Q. As a Manager of Security I am finding it difficult to influence others in my organization to participate or support the security programs. Are there effective processes that can be taken to change this?
A. Traditionally, the security program is viewed by other departments as an external entity. Most business and operations managers and their people find it convenience to let security be security. When a “reactionary” situation occurs, they expect security to do their thing and fix the problem, provide help and support. No doubt, security needs to react and be there with expertise when an incident or situation arises. However, that traditional mentality will put your security program at the back door, thought of as merely reactive and will remain isolated from the business core.
In order to have a progressive and proactive program, one that can maximize its capabilities, you need to get as much employee participation as feasible. Here are a few suggestions that you should consider. Ask yourself, “Does my program include these elements?” and maybe you will find ways to improve the security culture of the organization.
• Do your security managers understand the business needs and not just the security aspects of your organization? A very good security team speaks the language that attracts support from others in the organization. It takes extra effort but a security staff should be trained to understand how the business operates, how the people in the various departments do their jobs. You don’t want to learn as an investigation or incident management situation develops. Having good business savvy will enable your security team to become more effective at winning the support of other employee groups. Also, do not be averse to working with other managers to find ways to get yourself and other security staff trained to know the core functions of the business. This needs to be the first step towards integrating your security department with the other cross-functional groups of the company. It demonstrates a willingness and need to make security part of the corporate or organizational fabric.
• Have an effective communications process with the other managers in your organization. Identify the core stakeholders, the managers who depend on your security programs. Generally, this will include most managers in your organization as security touches – or should touch – everyone. But initially, identify those with whom you have direct support relationships. As an example, if your loss prevention is mostly aimed at shipping and receiving functions, get those managers involved in your scheduled communications processes. You can set up monthly or quarterly online meetings if that is convenient. If you are in the same facility, have face-to-face meetings. Make sure you are setting up “essential” agendas that are given to the meeting participants ahead of schedule. This is important because no one has time to waste. Your agenda should include items that will benefit the participants and the organization. It should also include any hot issues, such as liability trends, regulatory or internal compliance or current problems that need solutions. As a leader you want to draw as much authorship from these stakeholders as possible. The communication sessions will afford you an opportunity to foster more involvement with your security program development. This effort will allow these managers to find common ground with the security department and allow you to become their internal business partner.
These are just two ways to build a security program that is driven by the organization. Too many security programs fail or become merry-go-rounds because of isolation. Getting off that merry-go-round is very difficult once it gets going. If you take the lead and find ways to blend the security and business functions, you will find a stronger participation level develops. You will also find it easier to influence changes in security and create better ROI opportunities and other positive results.
Answer provided by Peter Cheviot, Security Executive Council Emeritus Faculty.