Q. My company has a strategic plan process that lasts about two weeks every other year. However, it doesn’t translate to developing a real useable plan for corporate security. Do you have any ideas on creating one that does not involve a huge extra amount of time?
A. Strategic planning determines where an organization is going over the next several years, how it’s going to get there and how it will know if it arrived or not. For the corporate security (CS) organization to be fully effective and proactively support the overall goals of the company, its goals and objectives must be reflective of and inextricably interwoven with the company’s goals. As you’ve seen, this is not always easily achieved but it is possible, and it is imperative. Without this meshing of goals corporate security could easily find itself marching happily along but failing to deliver the level or type of security the company needs.
The first step in developing a CS strategic plan that mirrors the company plan is to fully understand the company plan. For example, if one aspect of the company’s strategic plan is to reduce total delivered product costs, what exactly does that mean? Does company management feel they are bleeding dollars in the product supply area of their operations and it needs to be tightened? This may not immediately feel like a corporate security problem, but it does present an opportunity for the CS strategic plan. Perhaps the CS plan can include enhancing or instituting a process for reducing theft in transit. Or initiating a more collaborative alignment with transportation companies to reduce losses is in orders. Maybe deploying a stronger, more efficient physical security review of distribution centers will reduce losses, and as a result, contribute to the company’s strategic plan to reduce total delivered costs. Above all, don’t assume because the company’s strategic plan doesn’t seem to speak to security issues that there is nothing on which to build a sustainable, actionable corporate security strategic plan.
There should always be a substantive and vibrant relationship between corporate security and corporate management both at the senior manager, strategic level and with line management tasked with carrying out the strategic direction of leadership. Without these relationships, (which should be nourished by regular meetings and mutual understanding of priorities), corporate security will be incapable of achieving the needs of the business as they will be unaware of what the needs truly are.
In addition, these relationships provide corporate management with a clearer understanding of what CS does and, more importantly, how corporate security brings value and adds to the bottom line; in contrast to a drain on resources and performing work that is often difficult to measure in terms understood by business leaders. If such relationships don’t currently exist in your company, make them happen. Get time on the calendar of senior corporate leaders, and be prepared to “sell your case” in five minutes or less as you may not get much time until relationships are established. Explain to senior managers and line managers that CS exists to meet the security needs of the business and that a greater understanding of the business means more efficient, effective, and appropriately directed security services. Don’t be afraid to say you are not certain how, for example, the company’s coupon redemption process operates.
Once you have this information, you can design security processes to reduce losses in a specific area. Ask open questions that elicit explanations, noting that you intend to develop corporate security’s strategic plan to mirror the corporate plan. In time your meetings will become expected by senior managers and they will begin to invite corporate security to the table earlier in the strategic planning process. A word of caution: Never approach senior corporate managers from the perspective of “We’re Corporate Security - what do you want us to do? What can we do for you?” You are quite likely to get a response that sounds like “How should I know? That’s what I pay you for!” Instead, be confident that you are the security expert, you know what the best strategic approach for security is; you just want to ensure you fully understand all aspects of the business so you can design the most effective and efficient strategic plan possible for security.
Answer provided by Walter Clements, Security Executive Council Emeritus Faculty.