Risk management considerations and solutions for the manufacturing industry
Manufacturers have millions of dollars tied up in resources like machinery, tools, personnel, products and more. While these resources are ultimately necessary, they also open up manufacturers to greater levels of risk. The smallest hiccup in operations—ranging from theft and property damage to workforce disruptions and natural disasters—can heavily impact not only a manufacturer’s own bottom line, but its ability to deliver goods and services for clients on time and on budget.
That’s why decision-makers and security personnel at manufacturing organizations need to have a holistic understanding of the risks that can potentially impact their operations, as well as knowledge of how to effectively mitigate those risks to protect their assets and their brand, and to keep operations running smoothly.
Before a manufacturing organization can take steps to address its vulnerabilities and exposure, it has to understand the nature and severity of the risks facing the company. That is why a prerequisite for any comprehensive security approach is a detailed and sophisticated global risk assessment. Because the threats faced by manufacturers are so varied - ranging from personnel protection and facility security to supply chain security and workforce disruption concerns - such an assessment must take a wide range of contributing factors and company-specific variables into account. A customised and holistic risk assessment is more than a checklist, it’s a comprehensive security audit that integrates global and regional factors with detailed on-site evaluations.
Manufacturers should also take care not to confuse the terms threat and risk. Threats are just one components of a broader risk profile. To assess risk, those threats have to be placed into context, which includes factors like vulnerability and potential consequences. A facility in a bad neighborhood might be exposed to a greater threat, but if personnel and assets are safeguarded appropriately, the risk of an issue may be comparatively low. On the flip side of the coin, the threat of an extreme event (such as a natural disaster) might be low, but the risk is more significant simply because the consequences would be so dire.
Personnel and partners
One of the best and most effective measures that any manufacturing organisation can take to reduce risk is to be diligent about conducting detailed candidate screening and pre-hiring background checks. It makes sense to partner with or consult a corporate security provider who can conduct those checks with sufficient rigor.
Knowing who your vendors, suppliers and professional partners are is equally important, and manufacturers should take reasonable steps to verify their security practices and protocols. Even when companies practice strict background checks and screening on applicants and employees, contractors and third-party vendors might not live up to those same standards. In the manufacturing industry where companies are reliant on a broader network of partners to deliver raw materials and deliver finished products, that potential vulnerability is a real concern. To reduce exposure, manufacturers should attempt to request and confirm rigorous background and security reviews from those partners.
Basic physical security standards and procedures should be implemented and regularly checked at every plant and manufacturing facility. Site security standards and best practices include measures like access control restrictions (through perimeter fencing and monitored or gated access points) and controlling/limiting access to sensitive or high value areas. Basic security, such as video monitoring, a functioning alarm system and appropriate lighting, can go a very long way. Manufacturing facilities should also have some kind of system in place to ensure that visitors are escorted and monitored at all times.
One of the best ways to assess facility and site security measure is to engage in penetration testing. Performed with the documented approval of company executives (but without the knowledge of on-site managers), penetration tests involve strategic attempts by security professionals to enter restricted facilities and gauge overall security and employee response. Penetration testing begins with pre-surveillance (examine the perimeter of the facility to identify potential vulnerabilities and points of access).
Penetration isn’t about cutting holes in fences; it’s about ensuring the security procedures in place at a manufacturing facility actually prevent unauthorized individuals from gaining access. If unauthorised access is gained, then security professionals need to determine how far and to what degree access to the facility is gained. This is typically documented and supported by taking photographs. A crucial element of any successful penetration test is to then monitor and observe the response time and reaction of both on-site security and company employees in identifying and confronting unauthorized individuals. Lastly, when confrontation occurs, determine if established security procedures are implemented accordingly.
Beyond its immediate assessment value, penetration testing can have a positive ripple effect throughout the organisation, as facilities and employees hear about and respond to the testing.
Closures and restructuring
Plant closures and workforce restructuring are often instigating factors for unrest and potential security issues. In certain circumstances and locations, employee and union reactions to announced closures or cuts can become confrontational or even violent. Manufacturers should work with security experts and law enforcement personnel to develop a plan to protect personnel (especially executives, managers and members of the negotiating team) and safeguard assets.
The most important aspect of any closure or restructuring announcement is preparing a security plan as early as possible to identify potential risks and threats. Unfortunately (and to some extent understandably), once employees or employee groups know they will be losing their jobs, frustration can build and the gloves can come off. If security threats are identified, put security measures in place that will commence on the day of the closure or restructuring announcement. Threats, violent actions, and even “boss napping,” where senior level executives are prevented from leaving their place of work, are all potential considerations when identifying security risks in conjunction with a closure or restructuring. Manufacturers should also understand that decisions at one facility can impact another, and should prepare for potential strikes or business interruptions. Undertaking advanced planning is the basis of a good risk management strategy and provides reassurance for individuals at risk and, most importantly, minimises the risks facing those individuals.
In an increasingly interconnected and interdependent global marketplace, securing your supply chain security is absolutely essential for manufacturers looking to enhance their overall security profile. Because so many manufacturing organizations rely on tight timelines, quick turnarounds, and efficient and finely calibrated inventory models, a break in the supply chain can have significant and potentially dramatic consequences for manufacturers and their customer base.
Consequently, manufacturers should be vigilant about prioritizing the security of their supply chains. Manufacturing decision makers and their security partners should carefully examine every link in the chain, being on the alert for potential vulnerabilities. Cargo theft and sabotage/contamination is becoming more common, and a dedicated team of security professionals can help safeguard existing supply chain assets and put the right processes in place to reduce risk, secure the supply chain and minimize losses and damage going forward.
If a loss of product occurs when in transit, an investigation should commence immediately. The first 48-72 hours of an investigation from the time of the loss are crucial in gathering information and recovering lost goods. That’s why it is critical for companies, together with their approved vendors, to have reporting mechanisms in place where losses of products and goods are reported within a certain timeframe along with relevant information about the loss.
Pros and proactivity
Risk management is about preparation and proactivity–not taking a responsive approach in the wake of a costly or dangerous security breach. When you know what your risks and exposures are, you can focus on targeted prevention and optimizing your security resources. It’s all about assessment–gauging the potential impact of various possibilities and structuring your security profile accordingly.
Manufacturers looking to take action today should think about approaching security with:
- ENGAGE the professionals.
- ASSESS your vulnerabilities.
- UNDERSTAND the risk landscape.
- PREPARE and IMPLEMENT security policies and procedures accordingly.
Of those steps, perhaps the most important is to seek the counsel or assistance from trained security professionals. Because, for manufacturing organizations, a trusted and experienced corporate risk management services provider can be an invaluable asset: a guide and a guardian in an inherently risky world.
Terry Francis is a UK-based Security Consultant for Pinkerton