Load low-bandwidth site?

What is humanitarian security risk management?

Humanitarian security risk management not only helps to protect aid workers – it also allows greater access to and impact for populations in need of humanitarian assistance.

At GISF, our members represent over 130 humanitarian organisations, working all over the world. When delivering their vital services across the globe, safety and security are key. This is where security risk management comes in.

Oxfam, for example, currently has around 10,000 staff working in 85 countries. The risks that Oxfam faces are plenty, and it is the job of a security focal point to understand what these are and take action to mitigate them.

Aid workers, programmes, and organisations as a whole face varying levels of risk in carrying out their work globally. Organisations, therefore, must put in place security risk management practices that enable them to effectively reach those most in need while still meeting their duty of care obligations towards staff.

Humanitarian security risk management is a means to an end and not an end in itself. It supports organisations to carry out their work while putting in place safeguards that ensure that the organisation’s most important assets – their people – are not unduly placed at risk.

The risk management guide ISO 31000 defines risk as the effect of uncertainty on objectives. Therefore, security risk management is about enabling organisations to meet their objectives. It is not about being risk averse, but about managing risk.

This GISF video explores what Security Risk Management is, how it can help to keep staff safe and enable sustainable programmes, and why it is important to adopt an inclusive approach to staff security.

Safety versus security

Security means freedom from harm, or the risk of harm, which results from intentional acts. In humanitarian contexts, these risks might be kidnappings or bombings.

Safety means freedom from harm, or the risk of harm, which results from unintentional acts. In humanitarian contexts, these risks might be natural disasters or road traffic incidents.

It is also important to note that risks are not only physical but include psychological trauma and mental illnesses.

Risks to humanitarian organisations

GISF’s members operate in some of the world’s most dangerous locations, such as Afghanistan, the Democratic Republic of the Congo, South Sudan, Yemen and Syria.

In 2022, 444 aid workers were victims of major attacks, with 116 killed, 143 injured, and 185 kidnapped.

Security risk management

Effective security risk management starts with well-designed humanitarian programmes, good leadership, strong personal and organisational resilience, and effective communication.

To better understand how to effectively manage security in a humanitarian context, it is helpful to consider the different elements of a security risk management framework:

  • Operations and programmes
  • Travel management and support
  • Awareness and capacity building
  • Incident monitoring
  • Crisis management
  • Security collaboration and networks.

Rather than a process of its own, security risk management is a lens through which to understand how risk can affect programmes and staff throughout the project cycle and means identifying ways to mitigate against identified risks.

Key aspects of good security risk management include:

  • Understanding security risk management is first and foremost a tool to enable access to and impact for crisis-affected populations
  • Using security risk management as a tool to support decision-makers
  • Developing a proactive approach to identify, assess and mitigate risks
  • Taking an inclusive approach and drawing on the expertise and experience of internal and external stakeholders in a particular context to understand and manage risk.

Security focal points

Security focal points are the people responsible for mitigating risk to ensure the safety and security of their organisation’s staff and operations. These individuals have a wide range of responsibilities, which often include:

  • Policy and Decision Making
    • Developing organisation-specific security risk management policies
    • Ensuring policies are inclusive for all staff and meet duty of care requirements
    • Supporting decision-makers at all levels to understand the security risks the organisations face.
  • Funding
    • Including costs in proposals to meet security risk management needs.
  • Partners and Localisation
    • Including security risk assessments in partnership agreements.
  • Awareness and capacity building
    • Developing capacity building and training programmes for security risk management and personal security
    • Organising and conducting security training for staff and partners.
  • Crisis management
    • Developing crisis management policies and structures
    • Creating crisis management plans
    • Sourcing assistance providers and support.
  • Supporting operations and programmes
    • Conducting security inductions for incoming staff
    • Conducting risk assessments
    • Putting in place security plans
    • Travel management and support
    • Incident monitoring and analysis.
  • Security collaboration and networks
    • Coordinating with other organisations in the sector.

The aim of security risk management is to enable organisations to reach those most in need, whilst fulfilling their duty of care.

At GISF, we provide security focal points with a network that keeps aid workers connected and shares global expertise. Through our work, we help organisations to prevent, prepare for, and recover from security incidents.

Next: Our journey

From EISF to GISF, and where it all began.

Our journey: from EISF to GISF