We're not talking about sending in a team of professional burglars, but true security experts. Former chief inspectors, CID trainers and teachers from the Home Office's National Crime Prevention College, brought in by us to conduct the most thorough site review possible.
Securiplan's team of experts begins by meeting with a member of the client's senior management and facilities management personnel in order to identify the generic security issues affecting the company. With permission, the team members will then liaise with the local police force and other agencies to identify any crime trends in the vicinity, and subsequently offer a clear picture of the real and perceived security issues affecting the company. This initial research phase is crucial to the establishment of terms of reference for the audit process, and may flag up issues for discussion with the security management and staff.
Operation and reputation reviewed
Most security reviews and crime prevention officers' surveys look only at inhibiting criminal activity against a company. Our review goes further than that, examining each and every one of the internal and external factors which might damage the client's business. We conduct that examination under the four headings of corporate risk: operational, financial, reputational and legal.
By examining the ways in which the company concerned conducts its business from a security viewpoint, a review of this nature can often identify major operational risks.
The consultants will consider what a competitor could achieve by infiltrating r&d facilities, for example, and then examine to what extent visitors to the site are prevented from 'wandering around'. If the security of a data storage centre were to be compromised, what damage could be done and exactly what liabilities to third parties might be incurred? How might the temporary interruption of business damage the company's reputation, and what would be an appropriate level of security to prevent this? All must be considered.
Nowadays, of course, it might well be necessary to examine procedures for dealing with public intrusion in the event of demonstrations or attention from trouble-makers. Anti-capitalist activists and May Day demonstrators have extended the potential risks beyond the traditional targets – such as abortion clinics and animal research laboratories – to almost any company which is perceived as being part of the 'globalisation threat', or even one that is simply in the path of rampant demonstrators.
With all of these issues (and more) in mind, a team of specialists then undertakes a systematic security audit of each of the company's sites. In so doing, we can then identify the strengths and weaknesses of the existing arrangements. The team will assess every aspect of physical security, and look for points of vulnerability (even attempting to breach security protocols to test their efficiency). By inspecting the entire site, team members will also identify and check any vulnerable points in the perimeter protection provision. Sometimes, for example, stacks of material have accumulated next to a fence which may make it easier for would-be thieves to climb over, or it may just have fallen into disrepair.
Access control systems and procedures are crucial to the security of any site, and the review team will assess the effectiveness of all alarms and entry/exit devices in use. So too the procedures in operation at gatehouses and reception desks. Even buildings with highly sophisticated access systems may be vulnerable if members of staff have inadvertently disabled the system (by wedging open an external door to a designated staff smoking area, for example).
Tell-tale signs might also include cigarette ends found outside fire doors, which may point to the fact that fire exits are being misused.
Seeking out poor security
Generally speaking, the security review team will be on the look-out for bad security habits whereby a would-be intruder could take advantage of easily-observed laxities. For example, on many of the sites they have surveyed, our auditors have observed that tailgating is indeed a common occurrence at busy access points. Positioning a security officer close by could well be one way of deterring such behaviour at sensitive points across the site, but card-operated turnstiles may prove to be a cheaper and far more effective alternative.
The security review team will also look at the quality and use of CCTV systems, to determine both the clarity of images generated and how they might be used to reveal – and prove – that an incident has occurred. By talking to the Control Room personnel, members of the team will assess monitoring officers' understanding of the Data Protection Act rules concerning the use of CCTV material, as well as the principles of evidence gathering, data archiving and retrieval protocols.
Procedures such as the issuing of passes to members of staff, visitors and contractors are also worth checking. At one of the company's recently audited by Securiplan, the review team discovered that the visit date on visitors' pass cards was extremely difficult to read – making it almost impossible for the security team to check its validity from one day to the next. They recommended redesigning the card and colour-coding the visit date for ease of checking – at minimal cost to the end user – to prevent the misuses of a one-day pass card in gaining unauthorised access.
A comprehensive security review will examine the current assignment instructions and check that they are in-line with industry best practice. This might include the site's key storage systems, vehicle and personnel search policies and procedures to guarantee the safety of late and lone workers. If required, the audit can also cover the personal security arrangements for senior directors. The scope of the review might include investigation of the security of the company's IT systems, both equipment and data.
By interviewing on-site security officers, the audit team will assess levels of officer competency. This will be based on the amount and relevancy of the training they have received, as well as on their appearance, attitude and skills – taking in everything from patrolling techniques to customer care, conflict resolution, first aid and communications skills.
In examining the image and deportment of the officers on site, as well as their shift and patrol patterns, a security review can also assess the extent to which they present a deterrent against crime, either from outside or within the company. If they are too friendly and easy-going, they are less likely to deter internal theft.
If they are known to sit in their guard house for most of the day, it would be easy for would-be thieves to ascertain which areas are beyond the reach of CCTV cameras (and to focus their criminal activities there, in the knowledge that they're unlikely to be disturbed by random patrols).
In the aftermath of a review of this kind, a visible increase in the levels of security and deterrent activity on site can dramatically reduce internal theft and stock loss.
Developing a training plan
At the end of the survey, a detailed confidential report is prepared and delivered to the client's security management team. This will include recommendations for any additional officer or management training deemed necessary to enhance the effectiveness of the officers working on the site. Securiplan will then develop a training plan, both for the security teams on site and the individual officers, and duly incorporate this within the Service Level Agreement drawn up with the client (who will then be able to check that the recommended training takes place).
Further to this, our operations managers and security systems experts may also become involved in specifying new equipment and developing an action plan to address any deficiencies which have been identified.
In truth, a real security expert should be able to recommend security measures commensurate with these risks, but not so stringent that they'll cause unacceptable inconveniences to staff and visitors alike. The purpose is not to find ways of spending more of the client's money on equipment and training, but to analyse the potential for security staff reductions and other cost-cutting measures (without any drop in service quality).
A survey of this breadth, depth and expertise can save major blue chip companies millions of pounds, and protect them from untold potential damage to their carefully-built reputation. More importantly, perhaps, such a comprehensive and independent report is a fabulous 'weapon' for the security manager to lay before the Board of Directors when it comes to demonstrating why security provision needs to be improved.
When we enter into a partnership to protect the property and personnel of a client, we see ourselves as sharing some of the risks. We would be seriously embarrassed by a breach of security on their site, even if it wasn't the fault of the officers we had supplied. It's therefore in our own interests – and those of the client – that we undertake regular security reviews and check that all the necessary equipment and procedures are in place – and that security personnel are effectively deployed, and know what's required of them.
Much more than 'warm bodies'
Unfortunately, many of the invitations to tender which we receive are so specific in their criteria that it's impossible for us to do anything other than supply 'warm bodies' to fill the gaps left by their previous service providers. We prefer to take a completely fresh look at end users' security needs so that we can recommend the best possible combination of security systems and manned guarding to protect their sites.
Certainly, no manned security provider wishes to see its officers sitting smiling at the front desk while handbags are being stolen, CCTV camera lenses are out of focus and padlocks are missing from perimeter gates.
As far as the in-house security manager is concerned, a total security review can be a very important impetus for tightening every aspect of security within their organisation – and enhancing the working partnership between themselves and their security service provider.
Source
SMT
Postscript
Paul Collis is group sales and service director at Securiplan
No comments yet