In any organisation striving to create a safe and secure environment for employees, customers, and assets, security awareness is paramount. This practise is most effective when grounded in a well-constructed plan supported by comprehensive policies and procedures, all underpinned by a team-oriented approach. A robust security awareness team, encompassing all facets of the corporate structure, is essential for maintaining a healthy organisational environment. Managers must develop a plan that integrates every employee and forges partnerships with key external stakeholders, building a diverse and cohesive team. When effectively implemented and consistently reinforced, a security awareness team can thwart threats that jeopardise the organisation.
Security awareness involves keeping security at the forefront of every employee's mind throughout the day. It is a collective duty, focusing on security practices relevant to daily organisational activities. While not every employee needs to know every detail, they must understand their specific role in maintaining safety. Security awareness relies on a framework of established policies and procedures, enabling employees to report unsafe conditions, suspicious activities, and general safety breaches instinctively.
Regular training, surveys, and EAPs (Employee Assistance Programs) help heighten awareness about evolving trends and advancing technologies. Historically, the focus was on physical security—gates, doors, windows, and locks. Today, it extends to internal matters like workplace violence prevention, personal safety, and cybersecurity, emphasising the need for current and comprehensive security practices.
For security awareness to be effective, the concept must permeate all organisational levels and extend to external partners. Employees should feel integral to the awareness team and be encouraged to contribute ideas for improving security. A double-loop communication model, where information flows both ways between employees and management, helps identify and rectify outdated procedures.
Modern security strategies involve collaboration with external entities such as customers, vendors, contractors, insurers, security consultants, and public safety officials. This synergy acts as a force multiplier, enhancing the security plan with proven ideas from experienced contributors. Regular interaction with local, state, and federal law enforcement can reinforce security and safety practices, integrating them into company policies and procedures.
Increasing security awareness requires engaging employees and external partners through interactive activities such as orientation sessions, training, security updates via newsletters and emails, blogs, and informative signage.
Orientation and Documentation: Employees should be thoroughly briefed on policies and procedures upon joining the organisation. Orientation sessions must be documented, with employees signing off to indicate their understanding.
Clear and Accessible Policies: Organisational policies should be clear, concise, and regularly updated. Both print and electronic copies should be readily available.
Repetition: Consistent exposure to the security message through posters, emails, newsletters, and meetings reinforces involvement.
Regular Meetings: Quarterly security awareness meetings with all departments ensure continuous engagement.
Implementing Argyris and Schon's Double Loop Learning theory transforms the organisation into a learning entity, continuously improving actions through better knowledge and understanding. This theory emphasises feedback mechanisms, allowing employees to contribute to and refine the security awareness program, thereby becoming stakeholders with a vested interest in its success.
Focus groups and employee surveys (EAPs) are valuable tools for gathering feedback. Focus groups, comprising end users of the policies, provide practical solutions during brief, scheduled meetings. Surveys included in emails, newsletters, blogs, and webcasts offer insights into areas needing adjustment to keep the security awareness program on track. The information from these sources fosters a credible double-loop communication process, enhancing the management-employee partnership.
Collecting and sharing "lessons learned" from within the organisation showcases successful security outcomes, demonstrating the importance of security awareness in reducing crime and increasing safety. These examples help employees and partners understand the personal and organisational benefits of strong security practices.
Security managers should utilise resources provided by professional organisations like ASIAL and ASIS, which offer guidelines and valuable information on various security topics. These resources help in setting robust policies and procedures, contributing to the overall effectiveness of the security awareness program.
Security awareness is a collective endeavour requiring the participation of all organisational levels and external partners. By fostering a culture of security through effective communication, continuous learning, and leveraging external resources, organisations can significantly enhance their safety and security posture.
From the author.
The opinions and statements are those of Sam Wilks and do not necessarily represent whom Sam Consults or contracts to. Sam Wilks is a skilled and experienced Security Consultant with almost 3 decades of expertise in the fields of Real estate, Security, and the hospitality/gaming industry. His knowledge and practical experience have made him a valuable asset to many organizations looking to enhance their security measures and provide a safe and secure environment for their clients and staff.
Comments