The risk at the edge of South Africa’s agriculture supply chain
Security Services & Risk Management Agriculture (Industry) Logistics (Industry)
Research from ESET has found that a significant number of South African agritech operators and farmers continue to believe their companies are not attractive targets for cybercriminals. Unfortunately, that belief is precisely what makes them one.

Read more...
AURA partners with Discovery to launch Discovery 911
News & Events Security Services & Risk Management
AURA has announced a partnership with Discovery Insure to power the security-response component of its new Discovery 911 virtual panic-button offering, which is available through the Discovery Insure app.

Read more...
Break the silence on fraud
Security Services & Risk Management
We are entering a new era of fraud, one defined by groups that operate across borders, using advanced digital tools and impersonation tactics to deceive victims and wear down communities' trust and financial security.

Read more...
Africa’s white-collar crime landscape
Security Services & Risk Management
White-collar crime in Africa is no longer a predominantly domestic concern; it has expanded onto the international stage, and so too has the corporate exposure that accompanies it.

Read more...
Global security in 2026
Editor's Choice News & Events Security Services & Risk Management Industrial (Industry) Mining (Industry)
The World Security Report 2026 states: “In a world of increasing volatility, physical security has evolved. It is no longer just a defensive measure; it is a critical driver of corporate value.”

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.