When a security expert comes to your place of business to assess and analyze your site’s risk, which assets are they assessing?
You probably think they’re taking stock of your cameras, doors, fire extinguishers and lighting – and you’re probably right. But such tangible assets are only one part of the assessment. A qualified security expert should be taking both your tangible and intangible assets into account when they assess and analyze your site’s security.
Ask the Expert: How Do I Identify If an Incident Is Probable?
What are your tangible and intangible assets?
Every silo in every organization has a combination of tangible and intangible assets that help the business function. For example, your IT department works with tangible assets (like computers) to manage your company’s data, which is intangible. Your security organization is no different.
Your tangible assets are the countermeasures you can see and touch: fences, cameras, badges, lighting, bollards — any physical countermeasures that keep your building safe are tangible assets.
Your company’s intangible assets aren’t physical. Normally they’re information-based. Your security policies, processes, emergency plans, institutional knowledge, and any data pertaining to the security of your site are intangible assets.
How can you prepare for an active shooter? 5 best practices
How can you assess intangible assets?
It’s easy to inspect a camera, a door lock, or a fire extinguisher — a security experts makes sure it’s where it’s supposed to be, that it’s working, and that it is still able to achieve its objective. But how do you assess something that you can’t see, like a policy or a plan?
The best way to assess an intangible asset during a risk analysis is by speaking to the people who know it best. We recommend that the security expert conducting the risk analysis send a questionnaire to whoever owns the policy or procedure. This could be the head of security, a site manager, or whoever is responsible for updating or educating the employees of the organization about the policy.
What are you assessing? It’s not enough to simply have a policy. You want to be sure that an organization’s people are competent in an emergency plan, that policies are updated regularly, and that processes actually work.
While tangible assets are the countermeasures that reduce the probability of an incident, intangibles often help your business respond and recover when there has been an incident. Both need to be included in your risk analysis for your business’s continuity to be assured.
Need help with a risk analysis? Schedule your personalized demo today.