In August 2008, the UK government published the first National Risk Register setting out the government's "assessment of the likelihood and potential impact of a range of different risks that may directly affect the UK". The terrorist threat was a key driver for the publication of that document and one of the specific risks identified was "Attacks on Crowded Places".
The key to producing a meaningful and effective corporate risk register for your business is the initial risk assessment process. The starting point is in confirming the overall purpose and critical corporate objectives of the hotel business. From this first step, every potential threat and risk to the achievement of those objectives and the effective functioning of the organisation should be brainstormed and recorded - no matter how improbable or remote. This process really does require imaginative and open thinking, devoid of any prejudices, restrictions or self-imposed barriers. Remember - no one in the US Government ever thought that terrorists would fly planes into the World Trade Centre buildings because it was considered too unbelievable.
The process outlined above should involve key individuals within the organisation who know the business and the industry intimately. The risk assessment should drill down from national/ international risks, to local geographic risks, to sector/industry specific risks, down to individual organisational risks.
Once the risks and vulnerabilities have been catalogued, a risk matrix is produced - very simply, the risks and vulnerabilities are assessed for both their potential likelihood and potential impact. Where each threat sits on the matrix determines how much and what kind of resources are needed to remove, mitigate and manage that particular threat. Inevitably, such an exercise requires the buying from senior management at the outset and throughout the process.
In light of recent events, the security and risk management challenges to all organisations and businesses have never been higher. All organisations have a responsibility to act lawfully, ethically and with a duty of care to both their staff and their customers/clients. Investing a little time and effort - and, sometimes, expenditure - in your business planning cycle can result in significant savings in terms of avoiding litigation, evading adverse media coverage, mitigating liability and insurance claims, preventing loss of premises or workforce, and in terms of preventing the sheer heartache which such attacks bring.
Paul Bell is a partner at BTG Intelligence. He holds a doctorate in terrorism and security studies. BTG Intelligence (a division of the Begbies Traynor Group) specialises in the provision of high quality corporate intelligence, risk and security management, investigation services, financial crime prevention and training, as well as identifying, tracing and verifying individuals and assets.
Julie is a law graduate who qualified with Price Waterhouse in 1994. Julie joined Smith & Williamson in 1997 and became a partner in 2001. With Mike Stevenson, Julie set up Middleton Partners offices in Salisbury and Southampton, both of which are now part of Begbies Traynor.
Julie is a member of the Insolvency Practitioners Association and the None Administrative Receivers Association and is a Fellow of The Association of Business Recovery Professionals. Julie deals with all aspects of Corporate Recovery and turnaround work and takes all form of personal insolvency appointments.