The business case for safety and security


Blue circle imageBy Dr Gavriel Schneider and Professor Anthony Minnaar

As many experienced security and safety managers know, it is a particularly difficult and onerous task to; first obtain the necessary funding; secondly getting such funds formally budgeted; and thirdly allocated to your functions. Such allocations for safety and security functions are usually the last priority for senior level business managers and budgetary allocation boards.

In terms of the evolution of the role of security and safety managers – for the purposes of this article we will refer to SSHE professionals (Safety, Security, Health and Emergency management) – whether we like it or not, the reality is that the very idea of needing security and safety measures is largely unpalatable to most senior managers and corporate executives, particularly the Financial Manager.

One of the primary reasons for this is that it shows an uncomfortable reality – the reality that things may go wrong. This leads to a mental predisposition whereby it is easier to ignore the problems (ie, not allocate a budget to safety and security issues and measures) than face them and admit to the realities of actual risk exposure. Unfortunately, the one time when money is thrown at SSHE activities is usually reactively when an incident has already occurred. This leads to what may be referred to as the ‘Reactive SSHE Spending Model’ (RSSM). The RSSM is illustrated the the left:

Despite the glaring inherent weakness with the SSHE model, it still seems to prevail as the primary manner in which most organisations allocate budget and resources to SSHE activities. There are numerous reasons for the prevalence of this model. These include:

• Organisation having no internal security risk structures;

• Persons managing the security functions having little or no experience

• Experienced SSHE professionals responsible may have little business experience

• There may have not been a strategic risk based approach to SSHE

• SSHE is not integrated into the business operation;

• SSHE does not contribute to larger scale goals and objectives of the organisation

• The organisation is in denial regarding risk exposure or incidents that have occurred

• Duty-of-care and compliance requirements have not been identified nor have management methodologies been developed to meet the required duty-of-care responsibilities

• External industry is not consulted or utilised to benchmark and measure organisational application of SSHE requirements.

By addressing the points above in an integrated and strategic manner it may be possible to show an actual return on investment on SSHE expenditure. Below are two simple examples:

Example 1

Stock Risk Control: A mining site in a remote location has been operating for a year. Basic onsite security consists of a security guard who doubles as an emergency response office. In order to ensure that site vehicles could function without disruption, open access to fuel tanks was established early on in the operations. When the site commenced operations there was not much traffic but additional projects in the area have led to an influx of people to the surrounding area. There has been a continuing and marked increase in the usage of fuel but this has been attributed to a busier operation. On investigation it is found that more than $80 000 worth of fuel a month has been going missing over and above what was forecasted as the required operational delivery amount. By spending $30, 000 per month, this monthly loss may be reduced to almost zero – and this achieved merely by using systematic controls and implementing additional basic security measures. Therefore, the SSHE function in reality has delivered a real return on investment of $50, 000 per month.

Example 2