Getting the most out of security consultants

April 2013 Security Services & Risk Management

How can a vendor-neutral consultant help its customers to negotiate the costly minefield of security technology installations and upgrades?

How does a client decide between installations and upgrades? What factors influence this decision?

Making a choice on whether to embark upon a new installation or whether to upgrade an existing technology installation may be a daunting decision for clients to take. Factors that may well influence it are as follows:

* Does the existing installation allow for any significant sort of upgrade in terms of system and/or obsoleteness?

* If the installed system is restrictively upgradeable, would the client miss future upgrades and waste a valuable investment or would their system requirements hold good for the foreseeable future.

* What is the existing monthly cost of repair and maintenance?

* Has it increased significantly or still within budget and what is envisaged within the next year or two?

* What kind of budget does the client have available for upgrade or installation?

* Are there existing maintenance programmes on site to allow for phased upgrades within an agreed monthly cost?

Clients may expect an independent consultancy to develop and establish a security master plan that serves as a strategic road map for the client’s organisation. Such a plan would typically cover a 3 –5 year period and address all components of the client’s physical protections system, namely: physical infrastructure, security organisation, enabling security technology solutions and physical security processes.

A comprehensive security master plan, if professionally developed, would serve the client well in easily deriving at the solution of whether to install, upgrade or apply a layered combination of the two choices.

Should a customer not have a security master plan, a prudent approach would be for a vendor neutral security management consulting company to perform a thorough security review of the existing security technology system, if any, develop and recommend a conceptual design road map that needs to answer this very daunting question for and on behalf of clients.

Can a hybrid installation be as effective as pure analogue/IP?

The essence of any enabling security technology system is centred in the customer’s user/system requirements, which is realistically offset against the available budget. Should a technology solution system deliver on what is required then a hybrid system may well be as effective as a pure system.

Further to the above, any system is as good as the processes that govern it. Security processes (policy, standards, SOPs, etc.) form the framework of a physical protection system and without it, all the technology in the world means very little

Just think of the number of companies you have visited with hi-tech access control systems installed where employees access different areas of their business via proximity cards or biometric fingerprint readers yet visitors manually complete a no-technology visitor register.

There is certainly a case to be made for Internet-protocol (IP) based enabling-technology, as it is the predominant way forward from a development perspective. This notwithstanding, we would have to stand firm that each customer’s needs are different and would determine what is best.

When are IP systems the systems of choice? When is analogue a good choice?

Before a decision is made to procure any closed circuit television (CCTV) equipment, it is imperative that the client seeks unbiased professional advice that is vendor neutral. This advice should be packaged in the form of a comprehensive physical protection system (PPS) assessment where not only the CCTV requirements are assessed but the entire client PPS to ensure that the client ends up with a cost-effective total security solution comprising a suitable mix of all PPS components.

The solution should consistently achieve the client’s security system objectives, which may include detection, deterrence and timely response to prevent loss events and/or security incidents. Once the assessment has been conducted and the client is presented with a conceptual design for any required system upgrades, then the composition of the CCTV system can be measured against the following considerations:

* What is the desired application requirement of the CCTV equipment?

* What is the client’s available budget?

* What are the client’s desired expectations in respect of the upgraded CCTV system? What should it be able to do?

* Would the existing communications backbone on site support and cope with a significant system upgrade or would it need to be reconfigured or even replaced?

* What are the site-specific network requirements?

* Are there currently analogue cameras on site that can be re-integrated?

* What is the status and requirement of currently installed enabling technology with respect to integration? For example, access control interfaces, perimeter protection etc.

* Does the system proposed align with the clients’ strategic security plan?

When the above considerations have been measured the client should have a better idea of what the best choice is in respect of CCTV selection.

How does the customer decide that spending a lot of money on improvements and/or a new installation will be worth it? In other words, how does the customer determine the ROI potential of a security installation?

Unfortunately major security technology installations tend to happen once a serious security problem was discovered and the customer loses money. In such cases ROI can easily be justified against the increasing loss, should the problem not be remedied.

Business fraud trends clearly show that fraud is usually perpetrated over several years before being detected (mostly by chance). Financial reporting as an internal control is by no means sufficient protection against fraud, pilferage or theft. Fraudsters are often a network of long-serving employees in key positions who know how to manipulate the customer’s business processes without being detected.

Although very few customers formally measure the ROI of installed security systems or the cost-effectiveness of their total security programme for that matter, there are well-established methodologies to provide clear ROI indicators. These may include:

* Security performance metrics specifically formulated to measure ROI against the security threats exposed prior to and after installation.

* Security programme ROI formula where the cost of the security program is measured against prevented losses, losses recovered and actual losses.

* Security Risk Assessment Equation method where threat probability, threat interruption probability and consequence are calculated prior to and after installation.

For more information contact Physical Risk, +27 (0)21 851 2963, [email protected],

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Numerous challenges for transport and logistics
Transport (Industry) CCTV, Surveillance & Remote Monitoring Security Services & Risk Management Logistics (Industry)
Operators are making significant investments in automation and digitalisation in order to address security concerns, improve loss prevention as well as efficiency, and reduce unit order costs.

Defining the resilience of cybersecurity
Cyber Security Security Services & Risk Management
Cyber resilience is less buzzword and more critical business strategy as the cybercrime landscape grows in intent and intensity.

Technology and the future of security installation in South Africa
Editor's Choice Integrated Solutions Security Services & Risk Management
What are the technologies and trends shaping installation, service and maintenance teams globally, and how will they shape South African businesses today and in the future?

The technology wave implications for staff mismatches in control rooms
Leaderware Editor's Choice Security Services & Risk Management
An industry habit of looking at control rooms through a physical security lens has increasingly left clients and staff at a disadvantage in keeping up with control room technology and demands.

Streamlining processes, integrating operations
Security Services & Risk Management Integrated Solutions Transport (Industry) Logistics (Industry)
With Trackforce Valiant, Airbus now has one single platform that connects its security guards, supervisors and management across its organisation.

Smollan partners with FleetDomain
Logistics (Industry) Asset Management, EAS, RFID Security Services & Risk Management Transport (Industry)
Smollan has been using FleetDomain to manage its fleet of around 2000 vehicles in South Africa, enabling it to contain costs and manage its fleet much more effectively.

Smarter parking services
Security Services & Risk Management Transport (Industry) Logistics (Industry)
Smart technologies are changing the face of parking services and helping property owners realise their commercial objectives.

Adopting a cyber-secure mindset
Security Services & Risk Management Cyber Security
Adopting a cybersecure mindset is the key to mitigating the risk of falling victim to the growing cybercrime pandemic.

SAFPS warns against advance-fee scam
News Security Services & Risk Management
The Southern African Fraud Prevention Service (SAFPS) has warned consumers of an advance-fee scam where the perpetrator is falsely presenting themself as a representative of the SAFPS.

Fire prevention in your home or business?
Fidelity Services Group Fire & Safety Security Services & Risk Management
A recent fire at a nightclub in Boksburg has once again highlighted the importance of fire safety for both homes and businesses. When a fire breaks out, the consequences can be devastating.