In an increasingly uncertain world, international non-governmental organisations (INGOs) face an array of challenges that can disrupt operations, endanger staff, and undermine trust. Security and risk management are no longer optional but integral to sustainable operations. For INGOs without dedicated security roles, building a robust culture of safety and resilience can seem like a daunting task. However, starting small and working systematically can establish the foundation for a global security and risk management culture that protects people and programmes alike.

Leadership is the starting point for any meaningful cultural shift. Security and risk management cannot thrive without clear support from senior figures who recognise its value. Leaders need to champion the cause, not only as a moral responsibility to their staff but also as a practical necessity to ensure uninterrupted operations. Without a strong commitment from the top, even the most well-intentioned initiatives risk losing momentum. Educating leadership teams on the risks of neglecting security is a critical first step. This includes outlining potential consequences such as harm to personnel, legal liabilities, reputational damage, and operational disruption. By embedding security into strategic discussions, organisations can make it a priority rather than an afterthought.

Establishing a basic framework for security and risk management is essential, even if the organisation lacks a dedicated team or budget. This framework should articulate the organisation’s principles, define roles and responsibilities, and outline processes for assessing and managing risks. For instance, country directors or programme managers can take on security oversight as part of their existing roles. Clarity about who is responsible for what ensures accountability and prevents security from being overlooked. Using publicly available resources, such as the Core Humanitarian Standard or guidelines from sector bodies like InterAction in the US, can provide a solid starting point for organisations building their frameworks from scratch.

A security culture flourishes when staff at all levels actively engage with the issue. A common misconception is that security is the sole domain of specialists. In reality, everyone in the organisation plays a role. Integrating security into day-to-day operations makes it a shared responsibility rather than an isolated function. Practical training, such as personal safety workshops or scenario-based exercises, can build staff confidence and foster a proactive attitude towards risk. In addition, regular communications—through newsletters, team meetings, or email updates—can keep security top of mind and ensure staff feel informed and involved.

For INGOs operating in complex and dynamic environments, identifying and addressing risks systematically is essential. Fieldwork, for example, often presents significant safety challenges, ranging from natural disasters and travel-related incidents to political instability. Digital risks, such as cyberattacks or data breaches, are another growing concern for organisations handling sensitive information. Operational risks, including theft or fraud, also threaten an organisation’s ability to fulfil its mission. To tackle these risks, INGOs should conduct regular assessments to identify vulnerabilities and implement practical mitigation measures. Simple actions, such as ensuring field teams have emergency contact cards or introducing secure communication channels, can make a significant difference.

One of the most critical components of a security culture is an effective incident response plan. Organisations without dedicated security personnel can still establish clear procedures for managing crises. Knowing how to respond to an emergency—whether a medical situation, a security breach, or a natural disaster—can prevent chaos and reduce harm. Staff should be trained to understand their roles in such scenarios and know exactly who to contact and what steps to follow. Organisations must also establish clear protocols for escalating incidents to leadership or external partners when necessary.

Technology can play a transformative role in enhancing security, even for organisations with limited budgets. Tools like GPS-enabled apps for tracking fieldworkers or secure messaging platforms can improve safety and communication. For example, apps such as What3Words enable precise location sharing in emergencies, while basic cybersecurity measures like multi-factor authentication and antivirus software can reduce the risk of digital threats. However, technology should complement, not replace, human judgement. It is important to ensure that any tools introduced are accessible, user-friendly, and appropriate for the contexts in which they will be used.

Collaboration is another powerful tool for INGOs developing their security practices. Organisations do not need to work in isolation. Sector networks and peer organisations often have valuable resources, training opportunities, and lessons learned from their own experiences. Joining groups such as the International NGO Safety Organisation (INSO) can provide access to expert advice and shared insights. Partnerships with organisations that have more advanced security systems can also offer mentorship and support.

As INGOs begin to embed a security and risk management culture, measuring progress becomes essential to sustaining momentum. Setting clear goals, such as training staff in security awareness or conducting risk assessments in priority regions, allows organisations to track their achievements and identify gaps. Regular reviews of security practices ensure that policies remain relevant and effective, while feedback from staff provides invaluable insights into what works and what needs improvement.

For organisations starting from scratch, building a global security culture may feel like a significant undertaking. However, the benefits far outweigh the initial investment. A proactive approach to security and risk management not only protects staff and programmes but also strengthens stakeholder confidence and organisational resilience.

At Sure Compass, we are committed to supporting INGOs at every stage of this journey. By working together to prioritise safety and accountability, we can create a world where organisations can deliver their vital work with confidence, no matter the challenges they face.