Skip to main content

In accordance with the Law on Private Security, it is mandated to conduct a risk assessment for the protection of individuals, property, and business operations, as well as to develop a Security Plan.

Risk assessment for the protection of individuals, property, and business operations represents a fundamental and strategic activity in the process of establishing an effective security system. Through this process, threats and hazards to the organization’s functioning are identified, providing concrete guidance and recommendations for the elimination and minimization of identified risks. In accordance with the Law on Private Security (“Official Gazette of the Republic of Serbia”, no. 104/2013, 42/2015, and 87/2018), the mandatory creation of a risk assessment for the protection of individuals, property, and business operations, as well as the development of a security plan, is defined. These documents serve as the basis for planning, installing, and using technical security systems, representing the first step in aligning businesses with the Law on personal data protection/GDPR.

Practically, this means that the use of technical security systems (video surveillance, alarms, access control, EAS, GPS, etc.) is not permitted unless they are specified in the risk assessment and security plan. Therefore, such systems without a risk assessment cannot function appropriately as they are not compliant with the law, posing a risk to users by unauthorized recording, profiling, and data collection of employees, clients, visitors, and third parties.

The risk assessment is a mandatory systemic document of strategic importance that analyzes multiple hazard groups according to the adopted standard SRPS A.L2.003. The security plan is the treatment, or defined handling of identified risks, containing a plan for technical protection with sketches and drawings of installed security systems or those yet to be installed.

Without the implementation of a risk assessment and security plan, the installation and use of technical security systems are not legal processes, and the legislator has stipulated high penalties for organizations.

It is essential to note a significant legal obligation, which prohibits the installation of technical security systems of lesser scope than assessed and designed by a licensed company, a detail to be considered from the beginning of the project.

The risk assessment is conducted through several phases, covering the analysis of hazards in the following categories:

  • Risk assessment of general business activities;
  • Risk assessment for occupational health and safety;
  • Legal risk assessment;
  • Risk assessment for unlawful activities;
  • Fire risk assessment;
  • Risk assessment for natural disasters and other accidents;
  • Risk assessment for explosions;
  • Risk assessment for non-compliance with standards;
  • Environmental risk assessment;
  • HR risk assessment; 
  • Risk assessment in the field of information-communication-telecommunication (ICT) systems.

Before starting the risk assessment activities, we conduct an analysis of your organization to understand all requirements and potential collaboration opportunities. Subsequently, we define the complete project task. In addition to legal compliance, this project brings significant benefits in establishing corporate security as a crucial function for future business operations.

Contact us, and we will provide you with an overview of the legal obligations of businesses in the field of private security and a questionnaire to form a proposal for the development of a risk assessment file and accompanying documentation.