Facilitating Physical Security

IFM May 2009

Steve Garton offers advice and tips for FMs who find security being added to their brief as corporate economic and personnel resources come under increasing pressure.

The role of the facilities manager seems to be ever evolving into a more complex and diverse position, with responsibilities often encompassing multidisciplinary activities across several different environments. Within this fast growing discipline, FMs have extensive responsibilities for providing, maintaining and developing a myriad of services. These may range from property strategy, space management and communications infrastructure to building maintenance, administration and contract management. In addition to this, and particularly in the current climate as companies tighten their budgets and look to restructure their manpower, the FM is increasingly pulled in to assist senior management in other areas. Together they must ensure that security measures are being considered and implemented to safeguard an organisation physically and ultimately virtually. This transition requires the FM to have a much greater awareness of security issues and to be more involved in the delivery of security in all its forms across an organisation.

Changing context

Historically, the FM has often not been adequately informed for overseeing such security measures or given the appropriate guidance to implement suitable procedures or technologies to tackle potential threats. Now with legislation such as Corporate Manslaughter, which requires companies to provide a clear duty of care for their employees and lone workers, and the National CCTV Strategy, a report that reviews the use of CCTV and the legal requirements of CCTV footage for evidence in court for prosecution purposes, this is a situation that quickly needs to change

With the advent of enhanced technology, the way we work has changed. With this change has come a blurring of responsibilities. In the past, it has been extremely clear who will be responsible for IT security and physical security across an organisation. Now with processes being conducted differently, this is not the case and raises questions as to who exactly is responsible for security in a company overall. Should it be the IT manager or the FM who should be held responsible? What we are hearing from our customers in this market is that knowledge sharing has to happen so that FMs and security managers are working together collaborating about the security provision, whether it is within the IT department or as part of the estates and facilities management discipline. In this instance, it is useful for an FM to be aware of the security concept as a bare minimum, along with the standards that come with physical security compliancy requirements. This stops the blurring of territory and responsibility, which can leave employees confused, and encourages a better work culture with security higher up the business agenda.

The physical security of a building in particular is becoming more a part of the FM’s role, and there are many issues that FMs need to take into consideration. The environment and the building itself often dictate the style in which a security design can be delivered. For example, those located in areas of environmental importance and in listed buildings will be restricted as to what can be implemented regarding the physical design. Many buildings that have been designed to be aesthetically pleasing to the eye are often seen as problematic where security is concerned. It’s worth noting that security does not have to be an obtrusive or costly measure if approached in the correct manner, however. Even though issues and threats change on a case by case basis, the approach and principles of security are the same and arguably most clearly overseen by the FM. In this day and age, FMs should not be deterred by the look of a precautionary measure, as security components can be delivered to integrate aesthetically with a building and give the protection realistically required.

Starting point

The first step a facilities manager should take when considering the physical security of a building is to conduct a threat assessment. This process is a relatively standard procedure - it enables the authorised employee to study actual threats in the vicinity and tune in to the modus operandi of a person or group that could pose a threat. It is the latter element that makes the risk assessment more clearly defined and ensures informed decision-making. Even though sourcing the modus operandi is an essential part of the assessment, it often is a challenge which requires a logical thought process. As with anything else, more experience will assist the FM in drawing their effective conclusions.

Here are some top tips for FMs to consider when addressing building security:

• Consider where the risk initiates from; is it from an outsider looking to force entry or potentially an inside worker with authorised access to the building?
• Conduct a thorough threat assessment to assess risk. Base the security design on the analytical findings and not on perception. This will pay dividends in the long-term and make significant savings during the design phase of any security plan.
• Create an informed security culture and establish security as an important agenda item at key meetings, to encourage knowledge sharing and collaboration.
• See security as a business enabler and not as an expensive hindrance.
• Do not automatically scrutinise the provision of security when savings are to be made. The low crime rate of an area or building may be a result of a company’s good security plan.
• Ensure that any security design is overseen by an independent security consultancy and that the correct level of commissioning takes place.
• Open the tender to four or more companies when sourcing additional security components or systems eg CCTV, access control, lighting etc.
• Sound security policies and statements from the business hierarchy will go a long way to setting the security requirements and expectations – a good security design and culture will facilitate a safe working environment for all.

In addition to these procedures, there are a number of compliance documents and guidelines issued by government that today’s FM should recognise and have a basic understanding of. One of particular note is that of the new 'Security Policy Framework', which contains the most recent primary internal protective security policy and guidance on security and risk management for government departments and associated bodies. This is the source on which all localised security policies should be based and so would act as an ideal reference point for those FMs looking to address security issues. Another is BS7858, the British Standards Institute code of practice which urges employers to screen all individuals who have access to their building. In the current economic climate, fraud and crime will undoubtedly be on the rise both from the inside and out. Consequently, it is paramount that each company safeguards itself from the biggest threat: people. An employee screening process should be conducted for all prospective workers, regardless of their position, to ensure that all are law-abiding and legitimate before they are taken on board

Those who are lucky enough to have a source of security expertise in-house should have the capacity to address the physical security issues that affect their building. This is, however, not always the case and we know from experience that many FMs are seeking expertise in this field on a consultancy basis. Such expertise will highlight areas of concern and equip them with the findings and knowledge base to present to the board proposed solutions or preventative measures. In this case, the FM should look to engage with a professional, trained in this area. More importantly it is essential that this person comes from a recommended independent security consultancy to guarantee that the findings are not biased towards any particular products; rather, that they offer pure advice and direction for the organisation’s benefit. Many security companies are keen to offer a plethora of security products including CCTV and alarms, for example, where in reality, fewer products are needed. By carrying a comprehensive threat and risk assessment, how many and which sorts of products will become clear. FMs seeking counsel should request that this consultant mentor their interests throughout, keeping them abreast of the assessment and of any suggestions to permit a useful and feasible plan of protection

Regular independent reviews are also paramount. These should be tailored to highlight both the strengths and weaknesses of a building. A trained and experienced consultant will be able to tune in from the most discreet to the most 'obvious' threats and also be able to measure the risks against the ever moving threats themselves. By employing this external expertise, FMs can be ahead of the game when it comes to physical risk scenarios. A rolling review means that should these threats change or increase, then the FM is equipped with responses that are both cost-effective and commensurate.

At a corporate level, a well structured physical security plan contributes to the delivery of strategic and operational objectives. Further to this, on a day-to day level, effective facilities management provides a safe and efficient working environment, which is essential to the performance of any business – whatever its size or scope.

So whether or not you are actively being encouraged by senior level staff to consider the potential threats your building could be under, it certainly will not hurt to show foresight and address these issues ahead of time to ensure that the business provides as safe a working environment as it can for all its employees.

Steve Garton is Director of Security at information and physical security advisers Advent IM.

<< Back to Advent IM News

© 2009 Advent IM Ltd | Tel: 0121 559 6699

Website Design by Clickfire