The Voluntary Principles on Security and Human Rights: Risk Assessment

The ability to assess accurately risks present in a Company’s operation environment is critical to the security of personnel. Local communities and assets; the success of the company’s short and long-term operations; and to the promotion and protection of human rights. In some circumstances, this is relatively simple; in other, it is important to obtain extensive background information from different sources; monitoring and adapting to changing, complex political, economic, law enforcement, military and social situations; and maintaining productive relations with local communities and government officials.

The quality of complicates risk assessments are largely dependent on the assembling of regularly updated, credible information from a broad range of perspectives – local and national governments, security firms, other companies, home governments, multilateral institutions, and civil society knowledgeable about local conditions. This information may be most effective when shared to the fullest extent possible (bearing in mind confidentiality considerations) between Companies, concerned civil society, and governments.

Bearing in mind these general principles, we recognize that accurate, effective risk assessments should consider the following factors:

  • Identification of security risks. Security risks can result from political, economic, civil or social factors. Moreover, certain personnel and assets may be at greater risk than others. Identification of security risks allows a Company to take measures to minimize risk and to assess whether Company actions may heighten risk.


  • Potential of violence. Depending on the environment, violence can be widespread or limited to particular regions, and it can develop with little or no warning. Civil society, home and host government representatives, and other sources should be consulted to identify risks presented by the potential for violence. Risk assessments should examine patterns of violence in areas of company operations for educational, predictive, and preventative purposes.


  • Human rights records. Risk assessments should consider the available human rights records of public security forces, paramilitaries, local and national law enforcement, as well as the reputation of private security. Awareness of past abuses and allegations can help Companies to avoid recurrences as well as to promote accountability. Also, identification of the capability of the above entities to respond to situations of violence in a lawful manner (i.e. consistent with the applicable international standards) allows Companies to develop appropriate measures in operating environments.


  • Rule of law. Risk Assessments should consider the local prosecuting authority and judiciary’s capacity to hold accountable those responsible for human rights abuses and for those responsible for violations of international humanitarian law in a manner that respects the rights of the accused.


  • Conflict analysis. Identification of and understanding the root causes nature of local conflicts, as well as the level of adherence to human rights and international humanitarian law standards by key actors, can be instructive for the development of strategies for managing relations between the Company, local communities, Company, Company employees and their unions, and host governments. Risk Assessments should also consider the potential for future conflicts.


Equipment transfers. Where Companies provide equipment (including lethal and non-lethal equipment) to public or private security, they should consider the risk of such transfers, any relevant export licensing requirements, and the feasibility of measures to mitigate foreseeable negative consequences, including adequate controls to prevent misappropriation or diversion of equipment which may lead to human rights abuses. In making risk assessments, companies should consider any relevant past incidents involving previous equipment transfers.