Análisis del Caso Práctico

The summary of the findings was based on data analysis provided in Chapter 4. These findings are non-exhaustive but consist of the major outcomes of the study and are the following:-

• The main threat sources to industrial assets were sighted as employees and outsiders who contribute to the major security risks which were found to be theft, burglary, fraud, fire and robbery;

• Most of the sites (about 55%) did not have integrated security systems. The security measures in place mostly consisted of physical security, guards, CCTV, alarms, policies and procedures which are stand-alone. According to Vellani (2007: 206), security measures should be integrated in order to provide effective protection. Therefore, the

118

presence of stand-alone security measures at most industrial sites can compromise security;

• The reasons for integrating security systems at industrial facilities were found to be high vulnerability of receiving, warehousing, dispatch, plant and machinery, access control and cash office points which were likely to be affected by theft, burglary, fraud fire and robbery security risks. In view of advancements in security technology security systems, integration was found to be a suitable solution for protecting these vulnerable points;

• The three methods of data collection indicated the integration of access control, guards, alarms, CCTV, fire system, policies and procedures as an integrated security system. On functional integration, the study found out that the Security function should have close links with Information Communication Technology, Human Resources and Finance. Most industrial facilities (about 73%) did not have written security policies and procedures and Vellani (2007: 173) alludes that while policies and procedures are cost- effective, they are not mostly included in a security system;

• The suitable modes of transmission for an integrated security system were found to be fibre optic on local area networks (LAN) or wide area network (WAN) using Integrated Services Digital Networks (ISDN) or Asymmetric Digital Subscriber Lines (ADSL) and complemented by wireless transmission.

• The key players were indicated as Security practitioners, System suppliers/installers, system operators, top management, and Information Technology specialists, security service providers and/or project team members;

• The process of implementing integrated security systems was found to include security policy, security survey, system design, procurement, service level agreement (SLA), installation, training, operating, review and upgrade;

119

• The requirements for integrating security systems were found to be the need for the security system, availability of resources, top management commitment, skills to implement and feasibility to implement were critical to the effective implementation of ISS. In support of this, Larson (2009: 134) found out that executive management support is essential for the convergence of security systems. In addition, Vellani (2007: 175) also comments that upper management commitment ensures compliance to implementation of security measures;

• In terms of perceived effectiveness, all three methods indicated that integrated security systems were more effective, easy to monitor, provided a good outlook of security and ensured improved record keeping of the security function;

• The challenges of implementing integrated security systems were indicated to be possible lack of top management support, insufficient resources, system breakdown, and difficulties in operating due to skills shortages, sabotage, and incompatibility with existing systems, power outages and network connectivity; and

• The study also established that connivance to theft at receiving and dispatch points at industrial facilities may be reduced by the inclusion of dedicated CCTV, undercover surveillance, functional integration and spot checks.

120 5.3 CONTRIBUTIONS OF THE STUDY

The findings of this research provide several contributions to management, security, information technology, security service providers, security system suppliers and security training organisations. The contributions include the following.

5.3.1 Insightful to management

Upper management should draw insights from this study on its responsibility to ensure the implementation of integrated security systems. The study found out that top management is ultimately responsible and accountable for risk management even though it delegates this to some functions within the company structures. Authority to provide resources for security systems integration is granted by top management. If this approval is not granted, then there is no subsequent deployment of integrated security systems. The consequences of not deploying effective security measures will return back to management through losses due to thefts, burglary, fraud, fire and other security related problems as established by the study. This view was supported by the American Society for Industrial Security (ASIS) International Chief Security Officer Roundtable (CSORT) report (ASIS CSORT, 2010: 19) which discloses that programmes that integrate company activities should have strong support from executive management. The ASIS CSORT (2010: 5) rightly points out that establishing effective risk management should not be viewed as a costly luxury but a business case.

5.3.2 Lessons for security practitioners

Security practitioners may draw considerable lessons from this study based on the findings and recommendations. It was one of the study’s findings that security practitioners play a critical advocating role in the implementation of integrated security systems. Top management can only be alerted and convinced by the security manager on the need to implement or upgrade security systems. Therefore, security practitioners should make serious efforts to gain insight into security systems integration not only from this study but from other sources as well. Security managers should have some knowhow in security technology because of the rapid changes in technology used in security in general. The ASIS CSORT (2010: 17) supports the view that information

121

technology aspects are important in the overall management of security risks in various organisation settings.

5.3.3 Coordination between IT and Security

Security practitioners should work closely with Information technology (IT) professionals to ensure effective deployment of integrated security systems. The convergence of information technology and physical security was alluded to by Larson (2009: 28-31) because security convergence has similarities with security systems integration. IT practitioners provide expert advice on technological aspects of systems integration, in particular the identification of quality security devices and the mode of data transmission. Transmission platforms and networks are important to security systems integration as they contain aspects of effectiveness and information security. A desirable security system should be both effective and secure. An insecure security system can be tempered with and therefore may in itself become a security weakness. The prime purpose of any security system is to deter, control, detect and in some instances, detain perpetrators at an industrial facility. Instant detection and rapid response are basic and powerful requirement of an integrated security system at an industrial site as asserted to by Vellani (2007: 206).

5.3.4 Informative to security systems and service suppliers

Suppliers of security services and systems can also benefit from this research. In the modern-day security environment, security measures should be deployed to complement each other. Stand- alone security measures may not be effective in view of the complexity of security threats confronting organisations. Suppliers of security services and systems should be able to advise clients on the suitability of security systems for integration in view of the security risks confronting the facility. Integrated security systems have potentially high initial capital outlay cost implications but the benefits are long-term if proper identification and deployment of combinations of security measures is made. Vellani (2007: 208) advises that it is important to employ more skill in identifying the requirements of an effective security system. In addition,

122

Vellani (2007: 209) demonstrates that security systems should be deployed in layers and that they be in sufficient combination to perform the desired security functions.

5.3.5 Contributions to training

Institutions and organisations that provide training in security and loss control management can take some aspects of this study into their training programmes. Security training organisations may consider some of the following for inclusion:-

• Security systems integration;

• Problem solving in the security management environment; • Inductive and deductive reasoning for security practice; and • Security practice root cause analysis.

According to Mouratidis and Giorgini (2007: 17-28), security system requirements are viewed as restrictions at a facility. These are some of the high-level skills which security managers at industrial facilities are supposed to acquire to ensure effective protection of the sites.