Take Five - Security

1. What are the potential risks to site operations that may require a security response?
2. How likely is it that these risks will occur?
3. What would be the likely security response?
4. If a security incident/response happens, what will the impacts be on the company?
5. How severe could these impacts be on the company?
6. If a security incident happens, what will be the impact on the community?
7. How severe could these impacts be on the community?
8. What possible mitigation measures could be taken to prevent or reduce negative impacts?
9. Which risks are highest priority for mitigation?
10. Is a full Security Risk Assessment needed?

A rule of thumb with all risk assessments is to conduct them as early as possible. As with any aspect of business operations, a security risk assessment is a proactive process designed to anticipate and deal with problems early so that the consequences are mitigated or avoided entirely. This typically means that the risk assessment should be conducted when considering a project, at the outset of a new project, alongside a major decision and when a major external event has occurred or is about to occur.

A Security Risk Assessment assesses the likelihood and impact of different risks and applies controls to reduce, transfer or mitigate those risks. Depending on the project and location, this can be relatively simple, or it may necessitate consideration of big picture drivers of escalation, such as geopolitical tensions and environmental policies, as well as more localised problems, like transportation disruptions and local law enforcement capabilities. This analysis can then be used to reduce the likelihood of an issue and change the impact it happens. Whether simple or more complex it is essential to obtain extensive background information from multiple sources and to routinely update the assessment as circumstances change in what are often dynamic and fluid situations.

Do you have experienced, professional security assessment and management capability in-house? If not, have you retained the services of a competent security contractor / consultancy to advise and support your in-country team? Have you completed a comprehensive country-risk assessment and acted on the recommendations? How well do you understand your host country international relations, the nature of political violence, civil unrest, kidnap risk and the level and nature of crime? Have you identified transport and logistics risks? What are the COVID-19 restrictions and vaccination programs? What physical arrangements do you have in place around camps and other facilities? Are you making the best use of technology – drones, cameras, vehicle tracking, distress alarms, fencing? Do you self-perform the security function or use contractors? What is the role of government security – police and military? Are roles and responsibilities clearly defined?

Have you made reasonable inquiries to ensure that those providing security are not implicated in past abuses? Are they trained adequately in the use of force (and where applicable, firearms), and appropriate conduct toward workers and local communities? Do you explicitly require them to act within the applicable law? Are you working with experienced partners to provide human rights training to your security providers? Have you ensured community people have access to an effective grievance mechanism to express concerns about the security arrangements and acts of security personnel? Is the mechanism easily accessible to women and others most vulnerable to security force misbehaviour?

How does your company define a crisis? Do you have a crisis response plan with clearly defined roles and responsibilities? What are the crisis triggers and what actions do these require in response? How do you notify staff whether it is business as normal, time to get “ready-to-act”, shelter-in-place, move to secure facilities or evacuate? How will you evacuate staff, and do you have a provider who can support you? Where will you evacuate to – and are there any COVID-19 restrictions on those locations? Are contractors included in the plan? Non-local national employees? Locals? Have you retained the services of a crisis specialist to advise, assist, coordinate your response? How are you going to manage media? Information sharing and support for families? What is in your business recovery/continuity plan? What specific crises does your insurance cover and exclude?

Do you have a plan that addresses your travel and assignment safety, health and security needs? Is the plan in compliance with national laws and regulations in home, host and transit countries? Does the planning process cover the development, implementation and evaluation of the management of the travel and assignment safety, health and security system? Are employees kept informed about travel and assignment issues – existing, new and emerging? Do you have the ability to inform workers and dependents of developing situations and potential increased risk levels where they are travelling or where they are assigned (including access to a 24/7 reliable and timely information source)? On the ground in-country, do you have airport meet and greet? Secure transit accommodation? How do you transport staff to and from site – fly-in, drive-in, bussing, convoys – escorted or not? How will you evacuate in an emergency?

Some say that the best security asset is strong relations with local communities but for this to be possible there are some questions to answer. Do you have a good understanding of community dynamics (representation, language, leaders, groups, adjacent communities)? Are there pre-existing inter-community rivalries? Do you have competition for resources – artisanal mining, large landholders, vested interests? How engaged are the local youth? Do you get early warning of unusual activity, strangers in town, planned community action? What signs you are using to gauge community sentiment towards your company? Is the relationship getting better or worse?

Are you tapping into the deep pool of African expertise and knowledge you could learn from? Have you spoken to the AAMEG team in Perth? DFAT? ASIO? Africa-centric Security Services Providers? The Australian Government representative in-country? Other operators in-country? Key government ministries and security agencies in your host country?