Corporate Risk Management: Terrorist Attack

Corporate Risk Management: Terrorist Attack

In today's business world, practically all reasonably-sized organizations have expanded globally. One of the risks associated with globalization is the increased probability of terrorist attack. Terrorism occurs when groups with a certain goal use violence and/or threat to attain their objectives. This is facilitated when a targeted organization branches out to a country where the terrorist group in question resides. Indeed, this expansion may be one of the reasons for possible resentment from purist organizations. In order to mitigate such risks, it is therefore important to plan for contingencies in a targeted and practical way. There are a variety of practical ways in which the threat of terrorism can be mitigated.

The first option is to avoid the risk altogether. This can be done by a thorough risk assessment and concomitant action to minimize the risk of terrorist attack. Countries where such risks are high can then be avoided when planning for global expansion. The problem with this approach is however that other risks may be incurred while avoiding the risk of terrorism. Opportunities to increase revenue may for example be lost by not expanding to certain countries. The company's reputation and public image may furthermore be harmed, as the failure to expand to certain countries may be seen as evidence of prejudice, racism, or social irresponsibility. It is therefore important, when prioritizing and quantifying the risk of terrorism and its possible avoidance, to also quantify the risks incurred as a result of avoidance.

Secondly, companies facing possible terrorism may also wish to reduce the likelihood of this risk rather than avoiding it altogether. In this way, the risk associated with avoidance may be mitigated, while also reducing the effects of possible terrorist attacks. Once again, initial research into and quantification of the exact risks involved are important actions. For reducing the likelihood of terrorist risk, the country into which the company aims to expand should be specifically researched for its likelihood of terrorism. When the likelihood is small, mitigation measures may include elements as simple as a risk manual, through which each personnel member is made aware of measures to be taken in the event of terrorist attack. When the risk is significant, this should be quantified against the risk of not entering the specific country in terms of expansion. When the risk is acceptable, stringent measures, including organizational arrangements, engineering control, and research and development, need to be taken. Research and development are particularly important, as mitigation measures can then be implemented that are particularly targeted towards the measure of possible terrorist attack for the country involved. Reducing the likelihood of terrorist attack can in certain cases be a better response to terrorist threat than avoidance, as it mitigates many of the additional risks involved in the latter.

Thirdly, reducing the consequences of terrorist attacks is a retrospective approach. This is done by measures such as contingency planning, recovery plans, design features, surveillance, and the like. Such measures are best implemented by learning from the past experiences of terrorist attacks on the company involved, or indeed from other companies. Research and development are also important in this response. The past should be investigated thoroughly during the planning stage of expansion in this regard.

Finally, transferring the risk of terrorism is also a measure that can be taken by globally expanding companies. There are several ways in which this measure can be handled. Contracts, insurance, partnerships and consortia, or combinations of these are options that a company can use. Specifically, when expanding to a country where the risk is high, a company may wish to create a partnership with a local company, so that the risk is in effect shared, mitigating the risk to the parent company.