Episode #1: Security in Development
In this episode we're discussing security and duty of care within the aid and development sector and joining us is Wayne Rautenbach from Mott MacDonald. Listen as he shares his insight into the realities and challenges facing development organisations right along the delivery pipeline from donors to subcontractors operating in extreme risk countries.
Information about this episode and other industry news and insight can be found here on our blog, the Trubshaw Tribune. If you'd like to be kept up to date about future episodes, please subscribe to our newsletter.
Audio Transcription
[00:00:32] Sean: Wayne, thanks for coming on today. You're the Health, Safety, Security, and Wellbeing Manager for Mott's International Development business but you also have a ton of experience managing security in conflict areas. So, tell me, South Sudan, it's such a volatile place, what was it like transitioning from the field to corporate?
[00:00:51] Wayne: It’s been very difficult really, you know, when you're in the field, it's more hands-on and you've got more direct control over what's happening in your environment and how to safeguard and protect people. So, it moved from man guarding where I was providing the security to compounds and to people, and then the information that came from that pushing it out on a weekly basis to clients and then that slowly progressed into more of an intelligence role. Trying to get more information gathering because when I was working in South Sudan, we realized that we had this massive footprint and, so, we started collecting that data and helping clients to understand the threat environment and then that progressed into more of a security management role within the Japanese International Development Corporations, JICA, into managing their security and their personnel.
And so, you had the direct relationship with the country director, with the teams and analysing and seeing where we can move and fluctuating with triggers on how to reduce and increase accordingly and evacuation plans and security plans and journey management plans. So, that was a complete change from security man guarding into that role. And then stepping into Mott McDonald into the advisory role. It was very much a continuation of what I was doing in South Sudan. That wasn't much of an issue, but the headache came from budgets.
You think you're moving from where it's a set budget per year, and that's all you get into this corporate which is a multi-billion-pound company and you think that there's a limitless amount of money towards security and everybody's taking security so seriously, but it's actually not. Everything is budgeted. Everything has to go according to plan and in many circumstances, I was dealing with historical projects that had no budget for security and didn't understand the transition about security risk management and how this new field of security or of risk management in this industry is now pushing deeper, into the control measures of every project around the world. So, moving from a low-risk country into an extreme risk operating environment needed different control measures and different mentalities.
And so, the difficulty was, one, budgets, making sure that you actually understood, I understood, what was available at country, but then also the mentality of people. Because you had a lot of, very experienced development workers that have been doing this for 30, 40 years of their lives and they have this risk tolerance, like nobody else, but understanding that, and then bringing it down to the person who's just starting in their career, and showing them that actually there is a bigger risk than what is being portrayed and bringing everybody into the same level was very political and very difficult. And there was quite a bit of resistance in the beginning, but I think a lot of it's got to do with engaging with people and communication is where we overcame a lot of the barriers, communication, constant communication with people, showing them what it means and winning over those really hard, tough liners.
But fortunately, the new era of NGO workers are dealing with the Syria, the South Sudan, the Somalia, the Afghanistan that the changes of NGOs or international aid, not being the focus of attacks, to being the focus of attacks. So, the youth are starting to come more into a security risk management role. I say youth, but it's the younger generation of it, versus, you know, the guys and girls that are leaving their careers at the tail end. So that was a really tough side.
[00:04:23] Sean: That's really interesting. So, security management it's pretty new to the international development industry. Is that correct?
[00:04:30] Wayne: Yeah. I would say so. I would say everybody, like proper, qualified, and experienced, risk management, security risk management is new to the field. First-hand in South Sudan as you started to get there in 2010, 2011 when the whole world was pumping money in and there were NGOs running around everywhere really doing good work, but then coming back from the field, sick, being harassed, being locked up, being chastised for being there and then dealing with a lot of trauma. That was affecting the NGOs and then 2013 occurred with a big conflict which started in Juba and spread across the country and suddenly there was this big change. You started seeing a lot of experienced, qualified security managers coming into NGOs. The big boys like Oxfam, Save The Children, a lot of the European NGOs were starting to bring in professional security managers and agents. Risk management companies were being pushed into the country.
You saw security companies that were concentrating on man guarding shift towards security risk management and providing services to the NGO world. So, there was that big shifting in security management. And so yes, it is a new field, but the security professionalization is a new field, within the development sector.
[00:05:46] Sean: So really in the last 10 years since Syria, Yemen, South Sudan, those extreme risk countries, where there was this need for engagement and need for operations, where we've seen a necessity of improvement of security risk management.
[00:06:02] Wayne: Yeah. Yeah. And I think another catalyst to that was the NRC legal action that was taken in Sweden against NRC for failure of duty of care in Kenya where there was an abduction and a shooting of NGO workers and the courts found that the NRC had failed in their duty of care. And that was a big game changer within the international development world, even in corporate world, I think anybody working in international development shifted, I mean, I could say partly my role into Mott McDonald was part of that, you know, the legal liabilities and making sure that we are delivering Duty of Care properly. So, I think there's a combination of things, not just the conflict, but there were also the results of failing to really do correct security management or following security advisories properly and undertaking that role.
[00:06:53] Sean: So, Mott has operations all over the place in medium risk places and countries and high-risk countries and you guys will do a lot of the services yourselves, implementation yourself, then you'll also outsource and subcontract in. Give us a flavour of the differences in security management or the challenges that you face when you look at the internal versus the external.
[00:07:17] Wayne: I think it's very easy to fall into or have fallen into that trap of thinking that verbally, everyone can say, yes, we take duty of care seriously and we have all of our policies and procedures in place. I think that's been a learning curve for me for both internally and externally and so you start to look at the risk analysis of things. You start to see that when you subcontract work, your liability actually increases because a company like Mott McDonald is more the, so we're, bid principals, so we get awarded the bid and then we ultimately own the duty of care. So, anybody who subcontracts to Mott McDonald is under our duty of care, but every subcontractor has its own management structure and we're not there to manage it, but we are there to make sure that duty of care structure meets an international standard, but it also meets our standard so we can report back to the client saying X, Y, and Z is in place and this is the procedure that is being followed. I mean, we can't eradicate all the risks and eventually something's going to go wrong but if you don't look at that subcontractor and who that subcontractor is using to implement as well, because it gets diluted quite a bit, especially in South Sudan because of the lack of infrastructure. It's a country that really, you have to get a dissolved approach to managing or to implementing people and things. I mean, it's not just infrastructure, there's tribal issues and clan issues and all of these things come into play. So, it's how a project faces difficulty. I keep using South Sudan as an example, but it is a very good example.
And that being said, we found that we would be following all of these strict policies and procedures like curfew times, journey management plans, risk assessments before you go to the field. Accommodation assessments and then a quarterly review because of the risk rating of the country. When we looked at subcontractors, they weren't doing any of that. I mean, we started seeing, the amount of accidents that were happening or incidents of being shot at, pulled out of vehicles, getting stuck in ambushes. Everyone would say, oh, but these are nationals, this is their country, and they understand the dynamics. Well, it actually turned out that people didn't really understand the dynamics. There was afforded sort of a well you're paid do this, so you’ve got to go and do it, that kind of guilt forcing people into undertaking risky travel. And that was a learning curve for all of us, I think from the donor to Mott and the subcontractor is that if you don't have a proper control measure in place, people are going to get hurt and not just hurts, there's going to be fatalities. And then there's going to be interruptions to business delivery and a whole bunch of ramifications from that. So, we took it very seriously.
[00:10:10] Sean: When we first started speaking, you mentioned the difficulty and the politics came into Mott of bringing security and processes into Mott with the culture not being there. It must be quite difficult and quite a balancing act between, as you say, balancing your duty of care and not impinging on trying to micromanage your subcontractors. What's it like trying to get that right? Getting the most out of your subcontractors without actually going in with a long screwdriver yourself? Has that been difficult?
[00:10:41] Wayne: Yeah, absolutely. We tried in one project early on, to do assessments of every subcontractor’s security risk management policies. It turned out to be just a tick box exercise. I mean, subcontractors were giving all the right paperwork. Well, not all the right, but 70, 80% of the paperwork to say, look this is everything we've got. Journey management plan. We've got a communications plan, blah, blah, blah, everything in place. But when accidents happen or incidents happen and we did a little bit of probing. We didn't do much, but we did a bit of probing to find out what was going on. It turned out there was absolutely no adherence to any of the policies and procedures by the subcontractor specifically to that incident.
So that just meant that there was a complete failure and a breakdown of things and the liabilities on duty of care were increasing for Mott. So, we had to do something to, firstly, engage with the subcontractors to say, right, your policies, aren't working for you. How do we fix this? We need to up your game. And a lot of the pushback that came back was we just don't have the budget. We just don't have the money. We don't have the resources to apply to this level of what you're asking of us. And then we don't have the people capacity to implement this because nobody's been trained in it.
So, it's one thing to say, all these documents are there, follow these procedures, but there was nobody in these NGOs or subcontractors to actually take what was written and implement it. It was just seen as what is this? We don't even know what this is. Yeah. To actually one or two people would bring in agencies would bring in somebody that had some experience somewhere along the line of an operations, and then they would try to implement it but there was real failure in the implementation of documentation or policies and procedures.
[00:12:36] Sean: And could you notice a difference between the organizations that were taking it seriously? Because surely there must have been one or two subcontractors who actually were implementing what they should have been implementing. Could you notice the difference between the programmatic output of those guys and the organizations that weren't managing their security risk properly?
[00:12:58] Wayne: Yeah, absolutely. We saw, without naming them, in the history of it, we've done some checks on these guys and those ones that were really performing well, never had any accidents or incidents when we did a full review those were the guys that were performing and were actually implementing their policies and procedures. They had professional security person in place, and they also had a professional security team in their headquarters monitoring and managing them. So, it was a proper, granular management system in place. It wasn't just you're in the field here's the security person off you go type of thing. It was really coordinated from the head offices down to the field, regular meetings, regular check-ups, that kind of information being done. The other ones that didn't have any performance, you could clearly see that it was no training, no understanding of security. Just given that label you will, you were raised in that area, you know the circumstances and the security that goes with that so the decision for you to travel or not travel, for you to go and do your work is entirely up to you. So that really didn't help anything.
[00:14:09] I think we've gone a little bit too far. I just want to go back a little bit. Part of the duty of care is to provide information to everybody, valid information, timely information so we used a local security company, risk management company, for instance, in South Sudan giving us daily reports of incidents that are occurring, plotting it on maps, giving us a risk rating of what is going on. But like I said, this was just being distributed to the subcontractor. So, Mott is fulfilling its duty of care, providing timely information, but the subcontractor didn't know how to interpret this information or did know, but disregarded it. Did know, took action, but never, ever reported on the action that they took. So, nobody knew exactly how, risk or security was being managed in the field. And that's where the biggest risk is. It's not sitting in Juba or sitting in the capital city of Kiev at the moment, for instance, if you took Ukraine, that's no longer the epicentre of the risk. It's more in the field and so you have to dilute it and actually focus where it's needed, and that interpretation of information was not being shared and not being managed by subcontractors. And we kind of felt like all we were being is Royal mail, receiving information, giving it out and for them to interpret and put into practice. And so, you started to see difficulties in reaching their outputs, difficulties in keeping control of their assets, so where the people are physically. And then we started to see an increasing of accidents or incidents occurring. And so, we had to look at how to fix that and we created that mentoring program, which was also based on some historical reports written by some people way smarter than me, around focusing your budget where it's needed, not focusing it back in a capital city. I mean, so it was really about, how do we get it to the field? How do we get where the accident is actually happening? Where the issue is. Getting them to understand the security. How do we mentor them and bring them up to a level of better understanding?
[00:16:21] Sean: I suppose it's quite difficult. I mean, I like the term epicentre of the risks there, Cambridge is not the epicentre of the risk, but when you're looking at the devolution of security management decisions to where the epicentres are in the field, that's quite a difficult thing because there's so many levels below you, coming from, where it's first conceived, differed in London to you guys, and then through your program, the country, the subcontractor management sitting, say, in Juba then to the state capitals and then really into the field where you're talking about and that real decision of what is our process for deciding whether we should take this journey or not take this journey. And what is the process for telling Mott McDonald that we can't make this journey, or we can't fulfil this commitment? So that devolution of security management decision I think is really, you hit on quite a nugget. What do you think the challenges are moving forward? Because I think this will be a moving target, the entire time. What are the challenges? Where do you see the future in this?
[00:17:22] Wayne: I think you said it early on, about Mott working across the different diverse risk operational contexts, some extreme down to low risk. I think the key message is actually setting your risk tolerance as an organisation. If you've got that risk tolerance there, well then you definitely have a way to measure what is acceptable and what is not acceptable and what level of approvals you need to go to if something is above that level. So, you might have a low risk tolerance, or you may have very high-risk tolerance, but as long as you've set that, then you can start to manage and put the policies and procedures in place. I think one of the key messages or the key frustrations we have is if we're not implementing directly, we've got no control over the staff and if you've got no control over your staff, you have a frequent turnover of staff. South Sudan, we go back to it, a very, very difficult environment to work in for anybody, whether you're a national or regional or an international.
It's the disease, there's the food, the stress, and it all builds up on people. So, there's a very high turnover of staff. So, you might build your capacity up and it just takes one person to leave. You have to start again because there's no follow-up, there's no mentoring, there's no capacity building within those subcontractors.
Whereas a big organisation, for instance, like Save The Children or Oxfam, they can come in and they do the implementation themselves and they control what's going on. Their staff turnover, they've got mentoring programs, et cetera in place. But I think they have the same frustrations or similar issues around subcontracting work, that high turnover and that different risk tolerance understanding. So, for us, we set the risk tolerance and then we monitor it from there and we ask that everybody adheres to that risk tolerance.
[00:19:14] Sean: So, in terms of subcontracting, give us a flavour of some of the difficulty that these smaller organizations are running to in the field, I mean, South Sudan, is a very violent place. When things are going wrong for them, paint us a picture. What does that look like?
[00:19:31] Wayne: Again, I mean, different regions of the country have different I would say intensity of events happening, but across the country, very violent issues. So, a lot of it is, understanding the really granular, threats environment, like what is happening in what they call Payams, which we would call maybe a little county here in the UK, in their vicinity. What's happening in that dynamic? Can I go down this road? Can I go down that road? Has there been some cattle pushed in? Has there been a inter village attack? Has there been a major ethnic attack in the area? So that all expands and compounds the threat to somebody wanting to just go visit a school, for instance, to do an assessment of what's going on there, or go to deliver an agricultural project because there's this dynamic of threat. You are seen as a foreigner going into that area. You're a threat to obviously the perpetrator, but you're also a threat to the locals who are now defending themselves. So, there's that communication issue. There is often a lack of ability to communicate. You can't just cell phone because the towers don't work or there's a breakdown of services.
The weather, the inclement weather that comes in that, you know, certain times of the year, the whole country is pretty much a swamp. You are stuck to main arterial roads, which are maintained by the UN or WFP and, if you go off those things, it's almost impossible to get anywhere. So, a very tedious, tough time for them. They experience the violent shooting that happen, the marauding villagers, that they have to deal with. And, being of the same tribe, but of a different clan puts everybody at risk, puts themselves at risk because there can be a very much a clan issue than more of a tribal or an inter-tribal issue to deal with And there's just such a proliferation of weaponry in the country that, it's no longer a negotiation to try and get yourself out of things, it’s really just how the person wielding the weapon feels on the day, whether you survive or don't survive.
That's pretty much what's coming through the pipeline, on incidents that are occurring there. You know, first-hand experience, the build up to 2013 was horrific and that was in a capital city and then how it exploded into the country was another issue. so, the security approach of people is definitely one of, understanding their resilience and their capability to withstand what's going on. But I think there's so much trauma from every incident that's occurred that people's risk tolerances start to increase and increase and increase and they think, ah, well, you know, somebody got shot down in two villages down. That's okay. It doesn't affect us. We're over here. But actually, in reality if you're new and you rock up into that area, somebody getting shot two villages down that's a big threat. That means there's an armed actor in the area and you need to start looking at what is my security policy. What are my protocols in place? Do I need to start looking at moving people out? Do I start looking at restricting travel down to that road? But so many instances we see that there's just that risk tolerance is just increased so much that there's no explanation for it and then people take unnecessary risks in getting hurt.
And now there's also this added pressure of, or you're not delivering. What people are failing to do is if you can't deliver because of a security issue, it just needs to be recorded and reported so that people can adjust because every donor understands and doesn't want injury. We definitely have Mott McDonald's policy of do no harm. So we really don't want our subcontractors taking unnecessary risk that put themselves at harm, but we do require, because we have to answer to the donor, how come, we're a little bit behind on delivering in this section. The evidence is there on incidents, but the evidence on actions taken hasn't been in place in the past.
[00:23:21] Sean: That's really interesting. There are quite a few things to unpack there. So, one, where you've got that boiling frog, a new theory of the local subcontractor being in place for so long that just stops seeing the risk and that's where, when you have the institutionalized frameworks and risk tolerances that have been defined and processes that have been defined that guards against that quite a bit. But interestingly, the flip side is that you can have that in place, but it must also be difficult for the Mott MacDonald manager coming in. So hypothetically, say the Mott MacDonald program manager their previous job may have been in say Zambia doing a water project or an education project. And now they come into South Sudan and all of a sudden, they have to manage subcontractors who aren't delivering because of a perceived risk that may or may not have occurred tomorrow. So that integration of security and programmatic decision-making, that must have its challenges for Mott itself.
[00:24:24] Wayne: Yeah, absolutely. Absolutely. People with no understanding of the context and the difficulties of the working environment can often push too hard and get resistance from subcontractors and resistance from their own teams. But sometimes they can push a little bit and get results pretty quickly. But I think the key thing is understanding context and that's where we do quite a lot of work around training of the environment. but also, security briefings, bringing people on board. It's not just a direct handover, in you go, this is what you're going to do. Because of the wealth of experience in the company there's a lot of people to talk to and mentor and get information about before being deployed into these areas. Because of the environment, I think I said earlier, it's a really tough environment and you do get staff turnover, and, for health and mental health and wellbeing purposes, we have to look at rotating people out over long projects. To be stuck in South Sudan for say a six year project, it's detrimental to an international's physical and mental health. So, we have to work them through. And a lot of it is also about bringing national staff up, to lead on and take on those roles. So, there is that way of proceeding, and working with experienced teams to manage that.
I think the biggest issue that we've really had on the field and with subcontractors is not about resistance or not wanting to fulfil their duties. It's just more about capacity and of course their own budgets. Because as you start to dilute your subcontractors, the less money goes down. And then they're also pushed cause they're taking the percentage of the day for this project and a percentage of the day for that project and getting their buy-in. But you know, on the security side of things, it benefits all projects. And that's what we're trying to push across is that if you do this right for Mott, you're going to do this right for everybody, and that's going to help you get bigger projects, bigger budgets.
[00:26:23] Sean: And another contract from Mott again in the future because you are a trusted operator. I would imagine.
[00:26:28] Wayne: Yes. Absolutely, absolutely. I mean, that's a key factor. We, you know, we've seen it in a few bids that have come through. Choosing the cream of the crop to work with, good reliable understandings while the other ones are developing and coming up to speed. So that gives them more opportunities in that respect.
So, I think that's been some of the difficulty Sean on that program management role within subcontractors and within your own staff, not knowing the context of where they're working, and the stresses of people, because I think at the end of the day, the mental health side of things, from the trauma of a country like South Sudan or Yemen and Somalia, Afghanistan, all these places. Everybody's been exposed to some sort of trauma and if you don't understand how to work with that, you going to get resistance, you going to get conflict. So, it's really much of a balancing act. It's not an easy task for anybody out there anymore. And then you get seen as the foreigner, the person coming to steal jobs. If you're an international you're seen as the perceived person of wealth, so you're targeted more for crime.
And you also get dragged into the politics of the country. You didn't help us when we needed you here, but you helped them when they needed you there. So, you get drawn into these kinds of politics and it's a really, really tough way to manage. But I think there's so much leaps and bounds being done in this regard like community liaisons and environmental impact studies, et cetera, that we're getting a better hold of managing that.
[00:27:54] Sean: When we're talking about the actual security management of subcontractors but also of the program staff that's almost the second act. It starts way before that, doesn't it? In terms of the security decision-making. Surely, it's almost starts right at the bid phase and the initial engagement with the donors and the thought from the donors of we're operating in such a high risk country we need to bake this into the whole plan. Is that a trend or has that always been there? What's that like?
[00:28:28] Wayne: Hmm. Controversial question. To be, straight, um, in my, past five years at corporate level having to deal with bids. It has not been at the forefront of bids and it hasn't been thoroughly thought out by donors either. They have a perception of what is needed, and when it comes to the reality of what's needed there's a difference in manpower, budget and control measures. So, every donor says duty of care is with you and you have to submit in your proposal, how you're going to do it.
Who's assessing that, we don't know. How it's being assessed, we don't know. And on the other side of the coin, you get stuck with, this is a price fixed bid, so many circumstances we still have this culture in every organization is that the first thing to get cut is the security budget. And certainly, that's how it feels, because if you start to look at when you put in a proposal of a gold, silver, bronze approach to the security risk management, almost every time the bronze situation is chosen because it's the lowest budget because everyone's scared of over budgeting on their bid. And so, on bids, we're not seeing that, silo-ing of this is the technical, this is your operational, and this is your duty of care approach from donors. And if we could get that, you can start to see who's in the ballpark of risk tolerance, because if you're going to South Sudan and you're having to just work in Juba. Okay, we can understand there's going to be a smaller budget requirement for security, but if you're going to go into South Sudan and you're going to start working in every single province in the country, your risk exposure explodes. And so, managing that and traveling to and from that is going to be very difficult and getting the right people in place to manage that is tough.
Everyone says yeah, but you're going to get a subcontractor to do it, but the subcontractor also needs training. They also need development. They also need some sort of standard to work to. And if you don't have that budgeted well, you're going to get lost.
[00:30:34] Sean: Yeah, absolutely that's really interesting. So, you you're telling me that you can quite clearly see that when a subcontractor or an implementing partner is managing their security risk in the field, that has a direct knock-on to their performance in implementation. That's quite a clear relationship. And you're saying also that, one of the key challenges for implement partners and subcontractors comes down to budget and capacity. Budget and capacity. If they had more money, had more time, they'd be able to do more and be better at it. And then what we're saying is really what it comes down to is kind of sitting at the top of the pyramid is the donor and whether they have actually done their assessments correctly, their appraisal of the situation, allocated enough budget to it. But not only that, I would imagine that if you're operating in such a volatile area, like South Sudan, what you're assessing the situation to be in, say in 2012 and you're putting in a five-year contract that runs up 2016, 2017. And all of a sudden the risk that we know in South Sudan from 2012 to 2017 or 2016 was almost exponential, but you're having to deal with it on the same budget. So really you kind of need all people in the party coming together to understand if we're going to be working in these extreme risks, we actually need the thought, the proper security decision-making and analysis and programmatic approach. It all starts with the donor. It's a bitter pill, but it's, it's interesting. It's really really interesting.
[00:32:14] Wayne: Yeah. And it's not laying the blame at the donor. It's just working with the donor. We need more communication between the two when doing a budget. Yes, there is a slippery slope you could be saying, oh, but you can over budget on your security and then use it for other things. But you can't on donors. You have to explain exactly where all your money is. So, if you're not using it, it stays with the donor. So, there's those kinds of aspects to it. And I think everyone would say, yeah, but what you just described Sean is risk management, is foreseeing the risks.
Security is dealing with the threats and the threat actors. And one day the threat actor doesn't have the capability to make a massive impact on your project, but then suddenly there's funding and training from an external factor that creates this threat actor and its capability and then it changes the dynamic and then the impact, obviously going to be a much more on your project.
I digress a little bit, but it's just how do we, as security managers, explain that in a bid? How do we explain that to our teams in the field? And that's the key thing around going back to that risk tolerances, that when you start to see too many incidents happening in a certain capacity of time, that you have to take an action and you have to reduce your exposure and manage it and filter that down and report it to your donor.
This is why we're doing this and we foresee a delay in this area, which could affect, obviously the bottom line, but you have to, then when that decreases, you have to be able to catch up quickly, respond and recover as quickly as possible, from these kinds of things. So, yeah, it's a balancing act of risk management, security risk management, and the overall people management, in that regard, because you can push people as hard as you want but at the end of the day, if they're burnt out, they're not going to deliver. It's going to cause more issues for you.
[00:34:12] Sean: Absolutely. Absolutely. We've covered quite a lot of ground on the topic. It'd be quite interesting in conclusion, where do you think the next step in development of improving the security duty of care in the development industry is? What is the next frontier? What do we need to solve?
I mean all organizations are doing things slightly differently, but just broadly.
[00:34:39] Wayne: Well, I think with the increasing amount of NGOs and development workers being directly targeted and killed across the globe we're seeing that change in risk management, security management, coming to the forte. A lot of work has been done in the background with training and understanding of your risk environments, et cetera, for those with access to internet and obviously access to English language. But what I would like to see is within NGOs and the development world is actually that career path being made for security management.
We've moved from just giving somebody the hat, saying you're operations and security with no experience now to, right, you're going to do it, but we're going to give you this training. And on this training you have to deliver, and this is your job role. So, every company or every organization needs to be looking that route. That sounds selfish to say, oh, I'm security manager I want to see some more security managers, but if you want to start reducing impact to your people and you want to start seeing better delivery, you've got to have the right skills in place to understand the changing dynamics, and the threat environment and have somebody to turn to help you get you through that interruption, quicker. It doesn't mean that you have to go and import GI Joe from the States to come and be your security manager, but it does mean that you have to have somebody trained and in place to follow and implement your policies and procedures.
That what I would like to see. And I think that's the key factor around delivery of projects, but also the reduction in, serious incidents and, harm to people. Because I think at the end of the day also, we say, oh, we're going there to develop, we're coming to develop this area, but there's impacts to that. There are negative impacts from that. You're putting people into harm's way, but you're also driving a wedge into the status quo of what's going on in that area. And so, the environmental impact is very serious and to understand that and how to work in that I think that's where security risk management comes into play and specifically security risk management, not just risk management.
[00:36:51] Sean: Fascinating.
[00:36:52] Wayne: That's where we have to get to.
[00:36:54] Sean: Great. Wayne, thank you so much for your time. really enjoyed the conversation and look forward to having you back.
[00:36:59] Wayne: Thanks, Sean.
[00:37:00] Sean: Well, that's the end of our episode for today. Thank you very much for listening.