Matthew Porcelli, MSc, CPP, F.ISRM, MSyl and Charlie Swanson, MSc, PG Dip, CSyP, FSyI explore the relationship between security and the C-Suite.

Anyone who has worked late into the night in a corporate setting will have noticed a security officer going past their field of vision. Usually, the officer exhibits a friendly gesture such as a wave or a, “hello,” and continues walking. To the layperson, the officer is just conducting rounds, trying door handles and closing unsecured doors.

Continuing, the officer walks past the organization’s C-Suite where the Vice President of Facility Operations and Client Contact (for the facility’s private security service provider that the patrolling officer works for) is working late on a report that must be submitted to the organization’s Chief Executive Officer (CEO) the next day. 

Among other duties, the Vice President of Facility Operations for this particular organization oversees the facility’s vendors and ensures that the level of service is maintained and how it can be substantiated. The officer passes by the Vice President’s office, waves with a smile and continues down the egress stairwell.

This C-Suite member, who has recently been promoted to Vice President, has partnered with many private security companies and conversed with many of the security officers over the years – and has assisted with establishing the security patrols and assigning specific checkpoints that the officer must check during non-business hours.

As the Vice President begins concluding the report, they notice a portion stating: ‘Security patrols being conducted on a regular basis during non-business hours.’ The backup is present with tour reports required to be provided by the contract Security Manager. The following day, the C-Suite meets. The CEO asks the Vice President of Facility Operations in a hasten manner: “Are the guards doing their rounds?”, to which the Vice President replies, “Yes.” The answer comes across the C-Suite table as quickly as it is requested and the meeting continues.

Who, what, where, when, how – why?

Often, the security function, let alone patrols of private security officers, will not make it across the C-Suite table unless attributed to a serious incident or crisis. Too often, security patrols are a routine part of the facility’s operations and something of compliance or a check box directive. Unfortunately, it is this way of thinking that undermines the importance of having security personnel in the first place, as well as a catalyst for some security officers seeing a patrol as an operational scavenger hunt to hit certain points. 

Security patrols understand the WHO (the security officer), the WHAT (the assets under protection), the WHERE (the location of the patrol checkpoints), the WHEN (designated patrol times) and the HOW (security patrol equipment in the form of a wand or mobile tour device). However, one strategically important element still remains absent – the WHY?

When a contract is rewarded to a security service provider for a new or existing property, patrols are implemented into the site’s security post orders. Buttons, pads and stickers for patrol purposes are just some of the types of checkpoints affixed to walls, doors and machinery. These patrols are mainly conducted after business hours because in the event of something that merits attention or service, there are more individuals on location to deal with the issue in real time.

Patrols increase after hours because those resources once on site during the day are not as available to catch an issue and amend quickly. Peace of mind is key and that is exactly what asset management pays for. 

However, what happens when complacency starts to manifest? Not just in the minds of asset management, but also the security officers? What happens to security strategy when patrols become scavenger hunts for checkpoints and some security officers are looking to just get the tour completed? The aforementioned can make both asset management and the security team question the essence of why the patrols are integrated and conducted in the first place.

Misconceptions and questions

The C-Suite is not security-centric. Granted, security is indeed of concern, however, it is often more focused on cyber and white-collar threats. Security patrols are the front line of protection for the assets, in this case, the building employees and property. The reasoning for these patrols is often not as prevalent because it operates under a reactive mindset.

For example, a misconception is that nothing happens at 2:00 am in the morning in a corporate building. Buildings live and breathe and require maintenance and checks not only in the sense of facility operations, but also from exterior threats from aggressors.

Another misconception is that aggressors always commit random acts of theft or vandalism. Even though some acts of theft and vandalism can be random, many aggressors are not mindless delinquents. On the contrary, just as their security counterparts, they observe, they take notes and are very patiently waiting for a window of opportunity.

For instance, if a security officer conducts two patrols a night at 01:00 and 03:30 am – passing by a particular exterior door at a certain time since patrol routes have been integrated – would it not be easy for an aggressor to monitor that pattern, thus opening that window of opportunity even wider? 

These are all questions faced by with the frontline security manager; however, the C-Suite may only get involved and coordinate with the frontline security manager after an incident has occurred. Many C-Suite members employ Chief Security Officers (CSOs), Chief Risk Officers (CROs) and Enterprise Security Risk Management (ESRM)/Enterprise Risk Management (ERM) personnel as an additional layer of assurance to establish that peace of mind.

Operational security management keeps the operation flowing; strategic security management maintains and adds another layer of substantiation to the patrols’ and frontline security teams’ purpose and mindset. The aforementioned, however, does not come naturally and must be enforced and maintained by the frontline security manager in partnership with the asset manager or client contact(s), which can then be substantiated and reported to the C-Suite.

Staggering patrol times and teaching security officers that tour point locations are three dimensional, rather than trying to find a checkpoint and moving on, is just half the objective.

Tactical security operations ensure that instructions issued by the C-Suite are communicated to operational teams, such as security officers. Without an understanding and communication of the WHY however, which is a strategic disposition, the system is doomed to fail.

This article was originally published in the bumper September edition of Security Journal Americas. To read your FREE digital edition, click here.

Return to Security Journal Americas NEWS INDEX