The challenge of corporate safety and security



Similar documents
HOW TO MODEL AND EVALUATE THE INCIDENT REPORTING PROCESS OF A COMPANY?

Rescue services in Finland

NORWEGIAN DIRECTORATE FOR CIVIL PROTECTION (DSB)

Emergency Management: Identifying Problem Domains in Communication

Getting the occupational safety basics organised

National Security Auditing Criteria (KATAKRI) version II, 2011

SHE Standards. Safety, Health and Environmental Protection Standards

TRUST BOARD - 25 April Health and Safety Strategy Potential claims, litigation, prosecution

Risk Engineering. Helping our customers understand and protect themselves from risk

Commercial General Liability Insurance Proposal Form. Public Liability Exposures

Critical success factors of effective security management: a survey of Vietnamese maritime transport service providers

Health and Safety Management in Healthcare

Training & Certification. Environmental Health. Emergency Management. Public Health. Occupational Safety

Costs of occupational accidents - Effects of occupational safety on company business A research and development project

On the European experience in critical infrastructure protection

Information for environmental health emergencies: what can WHO offer? Joanna Tempowski International Programme on Chemical Safety (WHO/ILO/UNEP

EUROPEAN COMMISSION ENTERPRISE AND INDUSTRY DIRECTORATE-GENERAL. Space, Security and GMES Security Research and Development

The Development of the Security Network

ESKISP Conduct security testing, under supervision

Richard M. Fairbanks School of Public Health Undergraduate Course Descriptions

Contractor Safety Management

Honourable members of the National Parliaments of the EU member states and candidate countries,

SCDHSC0032 Promote health, safety and security in the work setting

Det talte ord gælder

Final Draft/Pre-Decisional/Do Not Cite. Forging a Common Understanding for Critical Infrastructure. Shared Narrative

IOWA LABORATORIES FACILITIES PHYSICAL SECURITY PLAN

EU-U.S. DECLARATION ON COMBATING TERRORISM DROMOLAND CASTLE, 26 JUNE 2004

BUSINESS IMPACT ANALYSIS.5

South African Nursing Council (Under the provisions of the Nursing Act, 2005)

DIFFERENCE BETWEEN INTERNAL AND EXTERNAL SUPPLY CHAIN RISKS ON ITS PERFORMANCE

Jonathan Wilson. Sector Manager (Health & Safety)

M.S. in Emergency Management and Business Continuity

UK SBS Physical Security Policy

IFE Level 3 Certificate for Operational Supervisory Managers in Fire and Rescue Services (VRQ)

Cyber Security Strategy

Apoteket s Code of Conduct for Sustainable Business Final version, October 2015

SCHEME OF EXAMINATION PG DIPLOMA IN CORPORATE AND INDUSTRIAL SECURITY MANAGEMENT (PGDCISM) ONE YEAR PROGRAMME

MINISTERIO DE TRABAJO E INMIGRACIÓN

Integrated Emergency Management and the Prior Notification of the Transportation of Radioactive Material

Cyber Security Strategy for Germany

The Crisis Management System in Germany

Free Article PHYSICAL PENTESTING A WHOLE NEW STORY IN PENETRATION TESTING 2/2011. by Trajce Dimkov & Wolter Pieters

Police College of Finland

In human resources: Employment and employee relations Health and safety Staff training and development. Employment and employee relations

PSPSOHS602A Develop OHS information and data analysis and reporting and recording processes

Icelandic National Cyber Security Strategy Plan of action

GETTING TO GRIPS WITH RISK MANAGEMENT SYSTEMS AND THE INSURER

Introduction to Social Compliance & Its Business Benefits

Security Risk Assessment Tool

REPORT 4 FOR DECISION. This report will be considered in public

ValueSec use case scenario: Alcohol abuse intervention in Finland

Construction safety management accidents, laws and practices in Kuwait

(1) work done by apprentices and students in connection with education; (2) work done by persons involved in employment measures;

Focus on Security Business

Final reports on deepened defence cooperation between Finland and Sweden

INFORMATION BULLETIN No. 145

Business continuity plan

THE POLICE SERVICE IN FINLAND

CBRN National Action Plans

Cyber Security VTT and the Finnish Approach

Declaration on the 20th Anniversary of the Barents Euro-Arctic Cooperation. (Kirkenes, Norway, 3 4 June 2013)

N.B. Unofficial translation, legally binding only in Finnish and Swedish. No. 1383/2001 Occupational Health Care Act

Assessment of natural hazards, man made hazards, technical and societal related risks and associated impact.

ABBVIE C-TPAT SUPPLY CHAIN SECURITY QUESTIONNAIRE

The Joint Commission Approach to Evaluation of Emergency Management New Standards

Release: 1. BSBCON601B Develop and maintain business continuity plans

Changing Perceptions and the Skills Required by Security Managers

Develop and implement health and safety emergency response systems and procedures

TO GAS TRANSMISSION OPERATOR GAZ-SYSTEM S.A.

Lessons from Defending Cyberspace

2 Gabi Siboni, 1 Senior Research Fellow and Director,

SAR Co-operation Plan. Parts 3 6

Implementation of TQM in Manufacturing Industries in the Kingdom of Saudi Arabia

Cyber Risk: Global Warning? by Cinzia Altomare, Gen Re

Creating Supply Chain Resilience Through Agile Six Sigma By Professor Martin Christopher & Christine Rutherford

Site security/fire brigade

Emergency Management Audit For Businesses

Assessment Profile: Establishing Curricular Categories for Homeland Security Education

Ministry of Transport, Public Works and Water Management Bob Oudshoorn

Health and safety policy

CONTRACTOR CONTROL CONTRACTOR SELECTION STANDARDS FOR SAFE WORKING

10. Lifeline utilities

Occupational Health and Safety Officer

J O I N T D E C L A R A T I O N

"DOT IN-DEPTH HAZMAT SECURITY TRAINING"

SECURITY SURVEY AND RISK ASSESSMENT. any trends or patterns in the incidents occurring at the school; the efficiency of the chosen security measures.

LIABILITY INSURANCE SUMMARY OF COVER

El Camino College Homeland Security Spring 2016 Courses

Implanting Large Security Systems in Seaports

Appendix L: Emergency Response Procedure

How To Design A System Design For Surveillance Systems

Contingency planning guide

Finnish Institute of Occupational Health. Finnish Institute of Occupational Health - Annual Report

Primary Health Care Act (66/1972)

Emergency Mgt in Ireland

GOOD PRACTICE GUIDELINES FOR INSURANCE INVESTIGATION

RTC - HB SAFETY & SECURITY FEATURES

Benchmark OHS Consulting Pty Ltd Self Assessment WHS Audit Tool

Management Information Systems Role in Decision-Making During Crises: Case Study

Swedish Market Surveillance Plan

Transcription:

Safety and Security Engineering 821 The challenge of corporate safety and security M. Lanne & M. Räikkönen VTT Technical Research Centre of Finland Abstract Large organisations need to control several different sectors of corporate safety and security including, for example, occupational health and safety, environmental safety, premises security, crime prevention, rescue operations and emergency planning, information security, and personnel security. All of these sectors contribute towards total corporate safety and security. The operating range of safety and security is quite wide and the responsibilities, activities and procedures connected with safety and security are often patchy, diverse, and at times even overlapping. Despite all this, corporations must also meet the new safety and security challenges: protection against terrorism, security of networked systems, and also demands for the corporate risk management. The future needs for security and safety management were studied in 2004 by undertaking a literature review and interviewing experts at VTT. Key questions of the study were: 1) how the term security can be defined, 2) which parties are involved in the security business, in research and development and in the general national security activities in Finland, 3) what are the future challenges, visions and research needs of security, and 4) how total corporate security management can be modelled. Another study in this area was performed by the first author in 2002 2004 while at the Tampere University of Technology. This study investigated the need for internal and external co-operation in organisations using questionnaire surveys (n=276) and interviews (n=70) with personnel dealing with safety and security in six different large organisations. This paper discusses the need for co-operation between the previously mentioned sectors in safety and security management. The main purpose is to initially model the range of corporate security, and the idea of total safety and security management. Based on all the research carried out, principles and ideas for connecting the safety and security sectors at the corporate level will be presented. Keywords: safety management, security management, co-operation, risk management.

822 Safety and Security Engineering 1 Introduction 1.1 Corporate safety and security The terms safety and security are almost synonymous with each other, and they are often used interchangeably. However, these terms are slightly different. In dictionaries safety can be defined as freedom from danger, as the condition of being safe, or as a process which limits the risk of accident. Security can be defined as the extent of protection against some unwanted occurrence such as the invasion of privacy, theft, and the corruption of information or physical damage. There are also different kinds of definitions of corporate security and safety. The terms corporate security and security management are usually used in connection with information security. The Finnish Board of Corporate Security [1] divides corporate security (and safety) into the following ten sectors: 1) Security of production and operations includes, for example, product liability; management of accidents, hazards, and loss situations; logistics security; preventive maintenance and security of services. 2) Occupational health and safety contains, for example, machine and equipment safety, hazardous substances, occupational health services, and activities that maintain working ability. 3) Environmental safety includes permit procedures, handling and storage of hazardous substances, waste management, and the protection of the atmosphere, water, and soil. 4) Rescue operations consist of rescue planning and training, fire safety of buildings, hot work safety and fire extinguishing equipment, automatic fire detectors, safety signs, and other technical resorts. 5) Emergency planning is based on ensuring defence-economic planning and emergency supplies in emergency conditions. 6) Information security includes, for example, information technology security, confidentiality agreements, background screening, security of data material, and protection of privacy. 7) Personnel security concerns mainly customers, other outside parties, and key personnel. 8) Premises security consists of structural security such as locks, fences, gates, lighting, burglary protection, etc. and security surveillance such as technical surveillance, access control, guarding, etc. 9) Security of operations abroad concerns risks of operations abroad and personnel safety at sites aboard. 10) Crime prevention includes means of managing crime risks directed at the company's operations, personnel, and property. The boundaries of these sectors are not quite clear and there are a lot of common activities in the sectors. In Finland the duties are still often divided on the basis of the above sectors. There are often a few different internal organisations or persons that have responsibilities and duties connected with safety and security. In a large company it is quite normal for there to be an occupational safety organisation, an emergency and rescue team, an

Safety and Security Engineering 823 environmental and/or quality department, information and premises security personnel, maintenance personnel and a human resources department. Furthermore, there are external interest groups, such as authorities, partners, contractors, and external services providers. Occupational health care can be in the hands of an internal or external interest group. Top and line management and workers are also important interest groups that have many obligations in the area of safety and security issues. The whole operating range of safety and security is quite wide and the responsibilities, activities and procedures connected with safety and security are often patchy, diverse, and at times even overlapping. For example, chemical safety is connected to occupational health, environmental safety, emergency planning, rescue operations, information security and premises security. The dispersion of occupational safety, environmental safety, emergency and rescue planning, and crime prevention is partly due to the dispersion of safety and security authorities, which are working in different departments of governance. There are also plenty of different experts and actors that are making new studies, standards and specifications for the different safety and security sectors. This paper discusses the need for a connection between these sectors in safety and security management. The main purpose is to initially model the range of corporate security, and the idea of total safety and security management. 1.2 Co-operation and teamwork In an earlier study on safety management in universities it transpired that one of the most required actions in improving safety performance in universities is the enhancement of co-operation and teamwork in safety issues. It was found that co-operation affects many procedures in safety performance. The most obvious influence co-operation has is on communication, the flow of information, responsibilities, safety wisdom in safety sectors, goal setting and the decisionmaking process and emergency preparedness [2]. Also the environmental, quality, and human resources departments handle partly the same issues as the safety and security departments. In some organisations there is an integrated management system that includes quality, safety, and environmental issues. In practice there have been various methods for implementing integrated management systems and the success of the systems has also varied. [3, 4, 5, 6] According to Zwetloot and Bos [7], one of the benefits of integrated management systems is an increase in communication and cooperation. Furthermore, the benefits of a co-operative culture are related to the learning culture. Learning organisations aim at a shared goal through joint efforts [8]. 2 Methods 2.1 Study 1 The purpose of this study was to define the security discipline and branch, and to discuss the future needs for security and security research in Finland. In

824 Safety and Security Engineering particular it addressed the following questions: 1) which parties are involved in security business, research and development and in general national security activities in Finland, 2) what are the future needs and requirements of security research in Finland, and 3) what are the future challenges and visions of security The study was carried out in 2004. The main research methods were a literature review and interviews which were carried out in groups of 2-4 persons. In total, 12 experts at VTT were interviewed. Interviews were mainly informal, but a set of questions were also made to support the discussion. 2.2 Study 2 Study 2 investigated the need for the internal and external co-operation in organisations using questionnaire surveys (n=276) and interviews (n=70) with personnel dealing with safety and security in six different large organisations: a shipyard, a port operator, an offshore construction yard, a pharmaceutical manufacturer, a faucet manufacturer and a real estate service provider. The survey was carried out by sending a questionnaire to 430 people responsible for different sectors of safety and security. The response rate was 64.9 %. The results of the survey were analysed to determine what improvements in safety and security performance were generally needed. In the survey there were questions about co-operation, responsibilities, problem areas, organisational practices and cultural aspects. The results of survey were complemented with group interviews conducted in the corporations mentioned above. The number of people engaged in interviews was 70. 3 Results 3.1 Study 1: security field and its future research needs in Finland 3.1.1 Security field in Finland There are many different parties involved in the security business, research and development and in general national security activities in Finland, i.e. companies, authorities, corporate bodies, associations, insurance companies, research institutes, universities and consultants. At present around 550 private companies are carrying out security business in Finland. Some of the companies are large- or medium-sized and/or global, but most companies are very small with only a few employees and with business only in Finland. In the coming years, particularly the amount of small security management consulting companies is supposed to increase significantly. The parent organisation of the Finnish companies in the security branch is Finnsecurity ry. As well as the supervision of the interests of companies, it also develops the safety and security management, organises seminars, fairs and courses, etc. The Finnish Board of Corporate Security strives for its part to emphasise the comprehensiveness of security for corporate management. The Federation of Finnish Insurance Companies is a trade association and a cooperation body for insurance companies operating in Finland. There are also

Safety and Security Engineering 825 many other security-related associations and trade unions which all represent their own special interest areas. Finnish authorities involved in safety and security are located in different ministries: Ministry of Social Affairs and Health: occupational health, industrial safety, radiation safety, etc. Ministry of the Interior: rescue operations, police, etc. Ministry of Trade and Industry: product safety, consumer protection, etc. Ministry of Defence: national and international security politics, etc. Ministry of Justice: investigating authority in disasters, etc. There are also several research institutes and universities which are active in the area of safety and security research in Finland: e.g. VTT Technical Research Centre of Finland, Helsinki University of Technology, Tampere University of Technology, etc. In addition to the national research projects, most of the research institutes and universities also take part in international research projects as partners or as co-ordinators. Overall, security research in Finland is at present an emerging discipline that is under continuous development and change. The significance of security and security management for business and society is at present widely acknowledged in Finland and the security branch is growing strongly. One future challenge would be to harmonise the fractured field of all Finnish security parties and actors and to increase co-operation between them. 3.1.2 Interviews at VTT Technical Research Centre of Finland At VTT, a total of 12 experts were interviewed during the summer of 2004 to determine their experiences and views on security issues. The discussion and interviews focused mainly on the situation of the security business, activities and research in Finland, but the global situation was also considered. The potential key research topics (Fig. 1), which came up from the interviews at VTT are: Total corporate security management, safety management. Information security (particularly information management in the management point of view, use of risk analysis in case of information security). Personnel security (particularly persons' safe and secure ways of action). Reliability of security systems (particularly dependability and reliability analyses of security systems). Transportation security (particularly rail and sea traffic, security of food distribution chains). Security of infrastructure (particularly vulnerability of electrical networks, buildings, harbours, hospitals, etc.). Vulnerability of society, management of systemic risks (particularly vulnerability analyses and consequence analyses).

826 Safety and Security Engineering Crisis management and rescue operations (particularly flow of information in chemical accidents, chemical, biological or radiological attacks: attack/risk scenarios). SECURITY OF SOCIETY CORPORATE SECURITY Crime Prevention and Protection of Property Security of Company's Production, Operations and Financial Administration Emergency Planning Security Corporate Information Crisis Management and Situation Awareness Security Persons' Safe and Secure Premises Security Ways of Actions, Personnel Security Total Corporate Security & Safety Management, Risk Managament Security of Infrastructure, Traffic and Transportatation of Goods Prevention of Terrorist Attacks Structure of Society and Structural Changes Figure 1: Interview-Based Security Research Areas at VTT in the Research Field of Reliability and Risk Management. Although the interviews were held only at VTT, it could be suggested that the key security research areas found in this study are quite the same among the other security researchers and parties in Finland. As mentioned earlier, security is a growing business and an emerging research discipline in Finland. Despite this, security and security management still suffers from conceptual complexity and its models and tools are inadequate. This need has also been recognised at VTT and it has recently initiated a Key Technology Action to formulate a Roadmap for research and development efforts in security management. 3.2 Study 2: quantity and need of safety and security co-operation on the corporate level The results presented in this section concern the current level and need of internal and external co-operation in the companies. The relation between problem areas and need for co-operation is also shown. Comparisons are mostly made according to the percentage of the respondents in the survey. In some cases the average scale number is also shown, which provides information on the volume of co-operation. The scale is 1-3, where 1 means "a little" (co-operation or problems), 2 means "some" (co-operation or problems), and 3 means "a lot of"

Safety and Security Engineering 827 (co-operation or problems). The respondents of the survey have individually chosen the number on the scale. 3.2.1 Internal co-operation At the organisational level, the respondents in the survey co-operate inside the company mostly with the line management (46 % of respondents; co-operation volume on average 2.2) and with blue-collar workers (44 %; 2.3). The cooperation in question was mainly related to safety or security issues. Regarding the different safety or security parties, the respondents co-operate most with occupational safety personnel (82 %; 2.0) and with the rescue and fire safety personnel (55 %; 1.7). Over 40 % of the respondents also co-operate with the maintenance personnel and security (crime prevention and premises security) personnel in safety or security issues. About one third of the respondents also cooperate with human resource management, with chemical and environmental safety personnel, and with quality management. The organisational level and the safety or security task of respondents have a statistically meaningful influence on responses. For example, line management and upper white-collar workers co-operate with many internal safety or security parties and more often than respondents at the other organisation levels. The nature of safety or security task affects the focus group of the co-operation. Even if respondents co-operated most with occupational safety personnel and with rescue and fire safety personnel, they also hoped for even more cooperation with these same actors. However, only about one fourth of the respondents answered that they wished to have more co-operation with these parties. 3.2.2 External co-operation Among external interest groups, the respondents in the survey co-operate most with occupational healthcare personnel (73 % of respondents). An average of 64 % of respondents co-operate also with one or more authority sectors and 50 % with one or more subcontractor sectors. The volume of external co-operation (about 1.6) was not as high as in the case of internal co-operation (over 2.0). Only the volume of co-operation with customers reached a level of 2.0. About a third of the respondents would like to co-operate more with the occupational health care and authorities. A fifth of the respondents wanted to cooperate more also with the companies in the same area. The organisational level and the safety or security task of the respondent have a statistically meaningful influence on responses. Naturally, blue-collar workers co-operate with many external safety or security interest groups less frequently than personnel at higher organisational levels. The nature of the safety or security task affects the focus group of the co-operation. 3.2.3 Interdependency between the problem areas and the need for co-operation The linear function between the problem areas and the need for co-operation was tested with Parson's correlation coefficient. The coefficient received the value 0.763 and the significance value (p=0.000) was under the significance level that

828 Safety and Security Engineering had been set (p=0.050). Therefore, a positive linear function could be seen between the problem areas (P) and the need for co-operation (N). The linear function was described by equation (1) obtained through regression analysis: N = -10.676 + 0.37 * P (1) Using the Chi square test, it was shown that almost in all the safety and security issues there was a statistically significant or very significant relation between the problems and the needs for co-operation. Interdependency could not be shown in such safety or security issues where only a low number of respondents saw problems or a need for co-operation. The number of problems correlates more clearly with internal co-operation needs than with external co-operation needs. Parson's correlation coefficient for internal co-operation needs and problems was 0.886 while for external cooperation needs and problems it was 0.584. This means that the problems can explain 78 % of the variety in internal co-operation needs and 34 % of the variety in external co-operation needs. Of the 48 different safety and securityrelated issues, the respondents in the survey most often mentioned housekeeping and tidiness as problem areas. Table 1 presents ten safety or security issues where respondents see most problems. Table 1: Most often mentioned problem areas (n=276). safety or security issue problem area percentages of respondents (%) volume of the problem (1-3) need of int. cooperation percentages of respondents (%) housekeeping and tidiness 63.0 % 1.52 30.1 % hazard identification and risk assessment 59.4 % 1.49 34.4 % use of personal protective equipment 58.0 % 1.53 27.9 % occupational hygiene 51.4 % 1.68 18.1 % instructions for acting in an emergency 50.7 % 1.44 37.3 % investigation of near-miss cases 50.7 % 1.54 19.9 % maintaining of work ability 48.9 % 1.56 28.6 % accident prevention and preparedness 48.6 % 1.41 29.0 % getting information about dangerous situations 47.1 % 1.42 30.4 % air conditioning 46.0% 1.67 13.8% 4 Discussion According to Study 1, security is at present a growing business and an emerging research discipline in Finland. Despite this, the models and tools of security and security management are still inadequate and the harmonisation of fractured field of Finnish security parties and actors is also recommended. These needs have been recognised at VTT and it has recently initiated a Key Technology Action to

Safety and Security Engineering 829 formulate a Roadmap for research and development efforts in security and security management. To conclude, future challenges and visions of security in Finland will include, among other things, research and development in the following areas: o Total corporate security and safety management o Information security o Personnel security o Reliability of security systems o Transportation security o Vulnerability of society, management of systemic risks o Crisis management and rescue operations According to the survey in Study 2, an increase in safety and security cooperation was needed in the company level mostly in the case of issues that were seen as most problematic (risk assessment, tidiness, personal protective equipment, reporting of near-miss cases, and emergency training). For example, in the risk assessment process there are possibilities to co-operate more across corporate safety and security sectors' borders. The assessment of different kinds of risks and planning of improvement actions in a manner benefiting all areas of safety and security requires integration. The integration process will lead to increased co-operation between people responsible for different sectors of safety and security. By integrating several different corporate safety and security sectors (occupational safety issues, rescue operations, crime prevention and environmental safety) to same risk assessment process, it is possible to avoid the extra work and inconsistent improvement resorts caused by successive and separate risk assessment processes targeted to different sectors of corporate safety and security. Between the companies that participated in Study 2 there were clear differences in evaluating co-operation. In the companies that are "forced" to cooperate with external interest groups, because of a strong dependence on customers and subcontractors, the meaning and appreciation of co-operation was clearly higher. When co-operation was seen as a useful way to improve operations, there is already a shared experience of successful methods. Hence, the appreciation of co-operation seems to relate to the organisational culture [9]. The successful co-operation between different corporate security and safety sectors requires interiorizing of the idea and benefits of co-operation and participation in the company level. References [1] The Finnish Board of Corporate Security (YTNK). [http://www.ek.fi/ytnk/yritysturvallisuus/index.php]. 12.2.2005. [2] Lanne, M. Safety Management in Universities. Proceedings. 2nd International Conference on Occupational Risk Prevention, Gran Canaria Island 20.- 22.02.2002. CD-ROM. 2002. [3] Frick, K., Langaa Jensen, P., Quinlan, M. & Wilthagen, T. (ed.) Systematic Occupational Health and Safety Management Perspectives

830 Safety and Security Engineering on an International Development. Oxford, Elsevier Science Ltd. 527 p. 2000. [4] Winder, C. 1997. Integrating quality, safety and environment management systems. Quality assurance, Vol. 5 (1997). pp. 27-48. 1997. [5] Dennis, P. Quality, Safety and Environment Synergy in the 21st Century. ASQC Quality Press. USA. 213 p. 1997. [6] Taylor, W.A, & Wright, G.H. A longitudinal study of TQM implementation: Factors influencing success and failure. Omega The International Journal of Management Science, Vol. 31. pp. 97-111. 2003. [7] Zwetsloot, G. & Bos, J. Design for Sustainable Development: Environmental Management and Safety and Health. Dublin, European Foundation for the Improvement of Living and Working Conditions. 72 p. 1998. [8] Pedler, M., Burgoyon, J. & Boydell, T. The learning company: a strategy for sustainable development. 2nd edition. McGraw-Hill. UK. 243 p. 1997. [9] Schein, E. H. Organizational Culture and Leadership. 2nd ed. San Francisco, Jossey Bass Inc. 418 p. 1992.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information