(Here is an excerpt from
some of Mr. Zehring's training curriculum)
What
you don't know can hurt you....
These days,
there are many risks associated with doing virtually any kind of business.
Litigation is certainly one of those risks. Unfortunately, many business
owners (and managers at all levels) are simply not aware of the many types
of risks facing them today. They may be caught completely unprepared like
a person driving off into a blizzard, not anticipating that a storm will
arise, and they have made no provisions for it.
Perhaps
you’ve taken some steps to manage those risks, but the possibility of
litigation is still on your mind. You have every cause to be concerned. It
is important to note that fifty-eight percent of all civil cases in 1992
were premises liability issues and half of those were claims alleging
inadequate security.
Premises liability
lawsuits were relatively unknown until even fifty years ago. Until then, a
jury award of $10,000.00 was practically unheard of! Since the 1980s,
however, jury awards have regularly exceeded one million dollars. In the
early 1990s, the average jury award rose to $3.35 million with settlements
closer to $545,000.
In reviewing the premises
liability suits filed from 1983 to 1992, the crimes originated from (by
location):
-
23% - apartment
buildings
-
19% - parking lots
-
15% - hotel and motel
rooms
-
9% - stores, and
-
8% - restaurants
The
median jury award more than tripled from 1993 to 1999 in cases where
victims claimed they were injured because of business negligence. Some
settlements have grown from a median of $500,300.00 in 1993 to $1.8
million in 1999.
The result
is that more and more lawyers are successfully dragging property owners
and the managers of certain industries into premises liability and
security negligence litigation because of incidents involving the criminal
acts of third parties. Even if the lawsuit has no merit, the cost of
defending it can be exorbitant. Therefore, because we live and work in a
litigious society, you should always be aware of your risks.
Risk Identification
The first
step in any thorough Risk Management strategy is Risk Identification. You
will have to identify the areas in which you are vulnerable before you can
begin to assess and ultimately manage those risks that you’ve
identified. Take a moment to write down the risks your company is
currently facing, and then consider the potential losses that could
result.
Considering
your vulnerabilities may be frightening, but simply ignoring them won’t
make you any less susceptible to litigation. In fact, ignoring a problem that you’ve
known about (or should have known about) may result in higher punitive jury awards. On the other
hand, prudent action will certainly make it more difficult for someone to
sue you on the claim that you didn't use reasonable care to prevent
foreseeable risks.
Having
identified your risks, discuss the course of action that your company will
take to make sure these risks never materialize. If you cannot eliminate
the risk completely, you should find ways to reduce or transfer the risk
(such as with a good insurance policy). Doing so will allow you to sleep better at night.
Another
option is to hire an experienced security and safety consultant.
Certainly this is an area where some prior experience is helpful. It is
difficult to know about many risks if you've never encountered or heard of
them before.
Types of Risk
There are basically two types of risks: controllable
and uncontrollable. Controllable risks are those that you can
do something about. These would include physical security devices such as
locks, maintaining good lighting, maintaining safe landscaping design,
having regular security and safety inspections, etc.
Uncontrollable
risks might include anything from unforeseeable criminal acts of third
parties to natural disasters (floods, storms, etc.). It is difficult to
prevent these from happening, but you can at least mitigate damage by
preparing for such emergencies or taking out insurance.
Risk Assessment
There are two ways to look at Risk Assessment. One is Quantitative Risk
Assessment and the other is Qualitative Risk Assessment. First, Quantitative
Risk Assessment employs two fundamental elements:
-
The foreseeability of an event occurring and
- The impact or potential for loss should it occur.
To calculate your risk, multiply the probability of a foreseeable event by
the impact of the potential loss. Theoretically, this makes it possible to
prioritize foreseeable events in the order of their risk. Risk Management stems from your decisions based upon that data. If
not properly assessed, that data can be unreliable and/or inaccurate.
It
is important to realize that overstated probability of risks may lead you
to unnecessary expenditures that are not properly targeted or directly
related to your potential impacts, threats, and existing vulnerabilities.
That may leave you susceptible to litigation. Likewise, an understated
probability of risk may lead to complacency, which could leave you even
more susceptible to litigation.
Risk Assessment Services, L.L.C. promotes better targeting and thus reduces the likelihood of useless
Risk Management. Because we have successfully adopted quantitative and
qualitative Risk Assessment methodologies, we can help you with the
controls and countermeasures to tackle any number of potential events, and
frequently, several of these events are interrelated.
Qualitative Risk Assessment is
another common approach to Risk Management. In this case, probability is
generally disregarded and only the estimated potential loss is considered.
Qualitative Risk Assessment methods generally consider the following:
Threats
- Examples might include natural disasters, internal theft, or criminal
acts of third parties, to name a few. Threats are present for every type
of business.
Vulnerabilities – These are
weaknesses that make a business more prone to the threat of a loss.
Vulnerabilities may provide the opportunity for an attack to have a more
severe or devastating impact. For example, regarding criminal activity,
vulnerability could be found in the absence of sufficient security
lighting or the absence of an adequate security system.
Controls
- These are countermeasures taken to overcome the threats and
vulnerabilities. They are:
-
Risk Avoidance - Deterrent Controls are used to
completely avoid the likelihood of certain deliberate attacks.
-
Risk Reduction - Detective Controls discover the risk
of deliberate attacks and then initiate preventative or corrective
controls to reduce the likelihood of these attacks occurring.
-
Risk Spreading
- Corrective Controls serve to mitigate the impact of an expected attack.
-
Risk Transference - Preventative Controls are used to
protect vulnerabilities and make an attack unsuccessful or greatly reduce
its impact.
Of course,
there is a fifth type of approach to Risk Management. It is called Risk Acceptance.
Here, you simply “take your chances” that nothing will happen, and you accept your
risks by making little or no effort to control or eliminate them.
Frankly, that isn’t using good business sense.
In our litigious society, willful negligence in this regard can
certainly lead to catastrophic consequences.
Sample Methodology
Risk Assessment Services, L.L.C.
utilizes only the most comprehensive Risk Management strategies to assist
you in your efforts to identify, assess and manage your risks. Our methodologies will ensure
that your security controls are appropriate, cost effective and fully commensurate with the
risks to which your organization is exposed.
We offer several unique and distinctive approaches to Risk Assessment,
which we believe will prove invaluable to all types of organization, regardless of
size or industry. We believe they will prove invaluable to your company as
well. One of our approaches is outlined below:
-
Scan - Take an inventory of current security measures, policies and procedures
and also determine if there are additional security concerns.
-
Assess - Test for known vulnerabilities. Conduct
interviews with the appropriate individuals to discuss the current
controls (security measures, policies and procedures) and also determine
if there are additional security concerns.
-
Respond - Compare the vulnerability vs. controls to identify risks that require
immediate attention and pose the greatest risk to the business and also
determine if there are additional security concerns.
-
Analyze - Working with the vulnerabilities and controls identified, we will propose
solutions that will remove or reduce the risks and help you manage your
vulnerabilities.
By actively
involving a greater number of employees, this broader application of the
Risk Assessment survey will place security on the agenda for discussion
and therefore increase security awareness within your company.
The Chief Risk Factor
It's a fact
that your competition has a better chance of beating you if you are weaker
in one or a number of areas. Therefore, you may actually be the
Chief Risk Factor in your business. "Chief" because it all
starts (and ends) with you. This is true if you are running a large
corporation or managing a small business.
Safety and security is like water; It always runs downhill.
From the boardroom to the lunchroom and every room in between,
good safety and security practices must be adopted by the Chief Executive
Officer and supported by the Chief Financial Officer.
Every
employee should accept responsibility for controllable and
uncontrollable risks. For example, you could go so far as to say that if a
flood destroys your business it is your own fault. Not because you can
control floods, but because you could have made provisions that if a flood
did occur, it would not put your company in such severe jeopardy. This is even truer when analyzing controllable risks. In a sense,
virtually all risks can be managed to some degree.
If you’re
looking for an advantage over your competition, provide an environment
that is clean, well maintained and is at the very least perceived to be at
a lower risk for crime than that of your competitors. You may gain an
immediate and significant advantage.
It may be
time consuming, but it is well worth the time you take to be aware of what
others in your industry are doing to reduce their risks. If you need help,
please contact
us.
Be vigilant.
Develop good policies and procedures and then monitor these risks closely
to help avoid a claim of negligence. At Risk
Assessment Services, L.L.C. we are available to assist you with developing reasonable
Risk Management strategies and policies.
This website is not
intended to provide specific legal advice. Click here.
E-Mail
|