The field of security risk management (SRM) has undergone significant transformation over the past decades, shifting from a largely reactive and ad hoc practice to a more structured and professionalised discipline. This evolution has been driven by the growing complexity and sophistication of threats, increasing reliance on digital infrastructure, and a broader recognition that robust security is essential for maintaining organisational integrity and trust.
In today’s interconnected environment—where risks may stem from cyber incidents, physical breaches, or armed actors—the effective management of security threats is critical to ensuring the safety and wellbeing of staff.
For humanitarian actors working in crisis settings, the need for strong SRM is even more acute. They must determine the quickest, safest and most effective way to deliver life-saving assistance to affected populations, while balancing this imperative with the obligation to protect their personnel and to account for any real or perceived association with military forces or other parties to a conflict. Although NGOs of all sizes acknowledge their responsibility to safeguard their staff, many do not yet fully grasp the breadth of their duty of care obligations or how these obligations should shape their approach to security risk management. As humanitarian operations have become more complex, expectations around duty of care have expanded significantly over the past decade; what was once considered sufficient no longer meets current standards.
In response to these challenges, humanitarian organisations have developed systematic policies and practices to mitigate potential threats and to ensure that missions can be carried out without endangering personnel or compromising humanitarian principles. Security risk management has become an indispensable component of humanitarian action, encompassing the assessment of threats and impacts, the implementation of appropriate mitigation measures, and ongoing monitoring to adapt to changing conditions.
Links