Experience shows that property owners and developers very rarely understand the importance of providing an effective security solution and all too often the security concept and delivery fails to meet operational needs and demands. This is mainly due to lack of security knowledge, limited client /end-user liaison, and poor understanding of the actual requirements by the security integrator or installer. Furthermore, many companies fail to address security manning levels and Standard Operational Procedures (SOPs) as part of their scope of works, ultimately leading to greater expenditure on security technology that receives a poor ‘human’ response.

In order to define the levels of protection required through the effective identification of ‘true risk’ and make recommendations for appropriate counter-measures, a security Threat and Risk Assessment should be conducted. This will fulfil a number of functions and will:

• Provide contextual perspective to the facility and surrounding environment
• Provide an audit trail for decisions, designs and plans
• Inform and provide a structure for the design and/or security audit of the premises
• Inform and provide a structure for mitigation measures and operational procedures
• Inform and provide a platform for the development of Contingency Plans
• Identify regional and site specific threats that are likely and credible
•  Evaluate the consequences of threats, including loss of life and property, economic impact, as well as damage to symbolic value, reputation and public confidence

Physical security is only one of many functions of building design and usage. While any project has some element of security in its programme, security must take its place among numerous competing demands. While the architects and the security consultants help the owner understand the trade-offs in those demands, it is for the owner to set the final priorities for the security concept of the project. The key is to creatively blend security with the other project requirements in a balanced manner.

Careful deliberation should be taken when considering the technical security specifications, along with the operational requirement for each solution and device. If this is ignored the installed security system(s) could be ineffective and ultimately ‘not fit for purpose’.

Time and time again I see electronic security systems installed at a facility which do not serve any operational purpose whatsoever. They do however cost the client money, by paying for a piece of technology that serves no real purpose, or having to pay for devices to be moved or replaced, or even for a whole system having to be overhauled or upgraded.

Once the operational requirement has been identified and defined the security design and specifications are then put together. The specifications, along with a Bill of Quantities (BOQ), should ultimately drive the tender process.

There may be certain trade-offs to be made in terms of price against requirement in order to meet budgetary constraints. The part of this process which is all too often overlooked is what the operational impact of any trade-off will be. Once this impact is known and quantified then a decision needs to be made as to whether to accept the risks, transfer the risks to another party or put other counter-measures (physical, procedural) in place to mitigate the impact and probability of these threats occurring.

Once a security integrator has been selected it is important that the installation of the equipment is project-managed correctly, ensuring that the equipment is Factory Acceptance Tested (FAT), conducting periodic site visits to review and monitor site progress and installation of systems to ensure integrity of approved intent, participate in the final testing and commissioning of the entire system(s) to ensure compliance with approved design documents.

Having a ‘risk lead’ approach and following a simple process will ensure that key stakeholders actually get what they need and not what they think they need.