"Security officers may be under-utilised and bored, or they may have been asked to take on additional non-security tasks, such as administrative support work and Health and Safety checks, in order to increase their value to the customer. There's nothing wrong with ensuring that officers are well deployed, as long as this never distracts them from their primary duty to safeguard the people, premises and operations on their site."
It stands to reason, then, that it's very important for customers to ensure their security provider and security team are always fully-focused on the key imperatives by establishing and measuring service standards.
At the beginning of any security contract, the customer must establish a Service Level Agreement (SLA) which sets out in clear language their expectations of the services to be provided by the contractor company (SMT readers should note that a typical SLA structure is detailed in TSI's Guide).
That SLA should also refer to Key Performance Indicators (KPIs) which are agreed and written down at the start of the contract. Those KPIs should contain a small number of areas of performance that are of importance to the customer and which may be objectively measured. TSI's Guide rightly observes: "Any significant failure by the security team to achieve these agreed targets should be communicated to the customer in writing immediately they occur, offering an explanation and indicating what remedial action is being taken to avoid future failures."
At the end of the day, KPIs must always be appropriate to the site or situation to which they apply, and will inevitably vary from business to business.
Assignment instructions: be clear
Your service provider should always prepare a detailed listing of assignment instructions based upon the end user's agreed requirements. While the SLA might cover a multi-site situation and KPIs could include subtle differences to reflect the specific needs of several sites, the assignment instructions document should set out the actual tasks required of the site security team or individual officer(s). The site team must retain a copy of the instructions and, in agreement with the client, review and subsequently amend those instructions at regular intervals. TSI's Guide offers every six months as a pointer.
In this section of the Guide, Britnell and Jones concentrate on the early stages of a new contract whereupon an emphasis is often placed on the manner in which the contractor will actually manage the project. They comment: "Commitments are made on matters ranging from the frequency of senior management visits to the customer's premises, through to the level of support provided by the supplier's operations manager and the frequency and purpose of visits conducted by dedicated supervisors."
The meeting of these commitments by the service provider is a key measure of the security contractor's quality of service.
The client-contractor relationship TSI's Guide focuses on five main areas upon which contractors might concentrate in a bid to enhance their relationship with the client.
Regular meetings should be held between customer managers and the contractor's operations manager. There must be an agreed agenda such that performance in key areas can be validated. According to the Guide, discussions ought to cover what the officers on site are doing well, those areas where performance has been deemed to be unsatisfactory and what steps the contractor will take prior to the next meeting to resolve any outstanding issues.
Now is also the time for the client to raise unresolved issues concerning the officers' relationship with their employer (eg concerns over pay, training or holidays, etc).
Customer and contractor should agree on the frequency of supervisory visits to the security officers on duty, and what will occur during the visits. TSI recommends the use of a supervisor 'checklist' to make certain that all items are covered.
In addition to the calls that an officer should make to clock on and off at the beginning and end of their shift, it may be appropriate to require them to make or receive additional calls during their shift (particularly if they're alone on site). A system should be in place to record the check calls, and a defined response and escalation procedure determined in case the scheduled calls aren't made or answered.
Security service providers can and often do survive errors, security failures and even instances of officer misconduct, but only when the management relationship between the contractor and the client is strong
Importantly, the Health and Safety Policy adopted by the security company should be prominently displayed at their training facility, and must be clearly understood by all officers.
By the same equation, the client's Health and Safety Policy should also be reviewed as part of the contracting process. Managers from the security company must be made aware of any risks associated with the duties they've contracted to provide, and ensure that supervisory personnel carry out reviews of working methods to mitigate any risks.
It's often the case that security work involves the processing of personal data which may fall within the scope of the Data Protection Act 1998 (eg the monitoring and storage of CCTV images, and booking people in and out of buildings, etc). The Regulation of Investigatory Powers Act and the Human Rights Act may also be relevant to some contracts, particularly those in the public sector.
As we've seen in previous editions ('Rights of passage', SMT, February 2001, pp26-27), these are very complex pieces of legislation. That being the case, TSI recommends security officers and their managers are trained to understand their responsibilities under these and other privacy laws, and that security contracts always specify who has overall charge for ensuring compliance.
If the client is to continue gaining benefits from the services provided, it's essential that there's regular and constructive communication between all parties. For small contracts this will occur at site level, but in contracts involving many sites the communication should deal with exceptions and performance 'highs and lows' from across the entire contract.
The frequency of meetings should be agreed and then attended by appropriate people from both organisations. Other interest groups should be invited to the meetings at their request, particularly where service standards are being affected by the activities of people outside of the security team.
Delivering an agreed service
Under normal circumstances, the major focus for that team will be concentrated on the delivery of agreed services, such as manning levels, officer appearance and behaviour, etc. That said, on occasion the threat situation – be it external or internal – will increase, and officers will be expected to respond in an effective and professional manner.
Let's take the external threat scenario first. When the external threat increases, the security company – in agreement with the customer – should communicate the relevant information from their central Control Room to each officer, either directly or via their management team or the customer's security manager (thereby allowing the required response to be adjusted in line with the client's wishes).
On those occasions when the security threat increases internally (for instance when an internal theft takes place), an efficient contractor will already know how to respond in line with the client's own expectations and adopted procedures.
"Whichever route is taken," claim Britnell and Jones, "security service providers employing good practice will always communicate changes in threat levels (whether local, regional or national) in a timely and clear manner, indicating the extra obligations placed on the team members. Additionally, they'll ensure that every officer who receives the message will have his or her own questions answered."
This ability to pass on information about changing security threats will enhance security companies' pro-activeness, and may become a major service differentiator in the years ahead.
Source
SMT
No comments yet