At a recent ‘Risk Management in FM’ key learning event, BIFM North members were urged to look at key ways in which they can support business risk management. Speakers highlighted that risk management is becoming increasingly important in the strategic goals of an organisation; the time for box-ticking is over; and managing the complex risk landscape has never been more crucial.
Global defence, aerospace and security company BAE Systems provided the perfect venue for the event: from the carefully executed security clearance processes to the plethora of health and safety advisory notices across the 700 acre Warton site, there was strong advocacy for a responsible and safe business.
BAE Systems, which provides defence information, safety critical IT systems, and civil and military aircraft has, in recent years, entered the cyber intelligence arena. It has an elaborate range of technical facilities which, due to their uniqueness, are potential single points of failure. Mark Tooth, BAE Systems governance, engineering and sustainability manager, highlighted that risk management and business continuity are embedded throughout the company and its products, and that safety is right at the top of the agenda.
He said: “Each site has its own designated emergency planning centre. We have several high risk zones which house highly advanced, and valuable, equipment and products. We work closely with our insurers, regularly undertaking risk surveys to increase business resilience.”
Tooth emphasised that operational excellence is also key to business risk management at BAE Systems and that investment and operational improvement are an integral part of the corporate mandate and policy.
Steve Dance, director of Risk Centric, also focused on the importance of a joined up process for risk compliance and operational continuity and provided the framework for a simple resilience and contingency plan to keep an organisation running. At a time when many companies, especially in the FM industry, are growing organically, Dance said that: “business controls and governance must be completely up to scratch to give confidence to investors.” The facilities manager can make a significant contribution to critical environments – people and equipment. Dance stated that these “need TLC”, and encouraged a joined up strategy because, “if something goes wrong, it is generally at an interface”.
A focus on cyber crime and the impact on FM came from Mike Gillespie, founder and MD of Avent IM. He explained that 92 per cent of our data breaches come from malicious internal activity but that cyber crime is “normally relegated to the IT department to fix it”. Gillespie highlighted that “many cyber attacks are only made possible by physical vulnerability and that may physical attacks are only made possible by cyber vulnerability”. Everything is attached to the “world of cyber” from fridges to the air conditioning, BMS, security systems and fire alarm systems. FMs must be aware that everyone and everything is a potential threat through which an attack can occur. He stressed to have a thorough knowledge of the supply chain and to bring the security disciplines together in a robust plan, “Don’t let FM provide the weak underbelly” he warned.