Once an organisation has gone through the careful process of producing and implementing a Security and Safety Manual, it will act as the hub for recognising and drawing in all the necessary measures, procedures and people to protect and mitigate against the anticipated risks and threats that your organisation may face.
To ensure all this hard work is not wasted it is essential that the manual is recorded and that an effective strategy is in place to make sure it is complied with. First the manual should be approved internally and then properly registered with your Compliance, Audit and/or Risk departments so that it can form part of the formal internal audit process.
Those individuals that have been given responsibilities through the function/roles identified within the manual, should be formally introduced to the tasks and deliverables that are expected of them, and a routine can be established as to how and when these tasks will be performed.
One of the easiest ways is to set up a spreadsheet that outlines the daily, weekly, monthly, quarterly and annual procedures, in a checklist format. This will also help in providing evidence that the tasks have been scheduled, and where applicable, provide an opportunity for making notes on any findings and documentary evidence as to the task’s completion.
A similar format to that used to identify and timetable those with identified responsibilities, can also be used for the line managers that are accountable for ensuring those allocated tasks have been completed satisfactorily. A way to record this needs to be established and can be in the form of a log, or simply a counter-signature on the tasks that are being reviewed.
In addition to any internal processes for audit and compliance requirements, there is also a strong argument for commissioning an independent and external review to ensure that the veracity and integrity of the manual is being maintained.
From experience, this additional review can be conducted on an annual basis and will provide an opportunity to update the manual and incorporate any changes to the risk profile, enable modifications to any statutory regulations, allow tweaks to the reporting mechanisms and add any updates to ‘best practices’ in the security and safety sector.
In a world where good business governance and corporate responsibility are having a much greater impact on how organisations are being run, it is also prudent to ensure that the senior management and members of the board are given the confidence that their security and safety mechanisms are robust, relevant and effective.
Once you have an effective Security and Safety Manual in place and the various checks and balances have also been established, you may want to consider creating a security and safety committee that would elicit a greater level of ownership and awareness throughout the organisation. In the next article I will discuss how this can be done and who would be involved in such a committee.