TT Talk - How good is your security?
- Date: 19/08/2004
- Source: TT Talk 52
The Frans Maas case reported above highlights the need for an effective review of your security systems.
The judge severely criticised many aspects of FM’s security arrangements. Evidence was given that virtually all employees had a key to the premises and that they all knew the code needed to turn off the burglar alarm. The code had been changed only once in the previous two or three years. There were wholly inadequate records of security issues, so nobody knew exactly who had keys; neither was there any check that the keys were returned when someone left the company.
There had been some desultory correspondence between Samsung and FM about improving the physical security, by employing security guards or having FM’s staff on duty overnight, but these had not, apparently, led to any action being taken. All in all, there was a distinct lack of a "security culture" within the company.
While the English court held that Frans Maas was still able to rely on its standard trading conditions to restrict liability, courts in other countries may not take such a tolerant view of these shortcomings. If a similar case were tried before them, they might well hold that the warehouse’s security lapses and the absence of a properly managed security culture was a matter of gross negligence, and simply sweep away the company’s limitation clauses. The warehousekeeper or forwarder would then be fully liable for the losses.
The Club therefore strongly recommends all members to conduct a periodic review of the security of their site. While the physical aspect (the strength of fences and doors, CCTV systems and so on) is, of course, very important, attention must also be paid to the human side.
Who has a key?
How is the issue of a key (and its return) monitored and recorded?
Who has access to which areas?
How is access controlled and recorded?
How are the alarm systems disabled and who is permitted to do it?
How often are codes changed? (And how are the new codes notified to permitted users?)
Are the alarm and CCTV systems permanently monitored?
These and many other questions should be asked regularly by senior management; or better still get an outside security adviser to carry out regular checks on systems and procedures. The important thing is that management react promptly and effectively to close any gaps identified by these checks.