A Business Continuity Checklist for Security Companies

Introduction

We rarely get advance notice before a disaster strikes. Even with some lead time, multiple things can go wrong, and every incident unfolds in its own unique and unexpected ways. Here is where a business continuity plan comes into play.

During a crisis, security companies are placed in a unique position of having to navigate new operational challenges while ensuring the safety of the guards performing essential frontline tasks. A business continuity plan is the first and most important element to have for prevention, recovery and damage mitigation. It helps you identify what you need to put in place to safeguard your reputation, employees, data and assets.

In this article, we provide a business continuity checklist for security companies and the technologies that can help build resilience during times of uncertainty.

Our aim is to strongly advocate the use of a business continuity plan since emergencies and threats not only prove detrimental for the business in terms of safety and costs, but also affect clients’ trust.

1. Identify the Scope of the Plan

• Understand the impact posed by each risk
• Ensure all business units are represented
• Consider internal and external obligations
• Identify gaps in security operations

Understand the impact posed by each risk

During a risk assessment, classify the risks based on its origin: (a) natural (b) man-made or (c) technological. Consider all possible elements which can aggravate the impact posed by each risk. For example, a faulty HVAC system can worsen the conditions of employees stuck onsite during a lockdown. When an emergency evacuation is required, people and large equipment may be difficult to mobilise when your location has an adjacent busy highway. A prolonged city-wide power failure would require you to consider alternative communication lines.

Ensure all business units are represented

When planning for business continuity, harness cross-functional collaboration to operate effectively without undue delay.

Your business continuity team should consist of: (a) an Executive or Senior Manager who can liaise with top management for funding and approval, (b) an Information Officer to facilitate communications, (c) a Team Leader/Coordinator to lead the response and recovery effort and (d) Representatives from each business unit who can help align and execute the plan according to their specific areas of operations.

Consider internal and external obligations

A disruption can impair your business’ ability to meet internal or external commitments. For this reason, check with your Sales Manager on how an interruption can affect existing service level agreements. Confer with your finance and legal teams so your protocols will not compromise regulatory requirements. A smart security management solution allows your Human Resource Manager to use data to address manpower shortages so it does not disrupt the delivery of existing client commitments, while continuing to build trust with clients.

Identify gaps in security operations

Your ability to mitigate and recover from an incident will depend on how your security operations are tightly aligned to your business continuity plan. With SRM-Portal, you get accurate data showing how your guards are performing when it comes to reporting, patrolling or addressing incidents. With information on every guard's capabilities stored in the cloud, you can deploy the right skills for the right jobs, streamlining the process of resource allocation. In addition, the data allows you to pinpoint areas of improvement as well as training needs to improve performance standards in the long term.

2. Identify key business areas and critical functions

With security companies required to remain fully operational during a crisis, smart security management solutions can help streamline operations and build resilience.

• Enable a centralised/remote view of your operations
• Store large volumes of critical data in cloud (anytime, anywhere)
• Establish a clear and unambiguous reporting method

Enable a centralised/remote view of your operations

Being able to cover all areas of safety and security on site would probably require more personnel than you can spare. It is necessary to tighten the communication among security guards and managers when responding to a situation.

Here’s where a centralised security dashboard provided by SRM-Portal becomes an advantage. Security/Operation managers can easily track the real-time status of the guards, get immediate alerts on incidents, assign follow-up and emergency actions, and gain meaningful insights based on reports and historical performance.

Store large volumes of critical data in cloud

During and after a crisis, large amounts of data is being exchanged and collected across several responders. To make sound and timely decisions, there is a need to simultaneously record, validate and process multiple incident logs, patrol history and emergency response at speed.

Security Risk’s smart security management solutions give security companies the bandwidth to automatically, securely and remotely store and manage large volumes of data across multiple users with unlimited data storage in the cloud in any part of the world.

Establish a clear and unambiguous reporting method

A minor incident can escalate into a significant event when the communication line is weak and there is a delay on how to proceed. An incident report should relay the needed context and actionable information to support time-restrained incident response. With SRM-Sentry and SRM-Responder, your security guards can submit rich media such as photos, voice recording as well as their recommendations all in a secured mobile app.

3. Include a crisis management strategy

A crisis management strategy demonstrates your company’s commitment to ensuring the safety and security of your stakeholders.

This strategy outlines the procedures for gathering and disseminating information to all stakeholders during or after a crisis. When your security company handles an incident in a timely, effective and caring manner, you get to diffuse the negative emotions that usually arise from the uncertainty and confusion.

Internally, the strategy should consider how alerts and notifications are sent and received by security guards onsite and offsite. Subsequently, you should also tackle the types and frequency of statements sent out to the media, clients and other stakeholders. Should there be communication outages, your business must be prepared to tap alternative channels where critical users can continue communicating in whatever circumstances.

To streamline crisis response and support your security guards who serve at the frontlines, you can lean on mobile applications such as SRM-Sentry. With enhanced reporting features and automatic saving of all data to the cloud, your guards can use their device to flag threats, call for emergency backup and get notifications from operations at any point in time.

4. Test and update the plan

But as with any plan, particularly one that would involve movement of equipment and people under duress, it should pass stress-testing and simulation scenarios. To determine the crucial aspects which will impact security and business continuity, your plan should undergo the following tests:

• Structured walk-through test
• Disaster simulation testing

Structured walk-through test

A structured walk-through test is a group facilitation exercise where your business continuity and crisis management teams are presented with a couple of emergency scenarios to address. The aim of this test is for the team members to familiarise and rehearse their respective roles, clarify how they shall execute the plan, and troubleshoot problem areas. During this test, members of the group can go over protocols and try to access particular resources to validate the procedures indicated in the plan.

Disaster simulation testing

Disaster simulation drills are considered as full-scale exercises as it involves the entire organisation undergoing a realistic and interactive simulation of emergencies such as an earthquake, bomb threat or lockdown. During a drill, your business continuity and crisis management teams shall activate evacuation and securing of personnel, equipment, and supplies in real-time and on-location. After the drill, the teams shall come together to gather and evaluate feedback to serve as basis for updating the plans, strategies and protocols.

Conclusion

Security companies that are serious about business continuity can reap from their efforts of securing their operations while expanding their ability to help more clients.

As you detail plans for unforeseen scenarios, utilise this business continuity plan checklist to review components of your plan and determine how you can leverage smart security management solutions in responding fluidly to situations while protecting the workforce.