Security for NGO and Humanitarian Workers: Risk Management in High-Risk and Conflict Environments

Attacks on humanitarian workers have increased globally for more than a decade. The Aid Worker Security Database, maintained by Humanitarian Outcomes, recorded 484 major attacks on aid workers in 2023, involving 399 aid workers killed, kidnapped, or wounded — figures that represent an increase on the previous year and a long-term trend of deteriorating security for the humanitarian sector.

The image of neutral, protected humanitarian workers operating in a zone of exemption from the violence around them has not reflected the reality of many operating environments for some time. Security planning for NGOs and humanitarian organisations requires the same professional rigour as security planning for any other sector operating in high-risk environments — with specific adaptations for the sector’s unique operating principles and constraints.

How the Humanitarian Security Context Differs

Mandate and operating environment. Unlike corporate travellers who can avoid the most dangerous locations, humanitarian organisations often have a mandate that requires them to be present in the areas of highest need, which frequently overlap with the areas of highest security risk. An INGO providing healthcare in active conflict zones, or an NGO conducting protection monitoring in areas controlled by armed groups, is operating in conditions that have no corporate equivalent.

Perceived neutrality. The humanitarian principles of humanity, neutrality, impartiality, and independence are designed to create a protective environment through broad acceptance by all parties to a conflict. This protective mechanism has weakened significantly as conflicts have proliferated, as the profile of armed actors has diversified, and as the politicisation of humanitarian operations has increased. Organisations cannot assume that their humanitarian identity provides protection in environments they have not specifically assessed.

Funding and resource constraints. Security investment competes for resources with programme delivery. The pressure to maximise programme spend and minimise overhead — applied by institutional donors and the public alike — creates structural underfunding of security management in many organisations. This is a false economy: security incidents are expensive (evacuations, medical care, legal liability, reputational damage) and the indirect cost of losing experienced staff to security incidents compounds over time.

National staff. The majority of humanitarian sector employees globally are national staff — local employees who cannot evacuate to a third country, who are known to armed actors, and who face threats that their international colleagues do not. Security frameworks that focus primarily on international staff are inadequate.

The Security Risk Management Framework

The Global Interagency Security Forum (GISF) has developed the Security Risk Management (SRM) model as the standard framework for the humanitarian sector. The framework covers five domains: context analysis (understanding the operating environment), threat identification (who and what poses a threat), vulnerability assessment (how exposed the organisation and its staff are), risk rating (combining threat and vulnerability), and risk management response (controls proportionate to the rated risk).

The ICRC’s Safer Access framework addresses the specific challenge of managing security through acceptance and relationship management with armed actors. Both frameworks are available publicly and are the professional standard for security management in the sector.

Practical Security Measures for Urban Operations

NGOs operating in high-risk cities — Lagos, Nairobi, Bogota, Karachi, Manila, Jakarta — face a security environment comparable to corporate travellers but with different resources and different constraints.

Transport management is the same requirement: vetted drivers, no taxis, route variation. The organisational vehicle fleet should be appropriate to the city’s road conditions and threat environment, maintained, and tracked. Drivers should have the same security briefing as field staff.

Office and residential security should be assessed on arrival in a new city and reviewed regularly. Safe locations (areas suitable for staff accommodation and office premises) versus areas that carry elevated risk should be defined and communicated to all staff. A residential security assessment for staff accommodation in high-risk cities is appropriate for larger operations.

Check-in protocols for field movements should be documented and followed. The threshold for alarm (when a missed check-in triggers an active response) should be defined and known to all staff. The difference between a late check-in because a meeting ran over and a missed check-in in a hostile area is the gap between a routine administrative follow-up and an emergency response. The protocol should make this distinction operationally clear.

Engaging Private Security

The tension between humanitarian principles and private security engagement is real but often overstated in contexts outside active conflict zones. An NGO hiring a vetted security driver in Lagos is not compromising its neutrality. An NGO operating a guarded compound in Karachi is not making a political statement.

The relevant question is whether private security engagement in a specific context is consistent with the organisation’s accepted principles and whether it creates risks (misidentification by armed actors, escalation of confrontations) that outweigh its benefits. In urban environments, this question typically resolves clearly in favour of professional security engagement.

For security driver and close protection services for NGO operations in our P1 city network, see security drivers and executive protection. City security profiles covering the operating environment for field organisations are at Lagos, Nairobi, Karachi, Manila, and Jakarta. For the practical pre-deployment training that field staff should complete before working in high-risk environments, see our HEAT training guide. For organisations operating in active or recent conflict zones – mine contamination, UN security phases, checkpoint protocols, and extraction planning – see our conflict zone security operations guide. For academic researchers who face comparable security challenges to NGO field workers – university duty of care obligations, GISF framework, fixer vetting, digital security in authoritarian states, and check-in protocol design – see our security for academic researchers and fieldworkers guide. For freelance and contracted workers deployed by NGOs and development organisations without the institutional security infrastructure of employed staff – covering ISO 31030 duty of care, lone worker devices, SRCC insurance gaps, and check-in protocols – see our security guide for gig economy and freelance workers. For UN agencies and multilateral organisation staff operating under the UNDSS framework – Security Level System 2019 (Minimal to Extreme), MOSS compliance requirements, the 1994 Convention on the Safety of UN Personnel, and the specific threat environments at Nairobi (UNEP/UN-Habitat), Bangkok (UNESCAP), Manila, and Karachi – see our security for UN agencies and international organisations guide. For heritage and archaeological fieldwork teams operating in conflict-affected and high-risk environments – UNESCO 1970 Convention, INTERPOL Works of Art unit and Operation Pandora, HEAT training, government permit relationships as security mechanisms, and close protection for project directors in West Africa, the Middle East and Central Asia – see our security for heritage and archaeological fieldwork guide. For HNWI philanthropic foundations and private charitable trusts operating programmes in high-risk countries – Charity Commission trustee risk obligations, overseas staff duty of care and ISO 31030:2021 compliance, partner organisation due diligence, donor and beneficiary data protection, and security at high-profile grant announcement events – see our security for charitable foundations and philanthropy guide. For the specific security challenges facing wildlife conservation operations – ranger security against armed trafficking networks, donor visit helicopter and ground convoy planning, bush camp perimeter security integrating wildlife and human threat, and OPSEC for anti-poaching investigators – see our wildlife conservation field operations security guide.