Risk management is critical in any organisation, designed to protect assets, people, and operations from emerging threats. Without it, our society would not be as safe.
With over 26 years in the field, I can confidently say that whilst our world continually evolves and different threats emerge, risk consultancy has not always kept pace. It often relies on traditional methods and mindsets that, though reliable, can be slow, rigid, and heavily reactive.
In today’s fast-paced security environment, relying on static risk assessments or conventional wisdom is no longer enough because this lack of dynamism can leave organisations exposed. What’s needed now are agile, forward-thinking solutions that can be adapted in real time.
Creativity may seem out of place in security but hear me out – I’m a big believer that creative thinking is underestimated in this industry and is a powerful tool for unlocking faster and more effective risk management outcomes. But what does creativity mean in this context, and why should those in risk management seek it out?
How creativity applies to risk management
When we launched The Keyholding Company’s consultancy division, TKC Consult, I wanted to establish a clear ethos from the outset – that creativity is a catalyst for dynamic, efficient risk management.
A traditional approach to risk consultancy certainly has its merits but it falls short when faced with today’s unpredictable and fast-evolving risk landscape. Organisations need more – they need adaptability, innovation, and foresight.
This is where creativity comes in. Despite what the word might suggest, creativity in risk consultancy is not about artistic expression; it’s about thinking beyond conventional frameworks and methodologies to reveal hidden risks and tackle vulnerabilities. It brings a proactive, innovative approach and fresh methodology to anticipate threats rather than simply react to them.
To be clear, creativity doesn’t replace established practices; it enhances them, building on the fundamentals with forward-thinking solutions. For instance, rather than relying on static risk data, a creative approach continuously adapts to new information so organisations can protect assets in real-time and improve security outcomes against both present and future risks.
Don’t be afraid to ask for some magic
Many reading this will be familiar with the lengthy, detailed reports that follow risk consultations. Over the years I’ve noticed three main challenges with this:
- Slow turnaround times: After extensive site risk assessments, the report itself can take a long time to produce.
- Overwhelming data: Reports may be comprehensive but often include data that’s not immediately actionable, leaving decision-makers without clear direction.
- Outdated information: Static assessments provide a snapshot of risk at a given moment which leaves organisations vulnerable to emerging risks like political unrest or sudden security threats due to outdated insights.
Conversations I’ve had with executives across industries reveal a common need that the above approach often misses: timely, actionable insights. Organisations should feel empowered to challenge their consultants to create some magic, asking, “How can we do this better? How can we be more creative?”.
The most effective risk management isn’t just about addressing visible threats—it’s about anticipating the ones you can’t see yet. That’s the level of foresight every organisation should expect from their consultants.
Creativity in action
The 2017 terror attack at Manchester Arena marked a turning point in security culture, sparking discussions about mandatory risk assessments. From this, a thought stayed with me – risk assessments need to be standardised, accessible, and scalable across portfolios. And crucially, the data from these risk assessments must be used meaningfully in real time.
As part of my Doctorate in Security Risk Management, my thesis asks if it’s possible to build a tool that empowers anyone – not just risk professionals – to produce a competent risk assessment report, addressing the growing demand to deliver risk assessments at scale.
This is brought to life through TKC’s Risk Management Tool (RMT). The technology combines in-person consultations with rapid digital site risk assessments. The RMT’s dynamic risk dashboards allow clients to analyse sites at a granular level and evaluate security measures to ensure correct outcomes.
Before the risk professionals among you cry in despair, I haven’t removed the requirement for expert knowledge and insight, I’ve front-loaded it so that the on-site input is digitally measured, weighed and analysed against it. I’ve deconstructed the process but the methodology still meets ALL standards and guidance – I’ve been creative!
What I find most rewarding though, is seeing security consultants extend their creativity beyond the RMT, translating insights into actionable solutions and bringing their expertise to interpret the, “so what”, behind the data.
When building the TKC Consult team, I deliberately looked for consultants with a keen interest in technology and backgrounds spanning extensive policing, military and commercial experience. Professionals in the team like Olly Rutt bring diverse skills, knowledge and creativity to the consultancy process, expertly layering creativity on top of the RMT to bring solutions that meet the client’s dual needs around business continuity and security.
A good example of this is our partnership with a Ministerial Department, where we used the RMT to enroll over 100 faith community sites in just two months, ensuring a swift roll out of protective measures. During recent civil unrest in the UK, there was an urgent need to scale this further, enrolling over 600 properties in just 10 days. This showcases how a creative, tech-driven approach can enable rapid, efficient risk assessments and solution design at scale.
Embracing creativity for better security outcomes
Creativity isn’t just theoretical anymore – this way of working has already proven its value. By combining technology with fresh, strategic thinking, clients can benefit from better, quicker security outcomes, adapting dynamically to any situation.
As threats evolve, so must risk strategies. The ability to pivot quickly, think outside the box and adjust based on real-time data and insights can make the difference between simply reacting to risks and being genuinely prepared.
That to me is magic.
Rachel Webb
Chief Commercial Officer