Q. How can I influentially build, defend, and or proactively manage my budget; ideally free of counterproductive interference?
A. We are routinely asked this by our practitioner community. Short of wishing you good luck, we recommend a number of pro-active measures. Start first with an understanding that your reputation as a dependable steward of organizational funding must be resilient. Performance and return on investment for funds employed are givens.
Second, let your boss know that you intend to operate under budget for all planned activities. Understand that the vogue of “doing more with less” is not new and unlikely passing. R. Buckminster Fuller, the architect, inventor, and philosopher advanced the notion of ephemeralization, the ability of technological advancement to do "more and more with less and less until eventually you can do everything with nothing." Fuller wasn’t kidding. His considerations of time, effort and outcomes for navigating the globe by sail, steam, nuclear vessels, and aircraft proved the point.
The truth of the matter is that most leaders seldom ask permission to lead. Bias for action may be a mantra but it is seldom condoned when it is unilateral. In fact, action may only be fully appreciated when tempered by influential stakeholders who are aligned with the notion that security enables the business opportunistically. After all, budgetary oversight is not intended to impede protection of people and assets nor is it intended to constrain cost avoidance and savings.
More art than science, leaders, and in particular, risk mitigation leaders, must communicate opportunities and timing to meet and exceed multiple critical expectations within budget guardrails. Those who flex guardrails for net performance get high marks for “leadership courage” and perhaps more importantly, results. Leadership courage, innovation and sound value determinations are keys to asking forgiveness after the fact on budget timing elements. However, the security function, as compared to other business functions, is likely the most pressed to have to articulate the ROI to gain traction; and the value must be harmonized in business goals.
Tried and true proven practices include funding unbudgeted or unplanned protection innovation opportunities with savings from another area and/or forecasted net contribution with additional benefits. Underfunded and under-resourced CSOs are finding unscheduled re-investment when they are dependable stewards of entrusted funds. Concisely communicate risks to the brand in dollars and cents. Leadership intuitively understands the true total cost of ownership for security as the sum of capital and expense for people process and technology as well as related claim costs.
Surprising and delighting the customer requires the capability to manage both the budget and security risk outcomes including injuries, asset damages and losses, business interruptions, litigation and regulatory sanctions. Better net performance at less total cost often insulates security departments from “share the pain” budget sweeps. Be aggressive in the first and second quarter and in the first week of any period. Track net contribution for cost avoidance and savings for all clients. Most of all be innovative.
Some examples that bear consideration include:
- Move from face-to-face local investigations to more economical and proven methodologies. Invest in unbudgeted behavioral interview via telephone interview and written statement analysis training for all investigative personnel. Non-traveling investigators and written statement analysts often outperform their traveling counterparts. Conference calls often prove less intimidating and enable managers and HR to join the process transparently as the local witness. Outcome: An example from my experience - same year $100,000 net cost travel savings and 300% improvement in asset theft admissions with audited asset recovery and cost avoidance exceeding $500,000. Laid foundation for $6,000,000 per year net contribution and improved carbon footprint.
- Postpone an approved FTE hire to fund an enterprise and security alignment benchmarking study that benefits multiple internal stakeholders. This type of activity is extremely beneficial for informing new leadership or re-informing existing leadership on Security’s value in an ever changing risk and regulatory compliance environment. Outcomes: P&L cost neutral study resulting in leadership alignment improvement, staff and program expansions, improved confidence, regulatory compliance with multi-million dollar net contribution for billion dollar enterprises.
- Make the case for an unfunded situational risk monitoring capability. Security Operations Centers and Global Security Operations Centers galvanize 24x7x365 people, process and technology capabilities for protection programming. Outcomes: Higher risk mitigation and regulatory compliance confidence for estimated multimillion dollar annual returns. Reduced frequency and severity of events also translate to fewer product and service interruptions.
- Pilot unbudgeted P&L neutral security improvements following any critical event that injures, kills or critically impairs people connected to the enterprise. Brand is highly correlated in the research literature to mass casualty events; better do it right or suffer brand damage. The approach will likely translate for organizations that manage breach events elegantly. “Cultures that care” demonstrate high share value rebound capability. Outcomes: Consequential life-safety risk improvement often returns more than a million dollars over cost in year one. My most recent experience was $1,064,000 first year return and a standard adoption for an estimated $56,000,000 forecasted benefit. Previous outcomes have been estimated as high as $95,000,000.
- Pilot virtual long distance leadership and staff development. Outcomes: Higher staff engagement and $1,100 per person cost avoidance for net budget savings.
Questioning the status quo is arguably job one for change agents that require more freedom for innovation. But it comes with risks. Those who attempt it without a firm business case do so at their own peril. We will explore those examples at a later date. Other resources follow. Please let us know your experiences and feedback at contact@secleader.com
Additional Resources:
Article:
Show Me the MoneyBooks:
Measures and Metrics in Corporate SecurityInfluencing Enterprise Risk Mitigation
Answer provided by Francis D’Addario, Security Executive Council Emeritus Faculty member.
Hear more from Francis D'Addario: In this podcast, Francis delves into one of the 10 Roadmap for Success practices - the importance of focusing on leadership issues.
Comments