Tag Archives: Risk Assessment

BeCyberSure launches specialist EU GDPR Risk Assessment service

Information security specialist BeCyberSure has announced the launch of the “most comprehensive GDPR Risk Assessment available”. Conducted by security, risk and compliance specialists, the audit provides organisations with a definitive evaluation of their EU GDPR (General Data Protection Regulation) readiness, as well as what needs to be done to ensure compliance ahead of the 25 May 2018 deadline.

The GDPR supersedes the UK’s Data Protection Act 1998 and applies to every company that collects, processes or stores an EU citizen’s data, regardless of sector, size and geographical location. Enforcement of the GDPR is unaffected by the UK’s decision to leave the EU.

The BeCyberSure GDPR Risk Assessment is said to provide the most rigorous audit process available. The assessment is conducted on and off site by a GDPR specialist, beginning with a detailed review of company policies and governance, procedures and processes, an assessment of physical aspects (such as access to buildings and the storage of paper documents, etc.) and, if deemed necessary, an extensive digital vulnerability test. The audit also involves formal and informal (ie covert) interviews with employees as well as heads of department.

EUGDPRWeb

Carolyn Harrison, marketing director at BeCyberSure, explained that the GDPR is a company-wide issue and should not sit solely with IT.

“Our assessment begins with people, policies and processes to reveal any possible vulnerabilities that would result in non-compliance,” urged Harrison. “We then deep-dive, looking at what data the organisation is capturing, how it’s processed, what consent has been given, where it’s stored and how to dispose of all information that’s not required.” Harrison added: “The best technology in the world can be rendered useless if an open door, whether physical or digital, creates the opportunity to access to data.”

Following the audit, the host organisation is presented with a confidential Advisory Report stating what action (if any) is required to ensure GDPR compliance.

On that note, Harrison stated: “This report is invaluable in terms of benchmarking where an organisation is today, where they need to get to and the best course of action to get there. They can then choose to implement the programme of work themselves, collaborate with BeCyberSure or outsource the entire project to us.”

BeCyberSure has a senior team of GDPR auditors who have a wealth of experience with backgrounds in risk management and compliance, cyber security, policing, intelligence services and the military.

Harrison concluded: “There’s a lot of scaremongering going on about the GDPR and, while it’s true that the potential fines are eye-watering and the threat of personal liability daunting, if organisations act now, then they still have time to put the necessary safeguards in place to be GDPR-compliant. Undertaking a Risk Assessment is the first step in the due diligence process and means that organisations are not spending unnecessarily on their route to compliance.”

*For further information access www.becybersure.com

Advertisements

Leave a comment

Filed under Risk UK News, Uncategorized

Pilgrims Group appoints country director as part of footprint expansion in Algeria

Global security and risk management specialist Pilgrims Group has announced its first country director for Algeria, confirming the company’s commitment to developing its portfolio of services for businesses working in the region. 

Algeria has large oil and gas reserves and a major part of its GDP comes from this sector.

Martin Fuller has been appointed to the country director’s role and brings with him a wealth of experience in risk mitigation, crisis management, business development and business continuity.

Fuller’s previous roles include development director at G4S with responsibility for the oil and gas markets in Africa, security team leader for the Abu Dhabi National Oil Company (ADNOC), principle consultant for a Middle East security management company and twelve years working at BP International as a security, crisis and business continuity management specialist.

On his new role at Pilgrims, Fuller told Risk UK: “My focus is to grow Pilgrims’ footprint throughout the country and manage our operations to ensure the highest quality of service delivery. While it’s easy to travel to Algeria from Europe, our clients deserve and expect close management of their contracts and this is most effectively met through having a permanent local presence. It also helps us meet and maintain the necessary contacts and service our clients need with maximum efficiency.”

Martin Fuller: country director for Pilgrims Group in Algeria

Martin Fuller: country director for Pilgrims Group in Algeria

Fuller added: “By living in Algeria, I can develop a personal and hands-on understanding of the day-to-day challenges that businesses face in the country. This will perfectly position us to add value to our clients’ operations by delivering what they need, when they need it and by being able to anticipate those needs.”

Risk management and risk assessments

Pilgrims has already energised a partnership with The Mesli Group which operates a well-established security guarding company (by the name of CGPS) with over 4,000 officers deployed throughout Algeria.

A number of key services are already provided by Pilgrims in Algeria. “Currently,” stated Fuller, “our main service offerings here cover key areas of risk management, from embedded risk managers and logistic co-ordinators, the provision of risk assessments and the development of appropriate mitigation plans, among them technical security solutions, through to comprehensive journey management support using our in-house cars, drivers and tracking systems, close protection teams, medical support – including our own fleet of ambulances and medics – and motor cycle response teams.”

A key service also provided for international clients is Pilgrims’ award-winning pre-deployment hostile environment awareness training (HEAT), delivered either through its Centre of Excellence near Gatwick Airport in the UK or at its Training Academy located in Algiers.

Commenting on Fuller’s appointment, Pilgrims’ managing director Bill Freear said: “I’m delighted that Martin has joined the growing Pilgrims ranks. His in-depth understanding of the risk management spectrum and, in particular, the oil and gas industry makes him an ideal lead for our future plans in Algeria. The manner in which he has quickly aligned himself to the Pilgrims ethos and become an invaluable member of the team is a credit to his commitment and capability.”

Leave a comment

Filed under Risk UK News

ISC secures key operating license to provide security and crowd management solutions in Singapore

Integrated Security Consultants (ISC Group) reports that ISC Singapore has been awarded Security Agency license status, in turn enabling the company to offer its full portfolio of security and crowd management services in the country.

This important milestone is another step forward on the journey begun when the company expanded into Asia back in 2013. Since then, ISC Singapore* has been supporting DTZ Facilities and Engineering Pte with the recruitment and selection of the 24/7 full-time site security team for the SGD $1.33 billion Singapore Sports Hub, which opened earlier this year.

The new license enables ISC to offer a portfolio of services across Singapore, including event and venue security provision, crowd management, safety planning, crowd safety resources, consultancy (in such areas as venue layout and design, deployments, risk assessments and operations), event and project management, venue site crew management, security guarding and an array of corporate security solutions.

Integrated Security Consultants (ISC Group) has announced that ISC Singapore has been awarded Security Agency license status

Integrated Security Consultants (ISC Group) has announced that ISC Singapore has been awarded Security Agency license status

ISC is well known for its security and safety work with clients including Wembley National Stadium Ltd (London) and the American National Football League.

For its part, and following this latest development, ISC Singapore is now meeting with industry professionals looking to enhance their security and crowd management provision in Asia, and particularly in Singapore.

“We’re delighted to continue further developing our service provision for the events industry in Singapore,” enthused ISC Singapore’s senior director Roger Hooker. “We very much look forward to making a positive contribution, offering specialist advice as well as plenty of practical hands-on support for our clients.”

Singapore's business district

Singapore’s business district

In conclusion, Hooker told Risk UK: “This license enables us to continue to develop new partnerships in 2015. It’s an exciting marketplace in Singapore underpinned by great opportunities and a growing and vibrant events scene.”

*ISC Singapore is a subsidiary of the ISC Group which is based at Wembley National Stadium, London

Leave a comment

Filed under Risk UK News

‘On Parade’: Security Management Best Practice for Special Events

Managing security at an iconic central London venue allows absolutely no room for error. Recently, Integrated Security Consultants provided support for a lavish private event held at Horse Guards Parade. Brian Sims outlines the service delivery and what lessons were learned.

Destination and corporate event management specialist Spectra DMC approached ISC back in March regarding its plans for a gala dinner to be held at the London meeting of the American College of Trial Lawyers (ACTL). This was to be a highly prestigious and unique event on something of a grand scale, with a giant marquee erected at Horse Guards Parade and plans for no less than 1,000 covers.

Guests were to be welcomed by a choir while the troopers and horses from The Household Cavalry would form a Guard of Honour.

Crucially, although the event was private in nature, it would be taking place in a highly sensitive area, out in the open and right next to a major central London public road. The right security regime was vital in order to keep the site safe during the build-up to and during the event, but also to enhance the guest experience and ensure everything would run smoothly.

Horse Guards Parade in London

Horse Guards Parade in London

The event itself took place on 13 September, but chosen security provider Integrated Security Consultants (ISC) was on-site 24 hours a day controlling access to the site from four days prior for the build until the site was clear and returned to its ‘blank canvas’ state two days later.

“We had to work closely with the many different parties involved, all of whom had their own needs and expectations,” stated ISC’s business development manager Paul Griffiths. “These parties included not just our client, Spectra DMC, but also the Royal Parks, the Metropolitan Police Service, the various event contractors and, of course, members of the public.”

As well as managing the security of the site itself, ISC provided corporate security staff to welcome guests, manage local public interest and handle both traffic ingress and egress.

Planning and familiarisation process

“This event was 18 months in the planning,” added Griffiths, “and, naturally, both Spectra DMC and the ACTL had high expectations for the day. Every aspect of the event had to be perfect, from the catering and entertainment through to the security team. We spent six months planning and familiarising ourselves with the expectations of our client and ensuring full risk assessments were carried out. We also attended planning meetings with the Royal Parks so that we understood how the site operated and what to expect, in turn advising on security requirements.”

Griffiths continued: “The Metropolitan Police Service and Royal Parks wanted to ensure that all Health and Safety requirements were in place and that the site was secure at all times. We liaised with them and brought security cover forward by 24 hours to ensure that the very earliest stages of the build were covered.”

On the evening of the event, all access points were secured and a large crowd of onlookers had to be kept back so that all guests could be admitted during a short 30-minute window, transferring from coaches within seconds. Everything went smoothly, but there were some challenges to overcome.

Security for the event was provided by Integrated Security Consultants

Security for the event was provided by Integrated Security Consultants

“These were mostly logistical,” continued Griffiths, “such as some contractor vehicles turning up without pre-registration. Another challenge was that the site is usually easily accessible to pedestrians from Horse Guards Road. Rather than just station officers along the 160-metre perimeter, we were permitted the use of crowd barriers to provide an extra layer of defence.”

Griffiths went on to comment: “Unsurprisingly, holding such a glamorous event in a public place attracted a great deal of attention from passers-by, in particular when the Band of the Coldstream Guards arrived and played several numbers. The event also coincided with the nearby Proms in the Park, which resulted in large numbers milling around in the vicinity, but this didn’t pose any problems for our team.”

Recruitment of security personnel

ISC’s recruitment process is designed with an ultimate objective in mind: the provision of a high quality security service. The company’s clients can be satisfied that each member of the security team they receive on site has been through a comprehensive interview process which tests for competency, communication and customer service capability. The staff understand the high expectations of both their employer and its customers and have the experience of working at a wide variety of public and private events.

To complete the security package for a site on the scale of Horse Guards Parade, ISC provided a manager to fully instruct and guide the security team. The company is always mindful of the fact that security is in place to support the smooth running of an event and that event managers are, in general, exceptionally busy with other aspects of production. For this reason, ISC provided Spectra DMC with a manager to direct the security team on their behalf. Rather than worrying about positioning staff, this enabled the client to focus on its primary goal of ensuring this spectacular event exceeded all expectations within a safe and secure environment.

1,000 covers for guests were provided inside a temporary venue on the site of Horse Guards Parade

1,000 covers for guests were provided inside a temporary venue on the site of Horse Guards Parade

ISC’s success in securing this event is the result of a long history of working on other high profile events, often in spectacular venues, and a culture of listening carefully to clients’ requirements in order to build a bespoke security service.

Mark Wareing, account director at Spectra DMC, concluded: “Everyone on the ISC team was really helpful and great to work with. The security manager was totally flexible and we could just leave the team to their own devices.”

That’s what everyone involved in running and securing special events – be those occasions big or small in nature – wants to be able to say.

What to consider when hiring an event security solutions provider for your corporate events and buildings

What are the main services these companies provide?

There are a wide variety of security roles to be covered and security companies may specialise in different areas along the spectrum. Corporate and private events are very different from large-scale public events or nightclubs and require a more discreet, bespoke service that blends robust venue security with customer service.

Security staff are usually the first point of contact that guests will have with your event and their conduct will set the tone for the evening.

How do you go about sourcing a reputable company that’s right for you?

The security industry has evolved considerably over the past decade, with licensing of individuals working in a security capacity through the Security Industry Authority (SIA) having been a legal requirement for the past decade.

However, just because an individual has passed a training course and holds a licence does not necessarily mean that person is right for your event.

They might be great at patrolling empty buildings, but how will the officers interact with your guests?

Not all security companies are alike. What accreditations do they hold? The two most important to look out for are the National Security Inspectorate (NSI) ‘seal’ and the SIA’s Approved Contractor Scheme mark. Both are a sign that the company has high quality standards and are subjected to external audits.

The NSI’s ‘Guarding Gold’ also demonstrates conformance with the internationally-recognised ISO 9001 quality standard along with several British Standards for security services.

There are numerous key questions that end users must ask of potential security providers for special events

There are numerous key questions that end users must ask of potential security providers for special events

What are the top three questions to ask of your potential service provider at the outset?

Naturally, you will want to know what price you are paying for the security services offered. Expect to pay an hourly rate per officer for a minimum number of hours per shift.

Prices will, of course, vary from one company to the next, but as is the case with any product or service the age-old saying “you get what you pay for” is very apt here.

A high quality security company offering a high quality service will pay their staff a decent wage and, while they will not charge the earth, naturally they will not be the cheapest option for the purchasing end user.

You should establish a budget for security services early on in the planning process, allowing a little breathing room in case you require more staff or for longer periods than originally anticipated.

How early on in a project should you make sure the security service is on board?

Security staff are often viewed as a ‘need to have’ rather than ‘want to have’ item on an event checklist. However, by viewing them as an integral part of the event experience and by bringing yoursecurity partner on board early in the planning stages, they will have the right amount of time to prepare and give you the best staff they have.

Rather than trying to guess how many security staff you’ll need, talk to your service partner and allow them to conduct a site visit to scope the requirement themselves and to perform a risk assessment. Site geography, threat levels and the event profile will dictate minimum staffing numbers, but the maximum depends upon your budget and key objectives.

The role of the security specialist is to make the service end user’s planning process as stress-free as possible.

How can you evaluate the service you’re receiving?

As the client, your security partner should be asking you lots of questions leading up to the event. Each event and venue is unique and you should be receiving a bespoke service tailored to your exact specifications.

As the event planner, you will almost certainly be present on the day of your event. As with other services, it will be very apparent if you’re not receiving the standards of service you desire.

Consider paying for a security supervisor to manage the team rather than managing each security officer yourself. This will allow you to focus solely on running the event.

What should you do if you’re not happy with the security service provided?

If you’re not happy, talk to your security partner’s representative to make them aware of your dissatisfaction. They should take steps to rectify the situation either immediately or for your next event.

If they don’t do so, it may be time to seek a new partner who can better understand your operational requirements.

Leave a comment

Filed under Risk UK News

Safety showers in the workplace: what does Best Practice look like?

Robert Moore considers what constitutes Best Practice in both the use and monitoring of safety showers in hazardous working environments.

Manufacturing facilities can be dangerous places. Even with the most stringent Health and Safety procedures in place, accidents can – and occasionally do – happen, and the consequences can be serious.

The level of risk clearly increases depending on the environment. Risk may arise from the machinery and moving parts. It may stem from the manufacturing process, working with intense heat or high power, or it may come from materials used within the manufacturing process (with perhaps the greatest risk coming from hazardous chemicals).

The risk posed by liquid chemicals is not so much one of ingestion but rather from spillages and/or the liquid being accidentally splashed onto clothes or skin. The most dangerous scenario, of course, is when a chemical finds its way into someone’s eyes.

Manufacturers – and indeed their counterparts in laboratories and pharmaceutical facilities – have long since identified this risk and have taken steps to limit potential harm to their employees. Wash stations are de rigeur, as are safety showers in the event that the body needs to be fully immersed.

Standards governing safety shower design and performance

Remarkably, despite the essential nature of such equipment, ensuring a business is ‘compliant’ from a Health and Safety perspective is somewhat confusing since there are only a few recognised standards specifically governing the design and performance of safety showers.

The provision of safety showers can undoubtedly prevent serious injury and even save lives

The provision of safety showers can undoubtedly prevent serious injury and even save lives

What standards are there? Unfortunately, there appears to be no complete EU or UK standard that covers all types of shower for all types of installation. The existing EN15154 standard has four completed parts that cover plumbed-in showers in laboratories and plumbed-in eye showers in both laboratories and industrial/logistics sites as well as tank showers (non-plumbed) for all sites. However, there’s no finalised standard covering plumbed-in showers for industrial (non-lab) sites.

The lack of clear EU standards doesn’t mean that an employer can install any form of shower and ‘get away with it’. They must abide by clear legal requirements to provide appropriate First Aid equipment, but the lack of an agreed standard does make the definition of ‘appropriate’ difficult to determine. Perhaps employers could look further afield for advice, and more specifically turn to our friends in the US?

America’s ANSI Z358.1-2004/2009 is a more or less holistic standard covering most types of shower and eye bath. Its scope is for all types of working environments. The thoroughness of this standard means it has become the essential reference point for those employers seeking Best Practice.

Similarly, the German DIN 12899-3:2009 standard covers plumbed and tank body showers for industrial and logistics sites, thus plugging the substantial gap in the current European norm. Indeed, it’s believed that the German standard will be followed when Part Five of the EU legislation is finally completed.

What does Best Practice look like?

Employers have a responsibility to ensure that a shower will work when it’s needed. Best Practice would include an audit of when a shower was last used. It would also include some form of alert mechanism to show when the shower had been activated – especially at a time when an individual may be working alone.

Technology is there to assist. A Limitless™ wireless switch, for example, can be easily installed on existing safety shower units and integrated with local or central alarms, building management systems and CCTV, not only to improve critical first alert response times in the event of an accident, but also to provide an audit trail of when each safety shower/eye wash station has been used. In addition, this supports employers in documenting their Health and Safety obligations.

Being wireless, it enables any washing facility – regardless of where it may be located on site – to be centrally located and tracked such that, if an emergency should occur, help is always close at hand. The switch can be manually operated or set to automatically trigger an alarm the moment a valve is opened. It can be quickly and easily fitted retrospectively to any shower installation without the need for trenching for cable or conduit, or included at the point of manufacture.

Robert Moore: Product Director (EMEA) for Electromechanical Switches and Test and Measurement Products at Honeywell Sensing and Control

Robert Moore: Product Director (EMEA) for Electromechanical Switches and Test and Measurement Products at Honeywell Sensing and Control

The solutions are available in two wireless protocols. First, there’s a Limitless™ point-to-point protocol where switches transmit directly with a receiver. In this case, the protocol allows for lost connectivity and low battery diagnostics.

Second, a ‘OneWireless’ multi-application, multi-standard wireless network that can be tailored to offer the network coverage needed for large industrial applications. Field devices mesh, allowing for multiple RF transmission pathways.

Prevention is better than cure

Having a shower installed does not in itself ensure that an employer has met their Health and Safety obligations, and neither does it ensure the safety of the employee.

Prevention, so the saying has it, is better than cure. The provision of such equipment can undoubtedly prevent serious injury and even save lives. By adopting Best Practice, and referencing those standards that are available, an employer will know that they’ve done all they can to mitigate the risk.

Robert Moore is Product Director (EMEA) for Electromechanical Switches and Test and Measurement Products at Honeywell Sensing and Control

Leave a comment

Filed under Risk UK News

Pilgrims Group supports the fight against Ebola at home and abroad

The Pilgrims Group is appearing on ITV’s Tonight programme at 7.30 pm this evening. The topic of discussion? ‘Is the UK prepared for the arrival of Ebola?’

The international security and risk specialist is helping organisations protect themselves from the Ebola outbreak in West Africa. The company’s teams are also supporting efforts to prevent the spread of the disease to the UK.

In West Africa, Pilgrims Group is working with commercial businesses, media organisations and NGOs by offering practical solutions around training, risk assessment, contingency planning and decontamination equipment for those teams operating in affected areas.

Here in the UK, the company is offering its expertise to airport managers and the Government’s border agencies in relation to the provision of staff training, equipment and other means of practical support.

“Prevention and protection are better than cure,” stated James Milnes, a leading specialist on the Ebola virus. “In the case of Ebola, where there is no cure, it stands to reason that prevention and protection are the only available options.”

Filming takes place for the Tonight programme on ITV

Filming takes place for the Tonight programme on ITV

Preparing for Ebola in the UK

In this evening’s broadcast, ITV’s science correspondent Alok Jha will be looking at how the UK is preparing for Ebola and asks if we are really ready.

Pilgrims Group has supported the programme by offering specialist advice and comment on the preparation processes for dealing with Ebola contamination, in addition to providing a practical run-through and demonstration of Personal Protective Equipment.

“The devastating human cost of the Ebola crisis and its potential for destabilising the international community has been recognised as a global threat by the World Health Organisation, the United States Government and many international organisations,” explained Pilgrims Group’s managing director Bill Freear. “We welcome the chance to play our part in effectively preventing the spread of this dreadful disease and eventually controlling it.”

*Access the ITV website for an in-depth preview of tonight’s programme complete with video interviews featuring James Milnes, leading epidemiologist David Heymann and infectious disease scientist Jeremy Farrar

Leave a comment

Filed under Risk UK News

Corps Security introduces CorpsConsult expert consultancy service

Corps Security has announced the introduction of a new business division that provides a diverse range of consulting, investigative and training services specifically designed to help customers improve risk and threat management.

CorpsConsult uses the extensive in-house expertise that Corps Security possesses. CorpsConsult is headed up by Mike Bluestone, Corps Security’s director of security consulting.

“Our experts all have recognised academic and professional security qualifications and come from a diverse range of corporate backgrounds,” asserted Bluestone. “In addition, several leading members of the team have served with distinction in the police and the military. This wide-ranging experience combines to ensure that CorpsConsult has unrivalled levels of knowledge and expertise that can be used to advise companies on the security of their people, property and assets through both human and technological means.”

Mike Bluestone, who heads up CorpsConsult, discussing strategies with a client

Mike Bluestone, who heads up CorpsConsult, discussing strategies with a client

A key element in having the right security solutions in place is an awareness of risks and threats. CorpsConsult’s consulting services provide both strategic and logistical answers to an organisation’s security requirements. These services include strategic security reviews, the development of corporate security policy and strategy documents, risk and threat assessments, security surveys and audits.

CorpsConsult prides itself on providing clear reports with easy-to-follow guidance and recommendations.

Selection of training courses

CorpsConsult’s investigative services are used by organisations looking to carry out due diligence in areas such as mergers and acquisitions and the examination of corporate fraud and financial impropriety.

Areas of potential risk can be identified through discreet checks on the backgrounds and reputations of companies and individuals. Other services include scene of crime work, personnel screening and vetting and corporate surveillance.

To complement its other activities, CorpsConsult also offers a selection of training courses delivered by its specialist experts. These courses can be designed to meet a client’s specific needs. Here, the subjects include security management, security auditing, fraud prevention, strategic security and security awareness training.

Speaking about the introduction of CorpsConsult, Corps Security’s CEO Peter Webster explained: “The importance of a clearly defined and implemented security strategy cannot be overstated. Organisations in all business sectors now realise that expert guidance is an invaluable part of this process.”

Webster continued: “Although we have offered consultancy services for many years, the formation of CorpsConsult galvanises our extensive knowledge into one complete offering. I believe it’s a valuable addition to our existing specialist security services, and we will continue to develop it to meet the ever-changing needs of our customers.’

For further information contact Corps Security on Tel) 0800 0286 303 or via e-mail: info@corpssecurity.co.uk

Leave a comment

Filed under IFSECGlobal.com News