Webinars & Video

Becoming A Strategic Partner: How to Communicate the Value of Security Investments

January 22, 2024 · DURATION: 60 MIN

Are you a security leader striving to bridge the gap between your team’s efforts and your organization’s strategic objectives? Do you find it challenging to communicate the significance of security investments to top management?

Security is not just a department; it’s a crucial aspect of an organization’s overall success. By having to focus on incident management, security risk management, threat protection, and security operations, your role goes beyond implementing safeguards. You are a strategic partner who contributes to the company’s growth and resilience.

In this webinar, Artem Sherman and LeeAnn Kincal will give you the skills and insights needed to effectively communicate the importance of security investments to your organization’s leaders.

Learn how to:

  • Master the foundations of compelling security investment proposals: Gain an understanding of the elements required to make a strong case for security investments.  
  • Navigate obstacles in gaining backing and resources for security initiatives:  Delve into strategies for overcoming common challenges security teams face in getting support and funding.  
  • Craft persuasive narratives through data-driven storytelling:  Discover techniques for transforming raw data into compelling narratives that resonate with key decision-makers.    
  • Design impactful presentations, illustrated with real-life instances:  Receive a step-by-step roadmap for creating presentations that with examples that secure buy-in for your security proposals.  

“Becoming a Strategic Partner: How to Communicate the Value of Security Investments” webinar transcript:

Raquel Allen:
Hello and thank you for joining. Our program will begin shortly. ASIS International presents “Becoming a Strategic Partner: How to Communicate the Value of Security Investments.” Hello and thank you for joining. I’m Raquel Allen, Learning Program Manager at ASIS and today’s host. We have a great discussion ahead, but first a few housekeeping items. ASIS International acknowledges and thanks Resolver across business for sponsoring today’s webinar and discussion. Resolver helps transform security departments with its end-to-end corporate security platform by integrating their clients’ threats, security risk, incident management, and security operations capabilities. Resolver enables security teams to use their resources more effectively, reduce the frequency and severity of incidents, and be a strategic business partner within their organization. For more information, visit resolver.com. Sent it on your screen. On the presentation slides to the left of the slides, you’ll find the media player where you should see today’s presenters with their biographies directly below under the slides of the Q&A box.

If you have a question during the presentation, type it there and we’ll address it during Q&A at the end, as time permits. To the left of the slides, you’ll find webinar materials and resources including today’s presentation slides, as well as other items you may find useful. Along the top and bottom of your screen are icons and images to access additional tools and information. So click or hover over each to explore more. Should you experience any sound or audio disruption during the webinar, please refresh your browser. If additional help or support is needed, click the question mark icon at the bottom of your screen. At the end of the webinar, an evaluation will pop up. Your feedback helps determine future programming and your input is appreciated. CPE information: Completion of this webinar is eligible for one CPE credit. CPE credit will be updated directly into your user profile within 48 hours after the webinar’s conclusion. Self-reporting is not required. Please note today’s presentation is being recorded and will be made available on demand within 48 hours. Are you prepared to take your certification exam? Get ready by enrolling in ASIS’s upcoming virtual study groups. Whether you plan to pursue your Certified Protection Professional designation or earn the Physical Security Professional certification, virtual study groups support your success. Registration is now open with limited space available. More information is available in the webinar resources and materials module.

And thank you again for joining today’s webinar, “Becoming a Partner: How to Communicate the Value of Security Investments” sponsored by Resolver. I’d now like to introduce today’s speakers, Artem Sherman, Product Manager at Resolver, and LeeAnn Kincal, Product Marketing Manager also at Resolver. Again, full bios for both are located in the speaker biography module, again to the left of the presentation slides just below the media player. And with that, hello and welcome to our panel. I’ll hand things over to you all.

LeeAnn Kincal:

Awesome, thank you so much Raquel, and good afternoon. Good morning everyone, whatever your time zone is and thank you for joining the webinar today. So as Raquel said, we’re going to be taking you through how to communicate the value of security investments to your organization and also take you through how to build a strong business case where you can clearly highlight your pain points and articulate the value and the recommendations of your proposal. So we’re hoping that this helps you all when you are creating these at your organization. So first, just starting off with our agenda, we’re going to start and look at the core challenges that security teams often face, and then we will take a look at the business case template that was created by the inter-Agency Security Committee. And then once we have done that, we will go through an example of a business case to help visualize this, what it would look like in a real world scenario, and that’s where we’ll spend majority of the presentation today.

Okay, so starting off with the core challenges that security teams face. Something that we commonly hear in the industry, regardless of whether you’re in CPG manufacturing a tech company, is that generally the broader organization often feels to understand the value security teams can bring or what they can bring to the business as a whole, just solely due to lack of familiarity. So unlike other functions in the organization, whether it be marketing, sales, technology, security teams have the benefit, or sorry, security teams rarely have the benefit of their budget holder having inherent understanding of the value they create and the requirements for success. So that’s why building a strong business case that highlights the impact that security teams can bring is essential to help you advocate for yourself across the organization. So yeah, we’re going to walk you through an example today and hoping that you can take this as we go through the example and take it and go through with it as you are presenting your investments going into the inter-agency committee business templates.

Just starting off with background on the ISC. The ISC committee was actually built based on the bombing of the Alfred p Murrah Building in April, 1995. This bombing resulted in the Department of Justice publishing a report on the vulnerability of federal buildings, which is ultimately what resulted in two, the development of the ISC committee. With this, the ISC was responsible for putting together multiple reports and recommendations on how to protect these federal buildings. And of course with this naturally came large budget requests, so they needed to build strong business cases in order to demonstrate the value gain that buy-in and get approval to move forward.

So the ISE business case process is six steps and just starting off with the first three here, the first one is conducting preliminary analysis and defining the problems. So this initial step is generally quick but also very important. And really the intention of this is to do initial research, solicit buy-in from your stakeholders within your department, but also across the organization as well. So other investigative teams, whether that be human resources, legal teams and so on, and being able to build out that recommendation fully and getting that buy-in. Yeah, I know that Artem, you had specific exposure with building business cases working in the security industry. Did you want to share your experience on that?

Artem Sherman:
Yeah, definitely. So this is something that we do find essential and in my prior experience in domain and working in large enterprise as well as across our customer base, we see that the first step is often underutilized, but there are a lot of opportunities to really do that with not a lot of investment and not a lot of effort. But that is a key to success down the line.

If you think about it, every day, week, quarter, things happen throughout your business that you would like to prevent from happening, mitigate, improve in some way through projects that require investment. And realistically, lots of stuff happens that you want to be able to address, but every fiscal cycle you really only get to execute anywhere from zero to two major initiatives. So the way to get to being able to execute those initiatives and to make sure that they’re not zero but closer to that two number is to constantly be thinking about it and being prepared with initial solutions.

And as things occur continuously communicate those initial solutions, communicate that you’ve been thinking and focusing on these problems to push that agenda because often it requires repetitive exposure and piling evidence for lack of a better term, to cross a threshold where the exec notices and determines that it is worth funding. And ideally what you do is you’re ready for that elevator pitch when the chance or the opportunity presents itself where you do have that exposure to senior leadership or exec. So instead of reviewing the problem or reviewing an incident that happened with the exec, be prepared with your high level ideas on what to do about it. So a simple example could be this claim of mistreatment where we had to pay out $40,000 that could have been avoided if we had body cameras for a guard force, we can’t stop there because that might trigger that interest.

And the exec might say, well, interesting, what would that look like? And if you’re prepared with some rough estimates and an initial idea, you could answer that on the spot in that elevator conversation where you could say, well, we could pilot this for one team over two months. It would cost us about $20,000 and a full rollout. We could do over six months total investment of about $2 million to equip the full team.

Exec approval can happen much more quickly when you have the answer ready, you have some proposed solutions and you’re thinking about that problem and the conversation they’ve had with you. They didn’t just hear we had a claim for mistreatment or an incident happened, they heard there was a problem and they heard that you know how to solve it. And if that topic arises again or come budget times, that might stick. And once it crosses a threshold of importance or maybe another incident happens, they’ll recall that you’ve already solved that problem and we could quickly move on it. And this is something you should be doing not just with one issue, but consistently with all of the initiatives that you would like to push forward. Recognizing that you might only get zero, one or two of them moving forward. Any significant, any specific.

Another common one is this happened because we didn’t have an incident management system and couldn’t find the necessary documents to defend the claim with that same $40,000 example, but it’s about being prepared for solutions and having done the initial exploration.

Awesome, thanks Artem. That kind of goes nicely into our second step, which is identifying stakeholders and socializing the problem. So again, connecting with your other investigative teams and making sure that you socialize the problem early. As Artem was saying, sometimes it may take some time or a couple of rounds. So being able to socialize that problem as early as possible can really help your case and also just help you get that. And then also in this process, being able to identify what those roles are and what the responsibilities look like within your team and across the organization. Then going into step three is developing a cost benefit analysis. And this is where we’re actually going to spend a fair amount of time on as within this step, there are nine mini steps that we’ll go into on the next slide.

Okay, so this is the mindset cost benefit analysis, and this actually comes from the federal Office of management and Government. And as you could see, their approach to cost benefit of analysis is quite thorough as they have nine steps throughout this process. As I mentioned, we’ll be spending most of our time going through this in the business case example as this, where is a lot of the work is going to come from your teams in developing the business case and showing the quantifiable and non-quantifiable benefits.

Just a quick overview of these nine steps: Step one is the finding the need and the problem you’re trying to solve, which is what you would’ve done on the previous slide here, previous slide that we just spoke to. Step two is then defining your baseline. So this is where you’re clearly outlining what your current conditions are and what is leading to your current problems to exist today. And this is something that is important that it’s clearly articulated so they can understand what the problem is and why it’s happening. Step three is setting the timeframe of analysis, which is outlining how long you would expect to wait to see anticipated results with your recommendation outlining the timelines and determining when to reevaluate or when things need to be adjusted. So setting that timeframe analysis from beginning to end and what that would look like. Step two is, or sorry, step four is identifying a range of alternatives.

This is a really great exercise as it shows your executive teams that you thought through this process, you thought through different alternatives, and you’re not just coming to the table with just one recommendation, but you’re coming with options and exploring different scenarios. Step five is then identifying the consequences of each of these alternatives. And I mean it will give you a deeper understanding of each of the options that you’re recommending, but it’s also a great opportunity to highlight why your main recommendation will be the ideal solution. Step six is where you would quantify and monetize all the benefits of cost based on your recommendations, including your alternatives as well. And then going into step seven, this is where sometimes what businesses do, but discounting future benefits as a potential option or something to consider.

And then step eight, so this is evaluating non quantified and non monetized benefits and costs. So in step six you talk about the quantifiable costs or benefits and costs associated with that, but it’s also important to talk about the non-quantifiable as well, although that you can’t necessarily put a dollar value to it sometimes that they can be very important to the organization and they are important to highlight as you’re going through this process. And lastly, step nine is characterizing your uncertainty.

This is where you outline the expected results if moving forward with the proposal, including how much worse the result could be if we don’t achieve a breakeven point, allowing you to show that you’ve thought through all the possible outcomes throughout this process. Returning back to the IC business case, the remaining three steps. Step four is anticipating potential resistant factors. Another important step to prepare for as you’re going into this, understanding what’s important in what resonates with your leadership team and just making sure that you’re prepared for that. So as they come in and they’re reading your proposal, you’re ready to answer those questions and you can also alleviate any immediate concerns that they may have. And again, just showing that you’ve really prepared for this business case proposal.

Step five is in developing your implementation plan. So this includes how this project would be implemented, who needs to be involved, when they need to be involved, and just overall setting up the timeframe of what needs to be required from project kickoff in order to successfully launch this recommendation that you are bringing forward.

And last but not least, delivering the recommendation. So this would be the very final step of the process where you take all your research and your recommendations to your leadership team and bring forward this proposal. This often can be a difficult step as the last step, and we often do have some tips to recommend to best approach this. And I kind of mentioned another step, but is knowing your audience, understanding what best resonates with ’em and designing your delivery or your presentation based on what will resonate with them best, whether that’s looking at ROI or specific metrics over time, framing it in a way that will resonate with them. And then one that we always recommend too is that if you’re able to get the business case to ’em in advance, giving them time to properly read and understand everything so that they fully understand what you’re coming to the table with. And with that said, I will hand it over to Artem to start off our example business case.

Thanks Leanne. So we’ll go through an example of a business case for a FIC entity, a fictitious entity, perfect care hospitals. So perfect care hospitals operates 15 hospitals spread across Texas. The CEO of PCH has reached out due to high employee turnover rates across their hospitals over 2022 PCH had a turnover rate of 24%. And a review of exit interviews indicates unsafe working conditions as a major reason for turnover. So we’re tasked with figuring this out. This is impacting our ability to deliver quality care and attract and retain talent.

So the first step is for us to identify all of our key stakeholders, and in this example of a hospital network, our key stakeholders are going to be the head of security for each territory as those are operated locally across the network. The head of facilities for each of those territories, the director of human resources is a key stakeholder as this was generated from a retention problem, which they bubbled up to exec, the head of patient care as well as a data analyst. So that’s the key group of people that we think are stakeholders in this situation to help us work through the business case.

Our first step is to describe the need, which is to determine the root causes of the unsafe working conditions that are affecting employee turnover and then develop recommendations to combat these issues. So we know what we have to do and we’ll start by defining our baseline. That step was a surprisingly difficult task in our example, and this is reflective of a lot of experiences that we see across industry as well as our customer base. So day one, we went to identify where all of this data sits that we need to establish a baseline, and we’ve discovered some barriers. One of those is that each hospital collects and stores incident data differently. Some have it in boxes full of paper files, some keep it in Excel and word files on share drives, et cetera. So very inconsistent way of keeping track of their incidents across the different hospitals.

Patient files often contain important information that is pertinent to security, but what we found is that that’s often not shared with security. So a lot of times staff would take notes that are relevant to security inpatient files that we don’t have access to, and the shift reports and officer’s schedule data is similarly inconsistent from site to site. It is managed differently depending on the site. And again, some places it’s done over email, some places it’s Excel and share drive other places it’s just a binder at the front desk. So initially we’ve discovered that that’s going to be a challenge, and it took us 60 days to be able to pull all of that data together from all of those dispared sources. And by day 60 we’re able to review all of the data that we pulled together. The way we’ve approached this here is all of this data was collected.

There’s a lot of data entry done so that way we could start being able to use it. So we found that there’s a lot of gaps in the reporting because of how inconsistently it’s stored and different processes across sites and realized that we need to do a lot of data mapping for that data to actually be usable in a consistent way. So it took us another 15 days to be able to normalize all of this data such that we could actually run analytics and reporting on it. So we got it in a place where it was finally comparable across the different sites. We were aware that there’s some data missing, but it was enough volume and it was usable enough to be able to do analysis on. So we finally got to a place where we could actually do some analytics. It looked in one place, in this case, PCH Excel.

It took an additional 25 days to complete the analysis, and it took us a hundred days to get to the point where we could figure out what are the root causes and start thinking about recommendations. The key problem identified during building this baseline is that it’s a data problem. We don’t have access to the data readily. It’s inconsistently stored and captured across locations, and it makes it very difficult to understand what’s going on with our business and programs as a result. So a key question that came up is how did this go on for so long and how did it get this bad and that we don’t have the necessary systems in place to be successful. So looking through the analysis that took us a hundred days to conduct in defining the baseline, we understood a few things.

We could see that overall incidents are trending upwards. We could see that a large portion of those incidents 349 were related to workplace violence in 2022 and 174 were related to workplace injuries. So a very significant portion of our incidents where our employees getting hurt and then looking at incidents by impacted group, it became clear that employees are our most impacted group followed by patients and then visitors and that overall incidents are trending up for all of the groups.

When we look at days lost due to workplace violence and injury, we see that on average 87 working days are lost to workplace violence each month and an additional of 58 days are lost to workplace injuries each month. And that both categories continue to trend up. And when we did an analysis of the annualized staff turnover rate, we could see that in some months they’ve reached as high as 36%, which is highly concerning.
So then we looked at offenders and an insight that was discovered in the data is that repeat offenders are having a serious impact on our hospitals. We could see that we have an average of more than two incidents per offender that affect patients, sorry, the patients have an average of two or more incidents per offender. It’s a little bit lower for visitors and it’s much lower for staff because usually there’s an easier resolution mechanism when staff are offenders. So from that, we gathered up procedures to protect staff. Patients and visitors from repeat offenders are clearly insufficient if it keeps recurring by the same people.

And another thing we looked at is our coverage versus the incident volumes. So how many guards on duty do we have throughout a day on average versus the occurrence of incidents? And what we found is that we’re over resourcing guards when incidents are low and don’t have enough coverage when incidents are higher. So our increases in coverage aren’t correlating to incidents and we’re overstaffing during the wrong times, understaffing during the wrong time. There’s a scheduling strategy problem here, which isn’t easily identified because of the data not being consistently captured in the different locations and stored centrally.

We’ve put together a few case studies to better illustrate this problem and looking at some historical cases. The purpose of these is to pluck out specific examples to be able to present as scenarios that are explained by some of the insights that we’re pointing out to kind of put that into real life scenarios. So in the first example of a workplace violence settlement, our victim was Stephanie Brent, and the perpetrator was Danny. And this incident cost US $350,000. The incident occurred on the fifth floor of the eing at approximately 4:00 PM Danny, a 58-year-old patient recovering from a brain injury, choked and slammed Stephanie on the floor. Stephanie suffered injuries, a broken collarbone, concussion and emotional trauma from the assault, and just found out that two nurses, two other nurses mentioned their concerns with the patient that they were acting erratically and could pose a risk to staff in their patient notes earlier in the week.

Looking at the specific case study, we didn’t have the right reporting procedures in place that allowed concerns about a patient being dangerous to be properly understood and responded to and left us in a situation where that patient could cause harm to staff and did as well as there was a lack of security presence and restraints for the patient in this scenario. And the problem of course was that this was in patient notes which are not accessible to security, so they had no way of knowing and responding properly to this in this case. Another example of a workplace violence settlement where the victim is Tyler Marks and the perpetrator is Rob Bob, and this incident costs us $60,000. The incident occurred at emergency triage at 2:00 AM in the morning. Rob entered the hospital earlier that night at 1230 complaining of severe stomach pains. The initial triage was completed and Rob was told to wait in the receiving area.

Jessica tries, sorry, Rob. Bob then returns to the triage desk a little bit later and has an altercation with the nurse at reception Jessica and tries reaching through the slot in the glass to grab her. He’s unable to reach her and returns to her seat, and Jessica calls for security assistance immediately after. But five minutes later, security is still not arrived on site and Rob gets up again, is clearly agitated, grabs a chair and begins trying to smash through the glass into the triage desk. Another employee, Tyler unknowingly enters the emergency room at the time, not aware that there’s an incident happening and sees Rob agitated, approaches him and is assaulted, suffered injuries, laceration to his face, some cracked teeth. In this scenario, it is clear that we had insufficient security staffing.

Digging a little bit more into it, we found out that the officer assigned to the emergency room at the time was busy with another incident ejecting a group of people suspected of breaking into cars in the parking lot. So the root cause here is operational and it’s insufficient staffing of security that caused this.

Looking at a couple of more case studies that are part of our case, this is an injury settlement for, so we look at some workplace violence now we have a couple of injury examples to show. So it’s an injury settlement for Breta, and this costs us an $82,000 loss. So Breta fell in the west stairway while heading down to the parking lot. The lighting in the area where she fell was flickering on and off, and she reported that as the cause for her losing balance, getting disoriented, misstepping and falling. As a result, she suffered a broken ankle and had to miss three months of work. A review of the shift logs from the past week before the injury indicated that security staff noticed that there was a lighting issue and placed the call into facilities, but a review of the facilities tickets showed that there was no request logged for a lighting issue in that area. So in this case, faulty lighting was the cause of the injury, but the poor communication between security and facilities and disconnect resulted in that not being addressed.

Another injury settlement here is for Joyce, which caused a $42,000 loss. So Joyce fell and suffered a broken hip after exiting through the emergency door onto the second floor staircase. The door should only normally unlock during emergencies and Joyce should not have been able to go through it. A review of the access control logs at that location showed that that door has been improperly opened over a hundred times in the three weeks leading up to the injury. Guards have been dispatched to the area many times and one shift report identifies that employees were heading out for smoke breaks as the reason for all of those openings. An investigation revealed that the locking mechanism was disabled at that door, there was some paper jammed into it and was preventing it from automatically locking. So in this case, tampering with the door allowed a vulnerable patient to exit into an area where there was a fall risk to them. And the lack of consistent reporting and visibility into the series of events and improper door openings on the floor allowed for this to persist.

So looking at the data that we’ve collected, the patterns that we’ve identified and the examples we’ve been able to pluck out from some of the data, we could summarize the findings pretty consistently. And what we found and concluded in this case is that the lack of centralized security management system and reporting standards affect the identification and resolution of issues. The analysis itself due to a lack of the data being centralized and report in the same way took us a hundred days, which is quite a bit of work. There is an integration gap between patient records and an incident management system that led to problem patients posing risks. And one of those scenarios cost us $350,000. So the fact that security had no visibility into concerns reported in patient files is problematic.

There’s a small number of problem patients and visitors that generate a high volume of incidents that contribute to staff turnover. So this is the repeat offender problem. People that are causing issues and continue to cause them, and we’re not doing much to prevent that. The lack of integration between visitor management, incident management, patient records and dispatching systems is at the root of this problem where we’re not able to have a bolo across our sites where we could prevent a problem person from entering the site or where we can ensure that we mitigate those concerns with security escorts, et cetera.

We don’t schedule well, so we over allocate guards to daytime shifts and provide insufficient coverage for overnight shifts, and that led to $60,000, a $60,000 settlement. In one example, we don’t have good visibility into our access control logs, and that allowed for uncorrected tampering with our entry points resulting in a vulnerable patient being injured and costing us $42,000. In that one instance as well as the last finding we had is that we have air prone communication channels between security and facilities that caused the fall in one instance, resulting in an $82,000 cost.

The organization, that’s the type of work that needs to happen in defining the baseline, in collecting the data, however difficult that might be. In this example, we took a hundred days so that way we could identify the patterns, do a little bit of investigation, dig deep and pluck out some good case studies and examples, and then be able to recommend areas where we should address some problems. And the next step would be to set a timeframe.


So moving away from that. And as said, the next one would be setting the timeframe. And we want to do this to determine when we’re able to see the impact of a proposed solution. So based on what we’re recommending, we anticipate that this would take some time to implement and show that impact, and we want to be able to measure and track this over that period of time. So because of that, we’re setting our timeframe to be at three years, which would include the project launch and comparing that data throughout the project process.

Since we had determined our baseline. A couple of slides back, we’ll use this to develop a list of recommendations to alleviate the current challenges that we are facing right now. The list of recommendations is just to the left of the chart, and the first one is implementing that centralized security management system where you’re able to store all your data in one location and not having it siloed. Then there is also integrating other important information, which are your patient records, facility management, dispatch, alerting systems.

So you’re having, again, all that information that you require located in that one location instead of using multiple systems. Then there’s also reallocating guard resources to align with incidents based on volume, based on trending incident data that we are looking at and ensuring that we have the right amount of guards that are located in the right sections based on the data that we’re looking at. Then there is increasing the total guard resources available and implementing an escorting program to be able to address these problems of workplace violence and help with coverage for individuals who are at higher risk.
And then the last recommendation is being to supply staff with panic buttons so they can easily report on a major incident and be able to get the security team to be onsite immediately. As we move into step four, identifying what those alternatives will look like that you’re presenting to your executive team, the first one would be your option one, your status quo. We always recommend including the baseline as an option to demonstrate what the impact can be if doing absolutely nothing to fix this. Option two would be if we completed the first three recommendations, so our centralized system, our integration, and our reallocation of guards, but not the last two recommendations. And then option three is that full comprehensive action plan that you are recommending, recommending everything a part of this comprehensive plan as this is what you believe is going to fix and address the problem as a whole.

So once the alternatives had been identified, and we’ll need to go through the different consequences of each of these alternatives, if we maintain that status quo and do nothing, we’ll continue to see those lost working hours cost for direct settlements and workplace funds incidents maintained or likely even worsen with option two, implementing that partial action plan with the centralized program, the integration, and then the allocation of guard sources with these, this could result in a decrease in workplace violence incidents with implementing those different recommendations as well as reducing lost working hours, direct settlements and so on.

However, not recommending that full plan there is still vulnerability to a hospital where high risk individuals can encounter workplace violence without having that escorting program in place or having the easy accessible panic buttons where they can alert security teams immediately. And lastly, if implementing that full comprehensive plan and moving forward with all the recommendations that we’ve outlined, we of course see the benefits from option two, but now we have the additional guard sources and we’re having that escorting program, those panic buttons. And with these in place, we may be able to see a positive shift regarding the safety of employees and the patients as well. And therefore, we might see employee turnover rates lesson or even potentially diminish.

Okay, so going into step six, quantifying and monetizing these. So art took us through all the different charts, how many workplace violence incidents and injuries that we have did the analysis on and we’re able to collect. So being able to put this all together and seeing what the cost is across these different options. So in this, there are three buckets we’re going to look at. It’s that workplace violence cost, the cost of workplace injury, and then the cost of employee turnover rate. And of course, these are all hypothetical numbers just to demonstrate what a real world example would look like in your scenarios. This would be something that you would work with across your teams, both within your security team and with your other teams as well to gather this information to build out to costs that makes sense for your organization.
So starting off with option one, which is your status quo, looking at cost of workplace violence incidents. So as Artem mentioned, there’s a total of 349 workplace violence incidents on an annual basis that were identified.

And as a result of this, it led to just over a thousand loss days. And with those a thousand loss days and those incidents, the cost per day equaling at $600 led to $627,000 annually just based on this here. Also incorporating direct settlements. So based on the information gathered, and once this was calculated, this resulted into $940,000. So looking at workplace violence incidents alone, this equaled up to just over $1.5 million moving into workplace injuries now. So again, the numbers that were gathered was that there was 174 workplace injuries that were encountered. This resulted into 698 days that were lost and based on the cost per day equal to $418,000. Again, once calculating those direct settlements resulted into $300,000 and the total cost just over 718,000. And then lastly, looking at our cost of employee turnover. So this information is based on the current employees that we have. So this is 1500. And working with our human resources team, we’re able to determine that our annual turnover rate was 24%. Also, with connecting with the human resources team, being able to understand what the cost is of hiring a new employee and onboarding them as well, which averaged out at $3,000.

So being able to replace those loss of employees based on the annual turnover rate, this would result in over just over a million dollars. So adds up very quickly. These numbers as you can see, and combining all these three sections together, this equals to over $3.3 million in just one year. And looking at this over a three year period, and let’s say applying a 5% discount, this equals to over $8 million in loss in losses over a three year period if we maintain that status quo.

Moving into option two, so this is again where we’re moving forward with our centralized system, our integration, and then relocation of guard resources to the column to the left is the percentage reduction we would expect to occur if implementing this partial plan. And then the second column, the new value is demonstrating what those numbers would look like with that anticipated reduction. So with that said, we would anticipate a 35% reduction, which results of course in a lesser number of incidents and reduction in days lost based on this, we would see just over $200,000 in cost savings compared to the status quo. And in terms of day loss, we would also expect in regards to workplace injury, to see a reduction about 50% here.

And also again, seeing a large amount of cost savings here, moving into cost of employee turnover. With these new actions in place, we would actually see a reduction in turnover as we’re implementing tools to reduce incidents that are happening across the hospital, reduce incident severity, so we would expect that to drop to 20%. And with that 20% and equaling up to, sorry, adding up all factors together, looking at potential losses would result in just over 2 million. And looking over that three year period, almost $5 million when comparing this to the status quo, that $8 million over that three years, the loss reduction with option two would lead to $3.1 million.

And going into option three, our comprehensive recommendation that we are moving forward with. So of course we are going to see even more benefits here. So looking at workplace violence, we would expect a reduction up to 50% and employee turnover rate to improve even more. So as we’re implementing all these different recommendations and dropping to 14%, tying all these in together, again, comparing to our option one status quo, we would see just so we’re $4.3 million in loss reduction compared to the initial option, the first option. So step six is about looking at cost and monetizing them and how that would look. But what we also need to look at is with all these lists of recommendations, there is a cost of investment. So what does that look like with these costs plus the investments that we’re bringing forward with this proposal. So with option two, we have our centralized security risk management solution, and year one, this would account for your licensing fee and your implementation costs.

Moving into year two and year three, you would no longer have that implementation cost, just the reoccurring annual licensing fee, your system integrations, that would be a one-time fee, being able to incorporate all data that’s relevant to security teams, and that would just be a one-time cost of 65,000, and then none in year two or year three, moving into option three, which would include the two that I just spoke to. But now you’re adding in those panic buttons, which adds an additional cost and the additional guards for that escorting program. So again, adding additional costs to this and implementing that full recommended plan.

Now when you’re looking over at the net improvement versus status quo with option two, you’re looking at a net benefit of $2.9 million. And with option three, this is equaling to $2.4 million. If we’re looking at this from just a cost perspective, companies might go with option two because the net benefit is better. But one thing we also wanted to highlight too, as I mentioned in the next step, is being able to identify the non-quantifiable benefits that might be more important sometimes than what the net benefit could be. So really depends on what’s important for the company as a whole, but very important to highlight regardless.

Going into that, so evaluating those non-quantifiable metrics, an example of what this would look like could be something like quality of staffing. If you are working in a hospital where there are higher volumes of workplace violence incidents, you’re likely not going to be able to attract the top qualified staff.

But if you are moving towards incident reduction and you’re seeing you’re known as a hospital that has less incidents that are occurring, you might have more opportunity to get the quality of staffing. So that’s just an example of what a non-quantifiable metric could look like. And again, could be something that might be more important to the company than that net benefit that we had talked about in the previous slide. Last but not least, step nine and the cost benefit analysis is characterizing your uncertainty. So in a reward situation, using your costs, your benefits and expected outcomes, you would emphasize what that expected result would look like, including how much worse it could be if we did not achieve that break even point. And then now we’re turning back to the final steps of the IFC business case. So that is anticipating a potential resistant factor. So again, understanding what’s important to your executive team, being prepared to answer those questions and alleviate any immediate concerns that they may have, developing that implementation plan, what that would look like from beginning to end when we would expect to see impact, when we need to make adjustments as necessary, and then finally delivering that final recommendation to your organization and your leadership team.

Awesome. So Raquel, I’m going to hand it back to you as those are our slides for any questions.

Alright, thank you. So we have time for maybe one or two questions. So let’s just dive right in. What if the data isn’t available to build a strong business case?

That’s a great question, and as you’ve seen in our example, there’s always some data somewhere and you do your best. So in our example, there’s some records across, and we’ve done a lot of work to pull them all together to quantify some things. There’s many data gathering methodologies that you can employ, you could collect forward.

So you could start a structured data collection going forward, run it for a month, extrapolate from that, you could do interviews looking back and get some estimates and extrapolate. I think it’s frequent that data isn’t easily available, easily accessible, and sometimes it’s not even collected, but there’s always a strategy or a way to get it. And even if you’re guessing, even if you’re estimating by doing, let’s say a data collection forward for a month and extrapolating that is still sound and it is a better business case than going into it without data and just claiming we’ll have a safer environment if we do those things.