Alex Jadrich, the Denver Zoo's Security Operations Manager, discussed the importance of enterprise risk management (ERM) for physical security executives in a recent talk at the International Foundation for Cultural Property Protection (IFCPP)'s 22nd Annual Conference. Jadrich defines enterprise risk management as a holistic approach that looks at legal compliance, policy management, health and safety and more in an organization. He highlighted the benefits of enterprise risk management, including that ERM:

• Proactively identifies potential risks to an organization
• Protects physical and nonphysical assets
• Necessitates a holistic approach to enterprise change and decision-making

Physical security overlaps with ERM

"ERM doesn't go away from what your already existent organizational values and goals are," said Jadrich. Physical security executives can benefit from instituting ERM thinking in their preexisting responsibilities, like staff training, physical assets, employee safety, emergency preparedness, investments and external relations. After employing an enterprise risk management program, it becomes clear how interconnected each siloed issue can be. For example, identifying liabilities when it comes to worker safety can prevent consequences like an OSHA recordable, which could hurt an organization's employees and brand.

How to approach building an ERM program

When looking to begin or further develop an ERM program at an enterprise, physical security executives should determine what risk management is currently in place and seek senior leadership approval for their efforts. Another important step is to develop relationships with all departments in the firm. Building relationships with departmental peers will pay off in the long run by enabling a security team to approach any company department with risk concerns. 

In Jadrich's experience developing an ERM program at the Denver Zoo, he identified the need for an active shooter preparedness protocol. By discussing this protocol with employees, he was able to both prepare them for the potentially emotional experience of drills and keep them safer in the event of an active shooter. Jadrich also liaised with the zoo's media team to address concerns with the decisions they make as a customer-facing department. In addition, Jadrich has utilized ERM for larger infrastructure decisions, avoiding future liability concerns and providing access control assessments. 

Jadrich highlighted current enterprise risk trends, including supply chain issues, which have racked the globe due to the COVID-19 pandemic. Staffing demands and turnover, competitive advantage in salaries, keeping up with cyber infrastructure, pandemics and viruses, the timing of financial investments, environmental disasters and government compliance.