Facing up to risk

5 August, 2009

While security issues are growing in complexity and importance, it’s also increasingly clear the onus of responsibility now more often rests with facilities management. Intelligence and security expert Steve Garton claims the stakes have never been higher for FMs, who, he says, would be wise to ensure they are up to date on the subject.

A member of the Security Institute and its validation board, Garton has a wide knowledge of the industry gained through more than 25 years’ experience, which has included chairing industry-wide working groups up to government/Association of Chief Police Officers (ACPO) level. He currently heads up security for UK firm Advent IM, an independent specialist consultancy providing ‘holistic protective security’ management solutions that incorporate information, personnel and physical assets. Garton oversees teams specialising in areas like physical security and sensitive investigation through to counter-terrorism and counter-sabotage.

The challenge for FMs in today’s climate, Garton says, is to understand the security issues that are increasingly coming within their remit and know the appropriate measures to take. His key message is: ‘Don’t be frightened of your security responsibilities; embrace them,’ which means ‘at least learning the basics’ and working closely with security staff or independent security consultants.

The ideal situation for Garton is to see FMs involved in all stages of setting up premises. This sees him pushing for FMs to be allowed to collaborate with security specialists during any building’s design phase. Similarly, he advises that FMs should always be consulted on the security dimension whenever an organization moves premises, and when remodeling is set to take place.

Of course, the ideal is in stark contrast with reality, where a built environment generally comes first, and FMs come to terms with security concerns after the fact. However, Garton believes, things are changing. ‘It is right to say FMs don’t often get involved in the design phase; we see in businesses across the board that security hasn’t always sat with facilities managers,’ he says. ‘It’s not something that has been in place, or is in place, with all companies, even today, so there’s an element of fracture anyway. Particularly in larger organisations, there can be a lot of distance between departments.

‘But we’ve found recently security is starting to move into the FM area a lot more, and so it should. As the people responsible for dealing with a building’s services, it would make sense that this provision sits within facilities management.’

Engaging more with security issues is vital for FM staff, who, as Garton has found from experience, usually find it a relatively new concept within their remit. ‘One thing that’s for sure is that if facilities managers are to be a success themselves, and if security is to be made a business enabler, they need to understand certain basics of security.’

The Insider Threat

Within the day-to-day running of facilities, Garton deems ‘the insider threat’ the greatest challenge. He says an important yet often overlooked measure to be taken here is ensuring effective screening takes place, appropriate to levels of access. In this case it would be advisable to develop a good knowledge of British Standard 7858.

This sets out clear recommendations for the security screening of individuals employed in an environment where the security and safety of people, goods or property is a requirement of the employing organisation’s operations, or where such security screening is in the public interest. Garton says it is equally important to ensure any service providers contracted from outside the business, such as cleaners, adhere to the standards where necessary.

A dangerous temptation which Garton says FMs need to resist is to use security staff for non-security-related tasks: ‘More and more we are seeing breaches when security staff are away from their post, possibly doing things like servicing photocopiers, emptying bins or filling vending machines.’

Another imperative is for FMs to become more closely integrated with security staff. Garton advocates liaising on security issues on a daily basis: ‘Security is never really an agenda item in facilities management’s routine meetings, whether they are quarterly, six monthly or whatever. Security in some ways has been its own worst enemy; it’s become a black art, no one wants to dabble in it. But [facilities and security management] need to converge more and push each other in order to provide an overall package.’

Legal Issues

It is also vital that FMs understand the various compliance measures presently in place throughout the UK. As security systems themselves become more complicated, compliance is becoming more demanding. Garton points out that constantly evolving legislation and guidelines require attention. Specifically, FMs need to be aware the government has a Security Policy Framework in place, and ensure they operate in accordance with the Data Protection Act and Home Office guidelines. Depending on their role, FMs will need varying levels of knowledge regarding the legislation.

As FMs further entrench security aspects in their role, Garton says it becomes critical to be aware of the associated legal issues, ‘because by taking more of this on, you make orself responsible for the provision of security. There is plenty of scope there, if you aren’t careful, to leave yourself open for problems with the compliance issues.

‘The smart facilities managers will make themselves aware of these guidelines so they are covered in the event of anything untoward happening.’

In the event of any such incident, an investigation team would study all security policies and statements, with those responsible held accountable. For this reason, Garton points out that FMs need to make sure they are fully aware of the need to adhere to explicit policies, such as a CCTV code of practice. ‘This is no longer just the security manager’s job,’ he says. ‘Others are also accountable.’

He continues: ‘What would be smart for facilities managers to do now is make sure their job descriptions are annotated accordingly so it is clear who is responsible for security provisions. If there were an incident, clearly what will happen is they will investigate whether it is annotated in the job description. However, in many cases people may turn around and claim ignorance, but if it is an implied task, they don’t have a leg to stand on.’

Garton concludes: ‘We are finding that with the introduction of security into FM departments, they have to learn very, very quickly, and unfortunately some are waiting too long or until they have an incident. There is certainly a disconnect between FMs and security managers that we’d like to see tightened up.

‘We’re about getting the message out that it’s not just a case of taking on another department within the FM remit, but that additional responsibilities and accountabilities come with it.’

When FMs are tasked with setting up security systems, Garton notes it is vital to enlist the services of an independent, service-based security consultant in order to avoid the obvious pitfalls of purchasing directly from the largely sales-oriented product companies.