Fill in the form below and we will contact you shortly to organised your personalised demonstration of the Noggin platform.
An integrated resilience workspace that seamlessly integrates 10 core solutions into one, easy-to-use software platform.
The world's leading integrated resilience workspace for risk and business continuity management, operational resilience, incident & crisis management, and security & safety operations.
Explore Noggin's integrated resilience software, purpose-built for any industry.
Security Management Software
Updated July 13, 2023
By now, safety and security managers have each built strong portfolios in the enterprise. Indeed, reporting hierarchies often reflect the importance the C-suite places on topline safety and security priorities, objectives like keeping employees safe at work or mitigating threats to facilities and people. In turn, businesses of all shapes and sizes, in all vertical markets, have implemented standalone safety and security management systems to pursue those objectives.
Initially, the siloing seemed justified, at least on a theoretical level. After all, safety managers primarily focus on the unintentional, non-malicious threats to people, process, systems, and the environment caused by human error. Conversely, security managers focus on intentional, malicious threats to physical assets and people perpetrated by intentional human actorsi.
But the practical, on-the-ground siloing of Safety and Security programs has had major implications, both for the organization’s ability to prevent loss and to maintain its duty of care obligations to employees. The two objectives are very much linked, as should be the policies, procedures, and tools to achieve them.
Not convinced? Take the example of healthcare workers. Across the globe, healthcare workers face significant risks of intentional, occupational violence, whether they’re operating in hospitals, smaller clinics, residential treatment facilities, community care settings, or in the field. In the U.S. alone, a staggering 25 percent of fatalities in the sector are due to assaults and other violent actsii.
The threat of workplace violence, as described, is clearly malicious, the provenance of Security. But the loss risk is of abiding interest to Safety, as well – just consider the litany of audits of OHS risk in the industry completed by Safety regulators. It is the Safety team that must maintain the organization’s legally-mandated duty of care obligations to its employees, a requirement to ensure (so far as is reasonably practicable) that the workplace is free of recognized hazards causing or likely to cause death or serious physical harm. But maintaining duty of care requires Safety teams to identify, understand, and control security risks. What’s more, once security risks become incidents, too, they cascade into major safety events, which again compromise an organization’s duty of care.
And this is the case across all industries, especially sectors like construction, retail, and education that have elevated risk of violent security threats. The only question remains, though: are siloed structures sufficient to prevent major safety and security loss and maintain duty of care? Careful research says no. And so, this guide lays out an alternative approach, detailing the benefits of integrated safety and security management and specifying the precise software capabilities teams should look for to achieve their loss prevention goals and mitigate compliance risk.
Integrated safety and security management broadens the spectrum of threats that Safety and Security teams must tackle to all threats and hazards classified as probable (based on risk-based planning) to cause injury, illness, property damage, business disruption, or environmental impact. Integrated safety and security management technology itself enables those different teams (be they Safety and Security or others) to conduct varied activities in a uniform, consistent manner, an approach that continually protects all elements of the enterprise from internal and external threats.
Why isn’t that possible with siloed management systems? Well, standalone systems that have been implemented at different times, by different teams following different directives don’t communicate well with each other – if at all. This lack of interoperability is especially pronounced in safety and security, where disparate safety and security management systems (often locked apart from each other) aren’t set up to share relevant information, despite the demonstrated fact that security threats cascade into safety incidents (and vice versa).
One effect is specific to organizations who’ve built security operations centers (SOCs). During critical security incidents (impacting safety), SOC practitioners receive a surfeit of data from different sources, including Safety. That wouldn’t be bad in and of itself. But the non-interoperable technologies that security practitioners use don’t provide a cohesive means of viewing all of that information, let alone making sense of it. So, despite the upfront investment in proactive protective security strategies and structures, an organization without an integrated safety and security system will still see the risk of duplications and redundancies grow, which slows down incident response – all challenges the development of the SOC was meant to overcome in the first place.
Security organizations who haven’t built SOCs aren’t immune from the siloing effects of safety and security technologies, either; further, those organizations often yield to the temptation to procure individual point solutions, each solving a discrete challenge. Without an end-to-end, enterprise-grade interoperable system, though, practitioners respond to safety threats that trigger security crises (e.g. fire and explosion) with limited situational awareness, because of the degraded flow of knowledge. As practitioners know all too well, operating with limited situational awareness only extends out incident response times and heightens the potential for losses. On the other hand, integrated information management (via safety and security interoperability) eliminates potential redundancies and improves response efficiency.
What’s more, an integrated platform cuts down on the overhead (cost and personnel-wise) of ensuring that separate point solutions keep communicating with each other. The fact is they often don’t; data connectors break down, leaving response teams in the lurch.
Now that we’ve rehearsed the important benefits of integrated safety and security management, it’s well worth asking what should you be looking for when procuring an integrated safety and security platform? Here’s a list of the key capabilities to effectively manage the safety and security incidents, risks, and hazards across your enterprise:
Make sure your integrated safety and security management system offers dashboard templates for any type of user. That way they can see what’s right for them.
Further, a flexible, safety and security platform should also conduct facility and event risk and threat assessments, as well as track post-assessment security controls and risk mitigation actions. Risk and control functionality should
also enable the recording of any kind of risk or control using flexible types, forms, and fields, as well as provide flexible support for multiple different types of risk matrices and scoring methods. Other must-have capabilities include:
Risk management is important. But integrated safety and security technology still needs to account for when safety and security risks become full-blown incidents. How? Incident response and reporting functionality has to be integrated into the same flexible solution.
Indeed, the right integrated solution will also ease the incident management burden on frontline workers (like dispatchers), by enabling planned, controlled, and automated incident response to any situation, no matter the incident. For Security teams, in particular, the technology will also integrate with existing PSIM and SOAR platforms (among other systems). Automatic tasking and dispatching of staff also make incident response more efficient; so too does the ability to assign actions to
individual roles manually or automate, according to the incident in question.
Additionally, team collaboration during a response drives efficiency and increases speed. Facilitate better team collaboration during a safety and security incident with in-built communications for email, SMS, broadcasts, alerts, reminders, and app notifications.
Incident response doesn’t end the safety and security risk life cycle, though. Evaluation remains a critical component, as teams shouldn’t neglect the important lessons learned from the response. To that end, integrated safety and security management software must enable teams to action their tasks from incident “lessons learned” and related risk reviews – even just observations and near misses. Those efforts help teams achieve continual improvement when it comes to processes and procedures.
No matter what team you’re on, loss prevention is a difficult business – now more than ever with the onslaught of threats to people and property. It certainly doesn’t help when redundant safety and security systems are closed off one from the
other. Luckily, technology innovators in the field have built leading safety and security platforms, eliminating redundancies and improving response efficiency. These platforms provide teams with all the information and tools they need to break
down the siloes and effectively manage, incidents, risks, and hazards across the enterprise, helping employers uphold their duty of care requirements and stay on the right side of regulators.
i. Sabarathinam Chockalingam et al: Integrated Safety and Security Risk Assessment Methods: A Survey of Key Characteristics and Applications. Available at https://www.researchgate.net/publication/318315890_Integrated_Safety_and_Security_Risk_Assessment_Methods_A_Survey_of_Key_ Characteristics_and_Applications.
ii. Occupational Safety and Health Administration: Guidelines for Preventing Workplace Violence for Healthcare and Social Services Workers. Available at https://www.osha.gov/Publications/osha3148.pdf
iii. Protective Security Requirements. Available at https://www.protectivesecurity.govt.nz/physical-security/management-protocol-for-the-physicalsecurity/meet-the-mandatory-requirements-for-physical-security/
iv. National Safety Council: Is Your Workplace Prone to Violence? Available at https://www.nsc.org/work-safety/safety-topics/workplace-violence.
v. Ibid.