Home » Protection Manual for Human Rights Defenders » Chapter 6: Preparing a security strategy and plan.

Drafting a security plan

‹ Expanding your work space: Increasing deterrence and dissuasionupCoping with security challenges: Step by step security management ›

It should not be difficult to draft a security plan. Here is a process in just a few steps:

1.The components of the plan. A security plan is aimed at reducing your risk. It will therefore have at least three objectives, based on your risk assessment:

  • Reducing the level of threat you are experiencing;
  • Reducing your vulnerabilities;
  • Enhancing your capacities.

It could be useful if your security plan also includes:

  • Preventive plans or protocols, to ensure routine work is done within security standards, for example, how to prepare a public allegation or a visit to a remote area;
  • Emergency plans for dealing with specific problems, for example, a detention or a disappearance.

2. Responsibilities and resources for implementing the plan. To ensure that the plan is implemented, security routines must be integrated into daily work activities:

  • Include context assessment and security points routinely in your agendas;
  • Register and analyse security incidents;
  • Allocate responsibilities;
  • Allocate resources, i.e. time and funds, for security.

3. Drafting the plan - how to begin. If you have done a risk assessment for a defender or organisation, you might have a long list of vulnerabilities, several kinds of threats and a number of capacities. You can’t realistically cover everything at the same time. So where to begin? It’s very easy:

  • Select a few threats. Prioritise the threats you have listed, be it actual or potential ones, using one of these criteria: The most serious threat - clear death threats, for example; OR the most probable and serious threat - if organisations similar to yours have been attacked, that is a clear potential threat for you; OR the threat which corresponds most with your vulnerabilities - because you are more at risk of that specific threat.
  • List the vulnerabilities you have which correspond with the threats you have listed. These vulnerabilities should be addressed first, but remember that not all vulnerabilities correspond with all threats. For example, if you receive a death threat, it may not be very useful to start securing the cupboards in your office in the city centre (unless you can be easily attacked in the office, which is usually not the case). It may be more useful to reduce your exposure while commuting from home to the office or on weekends. Securing the cupboards isn’t unimportant, but that in itself probably won’t reduce your vulnerability to the death threat.
  • List the capacities you have which correspond with the threats you have listed.

You are now in a position to address the selected threats, vulnerabilities and capacities in your security plan, and can be reasonably sure that you will be able to reduce your risk from the right starting point.

Please note that this is an ad hoc way of drafting a security plan. There are more “formal” ways to do it, but this method is straightforward and makes sure you take care of the most urgent security issues - provided your risk assessment is correct - and end up with an “alive” and “real” plan at the end, and that’s the important part of security.

»