You finally made it. You are the Corporate Security Officer for a large corporation. Getting the big job six months ago, you already have conducted an assessment of your Security staff and ensured you have the right people, with the right attitudes in the right positions. You have had to let some people go but you have also retained some hardworking legacy Security managers.
You have weekly team meetings and established a collaborative three year strategic plan to revamp the Security Program throughout the organization. You have engaged non-security personnel that are key stakeholders in your organization. They have contributed to the plan and agreed to assist in the implementation of the new Security Program. You have briefed and engaged Executive Management and they also approve of your new Security Program.
One of the major components of your new Security Program must address standardized Security documentation.
As the Corporate Security leader for your company ask following questions:
How does your Corporate Security Department know what to do on a daily basis? Does the company know their daily Security responsibilities? Do you have a central repository of Company Security policies, procedures, processes and guidelines? Is Security paperwork compiled into a central repository with easy access to all company personnel?
Does your Corporate Security Department depend on “tribal knowledge”?
Tribal knowledge can be best described as everyday Security Office operations which depends on legacy Security staff to carry out their duties. For example, you may hear “this is the way we always have done Security”, when you ask to be shown where it is written down there is not any paperwork that can be produced, Security practices have not been documented.
What is the root cause of “tribal knowledge”? Knowledge is power. Sometimes, Security departments develop “Irreplaceable experts”, those who do not want standardized procedures written down. If everyone knows the rules there is no “magic” in them. Assess if the past Security staff and past Security practices. Do you have any of these “Irreplaceable experts”? If so ensure they know the new Security Program will include a Manual of Operations.
Inconsistency always leads to confusion, especially from other Company Departments. Security processes that change depending on who they speak to in Corporate Security, is unacceptable. Such confusion within the Company regarding Security practices also gives the impression of an unprofessional Security program within the organization.
This issue can by the compilation of a Corporate Security Manual of Operations which should document and organize Corporate Security paperwork in one central repository for reference of all personnel, not just Corporate Security.
The steps are simple, the work is involved but the reward is invaluable:
- Engage and challenge your Security Staff.
- Define the mission. “Author and document a Security Program Manual of Operations.”
- Conduct an assessment of your Security Program paperwork.
- Engage key company stakeholders in the assessment.
- Compile a list of appropriate paperwork and compile a Manual of Operations.
- Assign a Manual of Operations lead to oversee the project and report to you.
- With the team lead, assign paperwork to Security Staff, make fair assignments.
- Set goals and timeline for completion.
- Engage Executive management.
- Provide periodic briefings on progress to Executives and key stakeholders.
- Complete the Manual of Operations and effectively communicate its value to key company stakeholders and the general Company population.
- Update annually or as needed.
A professionally designed central repository of Security paperwork will ensure the Security standards are upheld and will allow the Corporate Security leader to hold the Security Department and entire Company accountable in a clear and consistent manner.
Education and training is the key to establishing a professional Security Manual of Operations across the entire organization.
Standardized Security policies, procedures, processes and guidelines that are simple and easy to understand and are easily accessible to all company personnel will ensure a professional Security Program.
Personnel who understand and know the Security rules along with their Security responsibilities will contribute, they will assist in establishing a true culture of Security throughout your organization.