Capturing Incident Data: Measuring Value in Corporate Security

The value of corporate security is measured in prevention of incidents. The strength of any corporate security program may remain unproven until a breach occurs. In a survey of corporate security professionals conducted last fall, Resolver’s research shows that corporate security leaders want to measure the effectiveness of their risk management programs—but often lack the resources to gather, analyze, and report on corporate security metrics. How can these leaders develop data that demonstrates the effectiveness of their programs? How can software help deliver accessible, real-time, streamlined insights? How can metrics demonstrate corporate security’s alignment to the strategic goals of the business?

This article advises corporate security leaders about how capturing incident data and other metrics can be used to demonstrate corporate security program value—and support requests to fund operations and projects. Securing funding is so critical to corporate security leaders’ effectiveness in an evolving threat landscape that we wrote an entire post about it as a companion to this one.

Capturing Metrics that Demonstrate Value

Corporate security departments use their knowledge of past incidents to prevent future ones. They capture counts, frequency, and severity of incidents that occurred, counts of incidents that were prevented, and track whether incidents were safety- or security-related. These statistics are consistent across industries; businesses within any particular industry might gather additional facts.

Presenting additional information helps corporate security leaders focus their attention and resources while demonstrating their programs’ value to the organization.

Figuring out what metrics to gather and present comes down to three essentials.

1. Start by meeting executives’ current expectations: what data are leaders getting now? What more are they asking for?
2. Evaluate your security team’s capabilities and tools to manage corporate security metric data—more data means more complexity, and it’s pointless to capture information without the capacity to make use of it.
3. Consider best practices for security. We explore five areas to consider in the sections below.

Consideration 1: Trends and Hotspots

Measure incidents by location and type to determine where to target efforts. Compare incident levels per location to the employee counts there as the basis for exposing bad actors. Drill down on the most notable incidents.

Consideration 2: Losses and Recoveries

Locations, dates, and classifications are essential to investigations. For any loss event, the security team will want to capture what kind of incident precipitated the loss and how much the incident cost the organization in a loss event profile. Gathering, analyzing, and reporting on incidents collectively—noting differences and similarities—is critical to loss prevention.

Consideration 3: Resource Management

Resource management includes time spent per incident and aging of incidents from reporting to closure.

It also includes measuring and reporting how and where security staff allocate their time. Measure the time team members spend on various incident and issue types—as well as on administrative distractions. Note whether time metrics are consistent; target notable differences to drive down cycle times.

Lastly, confirm that service level expectations for corporate security are being met. Tracking against service levels can highlight excellent performance and identify opportunities to improve service delivery.

Consideration 4: Incident Reduction and Safety

A narrative of risk reduction and enhanced safety tells the story of how the team enables a corporate culture of security. Metrics support the story by creating an overview of daily, weekly, monthly, and annual routines. Data describes what resources and tools the team applies to resolve incidents and provides details regarding outcomes.

Ultimately, your narrative should show how security is integrated throughout the organization: its programs, people, and technology. Describe what the corporate security team has accomplished in raising security awareness and building employee engagement in security matters.

Consideration 5: Root Cause Analysis

Security data floods in through sensors, cameras, eyewitness accounts, and more. If the security team has the tools and bandwidth to use it, all this data can underpin analyses to uncover incidents’ root causes. For example, one trucking firm we know found that drivers’ underuse of seatbelts resulted in more severe vehicular accident damage. Analysis of closed-circuit television data via risk management software enabled a targeted campaign to encourage seatbelt use, and injuries—and costs—were reduced.

Beyond the Snapshot

Beyond capturing current information, metrics also showcase corporate security programs’ effectiveness over time. For example, one hospital system wanted to understand the causes behind workplace violence. Executives asked about recent incidents. The security team was equipped to describe counts, types, severity, and progress of investigations.

Then, the executives asked: is this situation better or worse than it was last year? Security leaders didn’t have an answer for that. What the executives cared about was whether the overall picture was improving or devolving. They wanted more than insight into each incident; they hoped for a holistic view that included trends: the dimension of time.

Incident count reduction is the principal way corporate security leaders demonstrate the value of the function. Likewise, spotting an increase in a particular incident type—or in a specific location—points the way to adapting the security program to changing conditions.

As fewer people work onsite, corporate security will evolve from the protection of facilities toward protecting individuals and data. Decision-makers may experience this as a shift from the tangible to the intangible. It will become even more important for corporate security professionals to provide metrics that demonstrate the function’s effectiveness and value.

Corporate security functions can maximize their value when equipped with the tools that manage complex data sets, analyze incidents, guide the evolution of security programs, and demonstrate improvement over time.

Managing Metric Data

As a group, corporate security leaders struggle to quantify the value they return to their organizations. The way these leaders capture and present data to executives distinguishes between security teams seen as strategic partners to the business and those seen as cost centers.

Corporate security measures effectiveness in the prevention of incidents, but many corporate security leaders lack the resources to demonstrate their value in a holistic, detailed, analytical way. While many leaders get by with spreadsheet-driven attempts, more sophisticated analyses are powered by security management solutions enabled by artificial intelligence. Modern tools enable corporate security leaders to target security efforts by providing more nuanced information. With modern risk management tools, corporate security leaders can operate as partners to the business, delivering meaningful reports, identifying threats, and building programs that evolve to fend off emerging risks.

Ready to build your business case? Download our free presentation template with suggested narratives and talking points to help you show the value of your corporate security team.