We must protect The Ring

The recent decision taken by the British Standards Institution not to oppose the withdrawal of BS 4737 ('Intruder Alarms') on 1 September 2003 in favour of the European standard EN 50131-1 is worth looking at again and again. Why? Simple. The impact analysis highlighted by the National Security Inspectorate (NSI) and the British Security Industry Association is only now starting to dawn on those whose determination to achieve the impossible is barely tempered by their desire to create chaos out of order.

In the melee of the bunfight which they're attempting to start, it's possible that a new world disorder will be established in which low standards can prevail over high, and the good forever vanquished by the wicked.

The story smacks of 'Lord of the Rings', but is sadly lacking in either stunning scenery or a compelling storyline. The plot was hatched in a grey, concrete building in Chiswick – the home of the British Standards Institution – and the idea only has one parallel. We, in the World of Men, must protect The Ring.

On a personal level, I have a simplified idea of what regulation should be all about – the NSI's technical team would say oversimplified! Surely, though, one of the key characteristics of any good 'law' should be practicability or 'do-ability'. Unless a rule makes sense, we should hardly be introducing it into a structure of voluntary regulation. So that's the true test of BS EN 50131:1997 – is it 'do-able'?

There's only one way to find out, and that's to apply the basic rules of project management. Analyse each element. Spec it out in ever-increasing detail to a high degree of certainty. Give sufficient time to implement it. Sequence matters in the most efficient way to achieve the earliest possible result. Then fill in some 'float' at the end so that contingency flexibility is retained, and the deadline can be achieved.

BS EN 50131-1: a sequence of events
Let's take BS EN 50131-1 in sequence. Looking at the present 1997 version, dismiss. By the time the UK implementation of this version is refined, commented upon, reviewed and developed, it will have been nearly overtaken by the first revise – which was out for comment only last month. As there may be significant differences between the two documents, and as further planning is dependent on those differences, no self-respecting project manager would start the clock until the comment deadline for the revise closes in August.

'Nearly overtaken' is a very important consideration for those (ie the alarm system manufacturers) who have to make commercial investment decisions based on development work. Sure, they can gain a head start by way of forward thinking, but placing real money on uncertainty is an easy way to lose funds. And why should they be asked to do so?

Next, evaluate the likelihood that the new draft will become an EN and not a Technical Specification or TS. This is crucial, since a TS would not enjoy the full force of the law and may become a recommended solution rather than a compulsory one. Nobody seems to be sure which way this will go. The project manager would say: "Don't make progress until this point is clarified". At best it will waste resources, and at worst offer momentum to the wrong course of action.

For the purposes of this discussion, let's assume that 50131-1 will become a full-blown standard. Now, take delivery of the new standard, with all of its I's dotted and T's crossed. On the balance of probabilities, the date for inception of this document is unlikely to be before January 2004, and possibly as late as April 2004. The project manager, with his weary and experienced eyes on the clock, would say: "April 2004".

At this point, two very real operational elements swing into action. The first is the manufacturers, who can now – with safety – make their investment. Any earlier and their Boards of Directors would have been failing in their fiduciary duties, as the project manager would say. If they have been thinking about this for some time, and looking at the options, they'll respond more quickly (if not less so).

That said, it's not a straightforward race. The first alarm system manufacturer to produce equipment which is compliant with EN 50131-1 (first revision) and DD243:2002 in all respects gains no real advantage from doing so. It would be unfair to expect alarm installers to change their equipment suppliers on the basis of the availability of components from their normal sources, when those sources will be able to deliver within weeks or (at worst) months. Among other issues, there would be greatly increased training costs to consider.

There's a tricky balance to be struck here in terms of timing. Too rushed and initial batches may be faulty. Too slow and the industry's righteous desire to introduce EN 50131 will lose momentum. Every manufacturer should be given a reasonable amount of time to complete adequate development. So let the project manager assume that fully-compliant, tried and tested equipment will be universally available by, say, September 2004.

The second operational element to consider centres on the trainers. With the introduction of new standards and equipment comes a significant training overhead. The larger companies out there have professionally-established training centres with finely-tuned throughput numbers. They also have to keep the operations/training proportion well-balanced so as not to erode profit during times of change. The project manager will know that, realistically, training for these companies will take six months to throughput the entire security engineering workforce.

A dependency on training is the availability of the new equipment. Realistic expectations could be that manufacturers will make stocks of training equipment available within three months – ie July 2004 – and that engineer training would only commence at that point (although risk assessment and EN awareness training could actually start very much earlier). Training, then, will finish in January 2005.

Customer confidence will be damaged
All of this just leaves the float. Right now, there are so many uncertainties that the project manager will want to leave plenty of float. The downsides of getting it wrong are so severe that the industry could be seriously disrupted and customer confidence left badly damaged.

"Is any new piece of legislation worth such a risk?" asks the project manager. Thus the project managers will finish their GANTT chart (timescales to you and me) with a flourish. And the implementation date for BS EN 50131-1 is... wait for it... March 2005.

I don't know what kind of project managers they have in that grey concrete building in Chiswick, but just how they've come up with something so wildly different to this beggars belief. Of course there are short cuts, efficiencies and concurrent activities that could reduce the timescale.

Manufacturers may, as some of them claim, already be compliant. Equally, though, there are additional and serious uncertainties – surrounding the introduction of 50131-3 ('Control and Indicating Equipment'), for example, which the UK has yet to decide to adopt at all, and which would stretch manufacturers' timelines still further. Why would we throw ourselves at this when the implications of getting it wrong are so severe and so unnecessary? Compromise is needed.

Let us hope that, in times to come, when our children meet to talk about the great deeds of their forefathers, they will say of us that we brought order out of chaos and light out of darkness. And that, finally, we vanquished the Orcs from the World of Men.