The basis of all Close Protection and related security is Threat Assessment. It is of course impossible to determine the correct type and amount of protection unless the type and amount of threat has been established and yet time again we see disproportionate levels of security present in many commercial areas with either too much or too little remaining common occurrences. Attempting to protect individuals at risk from everything all of the time is neither efficient nor effective (it is also not possible) and the people that need it do not necessarily require the same level of protection all of the time. The development of an effective personal protection program demands that a determination be made of the level and type of threat that exists for an individual at a particular time, in a particular set of circumstances. The best is one that affords the appropriate level of protection with the minimum intrusion on the normal life-style of the person being protected. The key to establishing this level of protection is to perform a Threat Assessment. Once the potential for harm has been evaluated, a determination must be made as to what resources and actions are necessary to control those risks. Again, where possible, the avoidance of risk is preferred. The purpose of a threat assessment, therefore, is to determine what risks exist and to separate serious from non-serious. In this manner we can develop plans that will avoid some of the risks, and we can determine how much of our resources to deploy against the threats that cannot be mitigated.
Are all terms, which many claim to understand, but in reality, and within a Close Protection environment specifically, they remain confused. The term Threat & Risk Assessment is often used by many security companies within the context of Close Protection, as a service they provide. Yet many fail to understand exactly what it means and what is involved in the provision of it. They state in their glossy blurb, “Threat Assessments are tailored to an individual client’s needs.” This of course, is incorrect and couldn’t be further from the truth. Threat assessments are not ‘tailored’ but are processes for determining what threats are present, what threats are not and to determine methodologies for mitigation and reduction of those where the risk to threat is present or greatest. The TRA is pivotal to the decision-making practices in the deployment of assets for controlling risk to threats and is fundamentally integral to the initial process in the provision of protective services.
The compilation of a TRA is intended for the purpose of:
- Determining the threats posed
- Determining the risks to those threats
- Organising those risks and threats into order of priority
- Mitigation of those threats
As a result, it should now be possible to deduce the most likely forms of attack.
The TL/ IBG must:
- Study the Program
- Assess vulnerable locations & timings
- Traffic conditions
- Enemy weapons
- Weakness in building
- Weakness in perimeter
- Vehicle security
- Interpretation of all available intelligence – Vulnerable elements of operation / Allocation of protection resources
An accurate Threat and Risk Assessment is vital. It must be updated regularly and new information must be used as soon as it becomes available. Conversely, the lack of confirmed intelligence is no excuse for the non-production of a TA.
Risk is a function of the values of threat, consequence, and vulnerability. The objective of risk management is to create a level of protection that mitigates vulnerabilities to threats and the potential consequences, thereby reducing risk to an acceptable level.
Reasons for Risk Management
Time saving –Convenience – Safety – Privacy – Reduced stress – Peace of Mind.