RiskUKSeptember2017
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
September 2017<br />
www.risk-uk.com<br />
Security and Fire Management<br />
On Terrorism Watch<br />
From ‘Run, Hide, Tell’ to ‘Spot, Sweep, Secure’<br />
ISO 22316: Security and Organisational Resilience<br />
Fighting Financial Crime: Why Culture is Key in UK plc<br />
Total Recall: Best Practice in Crisis Management<br />
Fire Safety Planning: Emergency Evacuation Procedures
Manufacturing X-ray Machines<br />
in the UK since 1950<br />
Call or Email to claim your<br />
FREE THREAT ASSESSMENT<br />
and advice on your direct and associated risks by the UK’s<br />
leading manufacturer of high end security x-ray machines<br />
01480 832202<br />
www.toddresearch.co.uk<br />
xray@toddresearch.co.uk
September 2017<br />
Contents<br />
42 Meet The Security Company<br />
In association with the NSI, Risk UK continues its ‘Meet The<br />
Security Company’ series by asking Doyle Security’s managing<br />
director Andrew Nicholson the major questions of the day<br />
BS 8593 for Body-Worn Video (pp9-10)<br />
5 Editorial Comment<br />
6 News Update<br />
Corporate governance reforms. Cifas study on ID fraud. EU GDPR<br />
compliance risks survey by Bluesource. All change at HMIC<br />
9 News Analysis: BS 8593 for Body-Worn Video<br />
Brian Sims reports on the launch of BS 8593:2017 Code of<br />
Practice for the Deployment and Use of Body-Worn Video<br />
12 News Special: Cortech Open Innovation Events<br />
Brian Sims previews this month’s COIE taking place in Glasgow<br />
and looks back on the success of the Bristol event held in July<br />
14 Opinion: ISO 22316 Security and Resilience<br />
ISO 22316:2017 on Security and Organisational Resilience has<br />
arrived. John Robinson appraises the content in relation to Brexit<br />
16 Opinion: Apprenticeships in the Security Sector<br />
Apprenticeship programmes should be employer-led, but what<br />
does this actually mean? Peter Sherry delves into the fine detail<br />
19 BSIA Briefing<br />
Will Murray on the current state of play in lone worker security<br />
22 Security for the Enterprise<br />
Damien Pezza takes a different slant on risk management with a<br />
detailed overview of combined ESRM-ERM frameworks<br />
45 Evacuation Planning in the Premier League<br />
The re-development of Stoke City FC’s bet365 Stadium takes full<br />
account of planning for fire safety and emergency evacuation<br />
48 The Security Institute’s View<br />
Will the lines dividing risk and resilience management continue<br />
to blur and lead to new thinking? Dr Risto Talas believes so<br />
50 In The Spotlight: ASIS International UK Chapter<br />
Rupert Reid states why, when it comes to counter-terrorism<br />
training, we must now shift the emphasis towards detection<br />
52 FIA Technical Briefing<br />
Alan Elder and Robert Thilthorpe target the all-important points<br />
to note in relation to gaseous fixed firefighting systems<br />
54 Security Services: Best Practice Casebook<br />
As Paul Harvey observes, by focusing on the enablers of<br />
effective collaboration it’s possible to deliver an outcome that<br />
shares Best Practice and enhances existing capabilities<br />
56 Cyber Security: Defending the Digital World<br />
58 Training and Career Development<br />
Richard Diston on career progression for security managers<br />
60 Risk in Action<br />
62 Technology in Focus<br />
65 Appointments<br />
The latest people moves in the security and fire business sectors<br />
24 Fighting Financial Crime: Culture is Key<br />
In the ongoing fight against financial crime, argues Tim<br />
Parkman, fostering a strong internal business culture is vital<br />
27 Total Recall<br />
Does your business have a product recall team in place? If not,<br />
there’s no time to spare. Jennifer Sillars outlines why<br />
30 The Future of Lone Worker Solutions<br />
Employers must provide a safe operational environment for lone<br />
workers. Craig Swallow focuses on today’s available solutions<br />
33 The Changing Face of Security Services<br />
Risk UK’s Guarding Supplement with contributions from Cardinal<br />
Security, Axis Security, CIS Security and Magenta Security<br />
68 The Risk UK Directory<br />
ISSN 1740-3480<br />
Risk UK is published monthly by Pro-Activ Publications<br />
Ltd and specifically aimed at security and risk<br />
management, loss prevention, business continuity and<br />
fire safety professionals operating within the UK’s largest<br />
commercial organisations<br />
© Pro-Activ Publications Ltd 2017<br />
All rights reserved. No part of this publication may be<br />
reproduced or transmitted in any form or by any means<br />
electronic or mechanical (including photocopying, recording<br />
or any information storage and retrieval system) without the<br />
prior written permission of the publisher<br />
The views expressed in Risk UK are not necessarily those of<br />
the publisher<br />
Risk UK is currently available for an annual subscription rate of<br />
£78.00 (UK only)<br />
www.risk-uk.com<br />
Risk UK<br />
PO Box 332<br />
Dartford DA1 9FF<br />
Editor Brian Sims BA (Hons) Hon FSyI<br />
Tel: 0208 295 8304 Mob: 07500 606013<br />
e-mail: brian.sims@risk-uk.com<br />
Design and Production Matt Jarvis<br />
Tel: 0208 295 8310 Fax: 0870 429 2015<br />
e-mail: matt.jarvis@proactivpubs.co.uk<br />
Advertisement Director Paul Amura<br />
Tel: 0208 295 8307 Fax: 01322 292295<br />
e-mail: paul.amura@proactivpubs.co.uk<br />
Administration Tracey Beale<br />
Tel: 0208 295 8306 Fax: 01322 292295<br />
e-mail: tracey.beale@proactivpubs.co.uk<br />
Managing Director Mark Quittenton<br />
Chairman Larry O’Leary<br />
Editorial: 0208 295 8304<br />
Advertising: 0208 295 8307<br />
3<br />
www.risk-uk.com
Premier Elite 64-W/64-W LIVE<br />
EXPANDABLE TO<br />
W<br />
I R E L E S S<br />
Z O N E S<br />
Wireless control panels expandable to 64 wireless zones<br />
Texecom has upgraded its flagship range of wireless control panels by adding two new high zone capacity models to replace<br />
previous, smaller zone capacity, wireless panels.<br />
In today’s connected world, there is no place for systems that inhibit upgrades or restrict additional devices. Security systems can<br />
offer so much more than basic security; increased security, monitoring, safety, perimeter protection and building automation all<br />
require systems that can support a large number and a wide range of devices. With the introduction of the Premier Elite 64-W<br />
and 64-W LIVE, Texecom is removing these limitations and allowing end users and installers to benefit from increased system<br />
capabilities.<br />
Product highlights include:<br />
• Increased zone capacity on Texecom’s Ricochet® enabled<br />
wireless panels<br />
• Replaces and consolidates Texecom’s wireless panel<br />
range to two models<br />
• Facilitates more devices per system to support increased<br />
security, safety and automation device requirements<br />
• 32 on-board wireless zones; expandable to 64 wireless zones<br />
• Available with or without built-in keypad<br />
• Contains Texecom Connect ‘ready’ V4.00 Premier Elite<br />
firmware<br />
• EN50131-1, EN50131-3, PD6662 Grade 2 Class II<br />
Texecom products are designed<br />
and manufactured in the UK
Editorial Comment<br />
More zones, more devices:<br />
Safety devices<br />
Increased security<br />
Building automation<br />
Perimeter protection<br />
Monitoring<br />
Shared Approach<br />
The Government’s Department for Exiting the European Union<br />
(EU) has set out its bold plans for arrangements that could<br />
ensure personal data would continue to move back and forth<br />
between the UK and the EU in the future in a safe and properly<br />
regulated manner. In the latest of a series of papers examining<br />
the UK’s future partnership with the EU post-Brexit, the<br />
Government has considered the case for a “unique” approach<br />
that could allow data to continue to be exchanged in order to<br />
ensure ongoing competitiveness, innovation and job creation.<br />
The document outlines in detail how the UK is considering an<br />
ambitious model for the protection and exchange of personal<br />
data with the EU that reflects the unprecedented alignment<br />
between British and European law and recognises the high data<br />
protection standards that will be in place at the point of exit.<br />
This would allow the UK to work more closely with the EU,<br />
providing continuity and certainty for the business community,<br />
allowing public authorities – including law enforcement<br />
authorities – to continue their close co-operation, protecting<br />
people’s data and privacy and providing for ongoing regulatory<br />
co-operation between UK and EU data protection authorities.<br />
These proposals are said to “provide a stable base” for the<br />
Government to deliver on its commitment to turn Britain into the<br />
“best and safest place” to be online.<br />
Matthew Hancock, the Minister for Digital, explained: “In the<br />
modern world, data flows increasingly underpin trade, business<br />
and all relationships. We want the secure flow of data to be<br />
unhindered in the future as we leave the EU. A strong future data<br />
relationship between the UK and the EU, based on aligned data<br />
protection rules, is in our mutual interest. The UK is leading the<br />
way on modern data protection laws and we’ve worked closely<br />
with our EU partners to develop world-leading data protection<br />
standards. This new position paper sets out how we think our<br />
data relationship should continue. Our goal is to combine strong<br />
privacy rules with a relationship that allows flexibility in order to<br />
give consumers and businesses certainty in their use of data.”<br />
Stewart Room (PwC’s global data protection legal services<br />
leader) responded: “The Government’s position paper makes it<br />
crystal clear that data protection is now a priority issue for the<br />
UK and its economy and in the ongoing fight against serious<br />
crime and terrorism. Successful delivery of the General Data<br />
Protection Regulation (GDPR) will be a critical part of the UK’s<br />
success after Brexit. With this in mind, the paper sends a clear<br />
message to all data controllers and data processors in the UK<br />
that they must embrace the requirements of the GDPR.”<br />
As the position paper has pointed out, it’s vital that the UK’s<br />
data regulator, namely the Information Commissioner’s Office<br />
(ICO), maintains an influential role post-Brexit. To this end, the<br />
ICO will require proper levels of investment if it’s going to be<br />
able to fulfil its vital resource-sharing requirements.<br />
One area that the position paper doesn’t tackle is the concern<br />
in parts of the EU that the UK’s domestic surveillance laws are<br />
challenging to EU data protection principles. The possibility of<br />
partial adequacy decisions could help overcome such concerns.<br />
Brian Sims BA (Hons) Hon FSyI<br />
Editor<br />
www.texe.com<br />
Sales: +44 (0)1706 220460<br />
December 2012<br />
5<br />
www.risk-uk.com
Corporate governance reforms announced<br />
to increase Boardroom accountability<br />
Business Secretary Greg Clark has set out the<br />
Government’s corporate governance reforms<br />
designed to enhance the public’s trust in<br />
business. Under these new Government reforms<br />
to Boardroom accountability, for the first time<br />
all listed companies will have to publish pay<br />
ratios between CEOs and their average UK<br />
workers. This move is aimed at enhancing the<br />
transparency of big business to shareholders,<br />
employees and the public alike.<br />
The Government’s bold package of corporate<br />
governance reforms includes the world’s first<br />
public register of listed companies where a fifth<br />
of investors have objected to executive annual<br />
pay packages. This new scheme will be set up<br />
in the Autumn and overseen by the Investment<br />
Association, a trade body that represents UK<br />
investment managers.<br />
In the coming months, the Government will<br />
introduce new laws to require:<br />
• around 900 listed companies to annually<br />
publish and justify the pay ratio between CEOs<br />
and their average UK workers<br />
• all companies of a significant size to publicly<br />
explain how their directors take employees’ and<br />
shareholders’ interests into account<br />
• all large companies to make their responsible<br />
business arrangements public<br />
Last year, the Prime Minister made it clear<br />
that the behaviour of a small number of<br />
companies had damaged the public’s trust in<br />
big business. Theresa May duly set out<br />
proposals designed to improve transparency<br />
and accountability and afford employees a voice<br />
in the Boardroom.<br />
Commenting on the reforms, Greg Clark said:<br />
“One of Britain’s biggest assets when it comes<br />
to competing in the global economy is our<br />
deserved reputation for being a dependable<br />
and confident place in which to do business.<br />
Our legal system, our framework of company<br />
law and our standards of corporate governance<br />
have long been admired around the world. We<br />
have maintained such a reputation by keeping<br />
our corporate governance framework under<br />
review. These latest reforms will build on our<br />
strong reputation and ensure that our largest<br />
companies are more transparent and<br />
accountable to employees and shareholders.”<br />
The Business Secretary will now seek to<br />
ensure employees’ interests are better<br />
represented at the Boardroom level of listed<br />
companies. Clark will ask the Financial<br />
Reporting Council – which sets high standards<br />
of governance through the UK’s Corporate<br />
Governance Code – to introduce a new<br />
requirement in the Code to achieve this.<br />
Under the Code’s ‘comply or explain’ regime,<br />
firms would have to either assign a nonexecutive<br />
director to represent employees,<br />
create an Employee Advisory Council or<br />
nominate a director from the workforce.<br />
Episodes of identity fraud soar to record levels in latest study by Cifas<br />
Cifas, the UK’s leading fraud prevention service, has released new figures showing that identity<br />
fraud has continued to rise at unprecedented levels during the first six months of 2017.<br />
A record 89,000 identity frauds were recorded, which is up by 5% from last year. Representing<br />
over half of all fraud recorded by the UK’s not-for-profit fraud data sharing organisation, 83% of<br />
identity frauds were perpetrated online.<br />
The latest figures from Cifas show that there has been a sharp rise in identity fraudsters applying<br />
for loans while also involving themselves in online retail, telecoms and insurance products.<br />
Although the number of identity fraud attempts against bank accounts and plastic cards has fallen,<br />
those episodes still account for more than half of all identity fraud cases.<br />
To carry out this kind of fraud successfully, fraudsters need access to their victim’s personal<br />
information such as name, date of birth, address, their bank details and with whom they hold<br />
accounts. Fraudsters access such detail in a variety of ways, from stealing mail through to hacking,<br />
obtaining data on The Dark Web, exploiting personal information on social media or through ‘social<br />
engineering’ (whereupon innocent parties are persuaded to give up their sensitive details to<br />
someone pretending to be from their bank, the police service or a trusted retailer).<br />
Simon Dukes, CEO of Cifas, explained to Risk UK: “We’ve seen identity fraud attempts increase<br />
year on year such that they’re now reaching epidemic proportions, with identities being stolen at a<br />
rate of almost 500 every day. These frauds are taking place almost exclusively online. The vast<br />
amount of personal data that’s now available either online or through data breaches is only making<br />
it easier for the fraudsters.”<br />
6<br />
www.risk-uk.com
News Update<br />
“Employees pose greatest EU GDPR<br />
compliance risk” highlights latest<br />
Bluesource study<br />
Six-in-ten organisations view their employees<br />
as the biggest threat to successful EU General<br />
Data Protection Regulation (GDPR) adherence,<br />
while four-in-ten believe that their current IT<br />
systems could also pose compliance risks.<br />
That’s according to a GDPR awareness survey<br />
conducted by Bluesource.<br />
The study also highlights that, even though<br />
half (50%) are taking steps to prepare for<br />
GDPR compliance, nearly a third (30%) still<br />
believe that the new rules will not affect them.<br />
One fifth (20%) are not sure what to do next.<br />
Over 80% of respondents stated that, with<br />
the deadline for EU GDPR compliance rapidly<br />
approaching, they’re facing a major challenge,<br />
including increased security and governance<br />
around cloud environments such as Office 365<br />
and shadow IT. 80% of those surveyed feel<br />
that ‘Big Tech’ vendors have a responsibility to<br />
ensure that their own systems will meet the<br />
GDPR’s requirements, as well as those of their<br />
customers, but are unsure as to how this will<br />
be achieved in practice.<br />
The increased financial impact of fines and<br />
the expected frequency of their enforcement is<br />
a major concern for most of those surveyed.<br />
An overwhelming 90% indicated that a noncompliance<br />
fine would result in reputational<br />
damage for their organisation and a loss of<br />
trust among customers, suppliers and staff.<br />
Data breaches are already the second<br />
greatest cause of concern for business<br />
continuity professionals and, once this new<br />
legislation comes into force, bringing with it<br />
higher penalties than already exist, this level<br />
of concern is only likely to increase.<br />
Organisations need to make sure they’re<br />
completely aware of the requirements of the<br />
GDPR, and also make certain that their data<br />
protection processes are robust enough to<br />
meet these requirements.<br />
On a more positive note, 45% of those<br />
surveyed have already nominated a member of<br />
a specific departmental function – including<br />
legal, compliance and IT security – to be solely<br />
dedicated to privacy and GDPR initiatives.<br />
However, 20% haven’t considered selecting a<br />
nominated individual as yet, while 35%<br />
suggest that finding a suitably qualified and<br />
experienced individual will be a challenge.<br />
Sean Hanford, information governance<br />
consultant at Bluesource, commented: “Our<br />
research across UK organisations indicates<br />
that a gap remains between EU GDPR<br />
awareness and action. There must be a swift<br />
attitude change towards data protection. Staff<br />
clearly require better skills such that they can<br />
become more data savvy.”<br />
Her Majesty’s Inspectorate of<br />
Constabulary’s remit extended by<br />
Home Office to encompass Fire and<br />
Rescue Services<br />
Building on the experience of Her Majesty’s<br />
Inspectorate of Constabulary (HMIC) in<br />
inspecting and reporting on the efficiency and<br />
effectiveness of all police forces in England<br />
and Wales, Nick Hurd (Minister for Policing<br />
and the Fire Service) has announced that it<br />
will now extend its responsibility and also<br />
inspect Fire and Rescue Services in England.<br />
In order to reflect this new programme of<br />
inspections, HMIC will change its name to Her<br />
Majesty’s Inspectorate of Constabulary and<br />
Fire and Rescue Services (HMICFRS) and<br />
expand to become a fully-integrated<br />
inspectorate for the police and Fire and<br />
Rescue Services. HMICFRS will have a new<br />
logo to reflect its new identity.<br />
Her Majesty’s Chief Inspector of<br />
Constabulary, Sir Thomas Winsor (pictured),<br />
said: “This marks a momentous chapter in the<br />
160-year history of HMIC. We will draw on our<br />
experience of inspecting and reporting on<br />
police forces to develop a framework to assess<br />
the efficiency and effectiveness of the 45 Fire<br />
and Rescue Services in England. In the same<br />
way that police officers run towards situations<br />
that others would instinctively avoid, the<br />
events of recent times remind us all about<br />
exactly how much we rely upon the bravery<br />
and professionalism of our firefighters. I pay<br />
tribute to their courage.”<br />
Sir Thomas will be appointed Her Majesty’s<br />
Chief Inspector of Fire and Rescue Services, in<br />
addition to continuing in his role as Her<br />
Majesty’s Chief Inspector of Constabulary. Her<br />
Majesty’s Inspector Zoë Billingham will act as<br />
the lead for the inspection programme. Each<br />
HMI will have responsibility for a number of<br />
Fire and Rescue Services.<br />
Nick Hurd explained: “Creating an<br />
inspectorate for Fire and Rescue Services in<br />
England will support the continuous<br />
improvement of this critical public service to<br />
make sure that it’s as professional, effective<br />
and efficient as possible. It will also ensure<br />
that, where problems are identified, actions<br />
can be taken by the Fire and Rescue Services<br />
to overcome them. I’m confident that HMIC<br />
will hold Fire and Rescue Services to the<br />
highest standards possible.”<br />
HMICFRS inspections will be specifically<br />
designed to promote improvements.<br />
7<br />
www.risk-uk.com
Protect what’s most valuable<br />
Avigilon Appearance Search video analytics technology is a sophisticated<br />
deep learning artificial intelligence (AI) search engine for video data. It sorts<br />
through hours of footage with ease, to quickly locate a specific person or<br />
vehicle of interest across an entire site.<br />
Avigilon Appearance Search technology can dramatically improve incident<br />
response time and enhance forensic investigations by allowing operators to<br />
build robust video evidence and create a powerful narrative of events.<br />
• Improves incident response time<br />
• Enhances forensic investigations<br />
• Accurately provides search results<br />
• Easy to learn and use<br />
Learn more at avigilon.com/Appearance-Search<br />
© 2016-2017, Avigilon Corporation. All rights reserved. AVIGILON, the AVIGILON logo, AVIGILON APPEARANCE SEARCH and TRUSTED SECURITY SOLUTIONS are trademarks of Avigilon Corporation.<br />
Other names or logos mentioned herein may be the trademarks of their respective owners.
News Analysis: British Standard 8593 for Body-Worn Video<br />
British Standard 8593:2017 focusing on body-worn<br />
video cameras backed by industry<br />
British Standard 8593 delivers a common<br />
framework to boost public trust in the<br />
understanding of where and when bodyworn<br />
video can be employed, with the<br />
document providing technical and operational<br />
recommendations for its appropriate and<br />
proportionate deployment and use.<br />
The new British Standard was drawn up to<br />
address a gap in guidance due to the<br />
differences between the use of CCTV and bodyworn<br />
video, and also with a view to avoiding<br />
any repeat of the privacy concerns associated<br />
with the widespread roll-out of the former. The<br />
UK is widely believed to be the most surveilled<br />
state in the world.<br />
BS 8593:2017 covers planning and<br />
operational recommendations, outlining the<br />
need for body-worn video’s deployment to be<br />
based on legitimate reasons, and particularly<br />
so in terms of undertaking those all-important<br />
privacy impact assessments.<br />
Anne Hayes, head of market development for<br />
governance and resilience at the BSI,<br />
explained: “During the development of BS<br />
8593, it was agreed that public confidence in<br />
the operation and management of body-worn<br />
video was and is critical. Balancing safety,<br />
security and privacy matters is a central<br />
concern. The involvement of both security and<br />
privacy groups shows that British Standards<br />
can deliver industry consensus by aligning<br />
agendas to the public benefit. Body-worn video<br />
has an advantage as a security device in terms<br />
of providing the end user with a sense of<br />
protection. It’s a second pair of ‘eyes and ears’<br />
should something go wrong.”<br />
Tony Porter QPM LLB, the Surveillance<br />
Camera Commissioner, added: “I’m absolutely<br />
delighted to support the new British Standard<br />
and acknowledge the excellent work which has<br />
been undertaken to deliver it in such short<br />
timescales. As the use of body-worn cameras<br />
proliferates, so they become more and more<br />
ingrained as an intrusive capability in the daily<br />
lives of citizens. The important and<br />
fundamental balance of preserving the rights of<br />
citizens while keeping our communities safe<br />
and secure is at the heart of the Home<br />
Secretary’s Surveillance Camera Code of<br />
Practice which, of course, I regulate. The<br />
principles within that Code are resident at the<br />
very heart of the new British Standard and I<br />
commend its introduction.”<br />
With body-worn video cameras now widely adopted by<br />
councils and police services across the UK, and in direct<br />
response to concerns over data security and privacy, a new<br />
British Standard (BS 8593:2017 Code of Practice for the<br />
Deployment and Use of Body-Worn Video) has been<br />
developed in conjunction with security and privacy groups<br />
including the Home Office, the Metropolitan Police Service<br />
and Big Brother Watch*. Brian Sims reports<br />
Legitimate deployment<br />
Examples of the legitimate deployment of bodyworn<br />
video cameras can include:<br />
• Safeguarding employee safety and security<br />
where a given end user of body-worn video may<br />
be at risk of physical or verbal attack or is<br />
otherwise working in a hazardous environment<br />
• As a deterrent if the device wearer is involved<br />
in policing or controlling an environment which<br />
people could try to disrupt<br />
• Evidence capture if the body-worn video user<br />
is involved in a role where they might witness<br />
or investigate criminal activity, and where<br />
capturing visual or audio evidence could assist<br />
with future legal proceedings<br />
• Promoting transparency where device wearers<br />
(such as bailiffs or parking wardens, for<br />
example) regularly encounter complaints<br />
• Capturing data to use in process improvement<br />
or training (identifying learning opportunities)<br />
Device recommendations such as<br />
functionality, weight, image quality and<br />
Tony Porter QPM LLB:<br />
Surveillance Camera<br />
Commissioner<br />
9<br />
www.risk-uk.com
News Analysis: British Standard 8593 for Body-Worn Video<br />
*Organisations involved in<br />
the development of BS 8593:<br />
Association of Security<br />
Consultants, Big Brother<br />
Watch, the British Security<br />
Industry Association, the<br />
Home Office, the Information<br />
Commissioner’s Office, the<br />
Metropolitan Police Service,<br />
the National Police Chiefs’<br />
Council, the National Security<br />
Inspectorate, the Security<br />
Industry Authority, the<br />
Security Systems and Alarms<br />
Inspection Board and<br />
Transport for London.<br />
In an individual capacity,<br />
IndigoVision, Edesix and<br />
SoloProtect were also<br />
involved in BS 8593<br />
encryption are all covered in BS 8593. A<br />
separate clause focuses on data management<br />
and security including data integrity, audit<br />
trails, storage and sharing redaction.<br />
Training for device wearers and data handlers<br />
as well as general operator guidance is<br />
provided in the British Standard, along with a<br />
dedicated clause covering monitoring,<br />
escalation and response as agreed with the<br />
system owners.<br />
The British Standard is applicable to bodyworn<br />
video users and system owners as well as<br />
the suppliers and procurers of solutions.<br />
Examples of where body-worn video systems<br />
might be used include by the Emergency<br />
Services and for taxi marshalling, warden<br />
schemes, security guarding, parking<br />
enforcement and door supervision.<br />
Empowerment for police officers<br />
New research has revealed widespread support<br />
among front line police officers for body-worn<br />
video cameras, with officers finding their use<br />
“empowering”. The independent study,<br />
conducted by criminologists at London<br />
Metropolitan University, looked at officers’<br />
attitudes towards the technology during trials<br />
with the City of London Police. The police<br />
officers involved in the study were interviewed<br />
both before and after the trial to identify any<br />
shifts in attitude towards the technology.<br />
The research discovered that 83% of police<br />
officers feel body-worn cameras should be<br />
adopted, with one adding that such cameras<br />
are “the best piece of kit” they’ve used. The<br />
report, entitled ‘Trialling Body-Worn Video<br />
Cameras for the City of London Police:<br />
Perceptions and Justice Outcomes’, also states<br />
that more than 90% of officers believe such<br />
cameras will assist with evidence gathering.<br />
Lead author Dr James Morgan from London<br />
Metropolitan University said: “Contrary to many<br />
assumptions regarding ‘cop culture’, the<br />
officers surveyed and interviewed for this study<br />
were very progressive in their approaches to<br />
this new technology. They want greater<br />
accountability and oversight. They believe in<br />
their own policing practice and wish this to be<br />
recorded. The findings also point to a particular<br />
context in policing where officers’ actions are<br />
often scrutinised by members of the public who<br />
are armed with their own recording equipment.<br />
The participants in this study wanted their own<br />
footage to counter negative portrayals of the<br />
police which might be found on social media, in<br />
turn having their perspectives and experiences<br />
better understood by the wider public.”<br />
Morgan added: “Police officers are mainly<br />
positive about this technology, and most<br />
notably so in the hope it will reduce spurious<br />
complaints and give the police the opportunity<br />
to show the pressures under which they work.”<br />
Reducing assaults<br />
Another interesting finding is that officers<br />
believe the presence of a camera has a positive<br />
and calming effect on confrontational<br />
situations. Morgan commented: “As well as<br />
reducing complaints, it’s hoped that this<br />
technology will reduce the time officers spend<br />
preparing evidence for court, increase guilty<br />
pleas and contribute towards a reduction of<br />
assaults perpetrated on police officers.”<br />
Second author Dr Dan Silverstone, who now<br />
works at Liverpool John Moores University,<br />
added: “The findings are particularly important<br />
because they address the stereotype that<br />
police officers often face. Body-worn video<br />
cameras will play a significant role in improving<br />
police legitimacy and enhancing public safety.<br />
At the time of the study, there were issues to be<br />
addressed in terms of ensuring that the<br />
evidence from the cameras was compatible<br />
with the Crown Prosecution Service’s own<br />
systems. When these issues are resolved,<br />
evidence from the cameras will increase the<br />
speed and success of prosecutions.”<br />
The idea of body-worn cameras in policing is<br />
relatively new, with the first cameras being<br />
tested back in 2005.<br />
Increasing confidence<br />
Chief Superintendent David Lawes from the City<br />
of London Police observed: “We’re confident<br />
that the continued use of body-worn video<br />
cameras will help us to build on our efforts to<br />
bring policing in the Square Mile into the 21st<br />
Century, while also increasing confidence in our<br />
officers and the difficult job they do.”<br />
Lawes went on to comment: “These cameras<br />
already play an important role in our policing<br />
regime as the mere presence of this type of<br />
solution can often prevent potentially volatile<br />
situations from escalating.”<br />
**See also this month’s<br />
dedicated feature on Lone<br />
Worker Security and Safety<br />
authored by SoloProtect’s<br />
managing director Craig<br />
Swallow (pp30-31)<br />
“Device recommendations such as functionality, weight, image<br />
quality and encryption are all covered in the new British Standard. A<br />
separate clause focuses on data management and security including<br />
data integrity, audit trails, storage and sharing redaction”<br />
10<br />
www.risk-uk.com
They see a well secured airport.<br />
You see smart data to<br />
optimize traveler flow.<br />
Bosch empowers you to build a safer and more secure<br />
world. And with built-in video analytics as of the IP 4000<br />
cameras, we allow you to use video data for more than<br />
security alone. Like identifying interruptions and<br />
patterns in airport traffic.<br />
Find out more at boschsecurity.com<br />
+1<br />
People counting<br />
Queuing alarm<br />
Enforcing safety<br />
regulations
COIE Bristol 2017: Focusing on Smart<br />
Integration and Cyber Security Solutions<br />
The most recent<br />
Cortech Open<br />
Innovation Event,<br />
hosted at the Bristol<br />
Science Centre in July,<br />
afforded professionals<br />
from the building, fire<br />
and security sectors<br />
an educational insight<br />
into the latest smart<br />
integration<br />
techniques,<br />
technological<br />
advancements and<br />
cyber security threats.<br />
Brian Sims reports on<br />
the events of the day<br />
and also looks ahead<br />
to the COIE taking<br />
place in Glasgow later<br />
this month<br />
Reflecting on the COIE held in Bristol on<br />
Tuesday 18 July, Jason Blundell (head of<br />
sales at Cortech Developments) informed<br />
Official Media Partner Risk UK: “COIE Bristol<br />
once again afforded an opportunity for us to<br />
engage with a number of organisations and<br />
individuals at different levels to gain their<br />
perspectives on the challenges they face and<br />
also those confronted by the wider industry.”<br />
Blundell added: “In collaboration with our<br />
technology partners Bosch Security Systems,<br />
Harper Chalice, Paxton and Stentofon-Zenitel<br />
UK, we were able to address some of these<br />
challenges as part of the main demonstration<br />
and interactive technology groups. We were<br />
able to impart our combined knowledge to<br />
deliver value and advice on how to mitigate<br />
current and future security risks. The event also<br />
provided education and discussion around the<br />
threats posed to cyber security and how this<br />
can be addressed through a combination of<br />
people, processes and technology.”<br />
Among the gathering of building and security<br />
professionals, which included myriad<br />
consultants and end users, there was a positive<br />
perspective as to why the COIE events educate<br />
and add value in equal measure.<br />
“This Continuing Professional Development<br />
event provided an excellent opportunity to<br />
learn about the security industry,” explained<br />
Hasani Ade, electrical engineer at AECOM. “The<br />
expertise coupled with the live demonstration<br />
of market-leading technology enabled me to<br />
gain a deep understanding of the latest security<br />
products and advancements. I learned about<br />
monitoring systems, cyber security, data<br />
protection and threat mitigation through virtual<br />
environment modelling. From an engineer’s<br />
perspective, I can now better understand the<br />
intricacies of security systems and what’s<br />
required for the best protection of both<br />
property and assets.”<br />
Such views were shared by another COIE<br />
Bristol delegate, namely Ian Griffiths (associate<br />
at Hydrock). “The event was particularly<br />
engaging and beneficial with an excellent<br />
representation of the latest building and<br />
security technology,” enthused Griffiths. “The<br />
day’s content was complemented by a<br />
demonstration of integration techniques and<br />
the remote monitoring and control capabilities<br />
of software and hardware in combination.”<br />
Griffiths added: “We’re currently in the<br />
process of specifying security systems and their<br />
integration to satisfy user requirements for a<br />
large industrial facility in the UK. The COIE was<br />
particularly useful for meeting technology<br />
specialists from discrete fields who were able<br />
to explain the integration process and<br />
contribute towards our solutions. This was a<br />
very worthwhile experience that I would<br />
recommend to professionals within the building<br />
and security worlds.”<br />
Meanwhile, Mark Harris (senior electrical<br />
engineer at Capita) also found the experience<br />
to be beneficial. “The COIE featured excellent<br />
and enjoyable presentations which afforded<br />
new insights on current multiple technologies.<br />
As a building services engineer, it was<br />
interesting to understand the full capability and<br />
possibilities an integrated security solution can<br />
offer through live demonstrations.”<br />
Technology partners<br />
Attending technology partners at COIE Bristol<br />
have also offered their thoughts on the event.<br />
“The COIE provides educational value for<br />
security professionals and realises an open<br />
platform to discuss industry challenges,”<br />
explained Russell Baker, business development<br />
manager at Stentofon-Zenitel UK. “We’re able<br />
to come together as a group of technology<br />
providers and integration partners in order to<br />
impart our knowledge, both individually and<br />
collectively, on the discipline of risk mitigation,<br />
promoting discussion and engagement on<br />
many key topics.”<br />
12<br />
www.risk-uk.com
News Special: Cortech Open Innovation Events 2017<br />
The event experience was also well received<br />
by access control solutions developer Paxton.<br />
Anthony Searle (commercial manager at<br />
Paxton) observed: “This was the first time that<br />
Paxton had participated in a COIE. We were<br />
impressed by the organisation and professional<br />
approach of Cortech Developments. It was a<br />
unique event that brought together<br />
manufacturers, system end users and specifiers<br />
to discuss risk mitigation through innovation,<br />
integration and collaboration. The day<br />
showcased the latest market-leading solutions<br />
with an emphasis on simple integration,<br />
providing useful real world solutions for the<br />
everyday issues faced by the system user.”<br />
Cyber risk management<br />
As part of Cortech’s cyber security education<br />
agenda, COIE Bristol hosted a Keynote<br />
presentation from Steve Pilkington, technical<br />
director at IT security consultancy Italik. The<br />
presentation centred on the ten steps to cyber<br />
security management, which included advice on<br />
information risk management, secure<br />
configuration, network security, managing user<br />
privileges, user education and awareness,<br />
incident management, malware prevention,<br />
monitoring, removable media controls and<br />
home and mobile working.<br />
Pilkington, who boasts over 20 years’<br />
experience as an infrastructure and network<br />
security consultant, told Risk UK: “It was great<br />
to be part of, and be able to present at, such a<br />
respected industry event attended by many<br />
high-profile organisations. The COIE provided<br />
the perfect platform for education around cyber<br />
security and how this should be factored in as<br />
part of an organisation’s business and security<br />
strategies. The threat is real and the risk needs<br />
to be mitigated through strategic planning and<br />
a particular focus on staff training, vulnerability<br />
management and, importantly, being prepared<br />
and having an incident plan in place.”<br />
Returning to Glasgow<br />
The COIE Series returns to The Lighthouse in<br />
Glasgow (which proved to be an excellent<br />
venue last year) on Tuesday 26 September.<br />
Paul Spence, marketing and communications<br />
manager at Cortech Developments (the<br />
specialist risk mitigation company that provides<br />
integrated software solutions for high security<br />
environments and Critical National<br />
Infrastructure) explained: “The Lighthouse is<br />
Scotland’s Centre for Design and Architecture<br />
and lends itself perfectly to an event of this<br />
nature. It provides first class facilities for our<br />
live demonstrations, technology partner areas<br />
and interactive sessions. The feedback<br />
regarding the event and venue from visitors last<br />
year was extremely positive, so it made perfect<br />
sense to return this year.”<br />
Offering his thoughts on last year’s event at<br />
The Lighthouse, Eric Brunger (senior innovation<br />
analyst for SP Energy Networks) remarked:<br />
“The COIE was different to any events that I<br />
had attended in the past, providing a focus<br />
around the presentation of live events and<br />
actual scenarios that are highly relevant to our<br />
market. The speakers also provided added<br />
value in respect of education and learning. It’s<br />
this format that makes these events work.”<br />
The technology groups and live<br />
demonstration provided added value for<br />
another COIE Glasgow 2016 attendee, namely<br />
Stephen Fleming (physical security manager at<br />
The State Hospital). “The event in Glasgow was<br />
expertly organised with quality partners. These<br />
events are a great networking opportunity<br />
where you have the chance to discuss the<br />
different challenges present across the security<br />
sector. I thought the presentation focused on<br />
the mitigation of risk associated with the<br />
operation and management of multiple CCTV<br />
systems was extremely impressive.”<br />
Looking ahead to COIE Glasgow 2017, Jason<br />
Blundell provided an insight into a new topic<br />
that will be covered at the event. “We’ll be<br />
bringing into focus integrated workflow and<br />
emergency response. Response to critical<br />
events and different threat levels should follow<br />
clearly-defined processes irrespective of<br />
operator experience and have to be managed<br />
effectively to prevent escalation.”<br />
Delegates will also be afforded an insight<br />
into the EU’s General Data Protection<br />
Regulation (GDPR) compliance process and the<br />
management of a cyber security resilience<br />
roadmap thanks to a Keynote presentation from<br />
Scott Simpson, CEO of The Security Circle. As a<br />
certified GDPR and cyber security consultant,<br />
Simpson advises organisations on all aspects of<br />
GDPR compliance and cyber resilience.<br />
Cortech will be joined in Glasgow by four<br />
collaborating technology partners: Avigilon,<br />
Commend, Harper Chalice and Paxton.<br />
COIE Glasgow itinerary<br />
9.45 am: Arrival and Registration<br />
10.30 am: Welcome from Cortech Developments<br />
10.35 am: Industry Challenges in Focus<br />
10.50 am: Guest Speaker – Scott Simpson (CEO<br />
of The Security Circle) on the EU’s GDPR<br />
11.10 am: Live Software/Hardware<br />
Demonstration<br />
11.50 am: Luncheon<br />
12.15 pm: ‘Meet The Manufacturers’<br />
2.20 pm: Closing Statements<br />
Jason Blundell: Head of Sales<br />
at Cortech Developments<br />
If you’re an end user, security<br />
consultant or main contractor,<br />
join Cortech Developments<br />
and its partners at one of this<br />
year’s remaining events:<br />
• COIE Glasgow: 26<br />
September 2017<br />
• COIE Knutsford: 7<br />
November 2017<br />
Note that places are limited<br />
and will be allocated on a<br />
first come, first served basis.<br />
For more information visit<br />
www.coie.uk.com<br />
13<br />
www.risk-uk.com
ISO 22316: Preparing for Brexit<br />
With ISO 22316:2017<br />
Security and<br />
Resilience –<br />
Organisational<br />
Resilience – Principles<br />
and Attributes now<br />
upon us, John<br />
Robinson decided to<br />
apply his own test –<br />
focused on Brexit – in<br />
a bid to ascertain<br />
what’s of value in this<br />
document for security,<br />
risk and resilience<br />
professionals.<br />
Following on from last<br />
month’s initial<br />
discourse, the focus<br />
now turns towards<br />
areas including shared<br />
information and<br />
knowledge and<br />
support for continual<br />
improvement<br />
John Robinson MSc CEng FBCI:<br />
Managing Director of INONI<br />
14<br />
www.risk-uk.com<br />
Every day we’re faced with a barrage of<br />
Brexit-related news items of varying<br />
substance and credibility, many with the<br />
potential to influence or directly affect us and<br />
our relationship partners. Somehow we must<br />
process this media flow, deciding what’s real<br />
and what isn’t, but also second-guess how<br />
interested parties such as customers, suppliers,<br />
regulators and competitors may respond. The<br />
influence of fake news is an illustration of this.<br />
ISO suggests an organisation’s resilience will<br />
be enhanced when all available related<br />
knowledge is appropriately shared, analysed<br />
and applied. Maximising this for Brexit means<br />
that we might harness a wide, varied and<br />
credible range of relevant data and knowledge<br />
sources, define criteria to identify, validate and<br />
value what we collect, assign specialists to<br />
manage, analyse, add value and distribute it as<br />
information, use the information to update the<br />
context model for Brexit, use the model to<br />
trigger and fuel decisions and improve the<br />
Brexit strategy and share results across the<br />
business (and externally if/where applicable).<br />
Where Brexit’s concerned, and perhaps<br />
generally speaking, intelligence drives<br />
resilience. Clearly, we need to respond<br />
acceptably quickly to all kinds of change such<br />
that we’re not disadvantaged. This in turn relies<br />
on high-grade information, analysis, judgement<br />
and executive decision-making. It makes shared<br />
information an important attribute.<br />
ISO 22316 implies that resilience will be<br />
enhanced if the resources required to align with<br />
the organisation’s own resilience objectives are<br />
made available, including an allowance for<br />
adaptation. Aspects relating to people,<br />
premises, technology, finance and information<br />
will inevitably be part of the overall mix.<br />
For those who perceive little or no Brexitrelated<br />
threat, no specific action will be<br />
planned or dedicated resources required.<br />
However, for others, and particularly so in the<br />
UK and the EU, Brexit may be a headline item: a<br />
threat demanding a planned response.<br />
Where this is the case, it becomes a matter of<br />
ensuring the strategy is sufficiently resourced<br />
to be implemented as intended. Some checks<br />
you might wish to make are as follows:<br />
• does the strategy clearly define acceptable<br />
levels of business during Brexit?<br />
• do we know how Brexit changes will affect<br />
resourcing and how we’ll deal with it?<br />
• do we face Brexit-induced failures of supply<br />
and/or demand?<br />
• do we need to increase or reduce our capacity<br />
and can we do this acceptably?<br />
• do we need to diversify or replicate resources<br />
or build-in redundancy?<br />
• do we have the skills and abilities we need to<br />
respond acceptably?<br />
• do we have the inherent flexibility to redeploy<br />
and adjust in time?<br />
• do we look ahead, take account of change<br />
and anticipate what might happen?<br />
It’s tempting to put off resilience resourcing<br />
decisions for the obvious reason that they<br />
consume investment, but will yield no return if<br />
the planned-for situation fails to materialise. As<br />
a discipline, business continuity faces this<br />
dilemma on a frequent basis.<br />
Management disciplines<br />
Attribute 7 is all about the development and coordination<br />
of management disciplines. At first<br />
glance, this seems to be a classic catch-all<br />
statement of the obvious that says your<br />
resilience will be enhanced if you’re good at<br />
every management discipline. However, this is<br />
reasonable if you accept that any deviation<br />
from Best Practice or omission does indeed<br />
potentially leave a hole in your defences,<br />
implying a reduction in resilience. It’s clearly a<br />
valid and relevant indicator.<br />
Moreover, if you did this just as part of your<br />
response to Brexit, the benefits would be felt in<br />
(potentially) many other ways, improving<br />
resilience generally and making management<br />
more effective, efficient and communicative.<br />
With this in mind, and specifically for Brexit,<br />
you might consider engaging the 20 disciplines<br />
with a common purpose of enabling the Brexit<br />
strategy, adapting existing processes, roles and<br />
responsibilities so they interact efficiently,<br />
searching for and plugging any material gaps<br />
between disciplines (thus removing<br />
duplication), keeping the web of disciplines<br />
elastic (such that it can flex and adapt as Brexit<br />
demands change) and establishing<br />
communications and reporting such that all<br />
parties are kept informed and co-ordinated.<br />
Note that the 20 include disciplines such as<br />
asset management, crisis management,<br />
governance, fraud control and so on. Not all<br />
organisations will implement or recognise all of<br />
these disciplines. However, they will generally<br />
be present in some shape or form.<br />
The clause seems to sum up what BS 65000<br />
called ‘coherence’: the joining-up of related key<br />
disciplines into a collaborative resilient whole
Opinion: ISO 22316 Security and Organisational Resilience (Part Two)<br />
with no gaps or overlaps, rather than in<br />
relatively closed silos, creating an environment<br />
for Brexit and other major programmes.<br />
Continual improvement<br />
No organisation has faced Brexit before and it’s<br />
fair to assume that, while some larger firms’<br />
management systems architecture will<br />
accommodate it as just another major change,<br />
the experience will be very new for others. Most<br />
who decide to act in a structured way will<br />
establish a project whose remit and execution<br />
will evolve sporadically, improving only when<br />
driven to do so or when an idea emerges.<br />
Continual improvement is a mindset that<br />
accepts we can always do things better and this<br />
applies particularly to resilience. It means we<br />
systematically and intentionally keep improving<br />
the context model, quality of information and<br />
each of the other attributes listed.<br />
A simplified framework applying this for<br />
Brexit might include making innovation and<br />
improvement part of the strategy and habitual,<br />
regularly scanning for changes and<br />
accommodating them by adapting the strategy,<br />
planning improvements, assigning resources<br />
and making them happen and carrying out<br />
regular reviews while also monitoring what has<br />
been achieved against goals set.<br />
Change drives risk and resilience. If things<br />
didn’t change, equipment would never wear<br />
out, rainfall would be standard and Brexit<br />
wouldn’t happen. Some changes we can<br />
anticipate and plan for, others come out of the<br />
blue or must be imagined because they’re<br />
outside of our experience. In any case,<br />
anticipation and readiness is preferable. The<br />
degree to which we develop and systematise<br />
this will influence our adaptive resilience.<br />
As we’ve seen, Brexit is far from a<br />
straightforward change. It means we need a<br />
mechanism that ensures we’re not surprised or<br />
shocked by what it brings, leaving us wellplaced<br />
to respond and continue with business.<br />
Steps that we can take to build this adaptive<br />
capability might include regularly updating the<br />
context model and using it to look ahead while<br />
scanning for change, modelling change<br />
scenarios and developing response tactics for<br />
those that seem likely, exploring alternatives as<br />
well as ways to deliver on commitments, dual<br />
suppliers and diversifying, planning to respond<br />
and absorb the shock of unexpected<br />
announcements, influencing changes before<br />
and after they materialise and being ready to<br />
adapt without impacting delivery or<br />
compromising vision or core values.<br />
At the headline level, Brexit now seems a<br />
certainty. At almost every other level, though,<br />
the potential remains for surprise. No-one can<br />
be certain how it will unravel, either globally,<br />
nationally or at the organisation level. Our<br />
choices are to either move with the herd and<br />
hope to arrive intact or seize the initiative by<br />
becoming proactive, adaptive and influential.<br />
Contributory factors<br />
The nine attributes focused upon in Part One<br />
and in this month’s article tell us what we<br />
should expect of a resilient organisation. Part 6<br />
of ISO 22316 explains how we can evaluate<br />
these capabilities for ourselves and offers a<br />
governance framework with which to do this.<br />
Again, there’s little if any practical guidance<br />
here to help you decide on acceptable levels of<br />
attainment for each attribute, or a detailed<br />
explanation of how to bring about<br />
improvements in each as this must be<br />
determined by the host organisation.<br />
Apply this framework for Brexit and you<br />
derive a management system that converges on<br />
targets set by top management for each of the<br />
resilience attributes. It – ie the system – needs<br />
to be delivered by a programme or an existing<br />
compatible process that’s kept running for the<br />
duration of Brexit. Delivered as described, it<br />
should continually evolve to track Brexit’s<br />
changing shape and improve such that it aligns<br />
with the organisation’s Brexit-specific and<br />
general resilience objectives or success criteria.<br />
To make it work, you need to set your own<br />
attribute targets and thresholds and monitor<br />
and measure your performance against them.<br />
“Where Brexit’s concerned, and perhaps generally<br />
speaking, intelligence drives resilience. Clearly, we need to<br />
respond acceptably quickly to all kinds of change”<br />
15<br />
www.risk-uk.com
Apprenticeships: Striking The Balance<br />
Between Employers and Educationalists<br />
One of the key<br />
recommendations of<br />
the Richard Review of<br />
Apprenticeships<br />
(published in<br />
November 2012 during<br />
the 2010-2015<br />
Conservative and<br />
Liberal Democrat<br />
Coalition<br />
Government’s time in<br />
Parliamentary office)<br />
was that<br />
apprenticeship<br />
programmes should<br />
be employer-led, but<br />
what does this<br />
actually mean in the<br />
real world and why is<br />
it so important? Peter<br />
Sherry examines a key<br />
issue for the security<br />
business sector<br />
16<br />
www.risk-uk.com<br />
The Apprenticeship Levy funding scheme<br />
went ‘live’ on Monday 1 May and means<br />
that employers can draw down funds in<br />
order to pay for apprenticeship training. In<br />
order to qualify, though, employers have to<br />
agree to a number of rules, one of which states<br />
that they must provide ‘off-the-job’ training.<br />
This isn’t unusual, of course, but there remains<br />
some confusion in terms of how organisations<br />
will address this issue.<br />
That same month, the Association of<br />
Employment and Learning Providers (AELP)<br />
called upon the the Government to review its<br />
rules on apprenticeships’ ‘off-the-job’ training<br />
requirements. According to the Government’s<br />
guidance, employers must provide ‘off-the-job’<br />
training that makes up “20% of the apprentice’s<br />
contracted employment hours across the<br />
apprenticeship”. This effectively means that<br />
trainees must be allowed training time – to the<br />
equivalent of one day per week – within their<br />
normal working hours.<br />
Defending its position, the Government has<br />
stated that ‘off-the-job’ training doesn’t mean<br />
trainees have to receive instruction elsewhere<br />
(at a local college, for example), provided the<br />
training isn’t transacted as part of a trainee’s<br />
normal duties. For example, apprentices might<br />
spend time completing online training,<br />
attending role-play workshops or shadowing a<br />
colleague. Careful recording of such activity is<br />
necessary if employers are to evidence their<br />
ongoing commitment to the Apprenticeship<br />
Levy scheme.<br />
In its research findings, the AELP suggests<br />
that, in reality, more than one third of ‘off-thejob’<br />
training occurs at the trainee’s workstation,<br />
with only 13% taking place away from the<br />
workplace. As the 20% rule is currently nonnegotiable,<br />
some commentators feel there’s a<br />
genuine risk that employers will treat it as a<br />
‘tick-box’ requirement and the quality of<br />
training will subsequently decline.<br />
Still employer-led?<br />
Given the introduction of the 20% ‘off-the-job’<br />
training rule, then, is it the case that<br />
apprenticeships are still employer-led?<br />
Interestingly, the Education & Skills Funding<br />
Agency has published guidance on the 20%<br />
‘off-the-job’ training rule for new<br />
apprenticeships. Aimed at employers and<br />
providers, it clarifies the policy and provides<br />
some Best Practice guidance in terms of how<br />
this requirement should be met.<br />
Back in the day – and by that I mean in the<br />
Middle Ages through to the industrial era – the<br />
apprenticeship was pretty much always<br />
employer-led. To break into a decent trade<br />
meant the learner needed to sacrifice time. In<br />
essence, training was provided in exchange for<br />
effort. The learner studied under someone<br />
highly experienced (a ‘journeyman’) until he – it<br />
was typically a ‘he’ in those days, of course –<br />
became a ‘journeyman’ himself.<br />
For clarity, the word ‘journeyman’ has nothing<br />
to do with being able to travel as a worker. It<br />
emanates from the French word ‘journée’,<br />
meaning a period of one day and suggesting<br />
that work could be charged at a day rate.<br />
As the learner was working directly for the<br />
employer, the employer directly delivered the<br />
training. Indeed, there was often no curriculum.<br />
Individuals simply learned ‘on the job’. That<br />
being the case, the learning always supported<br />
the stated needs and aims of the employer.<br />
In more recent times, there has been a move<br />
away from this model, with outside suppliers<br />
being the ones who create and lead the<br />
learning process. This isn’t without benefit.<br />
Hopefully, the learning is being led by people<br />
who are specialists. Teaching is a skill in itself.<br />
Nine-time Olympic swimming champion and
Opinion: Apprenticeships in the Security Business Sector<br />
former world record holder Mark Spitz’s trainer,<br />
Sherman Chavoor, couldn’t swim and didn’t<br />
need to be able to do so in order to be one of<br />
the greatest swimming coaches of all time.<br />
Of course, the traditional apprenticeship did<br />
have its drawbacks. Learning wasn’t consistent.<br />
It differed from person to person. It took a lot<br />
longer to learn something than was often<br />
strictly necessary. The person teaching may<br />
have been a subject matter expert, but was<br />
unlikely to be an expert in teaching itself. The<br />
learner could end up being a ‘dogsbody’.<br />
Transfer of ownership<br />
As we witnessed a rise in formal education, so<br />
we saw a transfer of ownership of things like<br />
apprenticeships to local colleges and<br />
Government. This did bring positives.<br />
Principally, it created consistency and structure<br />
around learning. It also provided a good<br />
learning environment when not in the<br />
workplace itself, and duly allowed for the<br />
teaching of a wider range of supporting skills.<br />
However, this approach also had its<br />
drawbacks. It’s difficult for an outside<br />
institution – no matter how skilled – to remain<br />
connected with the ever-changing needs of the<br />
employer. Alterations in the business could<br />
take at least one curriculum cycle to integrate<br />
into the training. Learning can become too<br />
theoretical and less focused on delivering<br />
benefits to the business.<br />
Learning can also be too generic – ‘one-sizefits-all’<br />
rather than training someone to be<br />
exactly what’s needed. The NHS could use<br />
apprenticeships to help ‘bridge’ the skills gap,<br />
but can an already overstretched public service<br />
commit to 20% ‘off-the-job’ training?<br />
While offering greater ‘educational purity’,<br />
this was seen by many as being ‘two steps<br />
forward, one step back’.<br />
What the Richard Review of Apprenticeships<br />
firmly recommended was placing the employer<br />
back into the centre of the process. There are<br />
several benefits to be gained from this. The<br />
most obvious is that, whichever way you look at<br />
it, the employer is the key stakeholder. If<br />
employers want apprentices who have a deeper<br />
understanding of the business, then they’re the<br />
ones best placed to make that happen.<br />
This way of doing things also ensures that<br />
the curriculum is grounded in the reality of<br />
what the business needs (ie the stuff that<br />
matters). It also means simplifying what’s<br />
learned. There are fewer qualifications and<br />
everything’s focused on real world activities.<br />
This isn’t to say that learning bodies should<br />
be cut out of the process. There’s a real job to<br />
be done to ensure that sectors operate within<br />
common skills frameworks. Otherwise, it’s very<br />
much the case that individuals cannot move<br />
from job to job with ease.<br />
It’s also important that other skills are taken<br />
on board such that the individual isn’t just an<br />
automaton, but rather someone who can grow<br />
and develop a professional career. The entity in<br />
charge is the employer. Government should<br />
only be directing with a light touch.<br />
Best of both worlds<br />
This approach should deliver the best of both<br />
worlds, with the input of the employer and the<br />
educationalist more in balance to benefit both<br />
the employer and the learner. We’re seeing this<br />
happen in the security sector with the new<br />
Apprenticeship Standard for Fire, Emergency<br />
and Security Systems. This is driven directly by<br />
organisations within the sector working<br />
together with the backing of Government and<br />
the support of partners in education. By the<br />
very way in which this operates, it’s fully<br />
employer-led from the outset.<br />
During the early years of a previous<br />
Conservative Government I really did welcome<br />
(then) Prime Minister David Cameron’s speech<br />
when he visited a Training Academy in<br />
Buckinghamshire. Perhaps more than ever<br />
before, the strength of the Government’s<br />
commitment to apprenticeships was<br />
abundantly in evidence. The Prime Minister<br />
outlined in some degree of detail that he<br />
wanted apprenticeships to be ‘the new norm’<br />
and not just a valid alternative to studying for a<br />
degree, as well as being a route that could<br />
preface degree education.<br />
The Prime Minister’s speech outlined the two<br />
critical aspects of apprenticeships and preemployment<br />
training in which I’ve always<br />
believed. The first is the benefit to the country.<br />
As David Cameron stated at the time: “Britain’s<br />
in a global race. If we want to succeed in this<br />
global race, we have to invest in our Number<br />
One resource which is our people.”<br />
That’s absolutely spot on. We simply have to<br />
have the best skills in every UK sector.<br />
The second benefit is more personal and is<br />
that individuals benefit materially from<br />
learning. That’s equally spot on. Education is<br />
the key to unlocking not just one door, but<br />
potentially hundreds of them. Without training<br />
and skills, individuals can be marginalised and<br />
their options limited.<br />
Peter Sherry: Interim Director<br />
General of Skills for Security<br />
“There’s a real job to be done to ensure that sectors<br />
operate within common skills frameworks. Otherwise,<br />
individuals cannot move from job to job with ease”<br />
17<br />
www.risk-uk.com
The New Camera Line Mx6 Creates More Possibilities.<br />
More Images, in All Light Conditions, in Every Standard<br />
More Intelligence Is on the Way<br />
The new Mx6 6MP camera system from MOBOTIX offers increased performance.<br />
A frame rate that is up to twice as fast than that of other cameras allows it to capture<br />
quick movements even better and simultaneously deliver sharp images in MxPEG,<br />
MJPEG and, for the first time in H.264, the industry standard. The innovative Mx6<br />
camera line is faster, more flexible and higher-performing, opening up new application<br />
and integration opportunities for to you to meet all requirements.<br />
MOBOTIX AG • Langmeil, Germany • www.mobotix.com
BSIA Briefing<br />
With an estimated eight million lone<br />
workers operating in the UK – that is,<br />
people who work in isolation or without<br />
direct supervision, either on a regular basis or<br />
occasionally – and increasing awareness among<br />
employers of their Health and Safety and Duty<br />
of Care obligations towards such employees,<br />
the lone worker safety market is a growing one.<br />
The growth of that market here in the UK has<br />
largely been driven by two key factors: more<br />
and more robust Health and Safety legislation<br />
combined with the development of a high<br />
quality industry standard in the form of BS<br />
8484 Provision of Lone Worker Services – Code<br />
of Practice (more of which anon).<br />
The introduction of the Corporate<br />
Manslaughter and Corporate Homicide Act 2007<br />
into law on 6 April 2008 meant that, for the first<br />
time, organisations could be prosecuted for the<br />
death of a staff member as a result of<br />
management failures in relation to Duty of Care.<br />
Since that Act came into force, the number of<br />
cases and successful convictions has been<br />
steadily rising.<br />
Last year, the Sentencing Council released<br />
new guidelines relating to the sentencing for<br />
Health and Safety, food and corporate<br />
manslaughter offences. The previous starting<br />
threshold recommended for all corporate<br />
manslaughter convictions was £500,000, but<br />
under the new guidelines, a Category A (ie high<br />
culpability) offence committed by a large<br />
organisation begins at £7.5 million with a<br />
category range of between £4.8 million and<br />
£20 million. Smaller organisations with a<br />
turnover of between £2 million and £10 million<br />
can face up to £2.8 million worth of fines if<br />
found guilty of a Category A offence.<br />
As the lone worker safety market developed,<br />
leading suppliers were keen to introduce Best<br />
Practice guidelines and duly engaged with the<br />
police service and other key stakeholders to<br />
create BS 8484. First published in 2009, the<br />
British Standard dovetails with the National<br />
Police Chiefs’ Council’s (NPCC) own Security<br />
Systems Policy, enabling accredited suppliers<br />
to apply for Unique Reference Numbers with<br />
each police force, bypassing the 999 system to<br />
provide a faster level of police response for<br />
their clients’ emergency alarms.<br />
The British Standard was revised in 2011 and<br />
again last year, which saw major alterations<br />
such as the inclusion of lone worker Apps and a<br />
section dedicated to training. In its current<br />
iteration, BS 8484 represents the most allencompassing<br />
lone worker standard available<br />
in the world today.<br />
In the present day, employers and their staff<br />
are becoming more aware of lone worker safety<br />
Lone Worker Security:<br />
An Evolving Landscape<br />
Over the past few years, the lone worker safety industry has<br />
benefited from a huge number of technical advances,<br />
subsequently enabling more and more organisations in a<br />
wide range of industry sectors to better protect their<br />
employees. Here, Will Murray discusses some of the key<br />
developments in the market and outlines how UK companies<br />
are now very much at the forefront of lone worker safety<br />
services, the technology underpinning them<br />
and, indeed, lone working Best Practice. As a<br />
result, they have come to expect more<br />
sophisticated products and higher quality<br />
service levels.<br />
Benefits of lone worker solutions<br />
There are several reasons for this. First,<br />
suppliers and industry stakeholders – such as<br />
the British Security Industry Association (BSIA)<br />
– have worked hard to educate the wider<br />
market and publicise the benefits of<br />
implementing lone worker safety solutions.<br />
Second, successive UK Governments and the<br />
EU have implemented tougher Health and<br />
Safety and HR legislation/policies. This is<br />
against a backdrop of increasing terrorist<br />
events across Europe and some highly<br />
publicised violent attacks on employees by<br />
members of the public, as well as horrific, but<br />
preventable accidents in many sectors, all of<br />
which have exerted pressure on management<br />
to re-evaluate their security arrangements and<br />
place greater focus on staff safety.<br />
Will Murray: Chairman of the<br />
British Security Industry<br />
Association’s Lone Worker<br />
Section and Marketing Director<br />
at the Send For Help Group<br />
(encompassing Skyguard,<br />
Peoplesafe and Guardian24)<br />
19<br />
www.risk-uk.com
BSIA Briefing<br />
Finally, economic pressure on organisations<br />
has led to longer opening hours for businesses<br />
and more employees working on their own.<br />
With greater economic uncertainty ahead, and<br />
organisations under increasing financial<br />
pressure, it’s likely that even more individuals<br />
will be involved in lone working – either in fulltime<br />
roles, or at least during parts of their<br />
normal working day.<br />
While some organisations may view lone<br />
worker systems as an additional and potentially<br />
unnecessary expense, more and more are<br />
coming to realise that the consequences of not<br />
providing adequate safety systems for their<br />
members of staff can be disastrous.<br />
Additionally, more organisations are<br />
becoming aware of the other benefits that<br />
these systems can bring, among them improved<br />
staff morale, happier workforces which feel<br />
more valued by their employers and more<br />
efficient lone working methods thanks to the<br />
use of the latest technology which saves time<br />
for staff and management. Businesses are<br />
becoming more responsible and want to be<br />
perceived as such by their employees,<br />
customers, shareholders and the wider public<br />
as part of their brand values.<br />
Technology developments<br />
When looking at how lone worker safety and<br />
security technology might advance in the<br />
future, it’s important to examine how it has<br />
developed to date.<br />
There has already been a huge number of<br />
technical advances in this industry in the space<br />
of only a few years. There’s now a wide range of<br />
specialist devices boasting different features<br />
that make them suited to particular<br />
environments and job roles.<br />
As is the case with most technology<br />
products, devices have become more powerful<br />
but shrunk in size, making them more<br />
convenient to carry and, importantly for this<br />
market, far more discreet. Additionally, the<br />
proliferation of (and advances in) smart<br />
phones, Apps and accessories has enabled<br />
suppliers to offer end user customers a<br />
convenient alternative to carrying a separate<br />
device by building upon these platforms.<br />
There have also been improvements in terms<br />
of the central systems and server-side<br />
technology provided by suppliers. Bearing this<br />
“While some organisations may view lone worker systems<br />
as an additional and potentially unnecessary expense, more<br />
and more are coming to realise that the consequences of not<br />
providing adequate safety systems can be disastrous”<br />
in mind, we can expect that there will be more<br />
choice in the form and type of product that<br />
customers choose to carry with them, more<br />
convenient products, increased customisation<br />
and flexibility in services and the enhanced use<br />
of smart phone and tablet-based Apps.<br />
As is evident in any industry sector that’s still<br />
developing and evolving, there are challenges<br />
to be confronted both now and into the future.<br />
Organisations are gaining a greater<br />
understanding of the benefits of lone worker<br />
systems, but many still see them as<br />
unnecessary, only realising their true worth<br />
when a serious incident befalls a member of<br />
staff (by which point it’s often too late).<br />
Staff can also react negatively to the<br />
implementation of a lone worker system,<br />
seeing it as a way for management to ‘spy’ on<br />
them, or they can simply be resistant to<br />
changing their daily working habits.<br />
Some industry stakeholders have fully<br />
supported solution suppliers when it comes to<br />
educating the market and developing a British<br />
Standard, but there are a few key organisations<br />
who have been disinterested in terms of<br />
playing an active role.<br />
Many serious accidents and deaths could be<br />
prevented each year with robust lone worker<br />
procedures and systems in place, so every<br />
organisation from central Government right the<br />
way through to sole traders should be<br />
assessing what lone worker safety and security<br />
measures they have in place and, where<br />
appropriate, championing the cause.<br />
Issue of data security<br />
Another challenge facing all organisations, and<br />
particularly so those dealing with sensitive and<br />
personal information, is the issue of data<br />
security. With the enacting of the EU’s General<br />
Data Protection Regulation (GDPR) in May next<br />
year, the Government is clearly – and quite<br />
rightly – focused on this subject at present.<br />
Any reputable solution supplier that’s<br />
certified to BS 8484 will already have a series<br />
of safeguards in place to protect the data that<br />
they manage. This places our industry in a<br />
strong position for that point when the GDPR’s<br />
rules come into force.<br />
The BSIA’s Lone Worker Section has achieved<br />
a great deal since inception, using its expertise<br />
to collaborate with key stakeholders such as<br />
the NPCC and the British Standards Institution<br />
to develop a world-leading industry standard<br />
and raise awareness in the marketplace. As a<br />
result, lone worker safety solutions have gone<br />
from what were once regarded as being niche<br />
products and services to what are now viewed<br />
as essential pieces of safety equipment.<br />
20<br />
www.risk-uk.com
“<br />
MY PASSION IS<br />
PERFECTION IN EVERY<br />
FENCE I BUILD<br />
”<br />
Jacek Mierzwa, Welder, 12 years with Jacksons<br />
OUR PASSION<br />
IS YOUR SECURITY<br />
Whether designed to meet the<br />
specific needs of your project or<br />
chosen from our extensive range, all<br />
our perimeter security solutions are<br />
supported by seventy years of design<br />
and manufacturing expertise.<br />
www.jacksons-fencing.co.uk<br />
0800 953 3730<br />
Jacksons<br />
Fencing
Following on from Dr<br />
Philip Strand’s<br />
excellent article (‘ERM<br />
and ESRM: Can They<br />
Continue to Exist<br />
Independently?’, Risk<br />
UK, April 2017, pp20-<br />
21), Damien Pezza<br />
takes a different slant<br />
on the subject of risk<br />
management<br />
philosophies and<br />
delineates why a<br />
combined ESRM-ERM<br />
framework would<br />
allow the former to<br />
benefit from the<br />
latter’s internal<br />
control and risk<br />
measurement<br />
mechanisms<br />
Damien Pezza MSc FIHEDN<br />
FINHESJ: Security Consultant<br />
at CornerStone GRG<br />
Security for the Enterprise<br />
Since its inception back in the mid-1950s,<br />
the risk management industry has<br />
undergone several major paradigmatic<br />
changes. It has witnessed a progressive<br />
distinction between security management and<br />
risk management, as well as an increasing<br />
emphasis on the convergence of physical and<br />
information security.<br />
Innovations have included risk management<br />
approaches and frameworks such as Enterprise<br />
Security Risk Management (ESRM), a process<br />
that was developed in 2005 (with help from the<br />
Alliance for Enterprise Security Risk<br />
Management) by ASIS International, the<br />
Information Systems Auditing and Control<br />
Association (ISACA) and the Information<br />
Systems Security Association (ISSA).<br />
ESRM is a risk management “philosophy”<br />
that ASIS defines as a “process used to<br />
effectively manage security risks, both<br />
proactively and reactively, across an<br />
enterprise”. Not only does it encourage security<br />
practitioners to assess all types of security<br />
risks holistically (ie information, cyber,<br />
physical, asset management or business<br />
continuity), but also to engage directly with risk<br />
owners and corporate level decision-makers.<br />
Employees, departments, facilities, assets<br />
and their associated risks are increasingly<br />
connected. For this reason, ESRM asserts that<br />
only an integrated and cross-organisational<br />
approach to security has the potential to<br />
comprehend and deal with what the future<br />
holds. However, ESRM has met with its fair<br />
share of issues. It fails to properly emphasise<br />
how security risks can impact business risks<br />
and how assets facilitate the attainment of<br />
organisations’ overall objectives.<br />
Beyond the traditional<br />
First, let’s take a look at ESRM’s comparative<br />
advantages over Enterprise Risk Management<br />
(ERM) and then analyse its own shortcomings.<br />
Subsequently, the importance of bringing ESRM<br />
and ERM together in order to remedy the<br />
failings of both approaches will become clear.<br />
ESRM is distinguishable from traditional<br />
security approaches and previous risk<br />
management frameworks, namely ERM. ESRM<br />
argues that risk management is not only about<br />
securing assets and preventing losses, but also<br />
about bringing concrete and competitive value<br />
to an organisation and furthering its business<br />
objectives. Risks are not only a liability, but<br />
also an opportunity.<br />
Unlike ERM, which tends to focus on financial<br />
and economic components, ESRM places the<br />
emphasis on traditional physical security and<br />
risks to operational assets.<br />
ERM focuses on four ‘risk quadrants’,<br />
including strategic risks (ie reputation,<br />
macroeconomic and societal trends or<br />
competition risks), hazard risks (eg personnel,<br />
liability, property exposure or theft),<br />
operational risks (ie failures in processes,<br />
systems or controls) and financial risks (eg loss<br />
in capital, liquidity risk or market risk). ERM,<br />
though, has been criticised for its heavy focus<br />
on financial risks and for failing to properly<br />
comprehend the importance of physical<br />
security in risk management.<br />
Although physical risks might seem to relate<br />
to the ‘hazard risks’ quadrant of ERM, their<br />
effects extend far beyond this simple category.<br />
Offences committed by employees or outsiders<br />
(such as theft, assault or criminal damage)<br />
could have a serious impact on asset<br />
protection, not to mention the host company’s<br />
financial activities and its reputation in the<br />
outside world.<br />
ESRM differs from ERM and from more<br />
traditional task-based interpretations of<br />
security by viewing physical security as an<br />
aspect of an organisation’s overall risk profile.<br />
Back in 2010, ASIS International’s CSO Round<br />
Table published a White Paper on ESRM,<br />
showing that “traditional security issues are<br />
rarely the ones that are keeping security<br />
professionals awake at night”. Non-security<br />
risks such as database theft and economic<br />
concerns were the top worries. Security<br />
conceptualised as ‘guards, gates and guns’ has<br />
since become obsolete, making room for more<br />
holistic understandings of security and risk.<br />
Change in mentalities<br />
The emergence of ESRM and its adoption by a<br />
number of organisations and associations<br />
stands as proof of a change in mentalities, not<br />
only within the risk management industry itself,<br />
but also across industries in general.<br />
Security professionals, line managers and C-<br />
Suite leaders are now far more conscious of the<br />
necessity to go beyond the silo mentality and<br />
enhance lines of communication between risk<br />
managers and risk owners. Without pretending<br />
to supersede other risk management<br />
frameworks, ESRM strives to go beyond<br />
security convergence and stands ready to<br />
provide a direct link to ERM.<br />
22<br />
www.risk-uk.com
Enterprise Security Risk Management<br />
Despite its usefulness as a much-needed<br />
addition to the risk management industry, as<br />
stated ESRM isn’t without its flaws and its<br />
practical application has proven to be difficult.<br />
First, due to its deliberately holistic and<br />
universal character, ESRM fails to take into<br />
account the effects of organisations’ preexisting<br />
structures and cultures on risk and<br />
asset management. Each organisation is<br />
different, and taking these factors into<br />
consideration could help businesses avoid<br />
easily-predictable obstacles when<br />
implementing risk management strategies.<br />
It’s not uncommon for risk managers to<br />
encounter difficulties related to employee and<br />
managerial resistances to change, losses of<br />
motivation and involvement after the first<br />
stages and confusion about the relationships<br />
between risks and controls. ASIS’ 2010 White<br />
Paper also indicated that, when attempting to<br />
implement an ESRM strategy, CSOs and non-<br />
CSOs alike frequently run into a lack of funding,<br />
personnel, support from fellow staff members<br />
and the persistence of a ‘silo mentality’.<br />
Second, ESRM fails to fully address how<br />
physical security risks and business risks<br />
interact. It was designed to apply to all types of<br />
organisations, but non-profit and for-profit<br />
organisations are inherently different in terms<br />
of their outputs and approaches to ‘costeffective’<br />
products, services and, indeed, those<br />
outputs themselves.<br />
In the Harvard Business Review (2012),<br />
Kaplan and Mikes stated that “one size doesn’t<br />
fit all”. Contrary to the efforts of regulatory<br />
bodies and professional associations – such as<br />
ASIS International or the Committee of<br />
Sponsoring Organisations of the Treadway<br />
Commission (COSO) – ‘standardising’ the risk<br />
management function remains highly difficult.<br />
Consistent framework<br />
Finally, ESRM still lacks a consistent and<br />
codified framework, not to mention effective<br />
oversight, evaluation and performance<br />
measurement mechanisms.<br />
As has been mentioned in previous editions<br />
of Risk UK, ASIS designated ESRM as a global<br />
strategic priority at the end of last year, thus<br />
integrating its principles and philosophy into its<br />
professional certifications (ie the Certified<br />
Protection Professional, the Physical Security<br />
Professional and the Professional Certified<br />
Investigator). At present, it’s impossible to be<br />
officially ‘ESRM-certified’. On the other hand,<br />
certificates and courses exist for other risk<br />
management frameworks (for example, courses<br />
or post-graduate degrees in ERM are offered by<br />
several institutes and universities).<br />
The ‘proper’ implementation of ESRM still<br />
appears to depend somewhat heavily upon<br />
individuals’ initiatives and opinions. Despite its<br />
inception nearly a decade ago, many<br />
commentators still feel that ESRM has yet to be<br />
developed into a clearly-defined tool for<br />
organisational improvement.<br />
Given ESRM’s limitations, it would be entirely<br />
fair to question whether it deserves the<br />
attention it has received from CSOs and<br />
organisations such as ASIS International, ISACA<br />
and ISSA. It seems that it does, although not<br />
necessarily as an independent discipline. To<br />
survive as an independent model and bring<br />
greater value to organisations, ESRM might first<br />
have to shed its uniquely strategic and<br />
universal approach and then merge with ERM.<br />
ERM has demonstrated its applicability at the<br />
strategic, tactical and operational levels, as<br />
well as its ability to cope with change and<br />
evolve accordingly. In June last year, COSO<br />
released a draft update of its ERM integrated<br />
framework. This insists on the importance of<br />
strategic decision-making and the oversight of<br />
risk management by corporate management, as<br />
well as on the importance of organisational<br />
cultures. The draft also highlights the role that<br />
cultures, behaviours and attitudes towards risk<br />
play in the execution of risk management<br />
strategies themselves. It’s complimentary to<br />
ESRM, then, which lacks these emphases.<br />
“Given ESRM’s limitations, it would be entirely fair to<br />
question whether it deserves the attention it has received<br />
from CSOs and organisations such as ASIS International”<br />
23<br />
www.risk-uk.com
During the past few<br />
years, the UK has<br />
been enhancing its<br />
anti-money laundering<br />
and counter-terrorism<br />
and proliferation<br />
financing regimes. At<br />
the same time, casting<br />
the net beyond the<br />
financial community to<br />
encompass the entire<br />
private and public<br />
sectors, there have<br />
also been updates to<br />
the anti-corruption<br />
laws, with a new<br />
Bribery Act coming<br />
into force back in<br />
2011. In the ongoing<br />
fight against financial<br />
crime, argues Tim<br />
Parkman, fostering a<br />
strong internal<br />
business culture is<br />
absolutely vital<br />
Fighting Financial Crime:<br />
Culture is Key in UK plc<br />
The nexus between corruption and money<br />
laundering is becoming ever-more<br />
important. Since the World Bank estimates<br />
that US$1 trillion is paid in bribes each year to<br />
corrupt officials around the world – the<br />
International Monetary Fund suggests that<br />
figure is nearer to the US$2 trillion mark – and<br />
most, if not all, of that needs to be laundered<br />
through the financial and commercial system,<br />
the confluence of the two events is a timely<br />
reminder of the growing need for vigilance<br />
against financial crime generally within the<br />
UK’s business community.<br />
The laws in place today carry severe criminal<br />
penalties for proven wrongdoing, including<br />
heavy fines and, potentially at least, terms of<br />
imprisonment for executives. That being so,<br />
organisations need to establish robust internal<br />
mechanisms designed to detect and deal with<br />
wrongdoing. They must readily identify the<br />
training of staff as a core requirement.<br />
A number of high-profile money laundering,<br />
corruption and fraud cases over the years<br />
indicate that, while good systems and controls<br />
can go so far in avoiding legal and reputational<br />
catastrophes, they don’t usually lead you all<br />
the way there. To really succeed in up-front<br />
prevention, something else is required. This<br />
could be management determination, corporate<br />
culture, staff buy-in: a certain something or a<br />
combination of things hardly ever written down<br />
or handed out, but which means that the rules<br />
are applied de facto, day in and day out, in the<br />
business operations of the company.<br />
Looking back into the mists of time, Enron<br />
had a Code of Conduct in place. So, too, did<br />
Siemens, but that didn’t prevent the bankruptcy<br />
of the former and the public despoilation of the<br />
latter. Deutsche Bank and HSBC – both more<br />
recently the subject of huge financial penalties<br />
for weaknesses in their Anti-Money Laundering<br />
(AML) control frameworks – had AML policies<br />
and procedures in place. Either something went<br />
missing on the way to the front line or<br />
otherwise it was never there in the first place.<br />
How, then, can this ‘missing link’ be created?<br />
Focus on awareness<br />
Focusing on awareness on a continual basis is a<br />
key first stage in building the right corporate<br />
atmosphere. Awareness isn’t the same as<br />
training, although the two are often mentioned<br />
in the same breath. Awareness exists when<br />
everyone’s mind turns intuitively to a particular<br />
issue without the necessity for prompting.<br />
It doesn’t come about through an annual<br />
training session. Rather, it needs constant<br />
reminders and repetition of the same point<br />
made in different ways, generating interest and<br />
engagement until people automatically think<br />
“This is important, I need to be careful here…”<br />
Videos, e-mails, posters, hand-outs, special<br />
instruction days – all can be used to good<br />
effect. Only with awareness can whistleblowing<br />
(more of which anon) be truly effective.<br />
It’s important not to reward rule-breaking<br />
behaviour. Any organisation that’s serious<br />
about observing the laws on financial crime<br />
should devote attention to stamping out<br />
practices which put people in doubt about what<br />
the company’s ‘real’ policy is on this matter.<br />
Organisations have various options open to<br />
them as to how they might handle different<br />
combinations of outcomes from an employee’s<br />
performance in which he or she either meets or<br />
exceeds their targets and either ignores or<br />
observes organisational values in the process.<br />
If employees miss targets and ignore company<br />
values then you fire them, right? The opposite<br />
is true for those who hit their targets and abide<br />
by the rules. You reward or promote them.<br />
Perhaps underperformers could be coached<br />
and encouraged, but then exited from the<br />
24<br />
www.risk-uk.com
Bribery, Fraud and Corruption: Risk Mitigation Procedures<br />
business if they still cannot improve? After all,<br />
you have to hit your targets, don’t you? The<br />
acid test really centres on how your company<br />
treats employees who meet or exceed their<br />
targets, but who ignore the company’s values<br />
and break its rules on a selective basis. If you<br />
reward them, everybody is aware of the<br />
message that the rules don’t really matter.<br />
Rule-breaking must be punished, not rewarded.<br />
Coded encouragement<br />
Aware that stiff business targets may be more<br />
easily met if a few corners are cut here and<br />
there, some managers have been known to use<br />
phrases and terminology as forms of coded<br />
encouragement to subordinates to ignore the<br />
rules, without actually stating that it’s<br />
permissible to do so.<br />
“Who here has what it takes to meet these<br />
targets?”… “Are you brave enough to go out<br />
and grab these figures?”… “How many people<br />
in this room will do whatever it takes to get us<br />
over the line?”… These are all real examples<br />
related to me by people who were there. I once<br />
knew a Board director of a large UK company<br />
whose favourite phrase was: “Don’t bring me<br />
problems... Bring me solutions!” Depending on<br />
the context, when you say something like that,<br />
you should know that it can mean different<br />
things to different people.<br />
It’s unrealistic – as well as being totalitarian<br />
and unproductive – to try to control how people<br />
speak day-to-day, but it’s sensible to<br />
continuously remind managers of the need to<br />
communicate the requirement for integrity<br />
clearly and unambiguously and to back that up<br />
with firm action.<br />
Always track decision-making. This refers to<br />
ensuring that day-to-day business decisions are<br />
made properly and that everyone who’s<br />
supposed to have expressed a view, or who<br />
might be expected to express one, has that<br />
view – or their unwillingness to express one –<br />
recorded in reliable ways.<br />
While working in compliance, I learned never<br />
to be surprised by the lengths to which a few<br />
individuals would go to avoid giving ‘sign-off’<br />
on projects that were enticingly lucrative, but<br />
also worryingly risky. The implication was clear:<br />
by encouraging, but not formally endorsing<br />
them, they hoped to enjoy the benefits of<br />
success if things went well, but without any<br />
flecks of blood on their tunics if there were<br />
adverse legal or compliance issues at some<br />
point down the line.<br />
AML and anti-bribery rules and Best Practice<br />
require senior management to be involved in<br />
decisions about taking on and servicing high<br />
risk customers and markets. Companies need<br />
transparent, auditable decision-making<br />
procedures and protocols in place coupled with<br />
regular checks on the way in which they’re<br />
being operated to ensure that this happens.<br />
Encourage whistleblowers<br />
Encouragement for whistleblowers is absolutely<br />
vital. Whatever ‘it’ is, somebody in the<br />
organisation who’s not involved probably<br />
knows about it, or at least suspects something<br />
that could provide a crucial lead. How much<br />
money, time, pain, reputation and general good<br />
standing could have been saved in the world if<br />
all the people who knew about ‘it’ had come<br />
forward – and been dealt with appropriately -<br />
rather than keeping quiet, or being verbally<br />
abused and sacked as troublemakers?<br />
We’ll never know, but what we do know is<br />
that an effective whistleblowing hotline is three<br />
times better at exposing fraud and corruption<br />
inside an organisation than the next best form<br />
of ‘detective control’.<br />
Nobody wants to give priority to perpetual<br />
moaners about car parking spaces and alleged<br />
Human Resources shortcomings, but when it<br />
comes to the big stuff, this is something to<br />
which you must devote your attentions.<br />
The entire approach of senior management,<br />
and especially the Board, should be geared<br />
towards something which may seem counterintuitive<br />
at their stratospheric level: seeking out<br />
problems as much as they seek out<br />
opportunities. A common feature of corporate<br />
catastrophes is a failure to escalate in time.<br />
“Why weren’t we told about this sooner?” is a<br />
common enough refrain, but we already know<br />
the answer in lots of cases.<br />
Not enough senior individuals are<br />
uncomplicatedly accessible for the receipt of<br />
bad news and, because of that, not enough<br />
junior people are prepared to deliver it. The<br />
Board – and individual Board members in their<br />
specific areas – should actively look for the ‘red<br />
flags’ associated with corruption, fraud or<br />
money laundering with the same zeal as they<br />
would examine in fine detail a strategic<br />
acquisition or a major new market.<br />
Sharp increases in revenue, sudden changes<br />
of personnel or the swift – and profitable –<br />
removal of a Government ‘blockage’ in a key<br />
overseas market should be challenged and<br />
explained. Specialist training is merited here.<br />
Tim Parkman MA: Managing<br />
Director of Lessons Learned<br />
“Any organisation that’s serious about observing the laws<br />
on financial crime should devote attention to stamping out<br />
practices which put people in doubt about what the<br />
company’s ‘real’ policy is on this matter”<br />
25<br />
www.risk-uk.com
The premier fire safety show<br />
in the North of England<br />
Fire Safety North debuts at EventCity Manchester on 10-11 October and will help fire and safety<br />
professionals to achieve and maintain the very highest standards of fire safety management.<br />
Fire Safety North offers visitors the opportunity to:<br />
• Hear talks from an unparalleled line-up of key industry figures at our free to<br />
attend seminar theatres<br />
• Be the judge and jury in a mock trial on breaches under the Fire Safety Order<br />
• Enjoy breakfast on us at our breakfast briefings on passive fire protection and tall<br />
buildings<br />
• See the latest fire safety products and services from our range of exhibitors<br />
Fire Safety North is uniquely co-located with the well-established and widely respected Health &<br />
Safety North and will see more than 2,000 delegates in attendance.<br />
Get your FREE visitor ticket online today at www.firesafetyevents.com<br />
Co-located with<br />
Sponsored by<br />
Supported by
Crisis Management: Leadership in Product Recall Events<br />
During times of stress, a plan to turn<br />
towards is a comfort. The assumption is<br />
that the plan is created with clear heads<br />
and the luxury of informed decision-making<br />
from all relevant parties. The purpose of a<br />
defined product recall plan is to guide action.<br />
However, companies often find their recall plan<br />
to be too general and amounting to little more<br />
than a sample product recall plan that could be<br />
applicable to any business.<br />
There’s no point in having a plan if it’s not<br />
specific and actionable. A safety recall can have<br />
dangerous consequences if not dealt with<br />
swiftly. Ensure that valuable time isn’t wasted<br />
by defining the recall process beyond common<br />
sense headings. Set specific points of action by<br />
product or type of recall. Pre-determine<br />
priorities and timescales and make<br />
accountability of tasks clear. List all external<br />
stakeholders and what they need to be told and<br />
include important external stakeholders in<br />
planning such that they understand their role.<br />
Once the recall procedure is defined, the<br />
comprehensiveness of the plan can then be<br />
tested by training your recall team against it.<br />
Managing risk can be an endless task. Part of<br />
the planning process typically includes an<br />
exploration and documentation of all possible<br />
failures in the design, process, product or<br />
service. A cross-functional team is necessary<br />
for this exploration to be successful.<br />
Risks are live and sneaky. The likelihood and<br />
potential impact of a risk may be set at the<br />
start of the project, but you must keep a live<br />
and dynamic view of risks, their related risks<br />
and the domino effect of changing<br />
circumstances. The people involved in the<br />
original risk assessment are not likely to be the<br />
same as those who will spot the critical change<br />
in circumstance so it’s important to make it<br />
easy for people to report their concerns.<br />
At various points, reassess risks with fresh<br />
eyes and record the risk score against the<br />
original. Remain alert to emerging risk.<br />
Continually think about likely causes of recall<br />
and focus training around high risk aspects of<br />
your operations. Regularly reassess and update<br />
your risk registers and take product recall into<br />
account in change control. Make it easy for<br />
people to report their concerns and use risk<br />
severity and likelihood to prioritise both<br />
mitigation actions and training.<br />
The recall team<br />
Training your product recall team against the<br />
recall plan not only validates its usefulness, but<br />
also helps everyone involved to act decisively<br />
when time is of the essence. A product recall<br />
should be a rare occurrence so staff shouldn’t<br />
Total Recall<br />
We can all agree that exploding or fire-prone mobile phones,<br />
potentially life-threatening vehicle airbags and poisoned or<br />
otherwise contaminated food are best avoided. However, it’s<br />
sometimes the case that products do malfunction. What the<br />
manufacturers involved do about such situations determines<br />
how they’ll be judged by consumers. Does your business<br />
have a product recall team primed for action? If not, there’s<br />
no time to spare. Jennifer Sillars outlines precisely why<br />
be expected to know what to do without<br />
training and support.<br />
A product recall team must be set up prior to<br />
the need for a recall. From the plan you will see<br />
the stakeholders who must be involved, their<br />
priorities, the interdependencies and timelines<br />
for action. If relevant personnel – including<br />
external parties – are aware of what’s expected<br />
of them there will be no crossed wires or<br />
avoidance of responsibility. All parties will be<br />
focused on what’s most important (ie<br />
minimising harm to consumers).<br />
Front line staff dealing with complaints are an<br />
important early warning indicator of problems.<br />
The processes that front line staff work to are<br />
far removed from those around product or<br />
service creation and maintenance. If front line<br />
staff have a good understanding of the product<br />
and the risks for which those closer to the<br />
product are on high alert, they could diagnose<br />
and escalate emerging issues before any real<br />
damage is done.<br />
Regardless of the link between front line and<br />
behind the scenes operations, logging of<br />
Jennifer Sillars:<br />
Product Marketing Executive<br />
at Ideagen<br />
27<br />
www.risk-uk.com
Crisis Management: Leadership in Product Recall Events<br />
complaints so they can be profiled is a<br />
worthwhile task. By profiling complaints,<br />
patterns emerge that inform product<br />
improvement decisions and the true scale of<br />
low-level defects.<br />
For serious incidents, an investigation must<br />
begin into the actual cause. A fine balance of<br />
maintaining a positive relationship with the<br />
customer while assessing the culpability of<br />
complaints is a delicate task for which front line<br />
staff need to be prepared. Although well<br />
meaning, it helps no-one to assume that the<br />
customer’s story is the full story. What’s most<br />
important is ensuring that the incident doesn’t<br />
affect anyone else.<br />
Decisive response<br />
A swift and decisive response is required for<br />
any product recall, but it’s important not to<br />
panic or make the situation worse. Regardless<br />
of fault, it’s your company’s responsibility to its<br />
customers to show leadership in product recall.<br />
The response must be in line with the severity<br />
of the situation, demonstrate care and concern<br />
for consumers and be consistent throughout<br />
the incident.<br />
Safety concerns may instil panic in<br />
consumers, regardless of the actual level of risk<br />
posed. Communications must provide all the<br />
information required for consumers to<br />
understand the risk to them and guide them in<br />
how they should respond to the incident. Just<br />
as you cannot expect staff to know how to<br />
react, don’t expect consumers to understand<br />
how concerned they should be.<br />
If the risk is high, make this clear. On the<br />
other hand, if consumers are being agitated by<br />
media sources beyond the level of recall, keep<br />
your response measured. As long as it’s clear<br />
that your actions are in the interests of<br />
consumers, and not just profits, you can begin<br />
to build back any trust that has been lost.<br />
The recall response doesn’t just affect<br />
external parties. It’s easy to neglect normal<br />
operations during a product recall.<br />
Unfortunately, such short-sightedness only<br />
increases the risk of more going wrong as the<br />
focus is deflected from ongoing quality control<br />
of products currently being produced.<br />
After the recall is complete, audit the<br />
effectiveness of that recall. Capture Best<br />
Practice and lessons learned while the<br />
“A mixture of objective observers and those closest to the<br />
fault need to be involved in improvement discussions. The<br />
process owner has to be engaged and listened to if<br />
meaningful change is going to occur”<br />
experience is still fresh. This is common sense<br />
and widely adopted Best Practice. Reinforcing<br />
the need in product recall workflows is worth<br />
doing as the utter relief of the episode being<br />
over can make it difficult to motivate individuals<br />
to look back at what didn’t work so well.<br />
The problem often lies in actioning<br />
recommendations. A mixture of objective<br />
observers and those closest to the fault need to<br />
be involved in improvement discussions. The<br />
process owner has to be engaged and listened<br />
to if meaningful change is going to occur. Using<br />
their expertise, they’re able to assess feasibility<br />
of changes and the knock-on effect of those<br />
changes. Process owners also provide valuable<br />
insight into the background of recall reasons,<br />
and particularly where resourcing is an issue.<br />
Process owners should be built up into<br />
champions of improvement projects, rather<br />
than taking an accusatory approach. An audit<br />
alone will not stop reassurance. At the end of<br />
the day it’s people who drive change.<br />
Exerting control<br />
Product recalls are costly, damage reputations<br />
and make customers wary. The risk of product<br />
recall is often missed because manufacturers<br />
are earnestly focused on producing the best<br />
product they can. Quality and safety are built<br />
into the design so, when unexpected causes of<br />
recall slip in, they can be missed.<br />
Innocent mistakes can be hard to avoid, but<br />
when the mistake is due to a lack of training it’s<br />
avoidable. Any change in the process increases<br />
the likelihood of mistakes. Full training with<br />
easily accessible reference documentation is<br />
necessary to prevent staff from guessing the<br />
right course of action when they’re under<br />
pressure to keep to a production deadline.<br />
Internal staff are not the only unknown<br />
quantity. Most supply chains are becoming<br />
longer and more complex. Much trust is placed<br />
in suppliers. Once production is in motion<br />
there’s little control left to exert. A robust<br />
supplier approval process and setting clear<br />
expectations at the outset of the relationship<br />
are where you have the best chance of avoiding<br />
causes of recall.<br />
Product recall is a high stress situation that<br />
needs structure and teamwork in equal<br />
measure if it’s going to be tackled effectively.<br />
As a company, you must take ownership of the<br />
situation, regardless of the exact reason behind<br />
the need for the recall.<br />
During a product recall you’ll be under an<br />
unprecedented amount of scrutiny that requires<br />
a leader. Your internal team, suppliers and<br />
customers all need this leader to carefully<br />
guide them through the situation.<br />
28<br />
www.risk-uk.com
www.coie.uk.com<br />
Cortech Open<br />
Innovation Event<br />
The Lighthouse, 11 Mitchell Lane, Glasgow, Scotland, G1 3NU<br />
26 September 2017<br />
The Mitigation of Risk for Workplace Safety, High Security<br />
and Building Efficiency<br />
An event with a difference for end users, consultants and main contractors:<br />
Be educated, informed and better equipped to manage evolving building needs<br />
Keep abreast of the latest advances in security, fire and building control technology<br />
See technology in action as part of the live demonstration<br />
Discover the latest smart integration techniques<br />
Discuss industry challenges with fellow security professionals and technology experts<br />
Learn about GDPR compliance and cyber security resilience<br />
Attending Partners<br />
Cortech<br />
Developments<br />
Media Partner
The Future of Lone Worker Solutions<br />
It’s always important<br />
for any individual to<br />
consider their<br />
personal safety and<br />
remain vigilant at all<br />
times when working<br />
alone. Difficult<br />
situations can arise,<br />
with such unforeseen<br />
circumstances<br />
potentially having<br />
serious consequences.<br />
As Craig Swallow<br />
outlines, considering<br />
personal safety<br />
becomes particularly<br />
important when<br />
you’re in charge of a<br />
workforce and you<br />
have a moral and legal<br />
obligation towards<br />
your employees’<br />
safety and well-being<br />
30<br />
www.risk-uk.com<br />
It’s the responsibility of all employers to<br />
provide a safe working environment for their<br />
workforce, including those members of the<br />
business who work alone. Put plainly, this<br />
means that employers should do everything<br />
within their power to ensure all employees have<br />
the necessary tools in place that allow them to<br />
respond correctly to emergency situations.<br />
Currently, this involves appropriate training,<br />
thorough risk assessments, a comprehensive<br />
lone worker policy and a dedicated lone worker<br />
safety/security solution. There are a great<br />
number and variety of lone worker solutions<br />
available, ranging from dedicated lone worker<br />
devices to mobile phone applications. As in all<br />
walks of life, advances in technology – and<br />
adjustments to legislation – mean that these<br />
solutions must adapt and improve with time.<br />
Body-worn video systems are one of those<br />
technologies which has seemingly been<br />
deployed in volume within a very short time<br />
frame and without much fuss. In fact, to date<br />
around 600,000 body-worn video devices have<br />
been deployed, the majority of them in the<br />
USA, approximately 75,000 here in the UK and<br />
many tens of thousands throughout European<br />
markets. Over the course of the next five years,<br />
market analysts predict that deployed volumes<br />
will rise to almost three million devices.<br />
While many lone worker devices currently<br />
capture live audio which can be used for future<br />
use (such as admissible evidence in court<br />
proceedings, etc), it’s clear that a live video<br />
stream or the capture of visuals will – quite<br />
literally – offer a clearer picture of events. Live<br />
video allows for a faster emergency response if<br />
necessary and can prove more helpful should<br />
captured footage be used as part of a<br />
prosecution case. Therefore, body-worn video<br />
and the inclusion of video seems like the<br />
logical next step for lone worker devices.<br />
Video recording and storage<br />
As I’m sure you’re aware, there are many<br />
implications when it comes to the recording<br />
and storage of video data. Protecting and<br />
appropriately using this data is very important.<br />
With the European Union’s General Data<br />
Protection Regulation (GDPR) coming into effect<br />
in May 2018, such considerations take on an<br />
even greater importance.<br />
It has been widely publicised that the GDPR<br />
will generate a significant rise in the cost of<br />
poor data protection practices, with fines of up<br />
to 4% of domestic gross revenue being applied<br />
in the European courts. Therefore, how any<br />
business is using and storing data will come<br />
under intense scrutiny.<br />
Such is the degree of concern expressed by<br />
high-ranking individuals at the Home Office, the<br />
Information Commissioner’s Office and the<br />
Metropolitan Police Service about poor data<br />
protection procedures that a new British<br />
Standard – namely BS 8593: Code of Practice<br />
for the Deployment and Use of Body-Worn<br />
Video – has just been launched.<br />
For my part, I was fortunate enough to be<br />
asked to sit on the drafting committee for this<br />
important British Standard and have learned<br />
first-hand how serious the UK authorities are<br />
about making sure that all employers seeking<br />
to deploy body-worn video follow the guidance<br />
as laid out.<br />
The voluntary British Standard delivers a<br />
common framework designed to boost public<br />
trust in the understanding of where and when<br />
body-worn video can be used. It provides<br />
technical and operational recommendations for<br />
the appropriate and proportionate deployment<br />
and use of such video.<br />
The new British Standard was drawn up to<br />
address a gap in guidance due to the<br />
differences between the use of CCTV and bodyworn<br />
video, and also with a view to avoiding<br />
any repeat of the privacy concerns associated<br />
with the widespread roll-out of CCTV. BS<br />
8593:2017 covers planning and operational<br />
recommendations, outlining the need for body-
Lone Worker Security and Safety<br />
worn video’s deployment to be based on<br />
legitimate reasons, particularly in terms of<br />
undertaking a privacy impact assessment.<br />
Deployment scenarios<br />
At the core of BS 8593 is an implicit<br />
understanding that there are four different<br />
deployment scenarios, any one of which might<br />
be appropriate to an organisation seeking to<br />
deploy body-worn video. Each scenario<br />
considers how a body-worn video device shares<br />
and stores its data.<br />
Capturing evidence from body-worn video<br />
devices deployed on members of staff, and<br />
notably those working alone and/or out in the<br />
community, brings with it many other unique<br />
challenges. What if audio is recorded? What if<br />
other, non-incident related individuals are<br />
captured in the video? Is a recording allowed if<br />
it happens in someone’s home or on private<br />
property? These and many other questions will<br />
start to arise – and demand answers – as more<br />
and more deployment scenarios occur.<br />
Current body-worn video solutions tend to<br />
record video and store footage locally to the<br />
body-worn device. That data is then extracted<br />
from the device at a later point in time, typically<br />
to a docking station, by way of the removal of<br />
an SD card or by using a secure Wi-Fi<br />
connection to the employer’s network.<br />
In this current scenario, it’s evident that while<br />
useful visual evidence has been captured, its<br />
use can only occur at a later point in time and<br />
after any actual risk incident has passed. That<br />
being so, to deploy a current body-worn style<br />
device for a lone worker simply wouldn’t help<br />
with ensuring an immediate escalation in the<br />
event of an incident.<br />
Moving to a scenario where the video’s<br />
streamed in real-time via an appropriate<br />
cellular connection clearly provides an<br />
advantage in that it can be used immediately<br />
during an incident. It also helps benefit the<br />
operator based in an Alarm Receiving Centre<br />
(ARC) or Control Room in that they’re far more<br />
likely to be able to ascertain on a swifter basis<br />
the nature and severity of the episode, all of<br />
which further helps with the speed of incident<br />
management and ensures that low level or false<br />
alarm incidents are not passed to the police.<br />
Data protection issues<br />
The current scenario of recording locally to the<br />
body-worn video device brings with it some<br />
significant data protection challenges if, for<br />
example, the lone worker has an ability to view<br />
or replay the recordings made on the device,<br />
and specifically if non-incident related<br />
personal data is captured on that recording.<br />
To date, the majority of deployments of bodyworn<br />
video devices have involved police<br />
officers: individual workers who are honest,<br />
upstanding and able to follow instruction,<br />
process and rules. Even then there have been<br />
incidents whereby body-worn devices have<br />
been removed and stolen by assailants, thus<br />
introducing the potential for data breaches.<br />
If body-worn video devices are to become<br />
commonplace for other lone workers (ie those<br />
who are not police officers), then ensuring that<br />
those devices and their retained video data<br />
remain intact and are used correctly becomes a<br />
challenge for the employer. Moving to a model<br />
whereby the video is streamed live and not<br />
stored locally on the device will help in<br />
ensuring that all employers stick to the GDPR.<br />
One final observation for those employers of<br />
lone workers hoping to use video for when risks<br />
occur during engagement with clients, patients<br />
or service users in their own homes. The<br />
employer will need to make absolutely sure<br />
that there are very clear policy guidelines in<br />
place for those workers if and when they need<br />
to use video to record an incident. Recording<br />
needs to be warranted and the owner/occupier<br />
of the property pre-notified that recording<br />
could occur and under what scenarios.<br />
There must be an open book approach with<br />
clients/patients/service users that such<br />
technology is being used to ensure the safety<br />
of staff members entering personal property. If<br />
a recording occurs which is warranted then it<br />
must be clear to the recorded party that such<br />
recordings will be deleted and details given in<br />
terms of the timeframe for this procedure.<br />
Equally, if recordings are warranted –<br />
because an incident has occurred that causes<br />
concern for the safety of the worker – then it<br />
should be clearly noted that recording is taking<br />
place. Any non-incident related personal data<br />
captured as an aside must be redacted before<br />
that video is used or shared by the employer.<br />
Companies wishing to supply body-worn<br />
video systems need to be investing now in their<br />
ARCs, processes and personnel in order to<br />
ensure they’re better placed to assist their end<br />
user customers in making certain that video<br />
data is perfectly safe. They also need to be<br />
working to ensure that, if a body-worn video<br />
user’s personal safety is at risk, escalation of<br />
the incident in terms of summoning assistance<br />
is the fastest and most effective route possible.<br />
Craig Swallow: Managing<br />
Director of SoloProtect<br />
“The new British Standard 8593 was drawn up to address a<br />
gap in guidance due to the differences between the use of<br />
CCTV and body-worn video”<br />
31<br />
www.risk-uk.com
What plans do you have for<br />
emergency evacuation?<br />
As detailed in the Equality Act (2010) places of employment,<br />
<br />
<br />
<br />
So in the event of an emergency<br />
can you evacuate the mobility<br />
impaired safely?<br />
<br />
<br />
<br />
<br />
H<br />
The Evac+Chair is the World’s No.1<br />
Emergency Stairway Evacuation Chair<br />
0121 796 1427 FREE evacuation<br />
assessment www.evacchair.co.uk
The Changing Face of Security Services: Procurement<br />
Human Resources:<br />
The Finance Factor<br />
When procuring security guarding services, organisations need to ensure<br />
that the solution they choose is cost-effective, proportionate to the risks<br />
assessed and meets the needs of all parties. For the benefit of Risk UK’s<br />
readers, Cardinal Security’s sales and marketing director Kerinda Trigg<br />
recently chatted with leading procurement consultant Neil Birkbeck about<br />
the key considerations involved and how to arrive at the best outcome<br />
The Regulator for contracted guarding<br />
services in the UK is, of course, the<br />
Security Industry Authority (SIA). Security<br />
officers are required by law to hold an SIA<br />
licence. When focusing on procurement, end<br />
users must ensure that the company providing<br />
security solutions only uses licensed officers.<br />
The SIA also manages the voluntary Approved<br />
Contractor Scheme (ACS) for security guarding<br />
companies. ACS is a relevant factor in choosing<br />
your security guarding solutions provider.<br />
Member guarding companies of the British<br />
Security Industry Association are required to be<br />
inspected by an inspectorate that is itself<br />
United Kingdom Accreditation Services (UKAS)-<br />
accredited. Inspections of security businesses<br />
will focus on ISO 9001 and relevant British<br />
Standards. Ensure that the guarding company<br />
you choose for your security provision is<br />
inspected by a UKAS-accredited inspectorate.<br />
Where applicable, your selected guarding<br />
company should be working towards – or<br />
already have – the following British Standards<br />
embedded in its third party inspection regime:<br />
BS 7499, BS 7858 and BS 7984-1.<br />
In terms of financial probity, does your<br />
security guarding company have three years’<br />
worth of audited accounts under its belt,<br />
evidence of a PAYE scheme and VAT<br />
registration? When it comes to insurance,<br />
buying end users should look for evidence of,<br />
for example, employers, efficacy, public,<br />
wrongful arrest and loss of keys insurance.<br />
For his part, Neil Birkbeck is a procurement<br />
specialist boasting a proven track record in<br />
purchasing excellence through working with<br />
leading private sector companies including<br />
B&Q, Care UK, Johnson Controls, EMCOR, HCA<br />
International and BMI Hospitals.<br />
In essence, Birkbeck’s extensive expertise –<br />
gained over many years of operating in the<br />
procurement arena – helps clients when it<br />
comes to structuring the best possible options<br />
for indirect purchases.<br />
Kerinda Trigg: In helping us to understand<br />
the world of procurement, what do you<br />
believe to be the customers’ pain points?<br />
Neil Birkbeck: Procurement involves more than<br />
just the purchasing of products and services.<br />
Selecting vendors, establishing payment terms,<br />
strategic vetting, selection and the negotiation<br />
of contracts are all facets that can enable the<br />
best solution to be implemented.<br />
It’s no surprise that individuals at executive<br />
and Board level are more likely to identify cost<br />
reductions as a top challenge. This is in<br />
contrast to those charged with procurement,<br />
who will need to look at other factors such as<br />
matching capabilities with requirements and<br />
finding cost-effective suppliers who offer speed<br />
of response, good communication and ‘added<br />
value’. Buyers shouldn’t create a situation<br />
where there’s only short-term advantage to be<br />
gained rather than a long-term relationship.<br />
With security guarding, establishing a ‘like<br />
for like’ comparison between service suppliers<br />
can prove difficult. The industry is incredibly<br />
price competitive, so it’s important to work out<br />
a way in which to strip things back and<br />
establish the monetary figure a supplier keeps<br />
as profit. Then look at issues such as, for<br />
example, shift fulfilment. Is your chosen<br />
solution provider going to be able to ensure<br />
that adequately trained, knowledgeable and<br />
skilled people are on the ground at all times<br />
and not rely on agencies to fill positions?<br />
Kerinda Trigg: Focusing on procurement,<br />
what’s the best strategy to adopt for any<br />
security company selling its services?<br />
Neil Birkbeck: As a procurement consultant, I<br />
want an easy life. On that basis, my advice<br />
would be to make the whole process as simple<br />
as possible and keep it clear.<br />
Service providers should take the time to<br />
understand a potential client’s business, offer<br />
to make a site visit, talk to relevant parties and<br />
then make recommendations based on their<br />
Neil Birkbeck:<br />
Procurement Consultant<br />
33<br />
www.risk-uk.com
The Changing Face of Security Services: Procurement<br />
particular needs. This will assist with the tender<br />
submission and help explain credentials, while<br />
also ensuring that there’s no over-specification<br />
and, importantly, that people with the correct<br />
skills are deployed.<br />
It’s also vital to focus on the ability to deliver<br />
staff and have clarity of price.<br />
Furthermore, it’s a good idea to provide<br />
testimonials and Case Studies, while also not<br />
being afraid to offer references. This will<br />
highlight a security company’s confidence in its<br />
ability to deliver services, achieve objectives<br />
and meet any set Key Performance Indicators.<br />
Kerinda Trigg: What would your advice be to<br />
procurement managers purchasing security<br />
services? For example, is there a case for not<br />
compromising on service and quality for the<br />
sake of a cost-saving exercise?<br />
Neil Birkbeck: It’s worth bearing in mind<br />
there’s a great deal of truth in the old adage<br />
that suggests ‘if you buy cheap, you buy twice’.<br />
The key to an effective security solution is to<br />
develop a robust profile that considers the<br />
impact of all risks and threats on each and<br />
every aspect of a business, ensuring that<br />
there’s an appropriate balance between<br />
technology and Human Resources.<br />
Clearly, security services need to be costeffective<br />
and proportionate to the risks that<br />
have been assessed following the standard site<br />
survey procedures.<br />
As described earlier, there are a range of<br />
issues to consider before making a<br />
procurement decision and the skills, experience<br />
and ability of a service provider to offer high<br />
levels of contract fulfilment should be a<br />
prominent part of the buying criteria. The<br />
provider’s price should reflect what’s on offer.<br />
Kerinda Trigg: Do you think security services<br />
providers are doing enough to meet the<br />
various needs of customers in, for example,<br />
the retail sector?<br />
Neil Birkbeck: Some are, but others most<br />
certainly are not. There has been a distinct<br />
reluctance, or an inability, to move on from the<br />
‘cops and robbers’ mindset that has prevailed<br />
for decades, but some forward-thinking security<br />
services companies are reacting positively by<br />
providing operatives with more diverse skill<br />
sets – ones that better represent the changes in<br />
the retail sector.<br />
An ‘intelligent guarding’ approach combines<br />
technology, and the data produced by it, with<br />
those people who can deal with the outputs of<br />
these systems. Knowledge of counter-terrorism,<br />
loss prevention, report writing, behavioural<br />
analysis and profiling, Health and Safety, data<br />
and intelligence gathering, First Aid and an<br />
excellent understanding of customer service<br />
delivery is vital for the modern day security<br />
officer, as is the ability to work as part of a<br />
team with non-security personnel.<br />
Kerinda Trigg: e-auctions have become a<br />
popular way of procuring security services.<br />
Do you think they’re fair and do they ensure<br />
good value for the buyer?<br />
Neil Birkbeck: Warren Buffett, the great<br />
American entrepreneur, investor and<br />
philanthropist, once declared: “Price is what<br />
you pay. Value is what you receive.” When<br />
Buffet uttered these wise words it would be fair<br />
to assume that he didn’t have security guarding<br />
in mind, yet when it comes to purchasing such<br />
services, they’re perfectly apt.<br />
e-auctions have received a lot of bad press,<br />
with some of it perfectly justified. However, I<br />
think that, when used as just one facet of an<br />
overall tender process, they can be effective<br />
and fair and ensure that the customer does<br />
indeed receive good value for money.<br />
Rather than starting with an e-auction, I<br />
always carry out a tender along traditional lines<br />
albeit using an online tool. I ask questions,<br />
possibly visit the supplier on site, check the<br />
quality of its goods and services and ask for<br />
references. Eventually, we would reach the<br />
point at which my client has reviewed the<br />
results and is comfortable to use one of a<br />
number of the suppliers suggested. At that<br />
juncture, I discuss the benefits of an e-auction<br />
and, if the client agreed, I would invite only<br />
those potential suppliers to join in such a<br />
procedure. Now, it’s all about cost.<br />
To derive the best results, solution suppliers<br />
are made aware of their place in the pecking<br />
order, are aware as the process continues if<br />
things change and have a short period of time<br />
to improve their bid.<br />
The process may run for 30 minutes with a<br />
final sealed bid of five minutes where the<br />
suppliers are unaware of their final position. In<br />
practice, this means that the client can discount<br />
any supplier whose price looks to be too low.<br />
Kerinda Trigg:<br />
Sales and Marketing Director<br />
at Cardinal Security<br />
“The key to an effective security solution is to develop a robust profile<br />
that considers the impact of all risks and threats on each and every<br />
aspect of a business”<br />
34<br />
www.risk-uk.com
Multi award winning security service provider<br />
Supplying security services to Government Departments,<br />
Local Authorities, Blue chip companies and Worldwide organisations<br />
Services provided<br />
Manned Guarding Service<br />
Site Patrols<br />
Reception Duties<br />
Car Park Security Management<br />
Front of House Service<br />
Mobile Patrol Visits – Internal/External<br />
Mail Room Service<br />
Remote CCT Monitoring<br />
Banks Men<br />
Security Lodge/Gatehouse Duties<br />
0800 772 3786<br />
sales@magentasecurity.co.uk<br />
www.magentasecurity.co.uk
The Future of the Security Services<br />
Sector: Hanging in the Brexit Balance?<br />
More than a year after<br />
the UK voted to leave<br />
the European Union<br />
(EU), most of us in the<br />
security services<br />
industry are still<br />
wondering what Brexit<br />
will actually look like<br />
in the real world.<br />
David Mundell<br />
discusses what impact<br />
Brexit could have on<br />
the security guarding<br />
sector and how firms<br />
can continue to deliver<br />
high quality security<br />
services despite the<br />
challenges ahead<br />
The mantra ‘Brexit means Brexit’, a favourite<br />
of our Prime Minister Theresa May, actually<br />
doesn’t appear to mean anything at all. For<br />
those of us in the services sector, the impact of<br />
Brexit is perhaps different than it is for firms<br />
who manufacture ‘product’ or conduct<br />
international trade. We don’t export our ‘goods’<br />
and, therefore, don’t face the myriad questions<br />
focused on being in or out of the Single Market.<br />
We don’t have to wonder with whom we’ll be<br />
trading in the future and under what terms. Our<br />
‘product’ is, of course, people. That being so,<br />
and as is the case for many other service-led<br />
industries, the key concern around Brexit is<br />
centred on its impact relating to the availability<br />
of labour. Undoubtedly, this will be a significant<br />
challenge for companies such as our own.<br />
While we know there are plenty of challenges<br />
in front of us, it will be some time before we<br />
can ascertain the true cost of Brexit. The time is<br />
fast approaching when Britain officially leaves<br />
the EU. Government ministers are now agreed<br />
that there will be a transitional period. This is a<br />
sensible move that suggests the Government is<br />
planning to continue with freedom of<br />
movement rules for the interim months and<br />
years ahead.<br />
Hovering as we are on the edge of change,<br />
we can use this time to take a good look at our<br />
sector and its future needs, and attempt to<br />
work out how we might collaboratively protect<br />
it from any loss of inward migration.<br />
Despite the ‘Leave’ result realised by the EU<br />
Referendum vote and the uncertainty it has<br />
created, for now EU workers are still coming to<br />
Britain. Official figures released only last month<br />
by the Office for National Statistics tell us that<br />
the number of EU citizens working in the UK<br />
has hit a new record. There were an estimated<br />
2.37 million people from other EU Member<br />
States in employment here between April and<br />
June of this year. To put that into context, this is<br />
the highest number since comparable records<br />
began two decades ago. The figure is up by<br />
126,000 on the same period in 2016, which<br />
incidentally was at the time of the Brexit vote.<br />
EU workers appear to remain attracted to the<br />
UK, then – albeit that the strength of the pound<br />
is no longer so attractive – with net migration<br />
from the continent rising in the 12 months<br />
immediately following the Referendum.<br />
Interestingly, the Home Office has launched<br />
an independent review into the impact of EU<br />
migrants on the UK economy. The review, which<br />
will be carried out by the Migration Advisory<br />
Committee, will help the Government to plan<br />
how immigration will be controlled when the<br />
UK leaves the EU and is no longer bound by<br />
freedom of movement rules.<br />
Let’s hope that the Committee covers all<br />
areas of the UK economy in depth and that the<br />
Government listens to employers who are<br />
adamant the UK still needs inward migration.<br />
Recruitment difficulties<br />
Unemployment is still sitting at a record low<br />
figure and, when it comes to security services,<br />
finding and recruiting high-calibre, customer<br />
services-oriented officers is already a<br />
somewhat difficult task.<br />
The problem is partly of our own making. The<br />
best Security Industry Authority (SIA)-licensed<br />
officers are already employed and unlikely to<br />
move from company to company since they<br />
command a premium. Quality individuals are<br />
always in demand, regardless of the sector in<br />
which they operate. Quality employees in the<br />
36<br />
www.risk-uk.com
The Changing Face of Security Services: Brexit<br />
security industry, in particular, can pick and<br />
choose their next move.<br />
That being so, this leaves a pool of – dare I<br />
say this – poorer-qualified applicants with less<br />
experience, or those individuals with no<br />
experience at all.<br />
For the latter, we need to bear in mind that<br />
the security industry may not be an attractive<br />
option when hours, shift patterns and salary<br />
levels are all taken into account.<br />
Historically, therefore, like many labourintensive<br />
industries, security has always<br />
welcomed a broad mix of individuals from<br />
overseas, and if entry into the UK is to be made<br />
more difficult for migrants, or the number of<br />
immigrants is otherwise limited in some way,<br />
then we will all have to recruit more homegrown<br />
talent.<br />
Future considerations<br />
If this is the case, as an industry we will need to<br />
consider two things. First, how do we go about<br />
making security and security companies<br />
themselves more attractive as a career for<br />
potential employees? Second, but inextricably<br />
linked with the first point, how do we go about<br />
raising salary and benefit levels to attract the<br />
right people in the first instance?<br />
The answer to the second question poses a<br />
real conundrum as it’s not something that’s<br />
directly within our control. Site-based<br />
remuneration is in the hands of our customers.<br />
Unless we see a universal shift across the<br />
industry, and stand together to drive positive<br />
change, a low-price option will still be a choice<br />
for end users in what some of them view as the<br />
race for the bottom.<br />
On that note, for years now many of us in the<br />
guarding sector have bemoaned the increase in<br />
skills and quality sought on some contracts<br />
when viewed alongside an apparent – and, in<br />
some instances, actual – unwillingness on the<br />
part of customers to pay for that situation.<br />
Our officers are constantly being asked to do<br />
more with – or for – less. Their roles and<br />
responsibilities have widened. Their remit often<br />
extends beyond security into Front of House<br />
services, Health and Safety and facilities<br />
management. With the evolution of services<br />
has come the need for greater training and<br />
additional management support. Yet all the<br />
while the fees being paid for such services have<br />
been heading downwards and not up.<br />
Perhaps Brexit will have a positive impact<br />
here? We can certainly hope so.<br />
Security’s attractiveness<br />
With regards to making our industry more<br />
attractive for potential new recruits, many of us<br />
“It has been up to individual security companies to make<br />
tough choices over pay levels and benefits for their nonsite<br />
based staff and for customers who recognise the value<br />
of their security to ‘up the ante’ in terms of contract rates”<br />
felt that SIA licensing was the advent of a new<br />
dawn. The promise from the Regulator and<br />
those in power in Westminster at the time was<br />
that it meant ‘cowboy’ operators would be<br />
exposed and forced out of business.<br />
Perhaps more importantly, licensing and<br />
regulation also meant that standards would be<br />
raised and officers given the credit for the<br />
difficult tasks they perform. It signalled a<br />
positive move towards the highly successful<br />
Scandinavian model wherein security is viewed<br />
as a respected career of choice.<br />
Unfortunately, this hasn’t turned out to be<br />
the case. In the real world, it has been up to<br />
individual security companies to make tough<br />
choices over pay levels and benefits for their<br />
non-site based staff (with one eye on everdecreasing<br />
margin levels) and for customers<br />
who recognise the value of their security to ‘up<br />
the ante’ in terms of contract rates.<br />
If the price of security to end users were to<br />
increase, there would undoubtedly be a<br />
concerted movement towards ever-smarter<br />
solutions incorporating the latest technology<br />
and reduced manpower. Here, we’re talking<br />
about solutions that many companies would<br />
welcome due to the increased margins often<br />
produced from such outcomes.<br />
Closer to home<br />
In reality, at this present moment nobody really<br />
knows the true impact that Brexit will have on<br />
our industry, or indeed any other industry for<br />
that matter. What we do know, however, is that<br />
if we reduce the pool from which we can recruit<br />
then a difficult situation will be made even<br />
more difficult still. If security businesses can no<br />
longer rely on a steady flow of talent influx from<br />
across Europe then we may have to look closer<br />
to home for a solution.<br />
During the lead-up to the EU Referendum, we<br />
were all inundated with truths, half-truths and<br />
what have subsequently been shown to be<br />
falsehoods to try and win our vote. This<br />
scenario doesn’t appear to have changed.<br />
We all have our opinions of what might<br />
happen post-Brexit and we all want to remain<br />
optimistic about our future prospects. One<br />
thing’s for sure, though. If we are to realise a<br />
positive outcome for the security business<br />
sector, we must put company interests aside<br />
and all work together for the greater good.<br />
David Mundell: Managing<br />
Director of Axis Security<br />
37<br />
www.risk-uk.com
We go to greater lengths.<br />
Axis Security – setting new standards in customer service.<br />
• Our employees – are highly trained, valued and rewarded<br />
• Our proactive management approach – ensures service is continually improving<br />
• Our intelligent technology – ensures open lines of communication and transparency<br />
• Our prestigious industry recognition – includes 3 Security Guarding Company of the Year awards<br />
T. 020 7520 2100 | E. info@axis-security.co.uk | axis-security.co.uk
The Changing Face of Security Services: Robotic Technology<br />
Robotics in Security: A Sustainable Model?<br />
When contemplating a workplace wherein<br />
humans are increasingly being replaced<br />
by technology, it seems, investment in<br />
real and talented individuals will surely be<br />
more important than ever to ensure that an<br />
element of human common sense and the<br />
personal touch is delivered for end user<br />
customers and for supervising, ‘educating’ and<br />
maintaining a robotic workforce.<br />
There may in fact be an opportunity here for<br />
the security sector to boost its profile and add<br />
value through robotics if the technology’s<br />
integrated in the right way. We cannot ignore<br />
the fact that autonomous robotic technology is<br />
developing extremely quickly, with ‘futurists’<br />
already predicting that as many as one third of<br />
all UK jobs could be automated by 2030.<br />
While I’ve always maintained that empathy is<br />
a key characteristic required of any security<br />
professional, I also believe we cannot gloss<br />
over the innovation in robotics and the cost<br />
saving incentive that may well tempt our clients<br />
into trialling such solutions on their sites.<br />
Noel Sharkey, a recognised expert in robotics<br />
at the University of Sheffield’s ‘Sheffield<br />
Robotics’ Centre, reminds us that even the most<br />
advanced robots don’t have the capability to<br />
reason, while their lack of ‘moral agency’<br />
means it cannot be appropriate for them to<br />
simply work autonomously.<br />
In addition to the recent incident where a<br />
security robot fatally drove itself into a<br />
decorative water fountain (needing at least four<br />
humans to rescue it), last year it was also<br />
reported that a four year-old boy was injured in<br />
a Californian shopping mall by one of the most<br />
popular models of security robot currently<br />
patrolling the likes of Microsoft and Uber’s<br />
corporate offices, not to mention the car parks<br />
of Silicon Valley.<br />
“Robots need a human supervisor<br />
somewhere in the loop,” noted Sharkey, who<br />
has issued particularly strong warnings about<br />
the potentially catastrophic impact of the<br />
development of so-called military ‘killing<br />
robots’, which he states raise serious questions<br />
about accountability for fatalities in a world<br />
where mechanical and software failures are not<br />
uncommon, not to mention the vulnerability of<br />
robots to determined cyber hacking.<br />
Potential tasks<br />
From a Front of House point of view, robots are<br />
also being tested for roles with a welcoming<br />
function. They have the potential to recognise<br />
faces and movement, adjust temperatures,<br />
deliver room service and even make small talk.<br />
While some human co-workers have been<br />
known to become quite fond of their robot<br />
colleagues, I don’t doubt that the genuine<br />
human connection with all of its subtle nuances<br />
will be very much missed in most professional<br />
welcoming scenarios.<br />
Looking at the ‘pros’ of robotics, there’s no<br />
denying that security robots are sophisticated,<br />
with their ability to see 360-degree views, hear,<br />
record and accurately document evidence.<br />
Additionally, they can crunch data and produce<br />
predictive analytics, which is very powerful in<br />
anticipating problematic incidents or<br />
apprehending criminals.<br />
Commanding presence<br />
The makers also argue that robots have a<br />
commanding presence, which provides a<br />
significant perceptive deterrent.<br />
However, even with the highest spec of<br />
security robot available in Silicon Valley, it’s<br />
recommended that a suite of seven security<br />
robots is maintained by three “highly-trained”<br />
human officers. If this is indeed the case, the<br />
client may find that it’s even more important to<br />
attract talented tech-savvy human security<br />
professionals who will be complemented –<br />
rather than replaced – by robots.<br />
There’s a powerful inherent value in the<br />
deployment of a human. We all know we would<br />
rather speak to a real person when we call the<br />
bank, or have a retail assistant smile and gently<br />
ask us if we can manage without a bag instead<br />
of being ordered to ‘Place Your Item in the<br />
Bagging Area’. I see significant benefits in<br />
investing in people in the front line and,<br />
through better customer service training,<br />
enabling them to engage and connect on a<br />
personal level. Indeed, it could well be a step<br />
backwards to disregard this approach in the<br />
quest for robotics-related cost savings.<br />
Solution providers<br />
operate in a security<br />
marketplace wherein<br />
their clients are<br />
continually seeking<br />
added value and cost<br />
savings. Robotics has<br />
the potential to deliver<br />
in both of these areas<br />
and, for some<br />
commentators, is<br />
already beginning to<br />
command their<br />
attentions. What could<br />
this mean, though, for<br />
the current HR-heavy<br />
guarding business<br />
model? Neill Catton<br />
investigates<br />
Neill Catton: Managing<br />
Director at CIS Security<br />
39<br />
www.risk-uk.com
The Changing Face of Security Services: Business Licensing<br />
The private security<br />
industry is growing<br />
and constantly<br />
adapting to changes<br />
in the many sectors<br />
which it serves so<br />
diligently. However,<br />
the industry continues<br />
to face the ongoing<br />
challenge presented<br />
by rogue traders.<br />
Unlicensed companies<br />
are a threat to the<br />
credibility of bona fide<br />
operators and clients<br />
alike. What’s the<br />
answer? Abbey Petkar<br />
focuses on the need<br />
for business licensing<br />
Business Licensing: A ‘Must’<br />
for the Security Guarding Sector<br />
The Security Industry Authority (SIA) may<br />
have gone a long way towards improving<br />
the reputation of security companies and<br />
ensuring that we’re respected and heard in the<br />
corridors of power, but more needs to be done<br />
and soon. However, a Government swamped in<br />
Brexit negotiations is unlikely to make the right<br />
changes in a reasonable time frame.<br />
One of the latest high-profile challenges to<br />
the reputation of security companies was the<br />
news of a security firm allegedly supplying<br />
cloned badges to unlicensed stewards at<br />
festivals over the summer. If proven to be true<br />
post-investigation, such a blatant disregard for<br />
clients must be stamped out.<br />
Once again, this is a telling signal that<br />
business licensing is a ‘must’ if we’re to be seen<br />
as a professional and credible industry willing<br />
to manage its own profile and do what’s best<br />
for all concerned.<br />
Cut-throat pricing and poor standards are the<br />
hallmarks of many security companies. They<br />
send out unlicensed officers to protect<br />
members of the public with little or no thought<br />
for the consequences beyond their growing<br />
bank balances. Far too often, I hear clients<br />
complain of such a situation, but with no idea<br />
as to how to combat this behaviour. For them,<br />
it’s a lottery. How do they ascertain the<br />
legitimate professionals from the rogue<br />
traders? The simple solution would be a<br />
business-wide security licence.<br />
Business licences are not a new idea, nor one<br />
that has yet to gain much traction. The concept<br />
was first mooted in 2014, but here we are, three<br />
years on, and we’re no closer to a formalised<br />
legal system to establish the credibility and<br />
professionalism of security companies.<br />
Such regulation would ensure that all<br />
legitimate security service providers are<br />
licensed at a company level in tandem with<br />
their individual officers. It would benefit<br />
legitimate companies in terms of quality<br />
assurance and subsequent sales, but – and<br />
most importantly – it would also benefit the<br />
clients, who would then be safer and somewhat<br />
more trusting of their security partners.<br />
To succeed, business licensing needs<br />
ministerial and parliamentary approval, both of<br />
which are a challenge at the best of times. A<br />
minority Government seemingly embroiled in<br />
in-fighting with both eyes firmly fixed on Brexit<br />
isn’t likely to be interested in the complaints of<br />
an industry that, on the whole, manages itself.<br />
It should be. Terror threats are a part of modern<br />
life and security companies are at the forefront<br />
when it comes to protecting the public.<br />
Considering alternatives<br />
In the meantime, there are alternatives worthy<br />
of consideration. The current (voluntary)<br />
Approved Contractor Scheme (ACS) could be<br />
made compulsory. It would provide an easy<br />
platform for security companies to demonstrate<br />
they’re reputable within a framework that<br />
already exists. More importantly, that solution<br />
could be swiftly introduced.<br />
This is just one idea, though, and something<br />
that would need to be discussed at length, but<br />
at a time when the Government’s priorities lie<br />
elsewhere, a mandatory ACS could indeed be a<br />
viable alternative.<br />
Compulsory business licensing is a necessity<br />
for our industry. At some point in the future it<br />
needs to become a reality. We must all work<br />
together to make that happen. Far too many<br />
security companies, who’ve worked hard to<br />
promote their professionalism, risk being<br />
tarnished by the failures of the rouge<br />
operators. Introducing an enhanced regulatory<br />
regime would afford greater credibility for<br />
genuine companies and encourage the industry<br />
to constantly deliver high-level services that<br />
benefit clients and serving security officers<br />
alike, while ultimately improving the reputation<br />
of the industry as a whole.<br />
Given security’s large workforce, regulation of<br />
our sector must be improved if the legitimacy,<br />
standards and reputation of companies and<br />
individuals within who provide a quality service<br />
are to be maintained. Only time will tell if<br />
business licensing arrives, let alone does its<br />
job. Hopefully, it will duly arrive and rid us of<br />
disreputable organisations once and for all.<br />
Abbey Petkar: Managing<br />
Director of Magenta Security<br />
“Compulsory business licensing is a necessity for our industry. At some<br />
point in the future it needs to become a reality. We must all work<br />
together to make that happen”<br />
40<br />
www.risk-uk.com
Tel: 08707 508070 Fax: 08707 508066<br />
Risk UK Offer<br />
Uniforms@PeterDrew would like to offer<br />
all Risk UK readers, SIA licensed companies,<br />
FM companies and end users of security<br />
services the following -<br />
• Free samples on a sale or return basis<br />
• Free artwork and design setup<br />
• Free dedicated buying portal<br />
• Discounted contract prices<br />
• Committed customer sales support<br />
• Same day dispatch, next day delivery<br />
• Branded stock holding available<br />
• <br />
To take advantage of this offer or for more<br />
information contact uniforms@peterdrew.com<br />
or call 08707 508070<br />
Website: www.peterdrew.com<br />
Twitter: @UniformSecurity<br />
Facebook: facebook.com/<br />
PeterDrewCorporateClothing
Meet The<br />
Security Company<br />
Being able to offer a full range of security<br />
solutions also helps greatly as clients like the<br />
fact they only have to make one phone call and<br />
they know that, whatever their individual issue<br />
might be, we can bespoke a solution that’s both<br />
affordable and, more importantly, goes a long<br />
way towards resolving their security issues.<br />
This is the third<br />
instalment in a new<br />
series of articles for<br />
the readers of Risk UK<br />
where we shine the<br />
spotlight on NSIapproved<br />
businesses<br />
for the benefit of risk<br />
and security managers<br />
who purchase security<br />
guarding as well as<br />
systems-focused<br />
solutions. Answering<br />
our questions this<br />
month is Andrew<br />
Nicholson, managing<br />
director of Barnsleybased<br />
Doyle Security<br />
About the National Security Inspectorate<br />
Risk UK: Can you briefly describe your<br />
business’ activities and what you consider to<br />
be your USP as an organisation?<br />
Andrew Nicholson: Doyle Security is a supplier<br />
of total security solutions. What this means in<br />
essence is that we address almost all of the<br />
security disciplines that our clients require,<br />
from supplying fully-trained and licensed<br />
security officers and providing key holding and<br />
alarm response solutions through to the<br />
installation of commercial grade CCTV, intruder<br />
and fire alarm systems.<br />
We’re very proud of the fact that we’re a<br />
family-run company and have been for over 30<br />
years. Any potential client can be sure that not<br />
only will they receive a first class service from<br />
us, but they’ll also have complete peace of<br />
mind knowing that we, as a company, can<br />
demonstrate longevity of service as a bespoke<br />
security solutions provider.<br />
Risk UK: What do your clients value most<br />
about the services you deliver?<br />
Andrew Nicholson: The level of experience and<br />
honesty we bring for each and every client with<br />
whom we interact is, I firmly believe, one of our<br />
biggest assets as a company.<br />
The National Security Inspectorate (NSI) is a wholly-independent, not-for-profit<br />
company limited by guarantee and operates as a UKAS-accredited certification<br />
body specialising in the security and fire safety sectors.<br />
For over 40 years, the NSI has served to protect businesses, homeowners<br />
and the general public alike, raising standards by providing robust and high<br />
quality audits of both security and fire safety service providers.<br />
Risk UK: How do you feel accreditations have<br />
assisted your company?<br />
Andrew Nicholson: Accreditations have been a<br />
great assistance to the business. For well over a<br />
decade now, we’ve embraced both the National<br />
Security Inspectorate’s (NSI) Guarding Gold<br />
scheme and the Security Industry Authority’s<br />
Approved Contractor Scheme (ACS). We<br />
wholeheartedly believe they set the standard.<br />
Those security companies receiving<br />
accreditation and continually working to the<br />
benchmarks outlined within are operating at<br />
the highest levels. It sets them apart from other<br />
security companies.<br />
More and more of the tenders and contract<br />
requests we receive stipulate either one or both<br />
of these accreditations. We’re extremely proud<br />
that we hold both NSI Guarding Gold and ACS<br />
registration and will continue to do so.<br />
Risk UK: Specifically, what value does ACS<br />
registration and NSI Guarding Gold approval<br />
bring to your business and its clients?<br />
Andrew Nicholson: ACS registration and NSI<br />
Guarding Gold approval set the standard not<br />
only for the quality of services we bring to our<br />
clients, but also in terms of how we run our<br />
business on a daily basis.<br />
All of our staff members believe passionately<br />
in working to the set standards in every aspect<br />
of Doyle Security’s day-to-day operations. Only<br />
by them doing so will our clients benefit from<br />
engagement with Doyle Security as a company.<br />
Risk UK: In practice, what are the main<br />
differences between ACS registration and NSI<br />
Guarding Gold approval?<br />
Andrew Nicholson: ACS registration is all<br />
about helping security solution providers to<br />
raise the standard of service they offer for their<br />
clients. Many of the ACS criteria are directly<br />
linked to improving the working experience of<br />
42<br />
www.risk-uk.com
Meet The Security Company: Doyle Security<br />
In association with the<br />
employees which, in turn, hopefully increases<br />
the standard of the services we offer as a<br />
business right across the board.<br />
The new ACS workbook and scoring criteria<br />
allow security companies to demonstrate Best<br />
Practice which brings added value for clients.<br />
NSI Guarding Gold approval is more<br />
concerned with security companies<br />
demonstrating adherence to ISO 9001:2015 and<br />
all of the individual British Standards relating<br />
specifically to the security business sector.<br />
Risk UK: How do you think technology has<br />
changed the industry over the last couple of<br />
years and what do you feel will be the<br />
direction of travel in the future?<br />
Andrew Nicholson: Across the past few years,<br />
the myriad innovations in IT have been the<br />
biggest game-changer for us from an<br />
operational point of view. Innovations in<br />
software have enabled us to introduce new<br />
systems of working designed to improve the<br />
way in which we rota our staff and how we<br />
communicate this to them, how we monitor<br />
their performance and also how we can interact<br />
with clients when it comes to informing them of<br />
issues and for incident reporting.<br />
Although improvements in technology have<br />
driven down the prices for high quality<br />
technical systems, the emphasis will always be<br />
on how we use this technology. Often, there’s<br />
simply no substitute for human interaction in<br />
delivering a high quality security service.<br />
Risk UK: When it comes to negotiating<br />
contracts and responding to tender requests,<br />
what aspects are of most value to customers<br />
and how are these changing?<br />
Andrew Nicholson: A few years ago, it was the<br />
norm for a client to ask for an hourly rate. Many<br />
afforded little thought as to what they were<br />
receiving for their money. Now, when we receive<br />
genuine contract and tender requests, it’s clear<br />
that the emphasis is no longer solely on cost.<br />
Potential clients want to know what added<br />
value can be realised by their prospective<br />
security solutions provider.<br />
At Doyle Security, we spend much time and<br />
effort in explaining to clients that securing their<br />
site is a team effort involving all parties. Only<br />
when we work as a team and gather feedback<br />
from all concerned can we do our utmost to<br />
ensure the client’s premises, people and<br />
property are as secure as possible.<br />
As history tells us, there’s no such thing as a<br />
completely fail-safe security system. We believe<br />
it’s a case of placing as many barriers as<br />
possible in front of would-be criminals so as to<br />
deter them enough that they think twice and<br />
move on. With regular meetings and good client<br />
feedback, we can accomplish a very high level<br />
of customer service.<br />
Risk UK: How has Government legislation (eg<br />
the National Minimum Wage, the National<br />
Living Wage and holiday pay) affected your<br />
business? Do you believe such legislation is<br />
a good thing?<br />
Andrew Nicholson: The introduction of both<br />
the National Minimum Wage and, more recently,<br />
the National Living Wage are two of the best<br />
things to have happened for the security sector.<br />
In an industry that has been renowned for its<br />
long working hours, security officers can now<br />
work a more reasonable shift pattern and still<br />
earn a decent salary.<br />
That said, we believe the industry can do<br />
more. With the increase in the National<br />
Minimum Wage and the recent introduction of<br />
the Living Wage, we’ve seen the rise of the socalled<br />
‘self-employed’ security officer. Often,<br />
these individuals are paid less than the<br />
National Minimum Wage in an attempt – by<br />
unscrupulous security companies – to keep<br />
hourly rates low in order to win business. These<br />
unfortunate individuals don’t receive sick pay,<br />
holiday pay or any of the benefits to which<br />
they’re entitled.<br />
Risk UK: What are the most important<br />
attributes you look for in your security<br />
officers and staff members in general?<br />
Andrew Nicholson: The answer here is quite a<br />
simple one: professionalism. Professionalism<br />
encompasses honesty, integrity and the ability<br />
to give 100% to all tasks. These must be a<br />
‘given’ on the characteristics measure.<br />
High on the list of what we look for – and<br />
what clients like – are a smart appearance and<br />
solid communication skills. The ability to<br />
communicate clearly with clients and any other<br />
third party often leads to positive results.<br />
Risk UK: How can the SIA, the NSI and<br />
industry standards best serve the sector in<br />
addition to the needs of your company’s<br />
clients and the wider public interest? Will<br />
the introduction of business licensing be a<br />
positive step?<br />
Andrew Nicholson: Ever since 2007, we’ve<br />
been championing the introduction of business<br />
licensing for the private security industry.<br />
Licensing individuals has been a fantastic<br />
initiative and a giant leap forward for regulating<br />
the private security sector, but only by<br />
regulating each individual business can we<br />
hope to have a fully-level playing field. It would<br />
allow greater flexibility and better outcomes.<br />
Name<br />
Andrew Nicholson<br />
Job title<br />
Managing Director<br />
Time in the security sector<br />
I’ve been in the security<br />
sector for over 16 years. I<br />
joined Doyle Security in early<br />
2001. Prior to this, I worked<br />
within the sales and<br />
marketing industry<br />
Location of the business<br />
Doyle Security is strategically<br />
located in Barnsley just off<br />
Junction 37 of the M1<br />
motorway which affords great<br />
transport links to the M1,<br />
M62, A1 and M18 network<br />
Areas of expertise<br />
Security guarding, alarm<br />
response, mobile patrol and<br />
key holding services, CCTV<br />
monitoring, CCTV, intruder<br />
and fire alarm system<br />
installation, access control<br />
solutions and security<br />
provision for major events<br />
Accreditations<br />
SIA ACS (Security Guarding),<br />
NSI Guarding Gold Scheme,<br />
SafeContractor Scheme,<br />
CHAS Accredited Contractor,<br />
ISO 9001:2015, BS<br />
7499:2013, BS 7984-1: 2016,<br />
BS 7958:2015, BS 7858:2012<br />
Andrew Nicholson: Managing<br />
Director of Doyle Security<br />
43<br />
www.risk-uk.com
Genesys – Beyond PSIM<br />
Genesys is more than ‘just’ a PSIM<br />
technology. It takes PSIM to another<br />
level. Genesys is an Integrated Security<br />
Management System (ISMS) that integrates<br />
multiple systems from multiple<br />
manufacturers – presenting it as one holistic<br />
technology with unparalleled ease of use.<br />
As demands on security managers and<br />
the systems they specify increases and<br />
further integration is needed, Genesys<br />
<br />
<br />
that is revolutionising the industry.<br />
• Patented unique system architecture<br />
• Migrating 3+ driver for power<br />
and redundancy<br />
• Fully scalable<br />
• Exceptional ease of use<br />
• Low life cycle cost<br />
Please see next month’s edition to see<br />
why ISM’s Genesys should always be the<br />
number one choice for your integrated<br />
security management solution.<br />
Intergrated Security Manufacturing Limited<br />
T: +44(0) 1293 529990<br />
F: +44(0) 1293 528023<br />
E: info@ism-uk.com<br />
ism-uk.com
Fire Safety Planning: Emergency Evacuation Case Study<br />
Elevated life expectancies and financial<br />
pressures are shifting the age profile of<br />
today’s workforce. Published in December<br />
last year, the British Social Attitudes Survey for<br />
2015 states that, while nearly two-thirds of<br />
employees still expect to retire in their 60s,<br />
17% expect to be in their 70s before they down<br />
tools. In fact, according to a report in The<br />
Economist, between 1995 and 2015, the number<br />
of working individuals aged over 65 more than<br />
doubled to break through the one million<br />
barrier. It’s estimated that, by 2020, one third<br />
of the workforce will be aged over 50.<br />
A major contributory factor behind such<br />
statistics is Government policy which is keeping<br />
more people in work. Since 2006, it has been<br />
possible to continue working while drawing a<br />
state pension. The age at which that pension<br />
can be drawn is due to rise to 66 by 2020 and<br />
to 67 by 2028, with many commentators<br />
expecting this figure to be nudged closer to 70.<br />
Lots of people want to carry on working and,<br />
for financial reasons, many need to do so. As a<br />
result, companies are now actively courting<br />
older workers. Older workers are praised for<br />
their reliability, experience and loyalty and for<br />
their ‘soft skills’ in areas like customer services.<br />
While we can expect a growth in the desire<br />
for paid employment among the upper age<br />
group in our society, more people with physical<br />
impairments are now seeking employment<br />
opportunities. This is driven by the Government<br />
encouraging both employers and employees<br />
alike to find roles where disabilities may no<br />
longer be a barrier to earning.<br />
There are nearly seven million people with<br />
disabilities of working age in the UK.<br />
Government figures have reported a steady rise<br />
in the numbers employed. In 2016, the UK<br />
employment rate among those with permanent<br />
disability and of working age was 46.5% (ie 4.1<br />
million). According to The Papworth Trust, only<br />
17% of people with disabilities were born with<br />
their impairment, with the majority acquiring<br />
their disability during their working lives. It’s<br />
estimated that five out of six people retain their<br />
job after their first year.<br />
For people with disabilities – and, to a<br />
greater or lesser degree, older workers –<br />
accessibility within the workplace is a key<br />
issue, as indeed it is when they’re out and<br />
about during their leisure time. When<br />
considering this, we tend to think in terms of<br />
ensuring that people can access and then move<br />
safely around inside the workplace. Building<br />
design is adapted to incorporate ramp access,<br />
wider doorways for wheelchair access and<br />
passenger lifts – all of which provide valid<br />
solutions for accessibility. However, designs<br />
Taking Evacuation Planning<br />
into the Premier League<br />
Costing £14.7 million to construct, the bet365 Stadium –<br />
formerly the Britannia Stadium – is the home of Stoke City FC.<br />
Following the recent completion of expansion works, the<br />
ground’s capacity now tops 30,000. Importantly, the redevelopment<br />
project has taken full account of planning for<br />
fire safety and emergency evacuation, as Risk UK reports<br />
don’t necessarily look at how people can exit a<br />
building or a stadium in an emergency scenario.<br />
The Taylor Report<br />
The bet365 Stadium is the home of Stoke City<br />
Football Club and has been so since the<br />
summer of 1997. The all-seater stadium cost<br />
nearly £15,000,000 to build and brought the<br />
club up to standards set out in the Taylor<br />
Report following 119 years spent at the old<br />
Victoria Ground.<br />
By early 1997, the skeletal steel<br />
superstructure was in place and the stadium<br />
began to take shape. Later that year, it opened<br />
its doors for the first time as the Britannia<br />
Stadium thanks to a £1 million, ten-year<br />
sponsorship deal with the Britannia Building<br />
Society which was instrumental in the overall<br />
funding of the project. A further £3 million was<br />
given as a grant by The Football Trust.<br />
Rochdale were the visitors for the historic<br />
first-ever competitive match on 27 August 1997:<br />
a 1-1 draw in the Worthington Cup watched by<br />
15,439 fans. Just four days later, the first-ever<br />
league game took place against Swindon Town<br />
45<br />
www.risk-uk.com
Fire Safety Planning: Emergency Evacuation Case Study<br />
before a crowd of 23,859. Ten years on, the club<br />
obtained full ownership of the stadium in a deal<br />
worth £6 million following the previous joint<br />
partnership with Stoke-on-Trent City Council<br />
and Stoke-on-Trent Regeneration Ltd.<br />
As one of the Premier League clubs fully<br />
committed to complying with the requirements<br />
for disabled access as set out in the Accessible<br />
Stadia document, Stoke City FC has chosen<br />
stairway evacuation chairs to provide safe<br />
means of exit for those supporters unable to<br />
use stairways in an emergency.<br />
The evacuation chairs are among the new<br />
facilities introduced at the bet365 Stadium<br />
thanks to its first major re-development since<br />
1997. That re-development adds 1,800 seats to<br />
the impressive ground’s capacity and duly<br />
enables this established Premier League club to<br />
provide additional and improved viewing for<br />
wheelchair users.<br />
Filling the gap<br />
Increased provision for disabled supporters<br />
was added to permission gained in 2013 for the<br />
club to ‘fill the gap’ in the South East corner of<br />
the stadium and lift capacity to over 30,000. It<br />
was decided to carry out the new development<br />
in tandem with improved provision for disabled<br />
supporters – and particularly wheelchair users<br />
– when the Premier League clubs agreed to<br />
comply with the requirements of the<br />
aforementioned Sports Grounds and Safety<br />
Authority Accessible Stadia document by the<br />
deadline of August 2017.<br />
In terms of accessibility, one of the criticisms<br />
that had been levelled at a number of Premier<br />
League clubs was that wheelchair users’ places<br />
suffered poor sight lines because of seats being<br />
at pitch level. As well as introducing two new<br />
high-level disabled bays in the North East and<br />
South East corners of the stadium, Stoke City<br />
FC is creating pitch-side disabled bays in its<br />
North, South and West Stands and providing<br />
super-risers to the existing mid-terrace bays.<br />
Access provision also includes ensuring a safe<br />
means of evacuation in an emergency or in<br />
those situations where lifts cannot be used.<br />
This is an issue which Stoke City’s Health and<br />
Safety manager Rob Killingworth had already<br />
addressed when reviewing emergency<br />
evacuation procedures under the club’s fire<br />
strategy. “Our chosen emergency evacuation<br />
method was the use of evacuation chairs so, a<br />
couple of years ago, we visited The Facilities<br />
Show to see what was on the market,”<br />
explained Killingworth.<br />
The Evac+Chair model eventually selected by<br />
Killingworth is the 300H which boasts a 182 kg<br />
carrying capacity and is designed for oneperson<br />
operation, avoiding the need for heavy<br />
lifting or manual handling.<br />
As well as having the right equipment in<br />
place, a key requirement is having sufficient<br />
personnel trained in the use of evacuation<br />
chairs in an emergency scenario. As<br />
Killingworth pointed out, this isn’t confined to<br />
the need for evacuating areas specifically<br />
designated for wheelchair users.<br />
“Evacuation procedures underpin our fire<br />
safety strategy, but we also need to have<br />
provision in place for any circumstance where<br />
someone may need assistance and is unable to<br />
use the lifts,” said Killingworth. “People with<br />
disabilities using the hospitality areas might be<br />
taken ill or have a medical condition that means<br />
they need help. As you can imagine, we have a<br />
lot of people working here on match days, so<br />
we needed to develop a policy that enables us<br />
to train as many of them as possible.”<br />
Bespoke training<br />
Although all Evac+Chair equipment is designed<br />
for ease of use, the company always<br />
recommends evacuation chair training and<br />
offers two levels. Stoke City FC opted for the<br />
Key Trainer Masterclass. This is a full-day,<br />
certificated, ‘train the trainer’-style course<br />
enabling key members of staff to achieve the<br />
required level of expertise for formal<br />
certification which qualifies them to provide inhouse<br />
training for other staff members.<br />
With a large rota of match day stewards, plus<br />
catering and other on-site staff, training is<br />
being rolled-out to as many staff as possible to<br />
ensure that there are always sufficient numbers<br />
of trained individuals on site on a match day.<br />
The club is also in the process of recruiting a<br />
large team of access stewards as part of its<br />
Stoke City Safety Operation. Their role includes<br />
helping with ingress and egress at the stadium<br />
to ensure spectator safety at all times.<br />
Evacuation chair training will also be included<br />
for all access stewards alongside standard<br />
disability instruction.<br />
“Evacuation procedures underpin our fire safety strategy, but we also<br />
need to have provision in place for any circumstance where someone<br />
may need assistance and is unable to use the lifts. People with<br />
disabilities using the hospitality areas may be taken ill, for example”<br />
46<br />
www.risk-uk.com
National Association for<br />
Healthcare Security<br />
Annual Conference and Exhibition<br />
November 9th, Birmingham<br />
PLATINUM SPONSOR B-CAM<br />
Organisers AllSecurityEvents.com<br />
“Protecting the Million”<br />
This year, the National Association for Healthcare<br />
Security Annual Conference moves to Birmingham<br />
at a cool, contemporary venue, minutes from New<br />
Street Station.<br />
The Conference, supported by our Platinum<br />
Sponsor, body-worn camera specialists, B-CAM<br />
will include a leading security speakers and subject<br />
matter experts, including<br />
• Philip Ingram MBE – ex senior British<br />
Intelligence officer, media commentator and<br />
writer<br />
• Tony Porter – the Surveillance Camera<br />
Commissioner<br />
NAHS Awards<br />
#NAHS17 will also feature our new awards,<br />
recognising those who have made a significant<br />
contribution to healthcare security - for details on<br />
how to enter contact hello@allsecurityevents.com<br />
We thank our sponsors and exhibitors for their<br />
support, helping NAHS provide a safe and secure<br />
environment for staff and patients in the healthcare<br />
sector.<br />
Exhibitors include<br />
B-Cam<br />
Carlisle Support<br />
Services<br />
Corps Security<br />
Deister<br />
Gunnebo<br />
Paxton<br />
SkyGuard<br />
Volunteering Values<br />
Book for #NAHS17 here<br />
https://goo.gl/EH9SHM<br />
Media Partners
Reflections on Risk and Resilience<br />
Risk and resilience as<br />
fields of research have<br />
engaged academics<br />
for several years now.<br />
That research has<br />
spanned many fields,<br />
including – but by no<br />
means limited to –<br />
finance, sport, supply<br />
chain management,<br />
social work, security<br />
and terrorism.<br />
Nonetheless, there<br />
remains something<br />
mystical about the<br />
concept of risk. Will<br />
the lines dividing risk<br />
and resilience<br />
management continue<br />
to blur and pave the<br />
way for a new form of<br />
thinking? Dr Risto<br />
Talas believes so<br />
There exists a settled consensus that risk<br />
consists of three elements: threat,<br />
vulnerability and consequence. Consider<br />
the English language student who sat his finals<br />
at Cambridge University in 1953. The questions<br />
set included one that read: ‘What is a risk?’ The<br />
student’s answer was simply: ‘This is a risk.’ By<br />
answering as he did, the student demonstrated<br />
a clear understanding of risk.<br />
What represented the threat in the answer?<br />
The threat was a failed examination if the<br />
examiner viewed his answer as an arrogant<br />
attempt to be clever. Or might the examiner see<br />
that the answer was really quite insightful?<br />
Either way, the threat level could be considered<br />
to be quite high.<br />
In terms of vulnerability, the student could resit<br />
the examination towards the end of the year.<br />
What would be the consequences of doing so?<br />
A delayed graduation and the inability to begin<br />
the teaching job for which he had successfully<br />
interviewed only the previous week.<br />
The student showed quite elegantly that he<br />
understood risk very well. He also highlighted<br />
the distinction between individuals who are risk<br />
averse (ie those students who laboured for the<br />
full three hours) and those who, much like<br />
himself, are risk-seeking.<br />
Academics often consider risk and resilience<br />
together, as a quick search on Google Scholar<br />
will reveal. Resilience is often described as the<br />
ability to ‘bounce back’ after a crisis or an<br />
adverse event, to be able to return to normal<br />
working conditions or to absorb the impact of<br />
an adverse effect. Many academics see risk and<br />
resilience not necessarily as two opposing<br />
sides of the same coin, but also not as related<br />
as I believe them to be in the real world.<br />
Risk management may be viewed as the<br />
constant assessment of whether to treat,<br />
tolerate, terminate or transfer the risks an<br />
organisation faces. Why constant? Put simply,<br />
because risks are dynamic and change<br />
constantly. A risk assessment conducted on<br />
paper and left on a shelf is a dead end exercise.<br />
Ultimately, organisations should have their<br />
latest risk assessment digitally available to<br />
them at all times.<br />
Remember Ericsson’s supply chain crisis back<br />
in 2000? A lightning strike affected a<br />
semiconductor factory in Albuquerque owned<br />
by Philips that was the single source of supply<br />
for all of Ericsson’s chips for its mobile phones.<br />
The lightning strike caused a fire which meant<br />
that all of the chips in the factory were<br />
rendered useless. Nokia also ordered some of<br />
its chips from the same factory. Within hours of<br />
the fire, Nokia’s supply chain management<br />
team in Finland was alerted to the disruption<br />
and ordered more chips from Philips’ other<br />
plants while beginning to reconfigure its (then)<br />
current factory line mobiles to accept the chips<br />
from the different sites.<br />
What of Ericsson in the intervening period? It<br />
took the business a full two weeks to wake up<br />
to the scale of the disaster, by which time it<br />
was Finland 1 Sweden 0.<br />
Resilience management<br />
What, then, is resilience management? My<br />
definition is the constant assessment,<br />
implementation and monitoring of efficient<br />
active and passive systems which address an<br />
organisation’s threats, vulnerabilities and<br />
consequences in the face of an extraordinary<br />
event. This definition links the two dimensions<br />
of resilience: resilience to organisational<br />
interruption and resilience for organisational<br />
response and recovery.<br />
Resilience to organisational interruption<br />
comprises the active measures that are focused<br />
on reducing an organisation’s vulnerability to<br />
an extraordinary event, while resilience for<br />
organisational response and recovery<br />
encompasses the passive (but which can<br />
become immediately active) measures that are<br />
focused on reducing the consequences to the<br />
organisation from an extraordinary event.<br />
Essentially, this is how risk and resilience –<br />
48<br />
www.risk-uk.com
The Security Institute’s View<br />
and, in turn, risk and resilience management –<br />
are related.<br />
It’s not enough for C-level directors of risk to<br />
consider risks in isolation. They should be<br />
focused just as much on resilience measures.<br />
Furthermore, resilience to organisational<br />
interruption and resilience for organisational<br />
response and recovery must be proportional.<br />
Resilience measures are not cheap. Rather,<br />
they’re investments which need justification as<br />
well as suitable resourcing. By linking risk and<br />
resilience management, it’s then possible to<br />
create a single mindset in the organisation that<br />
focuses on both as one.<br />
Port security risk<br />
In my joint study with Professor David<br />
Menachof 1 , and drawing on my experience of<br />
working as a leading Lloyd’s underwriter of<br />
marine war, terrorism and political violence<br />
risks, we presented a model of port security<br />
risk. Here, threat is defined as the probability<br />
that an attack occurs, vulnerability is defined as<br />
the probability that an attack results in damage<br />
given that an attack occurs and consequence is<br />
defined as the expected damage given that an<br />
attack occurs and results in damage. Thus Risk<br />
= P (attack occurs) * P (attack results in<br />
damage | attack occurs) * E (damage | attack<br />
occurs and results in damage).<br />
We go on to show how port security risk can<br />
be quantified and, when combined with<br />
performance data for security systems obtained<br />
from a series of interviews with port security<br />
experts, the resultant residual risk of each port<br />
facility can be calculated. This data was used as<br />
the basis for assessments of the performance<br />
of each of the security systems as a whole.<br />
Developing the model, which is now the<br />
focus of my research with Dr Alison Wakefield<br />
at the University of Portsmouth, if we were to<br />
substitute ‘event’ for ‘attack’ and ‘consequence’<br />
for ‘damage’ in the above equation and further<br />
model the impacts of both resilience to<br />
organisational interruption and resilience for<br />
organisational response, we arrive at the<br />
following model for residual risk: Residual Risk<br />
= P (event occurs) * P (event results in<br />
consequences | event occurs) * f (resilience to<br />
organisational interruption) * E (consequences |<br />
event occurs and results in consequences) * f<br />
(resilience for organisational response).<br />
Here, f (resilience to organisational<br />
interruption) and f (resilience for organisational<br />
response) are functions of resilience to<br />
organisational interruption and resilience for<br />
organisational response respectively which<br />
reduce organisational vulnerability and<br />
consequence. The way in which these are<br />
calculated isn’t elementary and reflects the<br />
complex landscape of the relationship between<br />
risk and resilience.<br />
To further inform the model, I’ve identified in<br />
excess of 400 individual elements that can<br />
contribute to an organisation’s resilience. They<br />
stem from Health and Safety, security,<br />
environment, quality management, training,<br />
business continuity planning, redundancy<br />
capability, crisis management capability, cyber<br />
security and media management.<br />
Within each of these elements there’s the<br />
potential for a non-conformance or near miss to<br />
be manifested without warning. Risk managers<br />
and directors will recognise the importance of<br />
identifying an appropriate methodology for the<br />
collection and analysis of non-conformances<br />
and near misses, given their clear potential for<br />
impacting a firm’s vulnerability.<br />
An organisation’s vulnerability can be<br />
modelled in a two-dimensional matrix assigning<br />
an individual score for the significance of each<br />
performance indicator of resilience to<br />
organisational interruption in tackling a<br />
potential hazard, both man-made and natural.<br />
The modelling of non-conformances is thus<br />
significant because they will affect the<br />
individual vulnerability scores in the matrix.<br />
As this matrix is then used to calculate the<br />
organisation’s overall residual risk and the<br />
resilience to organisational interruption has a<br />
direct bearing on vulnerability, it’s possible to<br />
link the performance of resilience to<br />
organisational interruption and the presence of<br />
non-conformances to residual risk.<br />
Similarly, the resilience for organisational<br />
response consists of performance indicators<br />
that have a direct bearing on the consequences<br />
of an extraordinary event affecting an<br />
organisation. In turn, these may be modelled in<br />
their capability to reduce consequences and<br />
thus reduce residual risk overall. This is the<br />
methodology that links resilience to<br />
organisational interruption and resilience for<br />
organisational response and, therefore, overall<br />
resilience to organisational risk.<br />
In only a few years from now, the lines<br />
dividing risk management and resilience<br />
management will be sufficiently blurred, not<br />
only through a better understanding of their<br />
impact on residual risk, but also through the<br />
necessity of allocating efficient resources to<br />
tackle organisational risk and resilience.<br />
Reference<br />
1 Talas R and Menachof D<br />
(2014): ‘Using Portfolio<br />
Optimisation to Calculate the<br />
Efficient Relationship<br />
Between Maritime Port<br />
Security Residual Risk and<br />
Security Investment’,<br />
International Journal of<br />
Shipping and Transport<br />
Logistics, Volume 6:3,<br />
pp46-59<br />
Dr Risto Talas BA (Hons) MBA<br />
PhD: Lecturer in Security Risk<br />
Management at the University<br />
of Portsmouth’s Institute of<br />
Criminal Justice Studies<br />
“It’s not good enough for C-level directors of risk to<br />
consider risk in isolation. They should be focused just as<br />
much on resilience measures”<br />
49<br />
www.risk-uk.com
The UK Domestic Terrorism Threat:<br />
A Shift in Emphasis for Security Training<br />
As the recent tragic<br />
events in London,<br />
Manchester and<br />
Barcelona have<br />
confirmed, we’re now<br />
dealing with an<br />
emerging terrorist<br />
modus operandi:<br />
individuals working<br />
alone or in small<br />
groups using homemade<br />
explosives,<br />
small arms, knives and<br />
vehicles to cause harm<br />
to their targets, with<br />
the perpetrators<br />
themselves<br />
unconcerned for their<br />
own fate. Rupert Reid<br />
explains why, when it<br />
comes to counterterrorism<br />
training, we<br />
now need to shift the<br />
emphasis towards one<br />
focused on detection<br />
Rupert Reid: Managing Director<br />
of The Security Management<br />
Academy (TheSMA)<br />
50<br />
www.risk-uk.com<br />
Any debate about whether these people are,<br />
in fact, trained and organised ‘terrorists’ in<br />
the true sense of the word should<br />
probably be parked for another day. However,<br />
it’s clear that there are a number of unbalanced<br />
fanatics who, no matter what their persuasion<br />
or affiliation, are showing themselves to be<br />
perfectly capable of causing serious harm to<br />
people and damage to property by using the<br />
most basic of tools or equipment.<br />
Moreover, because these individuals are<br />
often disenfranchised ‘lone actors’ whose craft<br />
and motivation have been developed online,<br />
the chances of early intervention are remote.<br />
The UK Government’s exhortation to ‘Run,<br />
Hide, Tell’ in the face of a terror threat is<br />
soundly based and has been well thought<br />
through in that it’s simple, logical and intuitive,<br />
although we still need to work on the British<br />
tendency not to cause a fuss (thinking ‘the<br />
driver must be feeling unwell’ as the van<br />
careers towards the Shopping Centre).<br />
While ‘Run, Hide, Tell’ may work for the<br />
individual, it doesn’t, I would suggest, meet the<br />
Duty of Care criteria of companies when<br />
contemplating how best to protect their staff,<br />
clients and other visitors from such attacks. I’m<br />
sure it would be considered poor form if<br />
members of staff were to be seen ‘legging it’<br />
from a retail store, leaving customers to deal<br />
with the fanatic brandishing a knife.<br />
Influx of information<br />
Let us be clear on the terms of reference here.<br />
It’s nigh on impossible to prevent an attack of<br />
the kind we’re witnessing of late, such is the<br />
spontaneous nature of the acts involved. As the<br />
Security and Intelligence Services struggle to<br />
cope with the influx of information being<br />
offered up by a well-meaning public in<br />
response to their appeals and make sense of<br />
the raft of intelligence being shared by the<br />
various agencies, we may need to rethink our<br />
concept of ‘prevention’.<br />
If any one of a number of unhinged social<br />
outcasts with little or no history of wrongdoing<br />
decides to rent a transit van and drive it into a<br />
crowded street market, there’s nothing we can<br />
do to prevent such an attack. However, we can<br />
do much to minimise the harm which such an<br />
episode might cause by subtly shifting the<br />
emphasis from prevention to response. Not<br />
completely, of course, but by putting much<br />
more emphasis on the early detection of<br />
abnormal activity than ever before.<br />
Early identification<br />
Consider, for example, the security officer<br />
watching the CCTV screen or checking<br />
credentials and searching handbags at the<br />
door. What if they were to be specially trained<br />
to profile and identify suspicious activity and<br />
abnormal behaviour when the perpetrator was<br />
at a distance from the premises, supported by<br />
extra sets of ‘eyes and ears’ at Front of House,<br />
and had the necessary complementary<br />
technology to alert those whom they’re<br />
protecting in the event of an incident?<br />
Imagine the scenario: the security officer<br />
outside the premises witnesses a van turning<br />
into the street at high speed and, because he<br />
has been trained to recognise abnormal<br />
behaviour and react immediately, the officer<br />
hits the panic button on his belt, triggering an<br />
audible alarm in the building.<br />
The entire workforce will have been trained<br />
to recognise the significance of the alarm and<br />
the importance of moving swiftly to a<br />
predetermined safe area, with any visitors<br />
being similarly marshalled. With as many<br />
members of staff and visitors as possible now<br />
safely housed in a secure zone somewhere<br />
beyond the ready reach of the attacker(s), the<br />
security team is able to alert the Emergency<br />
Services from a controlled position.<br />
Minimising the effects of an attack<br />
Now, I’m not suggesting for one moment that<br />
this will offer comprehensive protection for all,<br />
but it will minimise the effects of the attack<br />
and, importantly, demonstrate that the<br />
company has done all it can to mitigate the risk<br />
and exercise its Duty of Care.<br />
We’re not talking about significant capital<br />
expenditure here, apart from a few handheld<br />
panic alarms and a very loud siren. This is<br />
primarily an awareness and training issue<br />
designed to improve the early detection of<br />
abnormal activity and engender an<br />
understanding of the need to move quickly<br />
when instructed.<br />
As far as the training itself is concerned,<br />
we’re confident that we have the right blend of<br />
the technical and the behavioural in place. The
In the Spotlight: ASIS International UK Chapter<br />
Security Management Academy’s parent<br />
company, the Chelsea Group, runs a number of<br />
very large projects in some very dangerous<br />
areas, primarily in the Middle East and Africa,<br />
and we’ve seen the principles work in practice.<br />
Believe me, if your life depends on the early<br />
detection of abnormal behaviour exhibited by a<br />
driver approaching a road block in Iraq or<br />
Afghanistan, then you do find yourself looking<br />
very closely indeed.<br />
We’ve adapted these detection techniques for<br />
the current UK threat environment and are<br />
delivering short and focused training to<br />
companies using similar risk containment<br />
principles based on behavioural profiling and<br />
early alert. There’s reassurance that the<br />
necessary measures will not be difficult to<br />
implement, nor the associated training too<br />
onerous for security staff to assimilate.<br />
Ability to observe<br />
While the technique can be taught, the aptitude<br />
of security staff not only to assimilate the<br />
training, but also to apply the technique is<br />
wholly and importantly dependent upon their<br />
ability to observe.<br />
For those of us former police or servicemen<br />
who have worked on surveillance or<br />
reconnaissance patrols, the ability of an<br />
individual officer to truly ‘read the street’ is a<br />
relatively rare art. Typically, it’s very much the<br />
case that only certain officers have this innate<br />
skill. There are those who can scan a busy<br />
street or a railway station and intuitively detect<br />
different body types or unusual activity and<br />
there are those who cannot, no matter how<br />
long they ight diligently stare into the space.<br />
Therefore, there will only be certain security<br />
personnel who possess this ability and they will<br />
need to be identified through training and<br />
assessment, rather than trial and error, if their<br />
function is to be truly effective.<br />
We’re often asked how best to identify these<br />
key individuals such that companies can put<br />
them forward for training. It’s a perfectly<br />
reasonable question to pose, you might think.<br />
However, the only really effective means of<br />
selection is through practical role-play. To avoid<br />
a classic ‘chicken and egg’ situation, companies<br />
will need to put a number of their security staff<br />
through the process in order to find out who’s<br />
good at ‘reading the street’ and, just as<br />
importantly, who isn’t.<br />
Make no mistake, the job involves full-on<br />
surveillance which will challenge even the most<br />
diligent of operators, with long spells of<br />
boredom interspersed by false alarms and<br />
frequent interruptions, so these individuals will<br />
need to be carefully chosen if they’re to be<br />
effective. Once the ‘gifted’ individuals are<br />
identified, they can then be taken to the next<br />
stage of learning before eventually being<br />
deployed as part of the security team.<br />
Composition of the team<br />
The ideal structure of an effective commercial<br />
security operation will include a specialist<br />
detection and response team with observers<br />
and responders clearly identified, properly<br />
trained and working in close unison for best<br />
effect. They will rehearse regularly and ensure<br />
that the gap between the identification of<br />
abnormal behaviour in the street and the<br />
sounding of an alert is as small as possible,<br />
enabling the response team to sweep up their<br />
staff and customers and move them, at a brisk<br />
jog, to a previously identified safe haven.<br />
Rather than ‘Run, Hide, Tell’ I would suggest<br />
that ‘Spot, Sweep, Secure’ would be a worthy<br />
commercial equivalent. You read it here first. I<br />
would hope that, even if they don’t necessarily<br />
appreciate this strapline, security companies<br />
might take on board the subtle shift in<br />
emphasis from prevention to detection, putting<br />
into action the necessary selection and training<br />
required to establish effective countermeasures<br />
in the light of the current – and very<br />
real – threats posed by today’s terrorists.<br />
*TheSMA is one of ASIS UK’s<br />
recognised training partners<br />
for the Certified Protection<br />
Professional (CPP), Physical<br />
Security Professional (PSP)<br />
and Professional Certified<br />
Investigator (PCI)<br />
qualifications<br />
“If any one of a number of unhinged social outcasts with<br />
little or no history of wrongdoing decides to rent a transit<br />
van and drive it into a crowded street market, there’s<br />
nothing we can do to prevent such an attack”<br />
51<br />
www.risk-uk.com
Gaseous Fixed Firefighting Systems:<br />
Design, Selection and Installation<br />
The whole process has<br />
taken six months and<br />
significant input from<br />
a range of experts, but<br />
the Fire Industry<br />
Association has now<br />
published a new<br />
guidance document<br />
designed to demystify<br />
the standards<br />
surrounding the<br />
design, selection and<br />
installation of gaseous<br />
fixed firefighting<br />
system pipework. Alan<br />
Elder and Robert<br />
Thilthorpe address the<br />
all-important points to<br />
note for fire safety<br />
professionals<br />
Alan Elder: Chairman of the Fire<br />
Industry Association’s Working<br />
Group on Gases<br />
52<br />
www.risk-uk.com<br />
For those readers of Risk UK not familiar<br />
with the technology, a gaseous fixed<br />
firefighting system is one that does what it<br />
says on the tin. In short, it uses a gas-based<br />
agent to put out a fire either by displacing<br />
some of the oxygen in the room to suffocate the<br />
blaze or by removing heat. The method is<br />
dependent on the type of agent used.<br />
A fire protection system like this is commonly<br />
employed in facilities such as Data Centres,<br />
where delicate and high-risk computer<br />
equipment could suffer damage from other<br />
extinguishing media, such as water, foam or<br />
powder. The solution design itself ensures that<br />
the gas system extinguishes the fire both<br />
quickly and cleanly and without damaging any<br />
sensitive and expensive equipment.<br />
After all, in a space such as a Data Centre,<br />
the loss of valuable data would come at a<br />
tremendous cost to a business, while the<br />
knock-on effect to other systems and<br />
businesses reliant on that data further down<br />
the line would be hugely detrimental. Not to<br />
mention the actual physical cost of losing the<br />
hardware itself and having to replace it.<br />
Therefore, protection of that facility from fire is<br />
imperative when it comes to reducing the risk<br />
of costly business interruption.<br />
In almost all gaseous firefighting<br />
installations, the agent is delivered to the<br />
protected hazard through a network of<br />
pipework. Installing the pipework presents a<br />
number of challenges. Ensuring that the<br />
pipework is correctly designed and specified is<br />
important to avoid issues that could affect the<br />
safety and effectiveness of the system. Pipe<br />
threads that don’t match, improper seals<br />
between pipework carrying the gas, corrosion<br />
and using pipes of the wrong size or wall<br />
thickness could all lead to the overall detriment<br />
of the system.<br />
Ultimately, the key points to observe here are<br />
knowing what problems there could be and<br />
also how to avoid these common pitfalls.<br />
Skills and experience<br />
The supply of gaseous fixed firefighting<br />
systems requires a number of skills, experience<br />
and specific knowledge of the equipment,<br />
design codes and the hazards associated with<br />
handling high pressure gases. Incorrect<br />
handling of gas containers can be particularly<br />
hazardous as they hold gases stored under<br />
pressure, as do the pipes that allow the flow of<br />
the gas to the hazard area. Individuals need to<br />
understand how to install gaseous systems<br />
such that the system is not only operational,<br />
but also safe.<br />
In a previous document, the FIA addressed<br />
the issue of the safe handling of pressurised<br />
container assemblies used in fixed firefighting<br />
systems. The new guidance document covers in<br />
some detail the pipework used in gaseous fixed<br />
firefighting systems, duly identifying the<br />
possibility that ‘should there be a major failure<br />
of any pipe and/or fitting, a number of hazards<br />
may arise, including projectiles, the release of<br />
toxic agents (for example CO 2 ) or asphyxiants<br />
in confined spaces, pressure effects/structural<br />
damage and the consequential compromise of<br />
extinguishing capability’.<br />
Safety is the major issue that has inspired<br />
the Fire Industry Association’s (FIA) Working<br />
Group on Gases to create a series of useful,<br />
freely downloadable documents, each designed<br />
to explain the key safety concerns for those<br />
working with, handling and/or installing these<br />
systems. The latest in this series of documents,<br />
the FIA’s Guidance Note on ‘Pipework for<br />
Gaseous Fixed Firefighting Systems’, contains<br />
an expanse of information based on the<br />
technical knowhow of the experts who<br />
prepared it and includes handy referral charts<br />
and formulas for working out which pipes<br />
should be selected.<br />
There are a number of concerns in the<br />
industry, especially when it comes to pipework.<br />
One of the foremost of those concerns is that<br />
people can mix up British and American<br />
Standards. It can happen accidentally as there<br />
are standards for pipes in the UK that are<br />
different to the ones in the States.<br />
People don’t necessarily realise that pipe<br />
fittings manufactured to British Standards may<br />
not be compatible with fittings manufactured to<br />
American Standards. It’s entirely possible that<br />
one installer may be familiar with American<br />
Standards and another with British Standards.<br />
If components are mixed on the same system,<br />
then there could be some compatibility issues<br />
between the different types of fittings which<br />
may then lead to a decrease in the integrity of<br />
the system as a whole.<br />
Pipe selection is one of the guidance areas<br />
covered by the new FIA document. Choosing the<br />
wrong pipe or making a mistake in calculating
FIA Technical Briefing: Gaseous Fixed Firefighting Systems<br />
the strength of the pipes could lead to leaking<br />
at the joints between each pipe, meaning that<br />
the gas may not reach its intended destination.<br />
On a more extreme scale, the pipe could<br />
completely separate due to the pressure and<br />
forces in the pipework that might well occur<br />
during a system discharge, subsequently<br />
turning that pipe into a projectile which would<br />
then present a safety hazard.<br />
Pipework and fittings may be suitable for one<br />
type of gas system, but might not be suitable<br />
for another. Fortunately, with the new<br />
guidelines that we’ve created, it’s our intention<br />
to assist in educating the industry and reduce<br />
any confusion surrounding the pipework.<br />
To be frank, we really need people to<br />
understand that working with gas requires a<br />
highly specialised set of skills coupled with an<br />
understanding of how gas reacts and moves<br />
within a pressurised environment.<br />
The FIA’s guidance document goes on to<br />
state that it’s ‘important that the pipework from<br />
the container storage location to the protected<br />
space is professionally installed by trained<br />
personnel who have experience with the<br />
installation of gaseous fixed firefighting<br />
systems. They should also be fully conversant<br />
with the manufacturer’s requirements to ensure<br />
the integrity and stability of piping during<br />
discharge and also aware of the forces<br />
generated. Where agent storage containers are<br />
located outside of the protected space, then<br />
the pipe routing should be the shortest route<br />
possible to the protected space.’<br />
Building structure<br />
Another factor to bear in mind with pipework is<br />
the way in which the pipes are secured to the<br />
building structure, which can cause further<br />
issues if inappropriate pipe fixings are used<br />
due to the high forces present when a system<br />
discharges. As such, the pipework requires<br />
supports that are fit for purpose.<br />
The FIA’s guide duly notes that: ‘Pipe support<br />
saddles or straps normally used for supporting<br />
sprinkler system pipework may not be suitable,<br />
as such supports might not be able to<br />
withstand the forces generated by gaseous<br />
fixed firefighting systems. The piping should be<br />
securely supported to prevent any movement<br />
under the reaction forces at pipe fittings during<br />
the rapid filling of the pipework upon the point<br />
of system actuation.’<br />
The worse case scenario here is that the<br />
piping could in fact come away from the wall of<br />
the building. There have been instances where<br />
this has occurred. The other Health and Safety<br />
issue is simply that these pipes can be<br />
extremely heavy and, if they were to fall down,<br />
the consequences could be severe for anyone<br />
unfortunate enough to be directly beneath the<br />
pipework at the time.<br />
All bases covered<br />
Thankfully, the document contains a handy<br />
chart for installers and designers of gaseous<br />
fixed firefighting systems which gives the<br />
measurements for the maximum spacing<br />
between the supporting hangers, depending on<br />
the nominal pipe size, which – with the correct<br />
selection of the support – should prevent any<br />
pipes from coming away from the wall and<br />
causing any damage.<br />
The guidance document covers everything<br />
the designer or installer of gaseous fixed<br />
fighting systems needs to know – the pipe<br />
specification for both the actuation lines and<br />
the pipework installation, methodologies for<br />
connecting the pipes, how to join and seal the<br />
pipes, what type of support to use to fix the<br />
pipes to the structure, how to avoid corrosion,<br />
marking, earth bonding and testing of the<br />
completed pipework installation.<br />
Robert Thilthorpe:<br />
Technical Manager at the Fire<br />
Industry Association<br />
“Pipe threads that don’t match, improper seals between<br />
pipework carrying the gas, corrosion and using pipes of<br />
the wrong size or wall thickness could all lead to the<br />
overall detriment of the system”<br />
53<br />
www.risk-uk.com
Effective Collaboration in a Changing<br />
Security Landscape<br />
The security landscape<br />
remains complex,<br />
featuring as it does<br />
multiple stakeholders,<br />
service providers,<br />
brands, philosophies,<br />
buyers, sectors,<br />
standards and<br />
accreditations. This<br />
can lead to barriers to<br />
effective collaboration.<br />
However, within this<br />
complexity, simple<br />
measures can deliver<br />
significant outcomes.<br />
As Paul Harvey<br />
observes, by focusing<br />
on the enablers of<br />
effective collaboration<br />
it’s possible to deliver<br />
an outcome that<br />
shares Best Practice<br />
and also enhances<br />
existing capabilities<br />
54<br />
www.risk-uk.com<br />
Risk management isn’t just about security<br />
operations, but rather a bottom-up<br />
approach that drives ‘actionability’ against<br />
threats, vulnerabilities and incidents and serves<br />
to reassure business leaders. However, it can<br />
result in overlapping processes and higher<br />
costs. Some of the barriers to effective risk<br />
management include fear, lack of awareness, an<br />
unwillingness to be open about risks, outdated<br />
or non-existent plans, lack of engagement and<br />
a failure to truly understand capabilities.<br />
By learning and adopting Best Practice, we<br />
can drive dynamic, proportionate and<br />
appropriate solutions for risk management. We<br />
can also deliver professionals who are working<br />
diligently every day at protecting people,<br />
premises, profits, assets and image and<br />
creating a fantastic journey and experience for<br />
clients and their customers.<br />
In recent times we’ve witnessed a number of<br />
significant terrorism incidents involving Paris,<br />
Brussels, Manchester, London and, most<br />
recently, Barcelona. Such episodes present a<br />
challenge for everyone. Increasingly, good<br />
security providers are working collaboratively<br />
with a ‘One Team’ approach and service lines<br />
not traditionally associated with security, such<br />
as FM teams, M&E engineers and cleaners.<br />
Cleaners can access the ‘nooks and crannies’<br />
that security officers may not be patrolling.<br />
The point to note here is that every member<br />
of the team can be aware and vigilant. It’s a<br />
collective responsibility, with the effective coordination<br />
of personnel ensuring efficient<br />
collaboration across multiple stakeholders.<br />
Tangible benefits<br />
By delivering a comprehensive understanding<br />
of risk strategies over the long-term, targeted<br />
plans can be implemented. One of the tangible<br />
benefits is strategic direction. There’s a clear<br />
plan with clear outcomes. Another is proactive<br />
risk management, with those threats mitigated<br />
that could otherwise disrupt critical business<br />
activity and engaged frontline personnel who<br />
understand their pivotal role and functions.<br />
Further benefits include improved resilience<br />
thanks to the establishment, improvement and<br />
refinement of business continuity models and<br />
major incident programmes. In terms of<br />
responsiveness, this will be enhanced through<br />
economies of scale and the availability of more<br />
resources. When it comes to increased capacity,<br />
more can be achieved for less. Wastage may be<br />
reduced thanks to better decision-making and a<br />
broader understanding of the bigger picture.<br />
There are efficiency benefits to be realised.<br />
Investments can be made once such that the<br />
wheel isn’t reinvented over and over again.<br />
Increased participation leads to enhanced<br />
community awareness. By involving a number<br />
of organisations, your issue or message can be<br />
transmitted to a great many more individuals<br />
and groups. Also, those obstacles faced by one<br />
group may be overcome by another.<br />
It’s possible to avoid duplication, too. You<br />
can ensure efforts and services are not being<br />
unnecessarily duplicated by way of an<br />
appropriate distribution of resources. Another<br />
consideration is access to knowledge. There’s<br />
an opportunity to mitigate risk and reduce<br />
potential mistakes by dint of a greater<br />
understanding of the operational context.<br />
Collaboration in practice<br />
Launched back in December 2014, the Police<br />
and Security (PaS) Group is a business-led<br />
initiative specifically designed to serve as a<br />
‘critical friend’ to the Metropolitan Police<br />
Service in developing mutually effective<br />
collaboration with the private sector in support<br />
of the Government’s Prevent, Prepare, Protect<br />
and Pursue counter-terrorism strands.<br />
The PaS Group is designed to simplify and<br />
improve collaboration, co-ordination,
Security Services: Best Practice Casebook<br />
communication, trust and feedback between<br />
the Metropolitan Police Service and the wide<br />
range of private sector capabilities and<br />
initiatives that have the common goal of<br />
reducing risk and crime in support of the<br />
London Mayor’s Office for Policing and Crime’s<br />
Business Crime Strategy. There are full<br />
expectations that this initiative will gain further<br />
traction over the next 12 months.<br />
Furthering the collaboration theme, back in<br />
July the City of London Police, Land Securities<br />
Group plc and ourselves launched a new<br />
scheme that introduces Emergency Trauma<br />
Packs (ETPs) for prominent buildings and<br />
business premises in the Square Mile. The aim<br />
of this initiative is simple: to augment the<br />
ability of first responders and members of the<br />
public to treat casualties in the event of a major<br />
incident. The concept works in line with recent<br />
recommendations from the London Resilience<br />
Board that focus squarely on equipping<br />
members of the public with the necessary tools<br />
to help them save lives.<br />
Each ETP is stocked with a collection of<br />
specialist medical equipment to treat<br />
casualties, with the location of the kits plotted<br />
on a map such that operators in the City of<br />
London Police’s Control Room are able to<br />
instruct individuals on site in use of the packs<br />
in the event of a major incident. By having fullystocked<br />
ETPs on their premises, first<br />
responders, businesses and members of the<br />
public will have the tools readily available to<br />
respond in the event of an emergency.<br />
Application of knowledge<br />
Superintendent William Duffy from the City of<br />
London Police said: “First Aid that’s<br />
administered within the first few moments<br />
following an attack can be life-saving. Due to<br />
the nature of major incidents, the public will<br />
inevitably be at the scene. If businesses and<br />
other premises in the vicinity have enhanced<br />
medical equipment on site, we can give people<br />
access to the tools needed to help them save<br />
lives. The availability of these kits is a natural<br />
accompaniment to the CitizenAid App that<br />
launched at the beginning of this year. The<br />
application of knowledge and simple skills in<br />
the critical period immediately after injury can<br />
mean the difference between life and death.”<br />
The City of London Police isn’t paying for the<br />
ETPs, but has given advice – alongside the<br />
London Ambulance Service – on what should be<br />
included. In the very short time the scheme has<br />
been launched, over 300 ETPs have been<br />
deployed across the City of London, while the<br />
Met is rolling-out a similar scheme. It’s felt that<br />
the initiative will grow right across the UK.<br />
The cost of an ETP (which is estimated at<br />
around £450) and its upkeep are the<br />
responsibility of the purchasing business. Each<br />
kit will be stored in a secure location within the<br />
business premises. The host organisation will<br />
appoint a designated key holder who can be<br />
contacted on a 24/7 basis should the kit be<br />
needed. ETPs will contain around 40 items<br />
including face masks, batteries, ice packs,<br />
goggles, adhesive dressings and eye pads.<br />
Business continuity<br />
ISO 22301 Business Continuity Management<br />
Systems is a framework and roadmap designed<br />
to help organisations understand the risks to<br />
their business and prioritise threats such that<br />
they can be mitigated and factored into<br />
business planning. This document specifies the<br />
requirements of a management system that will<br />
enable an organisation to identify – and,<br />
therefore, reduce – the impact of events that<br />
would disrupt its normal operation.<br />
Events such as fires, floods, natural disasters,<br />
thefts or criminal acts, IT disruptions, staff<br />
shortages or terrorist attacks can be identified<br />
before instigating a recovery plan to minimise<br />
disruption in the running of the host business.<br />
By its very nature, a continuity planning and<br />
management system such as ISO 22301 means<br />
that specific problems can often be identified<br />
before they happen. This allows the host<br />
organisation to put plans in place that serve to<br />
ensure the smooth running of all critical<br />
business functions during times of crisis.<br />
Certification to ISO 22301 affords firms the<br />
ability to identify and mitigate current threats<br />
and potential crisis episodes within the<br />
organisation. It also helps to minimise the loss<br />
and disruption caused by the impact of these<br />
incidents, while at the same time ensuring the<br />
smooth running of critical business systems. It<br />
can assist in making sure that unavoidable<br />
downtime is minimised and that recovery can<br />
be as quick as possible. Importantly, it instils<br />
confidence among customers and stakeholders<br />
that you can deliver products and services to<br />
them despite unexpected interruptions.<br />
“The whole is greater than the sum of its<br />
parts” is a phrase credited to philosopher<br />
Aristotle. Never has this pronouncement been<br />
more apt than in the context of security. We are<br />
all the genesis of effective collaboration.<br />
Paul Harvey MSyI:<br />
Commercial Director of<br />
Ultimate Security Services<br />
“There are efficiency benefits to be realised. Investments<br />
can be made once such that the wheel isn’t reinvented<br />
over and over again. Increased participation leads to<br />
enhanced community awareness”<br />
55<br />
www.risk-uk.com
Defending The Digital World<br />
The world has always<br />
been unfortunate<br />
enough to harbour<br />
thieves, spies and<br />
vandals, but digital<br />
technology has<br />
changed how those<br />
individuals operate as<br />
well as the<br />
environment in which<br />
they work. This is<br />
undoing assumptions<br />
that have been the<br />
basis for our approach<br />
to security for decades<br />
and forcing us to<br />
develop a new way of<br />
thinking when it<br />
comes to protecting<br />
ourselves and our<br />
businesses. Here,<br />
James Hatch<br />
elaborates on the fine<br />
points of detail<br />
Discussion of digital technology has tended<br />
to focus largely on the Internet, but the<br />
new world we’re building is based on the<br />
much broader application of such technology.<br />
Miniaturisation of electronics continues to drive<br />
adoption as new applications become more<br />
cost-effective. Through this increase, we’re<br />
adding instrumentation capable of producing<br />
digital data for many aspects of our lives, from<br />
smart meters in our homes through to the GPSequipped<br />
smart phones in our pockets.<br />
At the same time, the reusability of software<br />
is adding intelligence and decision-making<br />
through automation and machine learning –<br />
technologies that have been well understood<br />
since the 1990s, but are now being set loose by<br />
the availability of increased computer<br />
processing power.<br />
Cloud technology and mega-scale Data<br />
Centres are enabling the collection and analysis<br />
of massive amounts of data to provide services,<br />
operate businesses and Government, conduct<br />
research and tackle crime.<br />
The direct impact on our economy has long<br />
been recognised, and particularly so in the<br />
areas of e-commerce and online retail. A higher<br />
proportion of the UK’s economy is online than<br />
is the case in other major nations. Now, digital<br />
technology is allowing firms like Uber and<br />
Airbnb to transform the taxi and hotel<br />
industries even though they operate in<br />
fundamentally physical markets. Gartner is<br />
predicting this process of digitisation will<br />
spread through every part of the economy.<br />
The impact on social and political discourse<br />
has become more apparent over the last year or<br />
two. Digital technology allows people to meet<br />
and maintain contact independently of physical<br />
location, meaning that we spend more time<br />
engaging with people who are like us rather<br />
than near us. Also, we increasingly rely on<br />
digital media for our information in place of TV<br />
and the printed word. Facebook is now the<br />
world’s largest distributor of news.<br />
Of late, we’ve seen the impact of these trends<br />
on politics. As both data-targeted campaigning<br />
and ‘grass roots’ online organisation have<br />
increased and political debate has been<br />
fragmented among social media echo<br />
chambers, it has become ever-more difficult to<br />
understand and forecast the intentions of<br />
voters. The potential for hacking, leaking and<br />
other information operations to influence<br />
elections has now become clear to the public.<br />
We can also see big changes coming in the<br />
physical world. Connected devices allow us to<br />
create smart homes. Driverless cars are just<br />
around the corner. Industrial companies are<br />
seeking productivity improvements with<br />
initiatives such as digital oilfields and the<br />
digital railway. As consumer technology<br />
becomes more and more personal to us and our<br />
bodies, so it will merge with digital medicine<br />
coming out of hospitals.<br />
Thinking about security<br />
For most people and many institutions, their<br />
mental model of security hasn’t kept pace with<br />
the changes in our world brought about by<br />
digital technology. The established models of<br />
security have worked on a clear division of<br />
responsibility that’s best understood in<br />
physical terms. As organisations and<br />
individuals, we protect our property using risk<br />
management and, often, do so informally. We<br />
decide how much to spend based on the value<br />
of assets and the threat we perceive in terms of<br />
where they’re sited. A jewellers shop in a big<br />
city will spend more on security than a bakery<br />
in the country, for example.<br />
When criminals break through protection<br />
mechanisms and we’re burgled or robbed, we<br />
seek help from law enforcement to defend<br />
ourselves. The division of responsibility is clear.<br />
We expect Government to help when something<br />
goes wrong, but we accept that it’s our job to<br />
56<br />
www.risk-uk.com
Cyber Security: Risk Management in the Digital World<br />
ensure that our property is properly and<br />
adequately protected in the first place.<br />
This is the world we live in and understand,<br />
but it’s only a part of security. There’s another<br />
world of security: national security. We expect<br />
Governments to maintain the intelligence and<br />
surveillance capability to know what’s going on<br />
in the wider world and the military capability to<br />
deter or deal with any aggression that comes<br />
from beyond our borders. There are places<br />
where these two worlds overlap, such as in<br />
foreign-inspired domestic terrorism, but the<br />
challenge involved merely illustrates how<br />
separately we can maintain the distinction.<br />
As businesses and private individuals, we<br />
rely on physical distance to keep these two<br />
worlds apart and on Governments to manage<br />
global threats. We expect the national security<br />
apparatus to maintain a physical barrier<br />
between threats in the Middle East and a<br />
domestic business in an English town.<br />
Individuals and businesses have concentrated<br />
on local protection. This form of thinking<br />
persists in approaches towards cyber security.<br />
Now, the increasing prevalence of digital<br />
technology is making physical distance<br />
irrelevant. As more of our world is connected,<br />
geography becomes less relevant and distance<br />
is almost useless at insulating us from far-off<br />
threats. Security officials believe that hackers<br />
in North Korea were behind the attack that<br />
crippled parts of the NHS earlier this year.<br />
Security is still reliant upon protection,<br />
enforcement, intelligence and military domains,<br />
but the barriers between these domains are<br />
dissolving while the domains themselves now<br />
increasingly overlap.<br />
Assessing the implications<br />
The blurring of the boundaries of these<br />
domains means that we need to revise the<br />
established model of security and the<br />
responsibilities of individuals, organisations<br />
and Governments.<br />
Changes to the traditional security model<br />
have three implications. First, it changes the<br />
division of responsibility between businesses<br />
and Government. Protecting a business’ assets<br />
would traditionally have been something that<br />
was entirely the responsibility of that business,<br />
but there’s increasing willingness by<br />
Government to undertake protection activities,<br />
particularly so where it can do this most<br />
effectively by working on core infrastructure.<br />
In the UK, for example, we’ve seen the<br />
creation of the National Cyber Security Centre, a<br />
bold step taking part of GCHQ out of the<br />
intelligence world and giving it a broad public<br />
role in cyber protection for the whole country.<br />
“Security is still reliant upon protection, enforcement,<br />
intelligence and military domains, but the barriers between<br />
these domains are dissolving”<br />
Meanwhile, the Chinese Government has just<br />
brought in its first cyber security law with the<br />
stated aim of shielding domestic Chinese data<br />
from foreign espionage.<br />
Conversely, financial services organisations<br />
and technology platforms are sometimes better<br />
placed than police forces to help the victims of<br />
online criminality. Someone who falls prey to a<br />
fraudster on a website such as Amazon is less<br />
likely to report it to the police and more likely<br />
simply to seek a refund through Amazon or, as<br />
an alternative, their credit card company.<br />
Second, we need a way in which to defend<br />
global business networks and technology<br />
platforms that doesn’t trip over the national<br />
focus of Government agencies. Governments<br />
understandably prioritise their own countries<br />
when it comes to security, whereas technology,<br />
infrastructure and financial systems are all<br />
fundamentally international with big<br />
businesses and social networks typically<br />
running across countries.<br />
Law enforcement organisations in particular<br />
have evolved from a primarily territorial remit.<br />
This is challenging for collaboration even within<br />
countries, but leads to real problems<br />
internationally where enforcement activity<br />
needs to work across jurisdictions and<br />
investigators have to navigate differences in<br />
legal structures and approaches, never mind<br />
the nuances of language and culture.<br />
Businesses cannot rely on distance and<br />
Governments to insulate them from risk. We<br />
need active business defence to protect our<br />
organisations. This involves very different<br />
capabilities from those traditionally in place<br />
within IT and risk teams in business.<br />
Business defence uses intelligence on<br />
adversaries, technical vulnerabilities and the<br />
organisation itself to build a full understanding<br />
of the situation and prioritise resources to deal<br />
with those risks of most significance. This<br />
needs to include an understanding of the<br />
relevant activities and implications of all four<br />
domains of security globally rather than the<br />
traditional local perspective.<br />
Importantly, business defence engineers<br />
organisations to be robust such that their<br />
systems, processes and people are difficult to<br />
compromise. Business defence maintains the<br />
vigilance to identify problems early as well as<br />
the readiness to deal with them before they can<br />
cause serious damage.<br />
James Hatch:<br />
Director of Cyber Services at<br />
BAE Systems Applied<br />
Intelligence<br />
57<br />
www.risk-uk.com
Breaking The Silo: Advancing Careers<br />
in the Security Business Sector<br />
Given that there are so<br />
many different<br />
specialisms within the<br />
profession of security<br />
management, it’s<br />
easy to find ourselves<br />
in too tight a ‘niche’<br />
which then requires us<br />
to educate our clients<br />
before they can hire<br />
us. This is nothing if<br />
not an unsustainable<br />
business model. What,<br />
then, is the answer to<br />
the problem? Richard<br />
Diston calls for the<br />
silo walls of the<br />
Security Department<br />
to be torn down in<br />
favour of security<br />
becoming part of the<br />
wider business culture<br />
Over the last few years, there has been a<br />
rapid expansion in the market for higher<br />
level security management training<br />
programmes and accreditations, positively<br />
reflecting the desire in the sector for<br />
recognition as a profession. This is<br />
unquestionably a great leap forward, although<br />
the end result has arguably been the creation<br />
of a traditional security management workforce<br />
that’s more highly qualified than the market<br />
can either support or understand, in turn<br />
leading to the potential for limited<br />
opportunities, frustration and, in some cases,<br />
the loss of talent from the sector.<br />
There are hundreds of applicants for each<br />
senior security management vacancy, with little<br />
to distinguish one from another. This situation<br />
has led to some heated debates in online<br />
forums and on various social media platforms<br />
about whether qualifications or experience are<br />
most desirable for those seeking career<br />
advancement in the sector.<br />
An impasse appears to have been reached.<br />
Whether a security practitioner is highly<br />
qualified, highly experienced or both, suitable<br />
senior-level security management opportunities<br />
are somewhat difficult to find.<br />
Several years ago, much was made of the<br />
trend in organisations for appointing Chief<br />
Security Officers (CSOs). However, there’s no<br />
clear path to attaining such a senior post.<br />
Further, there’s little clarity on whether many of<br />
the posts that were created went to traditional<br />
security practitioners or were bestowed upon<br />
existing Board-level professionals such as<br />
those with a background in finance or IT.<br />
Certainly, the CSO roles that are advertised<br />
often require a high level of technical<br />
competence that most traditional security<br />
practitioners simply don’t possess, creating an<br />
almost insurmountable barrier to general entry.<br />
There’s an undeniable lack of senior security<br />
management positions available to traditional<br />
security practitioners, many of whom have<br />
committed to higher education or accreditation<br />
and are now finding themselves ‘over-qualified’<br />
at best and sidelined as ‘academics’ at worst.<br />
This results in even fewer employment<br />
opportunities, the response to which is often<br />
despondency and a feeling – for certain<br />
practitioners, at least – that the sector has ‘led<br />
us up the garden path’ with its talk of<br />
rewarding careers and a professional status.<br />
For some, it seems that after attaining a highlevel<br />
qualification or accreditation in security<br />
management, the only option is the ‘feast or<br />
famine’ existence of self-employment as a<br />
security consultant.<br />
Stalling professionalisation<br />
There’s a risk that the lack of obvious senior<br />
opportunities in security management may<br />
even stall the professionalisation process for<br />
the sector. Younger practitioners who engage in<br />
industry networking online cannot avoid seeing<br />
their seniors struggling to find work, and this<br />
may well undermine attempts to engage them<br />
in the aforementioned process.<br />
Without clear direction for career planning<br />
alongside some public ‘cautionary tales’ about<br />
committing to a security career on social media,<br />
the next generation of security managers may<br />
disengage with the idea of a career in security.<br />
It can be suggested that ‘career planning’<br />
isn’t something that security practitioners have<br />
ever really been able to do effectively. Many<br />
practitioners move from opportunity to<br />
opportunity, which works well until those<br />
opportunities begin to dry up.<br />
The security industry is undergoing a<br />
significant period of change, the pace of which<br />
is so fast that it has become difficult to keep up<br />
with what it means to be a security practitioner.<br />
With no widely agreed lexicon, the term<br />
58<br />
www.risk-uk.com
Training and Career Development<br />
‘security manager’ might refer to a traditional<br />
physical security role, an information security<br />
systems role or perhaps even a job in software<br />
development. With the concept of security<br />
diversifying in response to an ever-broadening<br />
threat landscape, this confusion can be a<br />
further challenge for traditional security<br />
practitioners when it comes to career planning.<br />
The question is: ‘What can we do about this?’<br />
Part of the wider problem might be that<br />
security still exists within a number of different<br />
silos. At the organisational level, whether<br />
fuelled by pessimism or paranoia, we’ve built<br />
walls around our departments to keep our<br />
‘security stuff’ secret without realising that<br />
what we really need to be doing is sharing it.<br />
Whether we’re helping staff in other<br />
departments to spot fraud, detect suspicious<br />
behaviour, be more aware online or respond<br />
more confidently to conflict, we’re empowering<br />
the organisation to be more secure on a ‘one<br />
person at a time’ basis. Such activity may help<br />
to raise our profile organisationally and could<br />
even trigger conversations that might reveal<br />
hidden risks or opportunities for the business,<br />
not to mention illuminate new career pathways<br />
for ourselves as practitioners.<br />
Weak at building bridges<br />
Beyond the organisational silo, the sector<br />
seems to exist in a professional one. The sector<br />
is weak when it comes to building bridges with<br />
other professions, both in terms of sharing<br />
expertise and opening further career pathways.<br />
Security people tend to network with other<br />
security people, which may say somewhat more<br />
about our ‘comfort zone’ than it does any<br />
deliberate attempt to avoid other professions.<br />
An alternative to this might be to seek<br />
speaking slots at events for other sectors, or<br />
writing security-related articles that are<br />
relevant for trade journals outside of the<br />
security domain. Security is a ‘people problem’<br />
and, as such, we have insights that other<br />
professions may duly appreciate.<br />
The final silo is the one that we build<br />
ourselves. If we only see ourselves as<br />
‘traditional security people’ then this is all that<br />
others will see us as, and their lack of<br />
understanding of the importance and scale of<br />
what it is we do will mean that they only call<br />
upon us when they think there’s a problem (at<br />
which point it’s often too late). Certainly,<br />
security practitioners have been undertaking<br />
Health and Safety accreditations for a number<br />
of years to enhance their employability, but this<br />
is perhaps an obvious step.<br />
Another potential consideration is the<br />
apparent shortfall of cyber security<br />
“Whether a security practitioner is highly qualified, highly<br />
experienced or both, suitable senior-level security<br />
management opportunities are somewhat difficult to find”<br />
professionals, with some reports suggesting<br />
the number is going to be as high as 1.8 million<br />
globally in the next five years. Considering the<br />
shift in the asset base from physical to<br />
information, this demand is foreseeable.<br />
We as traditional security practitioners need<br />
to overcome our fear of technology to take<br />
advantage of this situation. If we accept three<br />
principles – that security is a ‘people problem’,<br />
that technology only allows people to commit<br />
old crimes in new ways and that (using the<br />
CISSP certification programme as an example)<br />
nearly half of the knowledge required to work<br />
in cyber security is within our existing<br />
knowledge base – then there’s a chance to<br />
forge a different career pathway.<br />
There are also other avenues to consider. A<br />
highly competent security practitioner might<br />
add value in a range of corporate roles<br />
including FM (for physical security), HR (for<br />
people-based risks), logistics (supply chain<br />
risks) and many others. Some of these<br />
departments even have a direct career<br />
trajectory into the C-Suite (including that<br />
coveted CSO role). That being so, requalifying<br />
to move departments might provide security<br />
practitioners with longer term advantages.<br />
If we accept that security is a business<br />
enabler, we can begin to see which other areas<br />
of the organisation we can enable through<br />
sharing our knowledge and experience. Doing<br />
so will require us to broaden our horizons and<br />
open our minds. The best way to do that might<br />
be to leave the Security Department behind us<br />
forever and seek work in other teams.<br />
Banish outdated thinking<br />
Ultimately, it could be argued that we need to<br />
break our ‘death grip’ on the concept of security<br />
as a ‘department’. Such thinking is undeniably<br />
outdated. For security to be truly effective it<br />
must be part of the wider organisational culture<br />
and is therefore not a department, but instead<br />
a shared responsibility.<br />
Perhaps security should be an element in a<br />
wider management skills set instead of being a<br />
discipline on its own, similar in nature to<br />
project management accreditations?<br />
While all of this is very much open to debate,<br />
what is not is that, if we continue to do what<br />
we’ve always done, we will always derive the<br />
same end results (or perhaps worse, given the<br />
ever-changing nature of today’s world).<br />
Richard Diston MSc MSyI:<br />
Director of Ark-Services<br />
59<br />
www.risk-uk.com
Risk in Action<br />
Axis Security wins<br />
new three-year<br />
services contract at<br />
Stockley Park<br />
Axis Security, one of the UK’s<br />
fastest-growing security<br />
guarding businesses, has<br />
been awarded a further<br />
three-year contract term by<br />
commercial property and<br />
asset management concern<br />
MJ Mapp at Stockley Park,<br />
the 155-acre commercial<br />
park that was transformed in the mid-1980s and is now widely regarded as the<br />
foremost development on the ‘West London Corridor’.<br />
Located at Harlington between Hayes and West Drayton in the London<br />
Borough of Hillingdon and close to Heathrow Airport, Stockley Park continues<br />
to be a visionary out-of-town business development that has since been<br />
replicated not only here in the UK, but also throughout mainland Europe.<br />
Tenants on the site include many household names such as Marks & Spencer,<br />
Apple (UK), Canon, Gilead Sciences Europe, GlaxoSmithKline, IMG, Lucozade<br />
Suntory, MSC Cruise Management and the Sharp Corporation. Also present are<br />
Alexion Pharma UK, Cargo Logic Management, Hasbro, the surveillance<br />
specialist Hikvision, IBM UK, Mitsubishi Industries, Regus, Toshiba, Verifone<br />
and World Vision International.<br />
The security contract comprises a team of 19 security personnel patrolling<br />
the park by vehicle, golf buggy, bicycle and on foot. Patrols are designed to<br />
assure the safety and security of all tenants within and visitors to the park. The<br />
Axis team members are supported by a dedicated management structure to<br />
consistently drive standards through training, development and innovation.<br />
“Axis Security was clearly ahead of its competitors during the tender process<br />
in terms of innovation, added value and the professional approach that the<br />
business committed to address during the new contract term,” said Pieter<br />
Borchardt, director at Stockley Park.<br />
Client portal introduced by Officer<br />
Connect as part of ‘virtual’<br />
engagement solution for guarding<br />
Officer Connect has launched a client portal as<br />
an integral part of its ‘virtual’ engagement<br />
solution for the security guarding industry. The<br />
portal enables clients to have total visibility of<br />
their entire security portfolio and the men and<br />
women for whom they’re responsible.<br />
Recorded interviews between employees and<br />
the Officer Connect team can be reviewed<br />
alongside a transcript of the conversation that<br />
has taken place, with any key areas of concern<br />
or issues appropriately ‘red-flagged’.<br />
The portal also enables users to view and<br />
amend schedules for every site and every<br />
officer, as well as quickly and easily create<br />
‘new’ officer profiles to add to those uploaded<br />
at the start of mobilisation. Summary reports<br />
can be automatically sent as a PDF. The new<br />
portal also supports basic administration.<br />
Officer Connect is designed to improve<br />
security officer well-being and support security<br />
providers in their contractual and moral<br />
obligations to customers and staff. The<br />
company provides ‘Virtual Visits’ as an<br />
enhancement to the ‘traditional’ approach of<br />
visits by mobile supervisors out of hours.<br />
Using state-of-the-art video and audio<br />
technology, Officer Connect is able to engage<br />
with security officers at numerous levels.<br />
Securitas forges GreenRoad<br />
technology partnership to improve<br />
driver safety for staff members<br />
Securitas has partnered with GreenRoad – the<br />
driver safety and behaviour technology<br />
specialist – to improve driver safety among its<br />
11,000 employees. With vehicle collisions the<br />
foremost cause of work-related deaths in the<br />
UK, Securitas wants to reduce risks associated<br />
with driver behaviour for the welfare of its own<br />
employees and that of other road users.<br />
GreenRoad technology will allow Securitas<br />
to track the movements of its fleet, monitoring<br />
driver behaviour such as harsh braking,<br />
cornering, lane handling, acceleration and<br />
speeding. Each vehicle will be fitted with<br />
technology providing real-time data, cascaded<br />
to an online reporting and analytics platform.<br />
This will enable Securitas to track its entire<br />
fleet, while also monitoring driver behaviour.<br />
Improvements in driver behaviour enhance<br />
the safety of the company’s many mobile<br />
employees, in turn exerting a significantly<br />
positive impact on the environmental footprint<br />
of Securitas by reducing CO2 emissions,<br />
helping the company to achieve its targets for<br />
the reduction of greenhouse gases while also<br />
growing this valuable sector of the business.<br />
This latest initiative demonstrates how<br />
Securitas is investing in technology to provide<br />
a superior service for its customer base.<br />
“Our dedication to safety extends beyond<br />
protecting clients through our specialist<br />
services,” said Yvonne Hinckley, mobile<br />
operations manager at Securitas.<br />
60<br />
www.risk-uk.com
Risk in Action<br />
Cambridgeshire Fire and Rescue<br />
Service deploys Panasonic tablets<br />
to assist front line firefighters<br />
Cambridgeshire Fire and Rescue Service is<br />
“transforming” working life for its<br />
firefighters on the front line by equipping<br />
them with Panasonic’s rugged Toughpad<br />
tablets such that they can access vital<br />
information during emergency episodes.<br />
The Fire and Rescue Service is deploying<br />
13-inch Panasonic Toughbook CF-D1 tablets<br />
in the front cabs of its fire appliances. These<br />
Mobile Data Terminals (MDTs) are<br />
permanently mounted in the front of the<br />
vehicle and connected to the existing Tetra<br />
Network. They will be used for providing vital<br />
information on the way to a call-out, such as<br />
sending status updates to Command and<br />
Control, outlining risk assessment<br />
requirements, vehicle safety data, safety<br />
data on any chemicals stored on site and<br />
details about the occupancy of premises and<br />
nearby hydrant locations.<br />
Smaller and lighter 10-inch Panasonic FZ-<br />
G1 Toughpad tablets are being installed in<br />
the back of the appliances for use by<br />
firefighters inside and outside of the vehicle<br />
when at the scene of an emergency. These<br />
devices will be used day-to-day for the asset<br />
management of equipment and inventory<br />
and, in the future, for providing valuable<br />
emergency information on site, such as<br />
vehicle crash rescue data, as well as for<br />
regular community duties (ie home fire<br />
safety surveys and hydrant inspections).<br />
John Barlow is responsible for<br />
modernising Cambridgeshire Fire and Rescue<br />
Service’s front line communications devices.<br />
“We’re investing to change all the existing<br />
MDTs to a more agile device so as to allow<br />
the crews to work more efficiently and<br />
smartly,” explained Barlow. “The Panasonic<br />
devices are ideal for all of the conditions in<br />
which we work. We can read the devices in<br />
bright sunlight and they’re built to be used<br />
outside and in wet conditions without any<br />
problems for our personnel.”<br />
University of Dundee’s management<br />
calls for assistance from Aiphone<br />
Highly visible emergency Call Point pedestals are<br />
being installed throughout the University of<br />
Dundee’s campus as part of a comprehensive<br />
range of measures configued to ensure a rapid<br />
response to any emergency incidents.<br />
The bespoke-designed pedestals have been<br />
manufactured specifically for the University of<br />
Dundee by Aiphone. They incorporate the<br />
company’s IX IP intercom stations which enable<br />
students and staff to instantly communicate with<br />
security personnel within the University of<br />
Dundee’s Control Room if they see any suspicious<br />
activity or feel unsafe.<br />
Aiphone’s IX intercom system features Power<br />
over Ethernet which has minimised installation time and costs as there was no<br />
need to provide separate power supplies for each pedestal.<br />
Scottish Communication, one of the UK’s leading independent<br />
communication equipment specialists, was awarded the contract to install the<br />
emergency Call Points. The intercom stations were commissioned by<br />
connecting them to the University of Dundee’s network infrastructure.<br />
Each of the 1600 mm x 200 mm x 200 mm custom-built pedestals<br />
incorporates a flush-mounted IX intercom station equipped with a large red call<br />
button. This has two outputs to simultaneously trigger an emergency call and<br />
to activate an external video surveillance camera.<br />
The first phase of the project sees five emergency Call Point pedestals<br />
deployed at carefully selected central and remote campus locations.<br />
Managers at the University of Dundee are currently evaluating in some detail<br />
the potential benefits of using the emergency Call Points at additional<br />
locations (such as car parks, for example).<br />
WPS’ ParkAdvance helps ease<br />
the customer journey at major<br />
Heathrow Airport hotel<br />
WPS, the parking systems and<br />
management specialist, has installed its<br />
ParkAdvance Pay-on-Foot parking<br />
technology at a major Heathrow Airport<br />
hotel near Terminal 4 to help in delivering<br />
the ultimate guest security experience.<br />
The system is being used to control<br />
access at the hotel’s guest car park (comprising more than 200 parking spaces)<br />
and its two staff car parks. It accommodates ‘traditional’ payments (by visitors<br />
at a pay station), web-enabled validation (at the hotel’s reception, concierge<br />
desk, restaurant and gym) and employee ID cards.<br />
ParkAdvance terminals employ contactless payment technology, while the<br />
barriers are used in conjunction with ANPR to enable employees to quickly<br />
enter the main car park before reaching the staff car park.<br />
The hotel attracts both leisure and corporate guests, who stay from 30<br />
minutes up to any number of weeks, and the hotel wanted the parking<br />
experience to be positive. “We sought an intuitive, self-service payment system<br />
combined with automatic barriers that would provide guests with a modern,<br />
hassle-free experience,” stated a hotel spokesperson. “In what was a<br />
competitive tender, ParkAdvance was chosen on the basis of the system’s<br />
renowned reliability, the extensive expertise of the WPS engineering and<br />
installation team members and the company’s after-sales proposition.”<br />
61<br />
www.risk-uk.com
Technology in Focus<br />
360 Vision Technology and Visual<br />
Management Systems guard against<br />
cyber attacks<br />
As more and more security systems and devices<br />
become IP networked, it’s important for security<br />
installers and end users alike to consider how<br />
their systems will be protected against the<br />
possibility of cyber attacks.<br />
Providing a solution to the concerns around<br />
cyber security and hacking, 360 Vision<br />
Technology has partnered with software control<br />
provider Visual Management Systems to offer security operators an effective<br />
solution designed to guard against IP surveillance system cyber threats.<br />
Without the right level of network security measures in place, system users<br />
can be left vulnerable, resulting in exposure to the type of hacking and malware<br />
episodes that have recently hit the news headlines.<br />
When used together, both 360 Vision Technology cameras and Visual<br />
Management Systems’ TITAN SECURE Physical Security Information<br />
Management system can exceed 802.1x authentication protocols and<br />
encryption to provide “the ultimate protection” for surveillance networks.<br />
www.360visiontechnology.com<br />
Qognify enhances situation<br />
management with new cloudbased<br />
mobile solution suite<br />
Qognify, the specialist in Big Data solutions<br />
for physical security and operations, has just<br />
launched a new suite of integrated mobile<br />
solutions – designated Qognify Extend –<br />
empowering organisations to leverage field<br />
resources and responders to increase<br />
situational awareness.<br />
Powered by CloudScann, the cloud-based<br />
solution extends the reach, coverage and<br />
effectiveness of a given enterprise’s Control<br />
Room and operations by enabling training<br />
personnel — and their smart phones — to<br />
become powerful sensors.<br />
The Qognify Extend suite includes several<br />
modules. SeeItSendIt is geared to enable<br />
field personnel to report into the Control<br />
Room using their smart phones.<br />
www.qognify.com<br />
Bureau Veritas leads the way with<br />
launch of mobile inspection service<br />
In an industry first, leading testing, inspection<br />
and certification provider Bureau Veritas has<br />
launched a Mobile Plant Unit to deliver on-hire<br />
inspections for all mobile plants and assets.<br />
The Mobile Plant Unit has been created in<br />
response to the issue of regulations for<br />
mobile assets, specifically the Provision and<br />
Use of Work Equipment Regulations (PUWER)<br />
and the Lifting Operations and Lifting<br />
Equipment Regulations (LOLER) inspections,<br />
which are required of all mobile plant and assets including mobile platforms,<br />
lifting and crane equipment, excavators and bulldozers.<br />
The new unit boasts an expert team of qualified engineer surveyors able to<br />
undertake thorough examinations and inspections of equipment as the<br />
‘competent person’, to ascertain it’s safe to use and enable clients to meet<br />
their statutory obligations – wherever that equipment may be located.<br />
Shaezar Karim, divisional director for mechanical at Bureau Veritas, said:<br />
“Our new Mobile Plant Unit allows us to provide a much-needed solution to a<br />
problem faced by contractors across the country. For mobile assets, which are<br />
often hired out to contractors and moved around the UK, meeting statutory<br />
obligations can be a challenge. In some cases, people are unaware of their<br />
obligations, mistakenly believing it’s the sole duty of the hire company to<br />
undertake PUWER and LOLER inspections. However, it’s also the responsibility<br />
of the user to make sure that the periodic thorough examinations and<br />
inspections are undertaken at the correct frequencies.”<br />
Karim added: “Crucially, our dedicated Mobile Plant Unit understands the<br />
issues faced when working with mobile plant. As such, our experienced<br />
engineers are able to react when assets change location.”<br />
In addition to the launch of the Mobile Plant Unit, Bureau Veritas offers tools<br />
and systems specifically designed to support the company’s myriad clients.<br />
www.bureauveritas.co.uk<br />
Wavestore unveils Version 6.8 of<br />
Video Management Software<br />
Wavestore, the British developer of innovative<br />
open-platform and highly secure Linux-based<br />
Video Management Software (VMS), has<br />
launched Version 6.8 of its VMS to deliver<br />
performance and functionality improvements<br />
for system integrators and end users alike.<br />
Among many enhancements and additional<br />
features, Version 6.8 includes support for<br />
VMWare ESXi, in turn introducing virtualisation<br />
to the Wavestore VMS platform.<br />
End users<br />
employing Virtual<br />
Machines (VM)<br />
as part of their IT<br />
infrastructure are<br />
now able to take<br />
full advantage of<br />
the technology<br />
which can help<br />
when it comes to reducing energy, software and<br />
IT administration costs.<br />
Wavestore’s VMS can be licensed in two ways<br />
when in a VM environment: either via the<br />
Internet or Wavestore’s dedicated VM dongle.<br />
www.wavestore.com<br />
62<br />
www.risk-uk.com
Technology in Focus<br />
SPC Connect’s latest developments<br />
demonstrate Vanderbilt’s agility<br />
Vanderbilt has announced the release of SPC<br />
Connect 2.4 to add to the company’s SPC<br />
product portfolio. SPC Connect is a hosted<br />
cloud-based solution designed specifically for<br />
installers to monitor, manage and maintain SPC<br />
panels remotely from any location.<br />
The release indicates a significant<br />
development pace by the company as it comes<br />
just four months after the last feature set of<br />
SPC Connect updates in April. The latest<br />
features include push notifications, local user<br />
management and alarm verification.<br />
“SPC Connect is developed to enhance the<br />
security installer’s ability to configure their<br />
systems remotely and, with user management<br />
enhancements, the solution speeds up the<br />
process of adding and configuring users,”<br />
explained John O’Donnell, product manager at<br />
Vanderbilt. “It means that the system<br />
administrator can now configure users to have<br />
access to their SPC system very quickly, saving<br />
them both time and money.”<br />
The push notifications for iOS devices ensure<br />
SPC Connect users are always informed of new<br />
information related to their SPC system.<br />
www.vanderbiltindustries.com<br />
Bosch introduces in-store analytics<br />
solution for use in retail sector<br />
Bosch Security Systems has introduced In-<br />
Store Analytics, a solution designed to provide<br />
today’s retailers with valuable insights on<br />
store traffic such that they can improve<br />
operations, customer engagement and sales.<br />
As part of the solution, Bosch IP panoramic<br />
cameras are installed to provide high visibility<br />
of the retail floor. The cameras use on-board<br />
Intelligent Video Analytics to create position<br />
data of shoppers’ movements. This data is<br />
then sent direct to the cloud where it’s further<br />
processed without video streams ever leaving<br />
the retailer’s premises, thus maintaining<br />
shoppers’ privacy.<br />
Unlike many systems that require on-site<br />
PCs to pre-process the video streams,<br />
subsequently limiting their performance to a<br />
few cameras per site, Bosch’s solution easily<br />
ONVIF publishes Release<br />
Candidate for Profile T<br />
ONVIF – the global standardisation<br />
initiative for IP-based physical security<br />
products – has announced the Release<br />
Candidate for Profile T, a draft<br />
specification with advanced streaming<br />
capabilities that includes support for<br />
H.265 video compression and an<br />
expanded feature set that extends the<br />
capabilities of ONVIF video Profiles for<br />
both system integrators and end users.<br />
ONVIF Profile T for advanced streaming<br />
deliberately employs a new media service<br />
that enables the support of High Efficiency<br />
Video Coding based on the international<br />
H.265 video compression standard that<br />
specifies how to decode data into<br />
displayable video. Profile T-conformant<br />
clients support both H.264 and H.265 video<br />
compression. Profile T-conformant devices<br />
support at least one of these formats.<br />
The new Profile encompasses Transport<br />
Layer Security-enabled communications and<br />
new functionalities such as bi-directional<br />
audio streaming, standardisation of events<br />
and on-screen display configuration.<br />
“Profile T broadens the scope of the ONVIF<br />
video profile to include both the H.264 video<br />
compression standard and H.265 video<br />
compression, which is set to become the de<br />
facto video compression standard in the very<br />
near future,” explained Fredrik Svensson,<br />
chairman of ONVIF’s Profile T Working Group.<br />
www.onvif.org<br />
scales to cover even the largest of retail<br />
stores with a high camera count in addition<br />
to large multi-store chains.<br />
In the cloud, position data is mined into<br />
performance results and visualisations that<br />
are shared with the retailer through<br />
customised web interfaces for merchandisers<br />
and operations managers alike.<br />
For operations managers, In-Store<br />
Analytics provides insights into department<br />
and store-level traffic. Practising operations<br />
managers can use these insight tools to<br />
ensure sufficient staff are on-site to serve<br />
shoppers during peak times.<br />
Traffic data also enables retailers to track<br />
customer service quality over time.<br />
Retailers will benefit from actionable<br />
insights delivered by this new solution, as the<br />
shopper data rendered by In-Store Analytics<br />
boasts a particularly high accuracy rate.<br />
www.boschsecurity.com<br />
63<br />
www.risk-uk.com
BENCHMARK<br />
Smart Solutions<br />
BENCHMARK<br />
Innovative and smart solutions can add value and benefits to<br />
modern systems for customers. With the technological landscape<br />
rapidly evolving, the Benchmark Smart Solutions project assesses<br />
the potential on offer from system integration, advanced<br />
connectivity and intelligent technology. Bringing together field trials<br />
and assessments, proof of concept and real-world experience of<br />
implementing smart solutions, it represents an essential resource<br />
for all involved in innovative system design.<br />
Launching in 2017, Benchmark Smart Solutions will be the industry’s only real-world resource for<br />
security professionals who are intent on offering added value through the delivery of smarter solutions.<br />
@Benchmark_Smart<br />
Partner Companies<br />
www.benchmarksmart.com
Appointments<br />
Magnus Ahlqvist<br />
The Board of Directors of<br />
Securitas AB has appointed<br />
Magnus Ahlqvist as the new<br />
president and CEO of the<br />
business with effect from<br />
March 2018. Ahlqvist will<br />
replace Alf Göransson, who<br />
has asked to leave his<br />
position with the company<br />
after having led Securitas successfully for the<br />
last 11 years.<br />
Since 1 September 2015, Ahlqvist has served<br />
as divisional president of Securitas’ Security<br />
Services Europe operation and been a member<br />
of Securitas’ Group Management. He joined the<br />
business from Motorola Mobility (a Google<br />
company before it was taken over by Lenovo),<br />
where he was corporate vice-president (EMEA<br />
and India) at Motorola.<br />
Before that, Ahlqvist worked at Sony Ericsson<br />
and Sony Mobile Communications for 12 years.<br />
Among other roles, he served as president of<br />
Sony Mobile Communications in China for three<br />
years and as vice-president and general<br />
manager for Spain and Portugal at Telefónica.<br />
43 year-old Ahlqvist holds an MSc in<br />
Economics and Business Administration gained<br />
through study at the Stockholm School of<br />
Economics as well as a leadership qualification<br />
from the Harvard Business School.<br />
“Securitas is a wonderful company with very<br />
competent and engaged people in its ranks,”<br />
explained Ahlqvist in conversation with Risk UK.<br />
“I believe Securitas is the leading security<br />
services company in the world. We have a<br />
winning strategy and we’re heading up the<br />
transformation of the security industry from<br />
traditional on-site guarding to encompass a<br />
broader spectrum of advanced security<br />
solutions and electronic security for end users.”<br />
Jane Farrell<br />
Jane Farrell, head of security at Sodexo for the<br />
UK and Ireland, was elected chairman of the<br />
International Professional Security Association<br />
(IPSA), the longest-established security Trade<br />
Association in the UK’s security business<br />
sector, at the recent meeting of IPSA’s<br />
International Council in London.<br />
Farrell, who has the honour of becoming the<br />
first female chairman in IPSA’s illustrious 59-<br />
year history, has been serving as the<br />
organisation’s deputy chairman since 2014.<br />
Justin Bentley, CEO at IPSA, said: “I’m<br />
delighted that Jane has been elected as<br />
chairman of the Association. She has been<br />
steadily increasing her involvement in IPSA<br />
Appointments<br />
Risk UK keeps you up-to-date with all the latest people<br />
moves in the security, fire, IT and Government sectors<br />
Daniel Hardy<br />
The National Business Crime Solution (NBCS) –<br />
a not-for-profit initiative that enables the<br />
sharing of data between law enforcement<br />
agencies and the business community to reduce<br />
crime – has announced Daniel Hardy’s<br />
appointment as managing director.<br />
A well-known and respected figure with over<br />
20 years of crime prevention experience, Hardy<br />
is tasked with taking the NBCS to the next stage<br />
of its development and fulfilling its role in<br />
supporting businesses and the police service in<br />
the ongoing fight against offenders.<br />
Hardy explained: “I want to cement the<br />
position of the NBCS as a critical friend of the<br />
business community, the police service and all<br />
business crime reduction partnerships by<br />
furthering the use of the national business<br />
model for all those affected by crime.”<br />
Hardy served five years in the Grenadier<br />
Guards before gaining experience in the private<br />
security industry. He then spent 13 years with<br />
the Metropolitan Police Service, rising to the<br />
position of Acting Detective Inspector on the<br />
Specialist Crime Directorate and running<br />
Operation Vanguard. Hardy subsequently<br />
became head of risk at G4S.<br />
Prior to his current role with the NBCS, Hardy<br />
served as corporate crime and security lead at<br />
Sainsbury’s where his myriad responsibilities<br />
for the High Street retailer included all of the<br />
company’s stores, corporate locations and<br />
distribution facilities around the world.<br />
since joining, and her familiarity with both the<br />
Association and the security industry make her<br />
the ideal person to keep us moving forward.<br />
Her vast experience in training and quality fit<br />
perfectly with the ethos of the Association.”<br />
Farrell has been leading exciting new<br />
changes within IPSA along with the elected<br />
members of the Management Board and the<br />
International Council since March of this year<br />
when the organisation’s former chairman,<br />
Stuart Naisbett, resigned due to personal<br />
commitments. Most of these changes will be<br />
revealed at the 2017 AGM on 11 September.<br />
Speaking to Risk UK, Farrell enthused:<br />
“Following two years as deputy chairman of<br />
IPSA, I’m absolutely delighted to accept the<br />
post of chairman of the Association.”<br />
65<br />
www.risk-uk.com
Appointments<br />
Simon Chapman<br />
Cardinal Security, the provider of “dynamic and<br />
innovative” security solutions, has announced the<br />
appointment of Simon Chapman as its new CEO. The<br />
move follows the introduction of a new ownership<br />
structure designed to take the business on to the next<br />
stage in its development.<br />
Harbouring an illustrious career in the sector spanning<br />
over three decades, Chapman joins Cardinal Security from<br />
Lodge Service, where he was sales director and,<br />
subsequently, managing director responsible for doubling the growth of the<br />
company in less than eight years.<br />
Chapman has also served as sales director for G4S Secure Solutions and as<br />
sales and marketing director at Checkpoint Systems, where he worked for<br />
almost 17 years both here in the UK and abroad.<br />
“Thanks to company founder and former CEO Jason Trigg’s hard work and<br />
vision over many years, Cardinal Security has gained an enviable reputation for<br />
its intelligence-led security guarding and loss prevention services across the<br />
retail and logistics industries,” commented Chapman. “By building on this<br />
success, my primary objective is to ensure that the company is the security<br />
solutions provider of choice for these vertical sectors and beyond.”<br />
James Min<br />
IDIS, the surveillance<br />
solutions manufacturer,<br />
has appointed James Min<br />
to the role of managing<br />
director for IDIS Europe.<br />
Min will be based out of<br />
IDIS’ UK office in<br />
Brentford, London, where<br />
he will head up the<br />
growing external and internal sales force and<br />
technical team as well as playing a key part in<br />
driving marketing and PR initiatives across<br />
Europe, and particularly so here in the UK.<br />
Joining IDIS back in 2004 as a key account<br />
manager, Min was promoted to leader of EMEA<br />
sales and marketing in 2010, whereupon he<br />
was responsible for developing existing original<br />
design manufacturer (ODM) partnerships as<br />
well as opening many new business channels<br />
right across Europe.<br />
Min also played a strategic role in launching<br />
the IDIS brand business and DirectIP next<br />
generation surveillance solution throughout the<br />
region. In 2014, Min was promoted to general<br />
manager and assumed responsibility for<br />
developing EMEA sales, directing marketing<br />
strategy and supporting product development<br />
for IDIS’ Total Solution line-up.<br />
Min stated: “I’m looking forward to<br />
developing our strategy and building on our<br />
success since we launched our own brand<br />
business back in 2013 and opened our first UK<br />
office, which has expanded greatly this year.”<br />
Min’s remit will also be to support the<br />
opening of new business channels with both<br />
distributors and strategic integrators.<br />
Duaine Taylor<br />
The Axis Academy has<br />
confirmed the<br />
appointment of its senior<br />
team following the<br />
launch of the new<br />
learning and<br />
development business.<br />
Duaine Taylor is the head<br />
of learning and<br />
development, while Peter Morris has been<br />
appointed as The Axis Academy’s lead trainer.<br />
Both come to their new roles with a wealth of<br />
training and industry-related experience.<br />
Taylor, who was previously the training<br />
manager for Axis Cleaning and Support<br />
Services, is now responsible for the learning<br />
and development of employees across the<br />
entire Axis Group and reports to Naomi Austen,<br />
Group HR and learning director. Looking after<br />
the day-to-day management of the business,<br />
Taylor is also tasked with establishing new<br />
training regimes and working with expert<br />
trainers to devise bespoke courses.<br />
The Axis Academy has been set up to improve<br />
the skills and professionalism of all those<br />
employed by Axis Group companies and to<br />
drive up professional standards.<br />
Steve Evans<br />
Amberstone Technology,<br />
the provider of<br />
“dynamic and<br />
innovative” security and<br />
loss prevention<br />
technology, has<br />
announced a new highprofile<br />
appointment to<br />
its senior management<br />
team in the form of Steve Evans.<br />
Evans will serve as Amberstone<br />
Technology’s commercial director with a view<br />
to developing the company’s position as one<br />
of the foremost suppliers of intelligent<br />
protection and analytics solutions in the UK<br />
and Europe. Evans has been resident within<br />
the security industry for over 30 years now<br />
and joins the business from Kings Security,<br />
where he spent 14 years as head of national<br />
accounts and, most recently, occupied the<br />
role of Chief Operating Officer.<br />
Prior to that, Evans was head of national<br />
accounts at Protection One Security<br />
Solutions. He brings extensive knowledge of<br />
integrated security solutions to his new role.<br />
Evans will now focus on the development<br />
of new opportunities in line with the<br />
company’s strategic growth plan, which<br />
includes expansion into mainland Europe.<br />
66<br />
www.risk-uk.com
thepaper<br />
Business News for Security Professionals<br />
Pro-Activ Publications is embarking on a revolutionary<br />
launch: a FORTNIGHTLY NEWSPAPER dedicated to the<br />
latest financial and business information for<br />
professionals operating in the security sector<br />
The Paper will bring subscribers (including CEOs,<br />
managing directors and finance directors within the<br />
UK’s major security businesses) all the latest company<br />
and sector financials, details of business re-brands,<br />
market research and trends and M&A activity<br />
FOR FURTHER INFORMATION<br />
ON THE PAPER CONTACT:<br />
Brian Sims BA (Hons) Hon FSyI<br />
(Editor, The Paper and Risk UK)<br />
Telephone: 020 8295 8304<br />
e-mail: brian.sims@risk-uk.com<br />
www.thepaper.uk.com
Best Value Security Products from Insight Security<br />
www.insight-security.com Tel: +44 (0)1273 475500<br />
...and<br />
lots<br />
more<br />
Computer<br />
Security<br />
Anti-Climb Paints<br />
& Barriers<br />
Metal Detectors<br />
(inc. Walkthru)<br />
Security, Search<br />
& Safety Mirrors<br />
Security Screws &<br />
Fastenings<br />
Padlocks, Hasps<br />
& Security Chains<br />
Key Safes & Key<br />
Control Products<br />
Traffic Flow &<br />
Management<br />
see our<br />
website<br />
ACCESS CONTROL<br />
KERI SYSTEMS UK LTD<br />
Tel: + 44 (0) 1763 273 243<br />
Fax: + 44 (0) 1763 274 106<br />
Email: sales@kerisystems.co.uk<br />
www.kerisystems.co.uk<br />
ACCESS CONTROL<br />
ACCESS CONTROL<br />
ACT<br />
ACT – Ireland, Unit C1, South City Business Park,<br />
Tallaght, Dublin, D24 PN28.Ireland. Tel: +353 1 960 1100<br />
ACT - United Kingdom, 601 Birchwood One, Dewhurst Road,<br />
Warrington, WA3 7GB. Tel: +44 161 236 9488<br />
sales@act.eu www.act.eu<br />
ACCESS CONTROL – BARRIERS, GATES, CCTV<br />
ABSOLUTE ACCESS<br />
Aberford Road, Leeds, LS15 4EF<br />
Tel: 01132 813511<br />
E: richard.samwell@absoluteaccess.co.uk<br />
www.absoluteaccess.co.uk<br />
Access Control, Automatic Gates, Barriers, Blockers, CCTV<br />
ACCESS CONTROL<br />
COVA SECURITY GATES LTD<br />
Bi-Folding Speed Gates, Sliding Cantilevered Gates, Road Blockers & Bollards<br />
Consultancy, Design, Installation & Maintenance - UK Manufacturer - PAS 68<br />
Tel: 01293 553888 Fax: 01293 611007<br />
Email: sales@covasecuritygates.com<br />
Web: www.covasecuritygates.com<br />
ACCESS CONTROL & DOOR HARDWARE<br />
ALPRO ARCHITECTURAL HARDWARE<br />
Products include Electric Strikes, Deadlocking Bolts, Compact Shearlocks,<br />
Waterproof Keypads, Door Closers, Deadlocks plus many more<br />
T: 01202 676262 Fax: 01202 680101<br />
E: info@alpro.co.uk<br />
Web: www.alpro.co.uk<br />
ACCESS CONTROL – SPEED GATES, BI-FOLD GATES<br />
HTC PARKING AND SECURITY LIMITED<br />
St. James’ Bus. Centre, Wilderspool Causeway,<br />
Warrington Cheshire WA4 6PS<br />
Tel 01925 552740 M: 07969 650 394<br />
info@htcparkingandsecurity.co.uk<br />
www.htcparkingandsecurity.co.uk<br />
ACCESS CONTROL<br />
INTEGRATED DESIGN LIMITED<br />
Integrated Design Limited, Feltham Point,<br />
Air Park Way, Feltham, Middlesex. TW13 7EQ<br />
Tel: +44 (0) 208 890 5550<br />
sales@idl.co.uk<br />
www.fastlane-turnstiles.com<br />
ACCESS CONTROL<br />
SECURE ACCESS TECHNOLOGY LIMITED<br />
Authorised Dealer<br />
Tel: 0845 1 300 855 Fax: 0845 1 300 866<br />
Email: info@secure-access.co.uk<br />
Website: www.secure-access.co.uk<br />
ACCESS CONTROL MANUFACTURER<br />
NORTECH CONTROL SYSTEMS LTD.<br />
Nortech House, William Brown Close<br />
Llantarnam Park, Cwmbran NP44 3AB<br />
Tel: 01633 485533<br />
Email: sales@nortechcontrol.com<br />
www.nortechcontrol.com<br />
Custom Designed Equipment<br />
• Indicator Panels<br />
• Complex Door Interlocking<br />
• Sequence Control<br />
• Door Status Systems<br />
• Panic Alarms<br />
<br />
• Bespoke Products<br />
www.hoyles.com<br />
sales@hoyles.com<br />
Tel: +44 (0)1744 886600<br />
ACCESS CONTROL – BIOMETRICS, BARRIERS, CCTV, TURNSTILES<br />
UKB INTERNATIONAL LTD<br />
Planet Place, Newcastle upon Tyne<br />
Tyne and Wear NE12 6RD<br />
Tel: 0845 643 2122<br />
Email: sales@ukbinternational.com<br />
Web: www.ukbinternational.com<br />
Hoyles are the UK’s leading supplier of<br />
custom designed equipment for the<br />
security and access control industry.<br />
From simple indicator panels to<br />
complex door interlock systems.<br />
BUSINESS CONTINUITY<br />
ACCESS CONTROL, INTRUSION DETECTION AND VIDEO MANAGEMENT<br />
VANDERBILT INTERNATIONAL (UK) LTD<br />
Suite 7, Castlegate Business Park<br />
Caldicot, South Wales NP26 5AD UK<br />
Main: +44 (0) 2036 300 670<br />
email: info.uk@vanderbiltindustries.com<br />
web: www.vanderbiltindustries.com<br />
BUSINESS CONTINUITY MANAGEMENT<br />
CONTINUITY FORUM<br />
Creating Continuity ....... Building Resilience<br />
A not-for-profit organisation providing help and support<br />
Tel: +44(0)208 993 1599 Fax: +44(0)1886 833845<br />
Email: membership@continuityforum.org<br />
Web: www.continuityforum.org<br />
www.insight-security.com Tel: +44 (0)1273 475500
CCTV<br />
CCTV<br />
Rapid Deployment Digital IP High Resolution CCTV<br />
40 hour battery, Solar, Wind Turbine and Thermal Imaging<br />
Wired or wireless communication fixed IP<br />
CE Certified<br />
Modicam Europe, 5 Station Road, Shepreth,<br />
Cambridgeshire SG8 6PZ<br />
www.modicam.com sales@modicameurope.com<br />
CCTV SPECIALISTS<br />
PLETTAC SECURITY LTD<br />
Unit 39 Sir Frank Whittle Business Centre,<br />
Great Central Way, Rugby, Warwickshire CV21 3XH<br />
Tel: 01788 567811 Fax: 01788 544 549<br />
Email: jackie@plettac.co.uk<br />
www.plettac.co.uk<br />
CONTROL ROOM & MONITORING SERVICES<br />
CCTV POLES, COLUMNS, TOWERS AND MOUNTING PRODUCTS<br />
ALTRON COMMUNICATIONS EQUIPMENT LTD<br />
Tower House, Parc Hendre, Capel Hendre, Carms. SA18 3SJ<br />
Tel: +44 (0) 1269 831431<br />
Email: cctvsales@altron.co.uk<br />
Web: www.altron.co.uk<br />
CCTV<br />
G-TEC<br />
Gtec House, 35-37 Whitton Dene<br />
Hounslow, Middlesex TW3 2JN<br />
Tel: 0208 898 9500<br />
www.gtecsecurity.co.uk<br />
sales@gtecsecurity.co.uk<br />
ADVANCED MONITORING SERVICES<br />
EUROTECH MONITORING SERVICES LTD.<br />
Specialist in:- Outsourced Control Room Facilities • Lone Worker Monitoring<br />
• Vehicle Tracking • Message Handling<br />
• Help Desk Facilities • Keyholding/Alarm Response<br />
Tel: 0208 889 0475 Fax: 0208 889 6679<br />
E-MAIL eurotech@eurotechmonitoring.net<br />
Web: www.eurotechmonitoring.net<br />
DISTRIBUTORS<br />
CCTV/IP SOLUTIONS<br />
DALLMEIER UK LTD<br />
3 Beaufort Trade Park, Pucklechurch, Bristol BS16 9QH<br />
Tel: +44 (0) 117 303 9 303<br />
Fax: +44 (0) 117 303 9 302<br />
Email: dallmeieruk@dallmeier.com<br />
SPECIALISTS IN HD CCTV<br />
MaxxOne<br />
Unit A10 Pear Mill, Lower Bredbury, Stockport. SK6 2BP<br />
Tel +44 (0)161 430 3849<br />
www.maxxone.com<br />
sales@onlinesecurityproducts.co.uk<br />
www.onlinesecurityproducts.co.uk<br />
CCTV & IP SECURITY SOLUTIONS<br />
PANASONIC SYSTEM COMMUNICATIONS COMPANY<br />
EUROPE<br />
Panasonic House, Willoughby Road<br />
Bracknell, Berkshire RG12 8FP UK<br />
Tel: 0207 0226530<br />
Email: info@business.panasonic.co.uk<br />
AWARD-WINNING, LEADING GLOBAL WHOLESALE<br />
DISTRIBUTOR OF SECURITY AND LOW VOLTAGE PRODUCTS.<br />
ADI GLOBAL DISTRIBUTION<br />
Distributor of electronic security systems and solutions for over 250 leading manufacturers, the company<br />
also offers an internal technical support team, dedicated field support engineers along with a suite of<br />
training courses and services. ADI also offers a variety of fast, reliable delivery options, including specified<br />
time delivery, next day or collection from any one of 28 branches nationwide. Plus, with an ADI online<br />
account, installers can order up to 7pm for next day delivery.<br />
Tel: 0161 767 2990 Fax: 0161 767 2999 Email: sales.uk@adiglobal.com www.adiglobal.com/uk<br />
COMMUNICATIONS & TRANSMISSION EQUIPMENT<br />
KBC NETWORKS LTD.<br />
Barham Court, Teston, Maidstone, Kent ME18 5BZ<br />
www.kbcnetworks.com<br />
Phone: 01622 618787<br />
Fax: 020 7100 8147<br />
Email: emeasales@kbcnetworks.com<br />
WHY MAYFLEX? ALL TOGETHER. PRODUCTS, PARTNERS,<br />
PEOPLE, SERVICE – MAYFLEX BRINGS IT ALL TOGETHER.<br />
MAYFLEX<br />
Excel House, Junction Six Industrial Park, Electric Avenue, Birmingham B6 7JJ<br />
Tel: 0800 881 5199<br />
Email: securitysales@mayflex.com<br />
Web: www.mayflex.com<br />
DIGITAL IP CCTV<br />
SESYS LTD<br />
High resolution ATEX certified cameras, rapid deployment<br />
cameras and fixed IP CCTV surveillance solutions available with<br />
wired or wireless communications.<br />
1 Rotherbrook Court, Bedford Road, Petersfield, Hampshire, GU32 3QG<br />
Tel +44 (0) 1730 230530 Fax +44 (0) 1730 262333<br />
Email: info@sesys.co.uk www.sesys.co.uk<br />
www.insight-security.com Tel: +44 (0)1273 475500
THE UK’S MOST SUCCESSFUL DISTRIBUTOR OF IP, CCTV, ACCESS<br />
CONTROL AND INTRUDER DETECTION SOLUTIONS<br />
NORBAIN SD LTD<br />
210 Wharfedale Road, IQ Winnersh, Wokingham, Berkshire, RG41 5TP<br />
Tel: 0118 912 5000 Fax: 0118 912 5001<br />
www.norbain.com<br />
Email: info@norbain.com<br />
INTEGRATED SECURITY SOLUTIONS<br />
INNER RANGE EUROPE LTD<br />
Units 10 - 11, Theale Lakes Business Park, Moulden Way, Sulhampstead,<br />
Reading, Berkshire RG74GB, United Kingdom<br />
Tel: +44(0) 845 470 5000 Fax: +44(0) 845 470 5001<br />
Email: ireurope@innerrange.co.uk<br />
www.innerrange.com<br />
UK LEADERS IN BIG BRAND CCTV DISTRIBUTION<br />
SATSECURE<br />
Hikivision & MaxxOne (logos) Authorised Dealer<br />
Unit A10 Pear Mill, Lower Bredbury,<br />
Stockport. SK6 2BP<br />
Tel +44 (0)161 430 3849<br />
www.satsecure.uk<br />
IDENTIFICATION<br />
PERIMETER PROTECTION<br />
ADVANCED PRESENCE DETECTION AND SECURITY LIGHTING SYSTEMS<br />
GJD MANUFACTURING LTD<br />
Unit 2 Birch Business Park, Whittle Lane, Heywood, OL10 2SX<br />
Tel: + 44 (0) 1706 363998<br />
Fax: + 44 (0) 1706 363991<br />
Email: info@gjd.co.uk<br />
www.gjd.co.uk<br />
PERIMETER PROTECTION<br />
GPS PERIMETER SYSTEMS LTD<br />
14 Low Farm Place, Moulton Park<br />
Northampton, NN3 6HY UK<br />
Tel: +44(0)1604 648344 Fax: +44(0)1604 646097<br />
E-mail: info@gpsperimeter.co.uk<br />
Web site: www.gpsperimeter.co.uk<br />
COMPLETE SOLUTIONS FOR IDENTIFICATION<br />
DATABAC GROUP LIMITED<br />
1 The Ashway Centre, Elm Crescent,<br />
Kingston upon Thames, Surrey KT2 6HH<br />
Tel: +44 (0)20 8546 9826<br />
Fax:+44 (0)20 8547 1026<br />
enquiries@databac.com<br />
INDUSTRY ORGANISATIONS<br />
POWER<br />
POWER SUPPLIES – DC SWITCH MODE AND AC<br />
DYCON LTD<br />
Unit A, Cwm Cynon Business Park, Mountain Ash, CF45 4ER<br />
Tel: 01443 471900 Fax: 01443 479 374<br />
Email: sales@dyconpower.com<br />
www.dyconpower.com<br />
TRADE ASSOCIATION FOR THE PRIVATE SECURITY INDUSTRY<br />
BRITISH SECURITY INDUSTRY ASSOCIATION<br />
Tel: 0845 389 3889<br />
Email: info@bsia.co.uk<br />
Website: www.bsia.co.uk<br />
Twitter: @thebsia<br />
THE LEADING CERTIFICATION BODY FOR THE SECURITY INDUSTRY<br />
SSAIB<br />
7-11 Earsdon Road, West Monkseaton<br />
Whitley Bay, Tyne & Wear<br />
NE25 9SX<br />
Tel: 0191 2963242<br />
Web: www.ssaib.org<br />
INTEGRATED SECURITY SOLUTIONS<br />
STANDBY POWER<br />
UPS SYSTEMS PLC<br />
Herongate, Hungerford, Berkshire RG17 0YU<br />
Tel: 01488 680500<br />
sales@upssystems.co.uk<br />
www.upssystems.co.uk<br />
UPS - UNINTERRUPTIBLE POWER SUPPLIES<br />
ADEPT POWER SOLUTIONS LTD<br />
Adept House, 65 South Way, Walworth Business Park<br />
Andover, Hants SP10 5AF<br />
Tel: 01264 351415 Fax: 01264 351217<br />
Web: www.adeptpower.co.uk<br />
E-mail: sales@adeptpower.co.uk<br />
SECURITY PRODUCTS AND INTEGRATED SOLUTIONS<br />
HONEYWELL SECURITY AND FIRE<br />
Tel: +44 (0) 844 8000 235<br />
E-mail: securitysales@honeywell.com<br />
UPS - UNINTERRUPTIBLE POWER SUPPLIES<br />
UNINTERRUPTIBLE POWER SUPPLIES LTD<br />
Woodgate, Bartley Wood Business Park<br />
Hook, Hampshire RG27 9XA<br />
Tel: 01256 386700 5152 e-mail:<br />
sales@upspower.co.uk<br />
www.upspower.co.uk<br />
www.insight-security.com Tel: +44 (0)1273 475500
SECURITY<br />
ANTI-CLIMB SOLUTIONS & SECURITY PRODUCT SPECIALISTS<br />
INSIGHT SECURITY<br />
Units 1 & 2 Cliffe Industrial Estate<br />
Lewes, East Sussex BN8 6JL<br />
Tel: 01273 475500<br />
Email:info@insight-security.com<br />
www.insight-security.com<br />
CASH & VALUABLES IN TRANSIT<br />
CONTRACT SECURITY SERVICES LTD<br />
Challenger House, 125 Gunnersbury Lane, London W3 8LH<br />
Tel: 020 8752 0160 Fax: 020 8992 9536<br />
E: info@contractsecurity.co.uk<br />
E: sales@contractsecurity.co.uk<br />
Web: www.contractsecurity.co.uk<br />
QUALITY SECURITY AND SUPPORT SERVICES<br />
CONSTANT SECURITY SERVICES<br />
Cliff Street, Rotherham, South Yorkshire S64 9HU<br />
Tel: 0845 330 4400<br />
Email: contact@constant-services.com<br />
www.constant-services.com<br />
ONLINE SECURITY SUPERMARKET<br />
EBUYELECTRICAL.COM<br />
Lincoln House,<br />
Malcolm Street<br />
Derby DE23 8LT<br />
Tel: 0871 208 1187<br />
www.ebuyelectrical.com<br />
LIFE SAFETY EQUIPMENT<br />
C-TEC<br />
Challenge Way, Martland Park,<br />
Wigan WN5 OLD United Kingdom<br />
Tel: +44 (0) 1942 322744<br />
Fax: +44 (0) 1942 829867<br />
Website: www.c-tec.com<br />
PERIMETER SECURITY<br />
TAKEX EUROPE LTD<br />
Aviary Court, Wade Road, Basingstoke<br />
Hampshire RG24 8PE<br />
Tel: +44 (0) 1256 475555<br />
Fax: +44 (0) 1256 466268<br />
Email: sales@takex.com<br />
Web: www.takex.com<br />
FENCING SPECIALISTS<br />
J B CORRIE & CO LTD<br />
Frenchmans Road<br />
Petersfield, Hampshire GU32 3AP<br />
Tel: 01730 237100<br />
Fax: 01730 264915<br />
email: fencing@jbcorrie.co.uk<br />
INTRUSION DETECTION AND PERIMETER PROTECTION<br />
OPTEX (EUROPE) LTD<br />
Redwall® infrared and laser detectors for CCTV applications and Fiber SenSys® fibre<br />
optic perimeter security solutions are owned by Optex. Platinum House, Unit 32B<br />
Clivemont Road, Cordwallis Industrial Estate, Maidenhead, Berkshire, SL6 7BZ<br />
Tel: +44 (0) 1628 631000 Fax: +44 (0) 1628 636311<br />
Email: sales@optex-europe.com<br />
www.optex-europe.com<br />
SECURITY EQUIPMENT<br />
PYRONIX LIMITED<br />
Secure House, Braithwell Way, Hellaby,<br />
Rotherham, South Yorkshire, S66 8QY.<br />
Tel: +44 (0) 1709 700 100 Fax: +44 (0) 1709 701 042<br />
www.facebook.com/Pyronix<br />
www.linkedin.com/company/pyronix www.twitter.com/pyronix<br />
SECURITY SYSTEMS<br />
BOSCH SECURITY SYSTEMS LTD<br />
PO Box 750, Uxbridge, Middlesex UB9 5ZJ<br />
Tel: 0330 1239979<br />
E-mail: uk.securitysystems@bosch.com<br />
Web: uk.boschsecurity.com<br />
INTRUDER AND FIRE PRODUCTS<br />
CQR SECURITY<br />
125 Pasture road, Moreton, Wirral UK CH46 4 TH<br />
Tel: 0151 606 1000<br />
Fax: 0151 606 1122<br />
Email: andyw@cqr.co.uk<br />
www.cqr.co.uk<br />
SECURITY EQUIPMENT<br />
CASTLE<br />
Secure House, Braithwell Way, Hellaby,<br />
Rotherham, South Yorkshire, S66 8QY<br />
TEL +44 (0) 1709 700 100 FAX +44 (0) 1709 701 042<br />
www.facebook.com/castlesecurity www.linkedin.com/company/castlesecurity<br />
www.twitter.com/castlesecurity<br />
SECURE CONNECTIVITY PROVIDERS<br />
CSL<br />
T: +44 (0)1895 474 474<br />
sales@csldual.com<br />
@CSLDualCom<br />
www.csldual.com<br />
SECURITY PRODUCTS<br />
EATON<br />
Eaton is one of the world’s leading manufacturers of security equipment<br />
its Scantronic and Menvier product lines are suitable for all types of<br />
commercial and residential installations.<br />
Tel: 01594 545 400 Email: securitysales@eaton.com<br />
Web: www.uk.eaton.com Twitter: @securityTP<br />
INTRUDER ALARMS AND SECURITY MANAGEMENT SOLUTIONS<br />
RISCO GROUP<br />
Commerce House, Whitbrook Way, Stakehill Distribution Park, Middleton,<br />
Manchester, M24 2SS<br />
Tel: 0161 655 5500 Fax: 0161 655 5501<br />
Email: sales@riscogroup.co.uk<br />
Web: www.riscogroup.com/uk<br />
SECURITY SYSTEMS<br />
VICON INDUSTRIES LTD.<br />
Brunel Way, Fareham<br />
Hampshire, PO15 5TX<br />
United Kingdom<br />
www.vicon.com<br />
www.insight-security.com Tel: +44 (0)1273 475500
Powerful web based<br />
controller, powered<br />
by smart devices.<br />
DESIGNED<br />
IN<br />
A U ST R A<br />
R<br />
LIA<br />
Inception is an integrated access control and security<br />
alarm system with a design edge that sets it apart<br />
from the pack. Featuring built in web based software,<br />
the Inception system is simple to access using a web<br />
browser on a Computer, Tablet or Smartphone.<br />
With a step by step commissioning guide and<br />
outstanding user interface, Inception is easy to<br />
install and very easy to operate.<br />
For more information simply scan the QR code<br />
or visit innerrange.com.<br />
Security<br />
Alarm<br />
Access<br />
Control<br />
Automation<br />
No Software<br />
Required<br />
Multiple<br />
Devices<br />
Easy Setup<br />
with Checklist<br />
Prompting<br />
Send IP Alarms via<br />
the Multipath-IP<br />
Network<br />
T: +44 845 470 5000<br />
E: ireurope@innerrange.co.uk<br />
W: innerrange.com