As someone who spends a large part of his working life engaged in the tendering process, I feel qualified to offer a critique of the techniques being employed by far too many UK businesses as they seek to buy ‘Best Value’ from the security guarding marketplace.
The opinion that follows is not universally true of all buyers (indeed I’m currently in discussions with several notable exceptions), nor indeed all suppliers, but the uncomfortable reality is that poor decision-making at the point of purchase is blighting both user and supplier sides of our industry.
Happily, there is a solution – and it involves going back to basics and revisiting risk assessment as the central plinth of security service procurement and provision.
We would all like to think that risk assessment is already at the heart of the security strategy, but the plain truth is that far too many security contracts are being specified, tendered and awarded on the basis of a replication of ‘what has gone before’.
Why is this?
It’s tempting to say that the dominance of facilities managers and purchasing departments in the buying side of our industry – and the corresponding lack of dedicated security specialists – has contributed to the demise of proper risk assessment as the driving force in security purchasing, but it’s not as simple as that. In addition, that argument lets the supply side of our industry off the hook far too easily.
If it ain’t broke…
From the buying side, perhaps it’s the case that an organisation which has not been seriously damaged by crime or attack in recent years might assume its security procedures are robust and effective. If there’s no security specialist within the host organisation arguing the case for continuous review of the security strategy, a non-specialist could hardly be expected to take on that responsibility.
The truth of the matter is that the reason their security procedures remain unchallenged probably has more to do with luck than judgement – if no attempt to disrupt the business has been made, no shortfalls will have been identified.
Security strategies should be thoroughly reviewed (at the very least) on an annual basis. A contract review or ‘anniversary’ would seem to be the ideal opportunity for this review to take place – giving buyers the chance to compare advice from a selection of suppliers. Even if this opportunity isn’t grasped with both hands, the absence of a full-time security manager need not be a barrier to good security thinking or Best Practice.
Indeed, many highly competent security specialists are now engaging with British businesses on a consultancy basis.
Instead, we see more and more price-driven tenders where the prime considerations are TUPE (leaning heavily on the perceived need to re-employ staff in their posts regardless of the value or suitability of the service they provide) and the desire to have a benchmark against which suppliers’ costs may be compared on a direct, like-for-like basis.
One can understand why this type of thinking predominates – and there’s some commercial logic to it – but it’s very much the case that far too many security contractors are complicit in perpetuating this inadequate state of affairs. Put simply, it’s unimaginative and lazy. Worse still, it’s potentially very damaging and wasteful.
Sound advice, Best Practice
At a time when the security industry whimpers about diminishing margins and deflationary pressure from buyers, we should be collectively arguing to put risk assessment back at the top of the agenda and demonstrate the professionalism and value that we can offer to the corporate customer.
More often, unfortunately, the temptation to accept the customer’s specification without challenge and simply run it through the pricing matrix wins out over any thought of striving to deliver sound security advice and Best Practice. Small wonder we are becoming a commoditised industry. Small wonder we’re seeing unprecedented pressure on prices. We’re doing it to ourselves!
From any professional standpoint, the inescapable conclusion is that accurate and impartial evaluation of risk should lead to the selection of the supplier which offers the most appropriate and cost-effective suite of risk countermeasures. If not, what exactly is the point of security as a meaningful part of the corporate machine?
Buyers should not assume that this approach will generate additional expense. There’s no logic in that conclusion. In fact, the opposite may well be true given the technological advances that have taken place since the security strategy was last properly reviewed. It’s true that efficiency and Best Practice may well be available in one commercially palatable package.
As an industry, we owe a Duty of Care to our customers, their staff and visitors to keep them safe, to protect their assets and interests and to maintain their business continuity. We don’t achieve that by meekly repeating last year’s formula, nor indeed a formula that has been in place for two, five or maybe even ten years.
Sadly, many security companies are either not capable enough (or are unwilling) to provide intelligent, expert and sound risk assessment to commercial buyers – even though many undoubtedly have the resources and expertise within their organisations to do so relatively easily and inexpensively. If we are incapable of delivering our service with expertise at the core, then why should we expect buyers to regard us with respect and reward the relationship accordingly?
Buyers take responsibility
Is the harsh commercial reality of the modern guarding industry all of its own making? Are all security contractors as unimaginative and unwilling to embrace risk as a concept as I have painted them?
Clearly there are good and expert businesses out there, staffed by qualified, interested and committed security managers – I work for one such company – so the mediocrity is not universal.
Given that statement is true, surely it’s the role of a professional buyer to seek these companies out, and then take full advantage of the skills that they have to offer?