From banks to quick serve restaurants, businesses must be vigilant about protecting their patrons from criminal acts committed by third parties, says Jon D. Groussman, President and COO of CAP Index, Inc., a firm that provides crime forecasting models for a variety of facility types. The Exton, PA-based company serves 81 of the top U.S. Fortune 100 companies, as well as retailers, financial institutions, insurance companies, and quick service restaurant companies.
In order to educate companies about the importance of risk management in preventing premises liability lawsuits, CAP Index offers the following tips to corporate security managers. According to Groussman, “One of the most common allegations against companies in premises liability lawsuits is the failure to assess risk and adjust security programs accordingly.”
Many companies are also accused of violating generally accepted security practices and/or even their own corporate standards. To avoid this, CAP Index recommends the following guidelines for designing and implementing a corporate security strategy:
- What are we attempting to protect? First evaluate what the primary assets of your business are (i.e., products, services, technology).
- What role do various departments play in the process and execution? Determine exactly how various departments, such as loss prevention, asset protection, and even the C-Suite, will interact in the development and deployment of the company’s overall security strategy.
- What is our corporate risk tolerance? Every company has a different tolerance for risk. Establish what yours is and keep it top of mind in developing an overall security strategy.
- Can we justify the costs/what is our return on investment (ROI)? Make sure to factor in all the costs associated with designing and implementing a security system. Try to estimate an ROI that can be shared with various corporate stakeholders.
- Can we articulate our decision making process? According to Groussman, the most important aspect of any company’s security strategy is being able to articulate it—and the decision making process behind it. In the event that you are questioned during the litigation process, you will be well prepared.
Additionally, one of the largest components in defining a corporate security strategy involves evaluating various risk assessment considerations. According to Groussman, these may include:
- The nature of the business (e.g., cash on hand, operating hours, inherent risks)
- Event history at the location and in the immediate vicinity
- The nature, frequency, and severity of prior events
- External crime risk, or the level of “social disorganization” in and around the immediate vicinity
Finally, in the event that a company is involved in a third-party crime, Groussman recommends an immediate post-incident response, as well as consequence containment process—ideally, one that has been planned well in advance. This includes having a designated team ready to respond to the event; the careful documentation of facts and circumstances as soon as possible; the determination if safety changes are necessary (as well as a possible re-evaluation of risks); and a rationale for any “go forward” modifications. And if the incident advances to the litigation process, the identification, selection, and preparation of both legal and company representatives becomes a critically important next step.