A key challenge in any ESG or sustainability practice is ensuring that corporate and on-the-ground teams are aligned, operating towards a common vision. This challenge can be particularly complex in the application of responsible practices to security structures and arrangements. However, it is possible to overcome, and doing so successfully will be a key achievement for security teams.

The challenge

Security is a significant area of exposure to ESG risk. Organisations can face complex security challenges because of their ESG performance: businesses that pollute the environment or have poor relationships with communities or workforces can face a backlash. Equally, security teams that do not act responsibly may have security personnel or measures that have adverse outward impacts.

Mining Security

Understanding and addressing this exposure is difficult, and some issues may not translate between corporate and project-levels. Corporate teams may not have adequate exposure to the day-to-day realities of the operating environment or understand warning signs that are escalated. Project-level teams may not feel comfortable escalating thornier security concerns or want interference with the practicalities of their work. Misalignment between these teams – and the resultant discord between policy and practice – can have severe consequences, including operational disruption, reputational damage, heightened security risks, or human rights violations.

On-the ground to corporate and back again

In corporate environments, ensuring responsible behaviours in security is critical to ensuring reputational integrity, managing stakeholder expectations, complying with the law, and in some cases, fulfilling funding requirements. Corporate personnel may draft relevant organisation-wide policy, engage with stakeholders on ESG performance, lead on relevant communications, and ultimately be held responsible for improper behaviour.

On-the-ground security managers should develop responsible security programmes because responsible and effective security are one in the same. Organisations that operate responsibly can reduce their security risk exposure; at the same time, when frontline security personnel have a secure working environment themselves, they are better engaged and motivated to perform their work. Security managers will ensure appropriate procurement and onboarding of security goods and services, train guards on rules on the use of force and initiatives like the Voluntary Principles on Security and Human Rights (VPSHRs), ensure that security personnel have suitable working conditions, and foster appropriate relationships with the public security forces.


To ensure alignment across these audiences, businesses need to ensure that corporate teams understand the symbiotic relationship between ESG and security and articulate this connection to regional teams clearly and pertinently. They should consider the best way to do this, through trainings, communications, or policies, within their specific organisational structure and culture. A security and human rights training based on corporate policy, for instance, will be more effective if illustrated with examples of local dilemmas that are discussed practically. Policy and procedure should align with the businesses’ overall values while being realistic and adaptable locally: consider the language, culture, and feasibility of what is being asked of your project sites. Ideally, policy and procedure should be developed collaboratively with the operations to which they will apply.


There should be clear assurance mechanisms to ensure policy is being applied correctly. Project sites should be aware of how they are being measured and data, including health and safety or security incident statistics, training records, and points which measure compliance with policy, must be collected consistently and transparently. When site-level data is gathered, corporate teams should have the context – including relevant local knowledge, norms, and trends – to understand it.

Things will not always go perfectly. Security teams at project sites should have effective ways of escalating issues to the corporate level for support and must feel able to do so without fearing repercussions. Corporate culture needs to foster transparency and reporting mechanisms should support those that raise concerns.

Inclusion amid the COVID-19 pandemic

Travel and working restrictions related to the COVID-19 pandemic have exacerbated many companies’ pre-existing struggle to align corporate and on-the-ground teams. In many cases, there have been multiple years with a lack of face-to-face contact between these groups, leaving issues misunderstood or unaddressed. Throughout the pandemic, Control Risks has seen cases where local ESG issues have spiralled into large security and reputational risks because of a lack of oversight and misalignment between policy and practice. When it is appropriate to travel again, organisations need to consider this within the context of implementing their responsible business visions. Travel needs to go both ways, to and from headquarters, to ensure that culture and values and shared across the organisation.

Consideration within the project lifecycle

Finally, businesses should be challenged to consider sustainable security as early as possible, and throughout, the project lifecycle. An organisation may have applicable corporate policies but these will need to be adapted to the local context. Issues like land resettlement can taint a project from the start or be inherited as a legacy risk, while different phases of a project can mean new challenges. The ability to minimise impact, manage expectations, and establish solid security foundations will evolve in line with the project concept and footprint, and will speak volumes about the organisation at all levels.

Case study

These concepts are particularly evident in the mining sector. Mining organisations have historically faced a wide range of security risks that are linked to their actual or perceived environmental or social performance. On the other hand, there are numerous active cases of mining companies facing human rights allegations and legal action due to improper behaviours of frontline security personnel, acting in contradiction to corporate security policy.

Control Risks has recently assisted a client, a mining major, with assessing project-level security risks and impacts related to artisanal miners and implementing mitigation strategies that protect the client while not incurring an adverse impact on these groups. This considered how to establish a security structure that accounts for the protection of human rights in the specific environment and in line with corporate policy. We have also recently developed group-wide security and human rights policies for another mining client. This helped the client to set global expectations and guidelines for these topics while allowing for local application.

Get in touch

Can our experts help you?