COST MANAGEMENT IN SECURITY RISK MANAGEMENT (SRM)

Security risk management good practice entails determining how to address the key risks in the most effective and cost efficient manner. Some failed security programs are attributed to poor cost analysis. Simply put if you fail to keep costs under control it sabotages your security effort.

In implementing cost analysis a business can foresee future expenses. Budget visibility is a critical thing to have because it allows you to make decisions that will steer you away from financial complexities.

10 tips to manage cost in security risk management (SRM) include:

1. Demonstrate the value of the security program implemented on the business bottom line.
2. Build – in security during the planning stage to optimize on the benefits of good security design as well as manage costs attributed to building onto security systems later on.
3. Pay attention to the areas where security related costs may increase. This would include a clear understanding of the business direct, indirect and overhead costs.
4. Regularly measure the security program performance. Adopting an earned value management (EVM) approach can help you measure the performance benefit against the cost.
5. Choose appropriate and efficient suppliers and service providers. Finding the right one can help you manage some costs. For instance having non-conforming security equipment can negatively impact on the program performance. It can also be expensive to the business if the equipment fails to meet its intended purpose of adversary deterrence, detection, response etc. Similarly outsource from a competent service provider for guards, alarms response etc or else suffer the cost implication of incompetence.
6. Review your security costs regularly. One way to ensure that your cost management strategy is effective is to review your security budgets regularly. This will help you identify areas where costs are increasing and take corrective action.
7. Embrace cost tracking software systems. Use the software tools available to frequently track and monitor your security costs. A software system helps you gather detailed data on your expenses.
8. Utilize and maximize on existing protective physical security systems. For instance integrate technological systems such as access control, surveillance etc for more value and efficiency.
9. In your treatment mitigation strategies prioritize on low budget alternatives such as – streamlining internal controls and efficiencies such as :-

• Conducting vendor/supplier due diligence and employee background checks.
• Utilizing crime prevention through environmental design (CPTED) strategies.
• Enhancing security awareness to nurture a security culture.
• Implementing dual controls that include security checks and supervision in your day to day high risk activities and processes.

10. Avoid wastage. Waste reduction lowers costs and improves efficiency. Embracing a proactive security approach while aligning risks with appropriate mitigation measures is a good place to start. Don’t invest in security systems your business does not require. For instance before you go installing hostile vehicle mitigation (HVM) bollards ask yourself, is the threat of a terrorists  vehicle – borne improvised explosive device (VBIED) or vandalism by criminals likely to occur to your business? If so what’s the level of impact and does it warrant such a mitigation as treatment?

Ultimately security cost management should be conducted without compromising on the intended value and a business organization should aim to maintain a delicate balance. The anticipated risks should balance with the cost, and the value of the security programs should balance with the costs.