Introduction
A global company with $132 billion in insured property assets and 284,000 employees integrated physical security into its global business model by centralizing management of security. Rather than local ownership of security, a global security department oversees everything from brand protection, vehicle safety, fire prevention, and global crisis management.
Opportunity
“We control everything from one spot—my office,” explained its executive director of global security at an international security conference. “No matter where the facility is located in the world, we set the standards for protection,” and the 6,000 or so monthly incident reports all flow back into the global security department. Security planning and coordination is centralized, but the delivery of security is achieved through a security services contract with its global provider, utilizing 5,250 contract security personnel to protect it at all company facilities.
Solution or Approach
Because the strategy relies heavily on its contract security partner, the global security leader described the controls they implemented to ensure consistent and quality service around the world.
Supplier selection. A single-source account requires a high-quality provider. “I want people who are experts, so they can apply security and not just watch holes in the fence. You need them to provide subject matter experts, not account and sales representatives."
"You really must look at what you get for your money and not the price of the contract.” — CSO, Billion-Dollar Global Conglomerate
Clear lines of responsibility. “We have pretty detailed RASIC charts that are very helpful.” (RASIC is a responsibility assignment matrix.) The charts divvy security responsibilities between the company’s individual business units, four regional centers that report directly to the global security department, and the contract security firm’s local and regional security divisions. The quality of the provider is critical, as they are ultimately responsible for conducting facility risk assessments. “You have to get a pretty sophisticated outfit to get this [type of arrangement] to work.”
Trust (with verification). The security firm measures its compliance with the security metrics that the company develops from its policies, standards, and procedures. “They collect the metrics, but we do pretty intense audits from time to time.”
Encouraging honesty. An “improvement” attitude towards metrics helps to encourage supplier honesty in data collection. “To us, red is good,” he said, referring to the metrics scorecard color indicating a sub-standard score. “You can’t punish people when they bring forward problems, you want to encourage it. I get very suspicious when all the metrics are ‘green.’”
Compensation review. The company examined pay to ensure that it supports worldwide consistency and quality of service. Because even in a large national or global account arrangement, it’s possible for a vendor’s local supplier to earn more from his small local accounts than he earns from servicing a small portion of a huge global account. “You have to ensure rewards for global success,” or else pockets of substandard performance can emerge.
Communication. The global conglomerate provides its security supplier with a single point-of-contact and plenty of support without micromanaging the contract firm’s personnel.
Results and Benefits
The company’s security chief says the model is working for his company and the numbers bear him out. For example, global security expenses ran $4.3 million for a year in which the actual downstream contribution of physical security to the company—a large share of which was derived from the uncovering of fraud schemes—was $207 million.