Integrated security management is frequently talked about as a panacea for all protection ills. Although its benefits are proven, the basic building blocks are all-too-often missing from many end user installations. In the first of a series of comment pieces supplied by the National Security Inspectorate, chief executive Tom Mullarkey stresses the immediate need for an holistic approach to security and fire safety.
As a new arrival to the security sector, I have been much impressed by the thought and analysis which has helped mature the industry and enabled it to grow into its current position. Of course, there are several anomalies within the private sector which indeed deserve some attention – in the hope and expectation that they too will shortly achieve a 'mature' status. One of those anomalies is integration, or – to afford it a somewhat more formal style – integrated security management.

In the context of this article, we'll take integrated security management to mean the combination of sectoral security activities into a seamless whole.

The thinking behind the terminology is pretty straightforward. A system is only as good as its weakest component. Thus, in practical terms any security system which has at its core an electronic suite of high quality NACOSS intruder alarms, CCTV and access control components, for example, is prey to the weakness of other components in the system.

If the security officer who monitors that top quality CCTV system (or the contracted keyholder who is despatched should there be an alarm activation) hasn't achieved the same level of operational standards as the electronic suite, then the whole security process is inevitably undermined.

One standard must fit all
Ultimately, customers need to be sure that the same standards of security screening will be applied to every individual in the private security response chain – from office staff through to the installing engineer, and from Alarm Receiving Centre operators through to security officers and keyholders. If these and other standards are not met, the consequences are extremely serious. Frequently, they'll involve the loss of property and, on occasion, a threat to life.

An additional element is introduced to the equation by way of fire systems. Since the implications of a poorly-designed, installed or managed fire component are extremely serious, it becomes even more important that each and every one of those components meets the needs of the system as a whole via integrated security management. It follows that the response process for fire systems must be at least as slick and professional as that for security systems – arguably more so. Where the fire and security components are designed to work in unison, the technical standards must be exacting.

All of what has been said thus far is so obvious it should hardly need highlighting. Or is it? In early 2003, the reality is that integrated security management is very much the exception rather than the rule.

On the manned security side of the equation, I witnessed a recent inspection of a company tasked with guarding one of our most important national cultural institutions. The contents of the establishment were, in many cases, priceless and the insurance risks enormous. Naturally, the insurer had specified an extensive NACOSS electronic security suite.

However, when asked whether the specification had included an Inspectorate of the Security Industry (ISI) quality assured company to patrol the galleries and manage the building perimeter, the client offered a blank expression. There was no specification.

In truth, any security company could have been awarded the contract. Had the company been infiltrated by criminals or just plain incompetent individuals, and a loss had occurred, there could have been a disaster of international proportions. Yet neither the customer nor the insurer seemed aware of the risks being run. Thankfully, the ISI quality assured company under inspection was doing an excellent job. How, though, can we accept this kind of anomaly in any risk situation, much less in one of such high sensitivity?

The weakest link anomaly
The rationale behind the National Security Inspectorate (NSI) is to reduce this 'weakest link' anomaly.

By offering high quality inspection regimes across three major security sectors – systems, fire and manned security – the NSI is providing a standardised, high quality vehicle for integrated security management.

Moreover, one of the key considerations for QA systems is the underlying logic to the service being provided, as well as a given system's capacity to integrate with others both inside and outside the security environment.

One of the inspection criteria is the way in which the component under inspection is integrated with the others on site, even if they're not to be looked at on that particular day. Of course, this not only means that NSI inspections evaluate integrated security management within companies – there are currently six NSI companies inspected on an integrated basis – but also that the regimes are sufficiently flexible to enable an inspection of integrated security management between different companies.

Whether the integration is through one contract or involves several contracts supporting a customer's protection of an installation, it's established how well they're working together, and a report is duly tabled on the outcome.

Raising the Standard
Critics will say that this is just a way of the NSI influencing the market for the benefit of NSI-recognised companies, and that we're advocating additional insurance support to manned security companies and fire systems concerns where it has only been there before for NACOSS.

I'll put my hands up on this one – provided those same critics accept that we're only doing this in order to raise standards. If the end user receives a better, high quality service then the customer base will be happy, the insurance scheme providers will be happy and the specified companies will be happy.

We'll be happy, too, principally because the customer is being looked after and not, as currently happens in some cases, 'abandoned to the weakest link'.

Once it is presented, the insurance companies are beginning to see the argument for integrated security management. Since we have only been offering integrated security management inspection for a relatively short period, gaining universal understanding is bound to take time.

Insurance companies reap direct benefit from this philosophy. They may face more costly challenges through terrorism and global warming at the present time, but if the overall bottom line can be satisfied by improving the return on crime and fire risks, then this could mean the crucial difference between making a loss or breaking even in the annual accounts.

Insurance shareholders will want this, their directors will want this and, ultimately, their customers will want to see this reflected in premiums. The insurance company which doesn't seek integrated security management as a standard solution to these significant crime and fire risks will, I predict, soon be at a disadvantage in the premium stakes.

Here is a chance to move the security and insurance industries one major leap forward – in one small step. Insurers must learn to tell those security and fire companies which cannot meet the strict requirements of integrated security management for key risks: "You are the weakest link. Goodbye".

Source

SMT

Postscript

Tom Mullarkey is chief executive of the National Security Inspectorate