Risk

The True Price of a Low-Cost Physical Risk Assessment

April 19, 2018 | 5 min read
Shutterstock 547096873

If you’re like many organizations, you see security as nothing more than an expense. It’s not a revenue-generating asset, so it must be a liability. Physical risk assessments have a low priority—and if you’re really honest, the only reason you do them every year is because your insurance carrier requires it.

I don’t blame you. In fact, I’d probably feel the same way.

Handpicked related content: How Often Should You Do a Risk Analysis? More Often Than You Think

If you’re like a lot of other organizations out there, you’re hiring the cheapest security consultant you can find. And that means you’re getting cheated on your physical security assessments. No wonder you don’t see any value in them!

When you hire the lowest bidder, you’re actually making a costly mistake that impacts your company’s bottom line. Here’s what I mean by that.

What Is Your Cheap Consultant Really Costing You?

Organizations hire the lowest bidder to save money, but cheap consultants are more expensive than you realize. And they’ll take a bite out of your bottom line that could have long-term effects.

How could a cheap security consultant be a costly expense? Here are three of the top liabilities to hiring the lowest bidder.

Handpicked related content: What NOT to Look for When Hiring a Security Consultant

A physical risk assessment you never use

Inexpensive security consultants have to cut corners somewhere. Usually it’s in the risk assessment reports, because writing reports takes a lot of unbillable time. The less time a consultant spends on reporting, the more revenue they can earn. The end result is usually one of two things:

  • The report just regurgitates information you already knew about your physical premises
  • The report is loaded with observations, but it’s hard to read and doesn’t tell you how to fix the problems

For most security professionals, it takes a long time to create a valuable report that’s easy to read and includes detailed corrective actions. Cheap consultants can’t do it, because they would lose money and quickly go out of business.

If you hire a cheap consultant, you’ll pay for a risk assessment report you’ll never use.

A risky assessment

What would you do if your CPA used the same out-of-the-box tax strategy for all of their clients? That’s how many cheap consultants approach risk assessments. They treat all facilities the same—whether they’re doing physical risk assessments for schools, hospitals, banks or private corporations. Your facilities are unique, and your security consultant should consider your industry, your geography, your business model, seasonal factors and much more. No two facilities are the same—even two fast food franchises in the same town have important differences.

What happens when you treat every facility the same? You get the wrong recommendations. Just as an out-of-the-box CPA could cost you money instead of saving money, a cheap consultant could make inappropriate security recommendations. At best, the recommendations don’t reduce your vulnerabilities. At worst, they actually increase your physical security risks, and you never know it. Is that a risk you want to take?

Handpicked related content: Don’t Stop at the Door—Keep Employees Safe Outside of Work

Security upgrades you don’t need

Sometimes the problem isn’t the assessment itself, but the remediations. For example, a cheap consultant could properly identify a problem with your building entrances. But they may convince you to install an expensive new access control system when all you really need to do is upgrade your door locks. In a bizarre true story, one Pennsylvania school district armed 500 teachers with miniature baseball bats, as protection during an active shooter scenario.

You can lose a lot of money by making the wrong kinds of physical security changes.

What to Look for in a Security Consultant

You can get greater value out of a quality security consultant who can identify physical security improvements that reduce risk and save money. Instead of hiring the lowest bidder, make these your top priorities:

  • Industry experience. How long have they been in your sector? What’s the depth of their industry knowledge? Being new to the industry (referring to the company) do we risk this statement coming back to bite us? Just asking.
  • Geographic experience. Every geographic area has its own particular risks. Can the consultant showcase their experience within your area? Are they connected to local law enforcement and other related agencies?
  • Team players. Consultants should bring a second set of eyes with them on inspections. Don’t hire lone wolves.
  • Quality reports. Ask for a sample of the report you’ll receive. Is it valuable information? Is it usable? Does it provide detailed corrective actions? If it’s not a redacted report, end negotiations with that consultant immediately!
  • Tools. Will the consultant use the latest available technologies for the assessment, or is everything paper-based? Digital technologies far outpace the value you’ll get from paper methods.
  • Full process. Will they spend more time on-site, where they can observe your organization, or at home? Find out what happens after the assessment. Will they help you prioritize your needs?
  • Education. They should be a certified protection professional or be educated in the field. Having a law enforcement background doesn’t qualify a person for security consulting.
  • Referrals. Always ask for multiple referrals from recent clients.

Often, the cheaper consultants are police or security officer retirees. They’ve recently taken up consulting because they’re just looking for supplemental income. But the more expensive consultants are the professionals who have made a career out of risk assessment. These are the people who have been around for a long time. They have the expertise and experience to justify a higher rate, and you’ll get more value from their assessments.

Security Is an Investment, Not a Liability

Security assessments, when they’re done right, are an investment into your organization—not a liability. You should be doing risk assessments not because your insurance requires it, but because they will save you money by reducing liability and expenses.

Even if you’re only hiring a risk consultant because your insurance requires it, you may as well get value out of the physical risk assessment. It’s foolish to throw away good money and get nothing out of it.

Hire a quality professional who helps you reduce security costs and reduce your risk. A safer facility will result in a healthier bottom line for your company.

Want more answers to your physical security questions? Subscribe to the blog!

Are you ready to improve your organization’s risk resiliency?

See Circadian Risk In Action Now
Create an Account