Risk and asset protection are two very different but closely related considerations that every organisation needs to make, writes Mark Brew, pictured, Senior Operations Manager at the contractor TC Facilities Management.
Firstly, risk goes far beyond the thieves, floods, and fires so often initially thought of. It includes any factor that can negatively impact ‘business as usual’ – of which there are infinite varieties in a large organisation like a facilities management (FM) company. In contrast, asset protection is the care and continuity of any attributes for which a business is responsible. Again, in FM, this can be a broad scope – from equipment to people to money and everything in between – with the aforementioned risks threatening the assets’ safety.
When the risk is assessed and assets need protection, an organisation’s dedicated loss prevention professionals cannot be on site at all hours in case of an incident or emergency to provide their subject matter expertise. Instead, I believe organisations need to invest in two things: a people strategy and a strong IT team.
People strategy
For ultimate risk management, an organisation should empower EVERYONE within their community to have a risk and asset protection mindset. They should prioritise driving a culture of risk identification and mitigation to protect their assets and future. This makes everyone responsible for identifying risk and protecting assets throughout their duties by influencing their everyday decision-making while inspiring them to proactively remove or mitigate the risks where necessary.
This can vary from a part-time cleaner ensuring their floor polisher is adequately maintained, to the marketing team flagging troll comments, to the CEO ensuring a new contract is watertight. And, of course, it extends beyond our offices to our customers’ using a consistently risk-focused mindset throughout. Vital to this is a strong programme of training new teams from day one, with a high level of engagement and auditing to keep risk identification and mitigation top priority in their daily working culture.
IT team
A truly sustainable digital organisation aims to operate and store everything online, without relying on manual paper systems. However, this makes digital tools vulnerable to threats. If not taken seriously and without appropriate preparation, this could put all digital assets, colleagues, customers, finances, and reputations at risk.
A strong IT team of experts, with strengths in cybercrime, risk management, and business continuity is an absolute priority. It is not only relevant to the prevention of risk and management of potential threats, but also to the proper recovery of systems and data should an incident occur. Sadly, many organisations overlook this.
Next steps
It’s one thing recommending to prioritise a people strategy and IT team; but what does this mean? When it comes to risk, years of experience with customer have shown me it can be beneficial to think of a worst-case scenario in response to an incident – ‘What happens if I do nothing?’ – and work backwards from there to construct a plan. This will likely highlight the systems, processes, equipment, and technology teams can implement to protect their business, its reputation, its finances, and any other parties involved.
For example, going back to our cleaner and their floor polisher, what happens if they don’t report the problem with the wheel? The wheel could fall off, causing the polisher to fall over and hurt their leg, also damaging the wall of the customer’s site. The cleaner could decide to pursue legal action for personal injury, the customer could pursue costly repairs and end their contract.
The organisation could be found to have not maintained their equipment adequately, putting them at fault. The aggrieved employee could take to Glassdoor [a jobs search website], social media, or the press to vent about the experienced health and safety failings. The IT team could fail to flag this in time for the marketing team to respond efficiently or effectively, leading to a PR scandal.
Before you know it, this seemingly small incident of a wonky wheel has had a personal, financial, and reputational impact, affecting everyone in the business. But, with the proper risk training from day one, and the nurturing of a risk mitigation and asset protection culture and mindset, it is easy to avoid this series of events.
About the company
Visit: www.tcfm.co.uk. TC Security Services (TCSS), is a wholly owned subsidiary of TCFM and is a member of the ACS Pacesetters group of the highest scoring Security Industry Authority approved contractors.
