Q. I'm fairly comfortable that the security function is aligned with our business strategies. However, I'm not convinced that many on the company's management team fully understand the value we deliver. Any suggestions on how best to accomplish this?
A. You've done well to align the function with your company's strategic direction and business principles. Nonetheless, it's not uncommon that security may not be fully understood both at the Board level and throughout the company. You should develop a communication strategy that targets those you wish to educate - in this instance, your management team. Focus on what security has done to "add value" such as loss mitigation, intellectual property protection initiatives, for example. Also focus on initiatives that keep your function aligned with the business. Board members may embrace the notion that nothing matters if it can't be measured. The Security Executive Council has many resources devoted to security-specific measures and metrics that can help put numbers to some of your initiatives to help paint a clear picture of security's value. Your metrics program should demonstrate how security favorably protects or contributes to profitability.
Your communication strategy should include a regularly scheduled (quarterly or semi-annual) written report to the management team on the results you've achieved. If you're not already doing so, you might wish to seek time to brief the full Board on key issues in which the security function is engaged. The key in any written or verbal product is to be succinct and to the point. If the written product is overly verbose, you risk the chance that they will take only a few moments to peruse it, if at all.
Should you have a large global function, a communication strategy may include a regularly published report intended to keep the security function connected and informed. Copies to your management team can help keep them in the loop on what you're doing and how the security function adds value.
Let us know if we can help further. Good luck.
Answer provided by Nick Proctor, Security Executive Council Emeritus Faculty.
Related Council resources
Measures and Metrics in Corporate Security - Special Package
Knowledge Corner: Measures & Metrics