Friday, July 10, 2009

The Business Considerations of Security

Every organization/landlord has a legal obligation to provide a safe environment, based on the concept of “reasonable security.” Management does not have to guarantee absolute security; however, reasonableness and adequacy of security must be affirmatively demonstrated. This basic concept is founded in most states’ case law. And there is virtually no place that can claim that no security is adequate.

“Reasonable security” has been consistently defined by courts to mean that appropriate security measures must be implemented commensurate with risks which are reasonably foreseeable. And a reasonable consideration of foreseeability has been determined to include the nature of the premises; the history of incidents at the premises; the history of incidents in geographic surroundings; and industry standards.

Adequacy of security is legally defensible only when vulnerabilities and risks are assessed via some formalized process to determine foreseeability; and commensurate security measures are implemented to reasonably address those identified foreseeable risks.

A reasonable assessment process should at least include interviews with key management personnel, representative employee focus groups, and other key stakeholders to determine perceptions about security and security wants/needs; a review of all documentation having anything to do with security (policies/procedures, reports, etc.); and an inspection and analysis of all related property and operations.

A good process for developing a sound security strategy has dual benefits: the program will be designed to protect the organization’s assets; and the program will be legally defensible should it be challenged in court.