In What the Defendant Can Do Wrong, security management and risk management expert witness Ira Somerson, BCFE, CPP, CSC, writes on inherent risks.
When you ask someone what is the primary risk in a convenience store operation, the usual answer is “robbery.” Others may say shoplifting, but from the point of view of criticality and the potential for violence and/or loss of intrinsic assets, robbery would be the likely choice. Some will argue that not all convenience stores are equally vulnerable to robbery. This is true. But the fact remains that its basic operation (without adequate deterrents) makes it uniquely vulnerable to this particular crime.
Although a bar and night club may also be vulnerable to a robbery, the same response in this environment would probably be “aggravated or simple assault” (fighting). A department store? Shoplifting. A parking lot? That would depend upon where the parking lot was, but usually theft of or from auto. A high-rise residential building? burglary and/or various assaults. These examples are generalizations that require far more study, but explain why risk assessment is strategic in developing a security program. A security program should never be developed solely on the basis of anecdotal or experiential instincts. But they should be included in the risk assessment paradigm.