Over the last year, the ICRC’s Security & Crisis Management Support (SCMS) Unit has spearheaded an innovative initiative – in collaboration with the Diversity & Inclusion Unit and the HR Department – to deliver more personalized risk assessments for individual staff members. The initiative, supported by the Innovation Facilitation Team, aims to adapt the ICRC’s security management to current gaps and future needs, which will in turn serve to better protect staff wherever—and whoever—they are.

To begin, the six-month project researched a person-centered approach for the ICRC’s Security and Safety Risk Management methodology. The idea was to better integrate the diverse personal profiles of staff within the multitude of context-specific risks in order to better identify the necessary mitigation measures that would ensure that the resulting level of risk is acceptable for everyone.

“Guidance on assessing profile-specific risks at the field level is currently being integrated into training for managers,” says Jean-Philippe Kiehl, Deputy Head of the SCMS Unit, “while a new page on the person-centered approach has been created on the internal Security Wiki”. The page comes packed with resources and information that enable staff to assess what risks they might face without being forced to reveal any personal information they might prefer to keep private.

While the project’s origins are in operational security, there are hopes that the project’s transversal findings might prove useful across the Institution. “We came at this from the angle of wanting to systematize and mainstream the individual dimension into our security and safety risk assessments,” says Kiehl.

It’s an ambition that Annika Norlin, Global Head of Diversity and Inclusion, was ready to support. “When people come to work for the ICRC today, they come with different expectations than in the past. People are calling for greater recognition of their identities, they want to be recognized and valued for who they are.”

A Collaboration

A person-centered approach is actually very simple, as Project Officer Pegah Rajabi explains: “It is a recognition that we can’t manage the security of all staff in the exact same way; different people have different profiles and those profiles are subject to different risks.”

The initiative focused on key elements of security risk management: risk assessment, data collection, informed consent and individual security, deployment constraints, and training. “We took these five components and looked at the practices and policies we had, and tried to apply a person-centered approach to them,” says Rajabi. “The most fundamental among these is risk assessment, which is the foundation for everything else,” she says.

An initial bilingual survey was conducted in French and English via the ICRC’s Red Pulse intranet to identify needs, asking how staff felt their security was being managed, where any shortcomings were, and how things might be improved. From the start, “the aim was to co-design this initiative with ICRC staff,” Rajabi says.

The 312 responses were collated, and a series of 14 follow-up interviews conducted informing a report that includes a list of practical recommendations and next steps. The project recognized that improving access to information was crucial, and that the issues concerned are cross-cutting, going beyond just security.

“Security is not something that only concerns the SCMS Unit, it’s something that applies to all units and they need to mainstream this into their practice as well,” says Rajabi. “This is not a box-ticking exercise. There are real consequences if we don’t consider individuals within security risk management.”

Shared Ownership

The SCMS unit is striving to produce better information on profile-specific risks—for example those determined by gender choice, sexual orientation, or physical ability in different countries and contexts—by combining data on security incidents with personnel data already held by Human Resources.

Because person-centered security is a new approach, it can also be a sensitive topic. “Some humanitarian organizations have problems talking about these issues,” says Kiehl, who believes the initiative, “shows open-mindedness from all colleagues involved, from the Innovation Facilitation Team for funding it, to the D&I Unit and HR department colleagues who supported it.”

That crucial recognition of shared interests in better understanding the risks staff can face led to a shared ownership of the project, one that extends to staff themselves, not in the sense of abdicating responsibility but in involving them in the process of anticipating risk based on their own profiles.

“People are agents; they need to be engaged in this, not passive receivers of ICRC’s security management approach,” says Norlin. “As an employer, we must go the extra mile, which means going beyond the idea that ‘one size fits all’ if we are to achieve a more people-centered security management.”


For more information on this person-centered approach, check out this PODCAST from the Global Interagency Security Forum’s (GISF) new Inclusive Security Podcast Series. The linked episode features ICRC guest speakers, Pegah Rajabi and Jean-Philippe Kiehl.