Risk UK May 2015

Security and Fire Management

IFSEC and FIREX International 2015: Show PreviewsContractual Basics, Negotiation Procedures and RiskDelivering Step Change at The Security InstituteVertical Focus: Security in the Leisure and Events Sector

May 2015

The Top-Down ApproachPrioritising Risk Management Issues and Response

FrontCover May2015_001 11/05/2015 14:30 Page 1

Project1_Layout 1 11/05/2015 12:03 Page 1

Contents31 Leisure and Events Sector SecurityThis month’s Risk UK Vertical Focus centres on security in theleisure and events sector. Adam Breeze highlights stadiumsecurity (p33) while Daren Lang visits Burnley FC’s networksurveillance installation (p34). Perimeter protection is the focusfor Mo Ali (p36). Tim Northwood concentrates on access controlin fitness centres (pp37-38) and Steve Hodges assesses securityand safety tactics at Southampton FC’s St Mary’s Stadium (p39)

41 ISO 9001 2015: Adaptation and ChangeAndrew O’Hara on the scheduled 2015 revisions for ISO 9001

43 Intelligent Control and Monitoring in HVMAre current Hostile Vehicle Mitigation solutions integrating wellwith their security product cousins? Debbie Heald investigates

46 The Security Institute’s View

48 In the Spotlight: ASIS International UK Chapter

51 FIA Technical Briefing

54 Security Services: Best Practice Casebook

56 Sailing The Perfect Cyber StormColin Lobley discusses the difficulties of ‘cyber’ management

58 Training and Career DevelopmentAngus Darroch-Warren evaluates the importance of training anddelivery methods designed to attain the best end results

60 Risk in Action

62 Technology in Focus

65 AppointmentsKey people moves across the security and fire business sectors

67 The Risk UK Directory

May 2015

3www.risk-uk.com

ISSN 1740-3480

Risk UK is published monthly by Pro-Activ PublicationsLtd and specifically aimed at security and riskmanagement, loss prevention, business continuity andfire safety professionals operating within the UK’s largestcommercial organisations

© Pro-Activ Publications Ltd 2015

All rights reserved. No part of this publication may bereproduced or transmitted in any form or by any meanselectronic or mechanical (including photocopying, recordingor any information storage and retrieval system) without theprior written permission of the publisher

The views expressed in Risk UK are not necessarily those ofthe publisher

Risk UK is currently available for an annual subscription rate of£78.00 (UK only)

Risk UKPO Box 332Dartford DA1 9FF

Editor Brian Sims BA (Hons) Hon FSyI Tel: 0208 295 8304 Mob: 07500 606013e-mail: [email protected]

Design and Production Matt JarvisTel: 0208 295 8310 Fax: 0870 429 2015e-mail: [email protected]

Advertisement Director Paul AmuraTel: 0208 295 8307 Fax: 01322 292295 e-mail: [email protected]

Administration Tracey BealeTel: 0208 295 8306 Fax: 01322 292295 e-mail: [email protected]

Managing Director Mark Quittenton

Chairman Larry O’Leary

Editorial: 0208 295 8304Advertising: 0208 295 8307

5 Editorial Comment

6 News UpdateG4S Annual Report 2014. London to host 2016 ASIS EuropeanSecurity Conference. Launch of The SANS Cyber Academy

8 News Special: IFSEC International 2015 Preview The Conference Programme. The Keynote Speakers. TheExhibition. Brian Sims previews what’s in store for end usersvisiting IFSEC International 2015 at London’s ExCeL

11 News Special: FIREX International 2015 Preview Brian Sims brings Risk UK’s readers all the latest detail oncontent for FIREX International which runs from 16-18 June

12 Opinion: Security Training and Assessment Stuart Galloway considers the current security training andassessment landscape and offers salient views on ways forward

14 Opinion: Security’s VERTEX VoiceWhy is the Living Wage campaign of such great importance fortoday’s businesses? Peter Webster provides some talking points

17 BSIA BriefingCompanies shouldn’t only be reviewing their security strategiesin light of potential terrorist attacks. As Mike O’Neill explains,they ought to be discussing policy on a continual basis

20 The Security Market: Solutions to RiskPrioritising risk management issues and organising a riskresponse are key remits for security professionals. Peter Speightand Peter Consterdine examine the Best Practice approach

24 Contractual Basics, Negotiations and RiskJohn Spratt covers negotiation, Service Level Agreements, KeyPerformance Indicators and prices for security contracts

26 The Risk UK InterviewTerry Sallas informs Brian Sims that the nature of value requiredby end users from their security solutions providers is changing

28 Everything’s Under Total ControlInformation management systems at Newcastle University andthe University of the Arts London outlined by Brian Sims

Techniques for Tactical Interviewing (pp48-49)

Contents May2015_riskuk_Dec12 11/05/2015 13:00 Page 3

Designed & made in the UK by Texecom

Texecom’s Premier Elite mobile apps have been recently enhanced and upgraded. Featuring a brand new interface and key feature upgrades including push notifications and IP camera access, the Premier Elite Mobile Apps put you in control of your home security.

• Push notifications keep you notified of system events

• Easier and more intuitive to use

• IP Camera control allows you to access your own home camera system

SmartKey AppEmulating Texecom’s acclaimed wireless SmartKey interface, the SmartKey App provides end-users a simple, intuitive interface to arm, part arm, disarm and trigger up to 3 programmable outputs. The SmartKey App is also contained within the Keypad App.

Keypad AppThe Keypad App emulates a Premier Elite keypad interface. This allows end-users, master users and engineers the ability to remotely control the alarm system, as if physically standing in front of an actual keypad connected to the system.

Engineer AppThe Engineer App contains all the functionality of Keypad App with added system engineer diagnostics and commissioning tools. Panel status, zone status, event log (view last 25 events) and remote anti-code reset functions make this a valuable engineering tool.

EditorialComment May2015_riskuk_jul14 11/05/2015 14:24 Page 1

5December 2012

www.risk-uk.com

Editorial Comment

Pre-dating a Strategic Defence and Security Reviewscheduled to take place later on this year, the Royal UnitedServices Institute for Defence and Security Studies (RUSI)

report entitled ‘The Future of Research and Development in theUK’s Security and Intelligence Sector’ explores the UK’s R&Droadmap to 2020, duly identifying a series of recommendationsfor the British Government and stakeholders across the securityand intelligence community.

Authored by Charlie Edwards (director of the National Securityand Resilience Studies Group at RUSI) and Calum Jeffray (thatsame group’s research Fellow), the Whitehall-based Think Tank’sexcellent document suggests that, in recent years, UKGovernment spending on R&D in security and defence has fallenfaster than in any other area. At the same time, the SecurityService and intelligence agencies face an ever-more diverserange of “technically competent adversaries” and yet “have lesscontrol than ever” over the development of new technologies.

“Investment in R&D in the UK has continued to fall over thelast 30 years,” explained Edwards. “In 2012, the year for whichyou’ll find the most recent figures, R&D amounted to 1.72% ofUK GDP. This was lower than the 2.06% average for the EU andfar short of the Government’s target to have increased UK R&Dinvestment to 2.5% of GDP by last year.”

RUSI states there’s a widespread belief that current levels offunding for R&D activities in the security and defence sector areinsufficient. “This is problematic in the area of national security,where operational priorities often necessitate innovation that’sfast and responsive to the needs of the security and intelligenceagencies without any disproportionate financial burden.”

While the Government and its agencies have indeed takennotable steps of late to increase their level of transparency andopen up the market to a broader range of “young and technicallyadept” SMEs, RUSI believes that “significant obstacles” remainwhen it comes to linking Government requirements for nationalsecurity with emerging capabilities across the private sector.

Addressing the significant challenges around sustainingtechnological advantage, the RUSI report explores ways in whichto improve engagement between Government, private investorsand industry operating in this sector to ensure that R&Dinvestment is strengthened, priority capabilities are understoodby investors and that all critical proficiencies are maintained.

Key recommendations are that Government needs to attractmore private investors to the security sector by increasingmarket confidence. There must be clearer indications fromParliament on technology policy, strategy and procurementwhich, urges RUSI, would improve investor confidence and helpindustry to “better allocate its R&D resources” in priority areas.

Investment in R&D for security must be increased and the‘culture of secrecy’ broken down for investors “unable to gaugemarket requirements” and the return on their fiscal injections.

Today’s threat environment is hugely complex. With budgetarypressures ongoing, RUSI’s desire to witness an increased marketconfidence that will attract new private finance in security andintelligence R&D simply must be facilitated by Westminster.

Brian Sims BA (Hons) Hon FSyIEditor

Focusing on R&D

www.texe.comSales: 01706 220460

Security for professionalsThe Premier Elite Series represents the most advanced electronic security solutions Texecom has to offer.

These products are designed to protect high value installations where design flexibility, product performance and integrated solutions are a priority.

EditorialComment May2015_riskuk_jul14 11/05/2015 14:25 Page 2

6www.risk-uk.com

G4S communicates strong Annual Report for2014 with revenues totalling £6.8 billion

Global security business G4S has issued itsAnnual Report for 2014 wherein thecompany outlines that emerging market

businesses have accounted for 36% of Grouprevenues and 40% of profits across the last 12-month period. The company has posted totalrevenues of £6.8 billion for 2014, which is upfrom £6.6 billion in 2013, as well as a totalPBITA (Profit Before Interest, Tax andAmortisation) of £329 million. Indeed, the G4SGroup’s overall performance and prospects arereflected in the directors’ approvedrecommendation to increase the final dividendby 5% to 5.82 pence per share.

Organic growth for 2014 was 3.9% overall and9% in emerging markets. That growth,combined with the ongoing success ofrestructuring and efficiency programmes, haswitnessed underlying profit increase by 8%,underlying earnings rise by 12% and cashgenerated by operating businesses ascend from£420 million to £526 million.

Revenues within the security and FM sectorstotalled £4,004 million (up from £3,898 in 2013)while security systems and technologygenerated revenues of £566 million (in turnrepresenting 8% of total G4S Group revenuesfor 2014).

Care and justice services realised revenues of£605 million last year and, as such, a rise of £19million on the 2013 figures. Meanwhile,specialist outsourced services – includingsupport for front line policing work and projectswith the utilities sector – generated asubstantial £504 million.

For its part, the cash solutions businessbrought in revenues of £1,071 million, dulyaccounting for around 16% of Group revenues.

In 2014, the business took determined actionto strengthen its sales capability, customerrelationships and customer service, makingsubstantial investments in strategic accountmanagement and also implementing asystematic approach to measuring andmonitoring customer satisfaction.

Such investments have begun to improvepipeline management and, in 2014, thebusiness won new contracts worth a combinedtotal value of £2.1 billion.

G4S achieved revenue growth of 8.9% in itsemerging market businesses and 6.9% acrossits North American operations. As expected,revenues in the UK and Ireland and Europe

regions declined by 1%, directly reflecting theend of the Electronic Monitoring contract in theUK and the cessation of the prison servicecontract in the Netherlands.

No less than 56 under-performing or‘immaterial’ businesses were reviewed in 2014and eight of them (including US GovernmentSolutions) subsequently sold. The sell-offsraised gross proceeds of £177 million in 2014and, indeed, have generated gross proceeds of£248 million since 2013.

20 businesses have now been discontinuedand 22 are presently under review while 14 willbe retained with performance improvementplans to be put in place in due course.

Businesses sold had revenues of over £700million and an average net margin of 2.8%.

“Excellent progress” being madeSpeaking about the Annual Report’s contents,G4S Group chairman John Connolly commented:“Over the course of 2014, the Group has movedforward across a broad front while managementhas made excellent progress, executing theStrategic Plan with great skill and energy. TheBoard has been particularly pleased with theprogress made in strengthening the globalleadership team, reinforcing the G4S Group’svalues and investing in organic growth,customer service and operational efficiencies.”

Group CEO Ashley Almanza explained: “Overthe past 18 months, we’ve established anumber of important programmes to improvethe productivity of G4S. Given the scale andcurrent stage of organisational maturity withinthe business, these programmes address amaterial opportunity to improve ourperformance and create shareholder value. Ourrestructuring and organisational efficiencyprogrammes made good progress in 2014, andwe believe there are further opportunities toimplement lean processes and more efficientorganisational structures as we progress. Anynew programmes will be subject to stringentfinancial, economic and operational criteria.”

Independent studies suggest that globaldemand for security is expected to grow at acompound average rate of 7% per annumbetween 2013 and 2023, reaching circa £210billion in annual revenues by 2023.

G4S states that the main drivers of industrygrowth are diverse. They include the economicenvironment and, of course, regulation.

Ashley Almanza:CEO at the G4S Group

NewsUpdate May2015_riskuk_may15 11/05/2015 15:29 Page 6

News Update

London set to host 2016 ASIS European Security ConferenceASIS International, the global organisation for security professionals, has announced that it willhold its 15th European Security Conference and Exhibition in the city of London, with the eventrunning from 6-8 April 2016.

The ASIS European Security Conference and Exhibition (or ASIS Europe 2016) is a uniquebusiness security summit that’s expected to attract around 600 senior security professionalsfrom all over Europe and beyond.

Exhibition visitors and conference delegates will be able to share and learn about effectivestrategies and solutions for securing their organisations’ people, property and information intoday’s challenging global security environment.

The event will be organised around three days of bespoke and detailed educational sessions,keynote speakers, professional visits to leading organisations in the Greater London area, aSummit for Chief Security Officers (CSOs) organised by the CSO Round Table of ASISInternational and a trade exhibition featuring cutting-edge security technology and solutionsdeveloped by leading companies.

A significant element of the event will be the various networking opportunities offered such asthe traditional Welcome Party, the President’s Reception, working lunches and professionalnetworking breaks.

Dave Tyson CPP, president of ASIS International, told Risk UK: “We look forward to returning toLondon with our 2016 European Security Conference and Exhibition. London is one of the world’sleading hubs of culture, business and finance with its own unique security challenges. ASISEurope 2016 will be an excellent occasion for a global exchange of Best Practice and experienceregarding those challenges.”

Andy Williams CPP, chairman of ASIS International’s UK Chapter, added: “The securityprofession in Britain is one of the most developed around the world, and the decision of ASISInternational to return to London reflects that fact. We look forward to working with all like-minded organisations on making this extremely important annual event a great success.”

ASIS International has invited subject matter experts to participate in the conferenceprogramme by submitting proposals for a presentation. The organisation will accept proposalson all security-related topics including supply chain security, loss prevention, hotel security,intellectual property, maritime piracy, terrorism, executive protection, internal theft and fraud,competitive intelligence, brand protection, physical security, cyber security and convergence,investigations, due diligence and global business issues.

*Abstracts for papers can be submitted until Tuesday 15 September 2015. More details aboutthe Call for Presentations and the event itself are available online at: www.asisonline.org/london

7www.risk-uk.com

*The inaugural SANS CyberAcademy begins on Tuesday1 September 2015 at the StDavid’s Hotel, Cardiff

SANS Academy to create “highly-skilled cyber defenders” in eight weeksThe “world’s first intensive cyber boot camp” has been launched to quickly deliver a new band ofhighly-trained online defenders who can take up the growing number of cyber security rolesorganisations are struggling to fill.

The SANS Cyber Academy has been realised in response to pressing demand from business andGovernment for a way in which to quickly equip recent graduates with the specific skills needed todeal with today’s cyber threat.

Teaching compresses two years’ worth of cyber security training and experience into just eightweeks. Those who complete the course will be armed with the skills needed to walk straight into acyber security role and offer considerable and immediate impact to the host business.

“The cyber skills gap is growing and the graduate pipeline will not meet demand in the shortterm,” explained Andrew Smith, EMEA managing director at the SANS Institute. “This is particularlycritical in Government departments and the defence industry which are top targets for cybercriminals, cyber espionage, activists and terrorists. We need to create new skilled professionalsvery quickly and not just hire from the existing pool.”

The eight-week SANS Academy course will teach candidates how hackers operate and how torespond when things go wrong. Delegates will build a fully-functioning business network – firstbadly and then correctly – to understand the ways in which hackers might infiltrate the enterprise.

In addition, candidates will have to make security policy recommendations to ‘management’ inorder to prevent problems from recurring. Candidates will sit both GCIH and GSEC certifications,themselves world-renowned benchmarks of cyber security expertise.

Andy Williams CPP:Chairman of ASISInternational’s UK Chapter

NewsUpdate May2015_riskuk_may15 11/05/2015 15:30 Page 7

**The 2015 Protection andManagement Series of eventswill run from 16-18 June atExCeL, London

*The Protection andManagement Series is theUK’s largest event dedicatedto protecting and managingproperty, people andinformation. Organised byUBM EMEA, the seriesincorporates IFSEC and FIREXInternational, Safety & HealthExpo, The Facilities Show andService Management Expoand attracts more than40,000 attendees

8www.risk-uk.com

Video surveillance and intruder alarms,access control, perimeter protection andphysical security, IT and cyber security,

integrated security solutions, Safe Cities andintelligent buildings… If you’re talking ‘Security’in 2015 then IFSEC International has it coveredand in some detail.

Running from 16-18 June at London’s ExCeL,UBM’s flagship IFSEC International exhibition isthe premier global event for the security sector,bringing together the entire buying chain underone roof. Last year, the show attracted morethan 24,000 unique visitors and over 650leading manufacturers, suppliers anddistributors from 100-plus countries.

Indeed, the 2014 edition witnessed a 25%increase in end user attendance and a 68%upsurge in delegates for the dedicatedconference programme. 24% of those visitorswere looking to allocate a security budget of£1,000,000 or more, while a staggering 11,000attendees downloaded the Official Show App.Some indication, then, of both the popularityand pulling power of IFSEC International.

The IFSEC AcademyThe IFSEC Academy affords end users freeaccess to the best education. At IFSECInternational 2015, the educational content isconcentrated within several theatres located onthe show floor. Content in the ConvergenceTheatre and the Safe Cities Theatre will cover arange of issues, among them counter-terrorismand numerous applications of technology

across integrated security, IP security,intelligent buildings, access control, videosurveillance and physical security.

Sessions within the Convergence Theatreinclude a presentation by Jim McHale(managing director, owner and founder ofMemoori Business Intelligence), who will detailthe Internet of Things in Buildings and the partplayed here by security.

Also, a Crossrail Case Study courtesy of TonyPearson (senior consultant at Exova WarringtonFire Consulting) and Chris Stevens (director atSIDOS UK) highlights the fire safety,engineering and security elements of thisgargantuan construction project.

Another highlight in this theatre will be acyber security ‘Masterclass’ from KasperskyLabs’ David Emm wherein he’ll review the threatlandscape in 2015 and offer some salientpredictions for the future.

Content in the Safe Cities Theatre is designedto demonstrate how traditional securitysolutions can work in tandem to play a vital rolein the advanced security architectures of ourmajor cities, in turn providing strongerresilience and a safer future for us all.

Sessions here include a delivery from MikeO’Neill – managing director at Optimal RiskManagement – covering the detailed subject ofsecurity risk management and a presentationby the BSIA’s immediate past chairman GeoffZeidler, who’ll be considering the Police andSecurity Initiative for London.

A number of other theatres will houseseminar sessions tailored to your needs as asecurity professional. For example, the SecuritySolutions Theatre focuses on Best Practice forthe installation, compliance, testing and futureproofing of security systems. Key sessions notto be missed include a seminar on intelligentsurveillance led by Will Lloyd from BRE Global,tips on how to save money with smart tools –

In 2015, IFSEC International returnsto London’s ExCeL. Organiser UBMhas assembled an absorbing mix ofcontent for attending end users.Brian Sims outlines what’s in storewithin the conference programmesand, of course, plans for the soldout exhibition’s show floor area

IFSEC International 2015: The Conferences, The Keynote Speakers, The Exhibition

NewsSpecialIFSECInternational2015EventPreview May2015_riskuk_apr15 11/05/2015 15:28 Page 8

delivered by Jim Swift of the BB7 consultancy –and the presentation by Roland Muller fromSiemens Building Technologies (who’ll besharing his extensive knowledge on installingwireless applications).

Also, make sure you visit the ever-popularTavcom Training Theatre and benefit frombespoke educational training tips and advicewhen it comes to CCTV, IP, access control,intruder alarms and much, much more.

Run in association with Risk UK’s sisterpublication Benchmark Magazine, the all-newInnovation Arena will be a focal point at IFSECInternational 2015.

Only those security products and solutionstruly meeting Benchmark’s high level definitionof innovation will be given the opportunity topresent to industry professionals on thisexclusive platform, ensuring that end uservisitors are able to witness genuine innovationlive on the show floor. End users will also beable to meet and chat with the finalists ofBenchmark’s prestigious Innovation Awards.

Exhibitors at the showAmong the exhibitors at IFSEC International2015 is integrated security solutions developerTDSi. The company will be showcasing the newversion of its powerful EXgarde securitymanagement software on Stand F1100.

TDSi’s new-look stand will also featureSOLOgarde, MICROgarde and EXcel controllersin addition to enterprise solutions highlightingthe combined possibilities rendered by thecompany’s software products, includingVUgarde CCTV software integration.

Now boasting some 1,700 registeredcompanies, the Security Systems and AlarmsInspection Board (Stand F1375) will be led bynew CEO Alex Carmichael, who took over thereins from Geoff Tate in March.

SSAIB-registered companies includebusinesses providing electronic security,intruder alarm, security guarding and firedetection solutions. Throughout IFSEC, theSSAIB team will be available to answerquestions and discuss specific issues thatconcern registered firms and their end users.

On Stand F1300, Vanderbilt is set to meetwith integration partners and security/riskmanagers. Taking centre stage will be three ofthe latest new product developments within thecompany’s portfolio – the Aliro access controlsystem, the Vectis iX family of IP-based videorecording solutions and the SPC intruderdetection range.

Hall S17 Stand D1700 is the place to be if youwant to see ASSA ABLOY showcasing itsintegrated security and access control

technology. The business will reveal how itsfuture-proof solutions enable customers thecorrect level of access across a wide range ofend user markets, among them the commercial,education, transport and retail sectors.

Products from ASSA ABLOY, Mul-T-Lock, Trakaand Yale will be on display.

Series of Inspirational SpeakersBaroness Karren Brady CBE, Sir RanulphFiennes – the man dubbed ‘The World’sGreatest Living Explorer’ – and multiple Olympicchampion Sir Chris Hoy MBE are theInspirational Keynote Speakers lined up for theProtection and Management Series 2015.

Baroness Brady will open the event onTuesday 16 June. A regular newspapercolumnist, author and novelist, Baroness Bradyis known as ‘The First Lady of Football’ havingbecome managing director of Birmingham CityFC at the tender age of just 23. Her current roleis vice-chairman at Barclays Premier Leagueclub West Ham United FC.

In this Keynote Address, Baroness Brady willshare anecdotes from her own rise within thebusiness world, offering plenty of insights andadvice for today’s practising professionals whoare looking to drive their own strategicperformance to new heights.

Sir Ranulph Fiennes was the first person toreach both the North and South Poles on footand harbours extensive experience of large-scale fundraising, team building andperforming under pressure.

Be inspired and motivated by listening to SirRanulph’s timely and detailed advice atLondon’s ExCeL on Wednesday 17 June.

Britain’s greatest-ever Olympian, Sir ChrisHoy MBE will be the Inspirational KeynoteSpeaker on Thursday 18 June at 11.30 am.Having won a total of six gold medals and onesilver medal across three Olympic Games, SirChris Hoy reached the pinnacle of his career byattaining his fifth and sixth gold medals at thehugely successful London 2012 Games.

In his motivational and engaging session, SirChris Hoy will talk attendees through the‘marginal gains’ strategy which he credits formuch of his success.

Based on the theory that marginallyoptimising every possible area for improvementwill result in profound progress, it’s a strategythat can be translated to any business sector.

9www.risk-uk.com

News Special: IFSEC International 2015 Event Preview

“Running from 16-18 June at London’s ExCeL, UBM’sflagship IFSEC International exhibition is the premierglobal event for the security sector”

Baroness Karren Brady CBE

Sir Chris Hoy MBE

NewsSpecialIFSECInternational2015EventPreview May2015_riskuk_apr15 11/05/2015 15:28 Page 9


Not to be missed at FIREX International2015 is the Expertise & Guidance Theatre,offering a free-to-attend educational

programme across the three days covering keytopics including fire doors, smart hotelsolutions, IP systems and fire risk management,

Notable highlights include a session entitled:‘Enforcement and the Fire Safety Order: Is itWorking?’ run by Nick Coombe (fire safetyregulation manager at the London Fire Brigade).This session is designed to explore the lessonslearned ten years on and also ask if there needsto be any changes made to the legislation.

Lance Ruetimann (senior manager forindustry affairs within the BuildingTechnologies Division at Siemens, Switzerland)will look at ‘Evolving Fire Safety TowardsHolistic Safety’, discussing fire safety and theconvergence of other safety measures alongwith the importance of evolving fire detectionand alarm systems into danger detection andmanagement solutions.

Also, the Fire Industry Association’s GrahamSimons will offer a timely and detailed updateon the Construction Products Regulation.

For full details of the educational programmerunning across the three days, and for thelatest updates, the readers of Risk UK areurged to visit the FIREX International website:www.firex.co.uk

Latest news from the exhibition floorWith over 100 exhibitors now confirmed acrossthe show floor, FIREX International willshowcase all of the very latest technologies,solutions and knowledge for practitionersdesigned to ensure life safety.

BM TRADA is a leading provider ofindependent testing and approvals servicesand, at this year’s show, will highlight thebenefits of effective passive fire protectionthrough a range of interactive exhibits, livedemonstrations and free seminars.

On the first day of FIREX International, BMTRADA will conduct a live fire door test from itsfire testing facility in High Wycombe that will bestreamed directly to the FIREX Expertise &Guidance Theatre. This powerful demonstrationwill show two identical doors subjected to aprolonged period of fire. One of the doors will

have been correctlyspecified and installedwhile the other willdemonstrate many of thecommon mistakes made.

Another exciting featureat this year’s FIREXInternational is the LossPrevention CertificationBoard’s Red Book Pavilion.Here, visitors to the showcan access informationabout products andservices enjoyingcertification bestowed bythe LPCB.

Meanwhile, the FireProtection Association’sInformation Zone is all setto provide an excellentenvironment for visitors in which they can relaxand network with their industry colleaguesduring the event. There’ll also be a wide rangeof presentations and seminars delivered byleading fire industry experts.

Gerry Dunphy, event director for FIREXInternational, commented: “We want to makesure there’s a real mixture of thoughtleadership, Case Studies and debate generatedby experts within the industry. This will sitalongside the practical hands-on experiencesthat are so well-loved by our traditionalaudience. We’re very much looking forward tohosting the entire fire safety industry atLondon’s ExCeL.”

Co-location with IFSEC InternationalThis year, FIREX International is co-locatedalongside IFSEC International (www.ifsec.co.uk)which re-unites the fire and security industriesin one location.

There are increasing opportunities andconvergences within and between both sectorsso this seamless blend at London’s ExCeL willcreate three days of focused attention on lifesafety and property protection.

Both FIREX International and IFSECInternational once again welcome a formidablerange of world-leading manufacturers andservice providers. With a major focus oninnovation and products, these events providecomplete snapshots of what’s available and anintriguing view in terms of future productdevelopments. Make sure you’re there.

*FIREX International 2015takes place from 16-18 June atExCeL, London and will bepresented as part of UBMEMEA’s Protection andManagement Series. TheProtection and ManagementSeries 2015 encompasses fivemajor shows in relatedmarketplaces covering safety,service management,facilities, security and fire

UBM unveils further strategic contentplans for FIREX International 2015

11www.risk-uk.com

With just one month to go beforeFIREX International opens its doorsat London’s ExCeL, organiser UBMhas unveiled further details interms of what visitors can expect atthis year’s show. Brian Sims reports

News Special: FIREX International 2015 Event Preview

Gerry Dunphy: Event Directorfor both FIREX Internationaland IFSEC International

NewsSpecialFIREXInternational2015EventPreview May2015_riskuk_apr15 11/05/2015 15:27 Page 2

12www.risk-uk.com

From my perspective, I’m not so sure that Iwould agree with Industry QualificationsCEO Raymond Clarke’s assertion that most

of the training and assessment in the securitysector is carried out to either a good or highstandard (‘Controls on Security Training andAssessment: Why they must be strengthened’,Risk UK, April 2015, pp58-59). That, I feel, issomething of an assumption as there’s no realevidence available to support such a statement.

My experience of recruiting tutors forSecurity Industry Authority (SIA)-focusedtraining courses was that in excess of 60% ofthose interviewed were not suitable for avariety of reasons, including doubts aroundsector competency and even their ability toteach. To be frank, a considerable number cameacross as ‘PowerPoint slide readers’.

Further, I’m not certain I would fully agree it’swidely acknowledged that assessment in thesecurity sector is ‘high risk’. If this is the case,why are awarding organisations not doinganything about it within the terms of their ownquality control measures?

Does the security sector suffer from an over-supply of training provision? The simple answeris: ‘Yes’, but you have to look at who approvedthat level of provision. Yes, that’s right. It wasthe awarding organisations.

Ridiculously low course prices have been anissue for over ten years. It’s not a newphenomenon within the security sector. Why,then, is this issue not part of the due diligenceprocess carried out by awarding organisations?

If it were then that would possibly afford anindication of the company applying to be atraining centre. If they’re charging a ridiculousprice for their course then there’s an issue withquality somewhere inside that operation.

Providers must be responsibleTo my way of thinking, Raymond is beingslightly unfair in highlighting employabilityprogrammes as an increased risk. I would laythe responsibility for recruitment squarely withthe training provider. Provided, of course, thatthey’re following the correct procedures inlearner engagement, there should be no realincreased risk about which to be concerned.

At least part of the problem lies in basic skillstesting. From my own experiences as anexternal quality assurer, I know that basic skillstesting in centres varies widely. It’s oftencarried out on the morning of the first day ofthe course when, ultimately, it’s too late toidentify issues and provide any support.

Maybe it’s at this juncture that awardingorganisations can provide back-up for centresby having a standardised approach to basicskills testing in place and details of when thattesting ought to be carried out. Testing shouldbe conducted in advance of the commencementof the course such that it affords the trainingprovider the necessary information concerningsuitability of learners attending the course. Thisassists with lesson planning in terms of whatteaching strategies need to be adopted for thelearners on a given course. A practice that, Ifear, is very rare indeed.

Cost pressures will always be there no matterwhat. In order to have an effective qualityassurance system you need to go beyond theestablished norms. Such actions obviouslycome at a price, but what price can you put onnot having an effective system in place?

To some extent, awarding organisations areat the mercy of training providers. If a centre isintent on committing fraud – or, indeed, anyother type of offence – then there’s really littlethe awarding organisation can do until suchactions are discovered either through externalverification visits or whistleblowing. Personally,at present I don’t believe either of the latter areencouraged to a sufficient enough degree.

In relation to external verification, the normis at least one annual visit (which may increasedepending on registrations). These visits

Last month’s Risk UKcarried an extremelyinteresting article byIndustryQualifications’ CEORaymond Clarkedesigned to stimulatediscussion andthinking aroundimprovements thatcould be made totraining andassessment practicesfor Security IndustryAuthority licence-linked qualifications.Here, Stuart Gallowaydelivers somethought-provokingresponses to thepoints raised

Best Practice in Security Training andAssessment: What should it look like?

OpinionSecurityTrainingandAssessmentControls May2015_riskuk_apr15 11/05/2015 15:31 Page 12

should be stepped up to at least three perannum in respect of security industry-relatedqualifications – with two of those visits beingunannounced – and then perhaps increasedstill further according to a standardised riskrating orchestrated across all awardingorganisations. Yes, this will impact on costs,but again it’s worth asking the question: ‘Whatprice can you put on quality?’

SIA licensing for trainersThe notion of a new category of licence fortrainers administered by the SIA is not onlyvery unlikely because of primary legislation, etcbut also an unnecessary financial burden. Manytraining providers are not solely focused on – orindeed wholly reliant upon – the provision ofsecurity-related qualifications. That being so,the provision of such a new system may proveunnecessarily complex and costly.

Rather, as part of centre/tutor approvals theawarding organisations should ensure thatsuitable checks are carried out in relation to fitand proper person tests. Informed decisionscan then be taken.

In my experience, the awarding organisationsadopt differing approaches to tutor approvalranging from virtually non-existent to robust.The fact remains that such approaches have to– and, indeed, must – be standardised acrossawarding organisations.

Developing and managing a registerI’ve always been a great advocate of providing aregister for tutors, but the $64,000 question is:‘Who would manage it?’ Let me put forwardthree proposals that could be workable when itcomes to developing and managing a registerof training providers and trainers.

First, let’s work with the Education andTraining Foundation as its priorities are notdissimilar to those we are trying to attain in thesecurity space. The Foundation also runs amembership scheme which might be adaptableto suit the governance requirements of theprivate security industry.

Second, why not work with a standards-setting organisation that has no direct interestin the private security industry so as to developand manage the required registers? An exampleorganisation could be the ‘boutique’assessment centre EMQC, the presentassessors and managers for the respectedmatrix standard.

Third, we could look to form an Institute forSecurity Training Professionals representedthrough a governance Board by way of allawarding organisations with approval todeliver SIA licence-linked qualifications.

Funding would be derived through an annualfee from tutors to remain on the ApprovedRegister with awarding organisations paying alevy based on the number of qualifications theyprovide to the sector.

Awarding organisations would send quarterlyreports to the Institute in relation to centreactivity, including detail on numbers oflearners, achievements – unit by unit as well asoverall qualifications – and external verificationvisits. Alleged incidents of malpractice wouldbe reported on an ‘as and when’ basis.

Sharing of dataAny failure of the qualifications regulators tomaintain historical records in relation tomalpractice investigations would astound me.This is something that should be in place nowacross the entirety of the education andtraining sector. This is not a failing of thesecurity sector but rather one that could belevelled at the awarding organisations for notensuring that such a system already resideswith the qualifications regulators.

Continuing this theme, maintaining statisticaldata on attendance rates at examinations is aprocedure that should already be conducted byawarding organisations. Significant swings inattendance are likely to occur, but in all honestyI fail to see how this would be affected by anunannounced visit.

In order to standardise the reporting of a visit– be it announced or unannounced – the simpleanswer would be to have a mechanism in placethat records the details of those in attendanceeither during training or an examination. Suchdetail could then be verified against the coursewhen returned.

13www.risk-uk.com

Opinion: Security Training and Assessment Controls

Stuart Galloway Cert Ed MIfLDip RSA: Senior Associate atWSG Associates and aSpecialist in Business andEducation Support Services

“Ridiculously low course prices have been an issue for overten years. Why, then, is this issue not part of the duediligence process carried out by awarding organisations?”

OpinionSecurityTrainingandAssessmentControls May2015_riskuk_apr15 11/05/2015 15:32 Page 13

14www.risk-uk.com

The level of wage rates in the UK’s securityguarding sector has been a significantcause for concern over many years now.

The advent of the TUPE Regulations hasprevented wages from going backwards at thetime of contract change but has done little ornothing to help improve many wage rates in thereal world.

In the South East of England, it’s notuncommon to see examples of securitysolutions customers insisting on wage levels of£10.00 – or more – per hour. That said, we’restill witnessing far more examples of securityofficers who are receiving the NationalMinimum Wage, and particularly so the furthernorth you travel.

When bidding for a security contract, in orderto comply with the TUPE Regulations privatesector security companies have to maintain thewage levels currently paid, even if they dohappen to be at the level of the NationalMinimum Wage. It’s a sad fact, but it’s true.

What’s more, as you can imagine thissituation isn’t helping our ongoing cause toimprove the image of the security sector.Ultimately, it must be said that wage rates aredriven by what the customer base is willing topay for the security service provided, eitherdirectly or indirectly.

In recent times, great attention has been paidto the Living Wage Foundation and its campaignthat was launched by members of London

Citizens back in 2001. The founders wereparents in the East End of London who wantedto remain in work but discovered that, despiteworking two or more National Minimum Wagerate jobs, they were struggling to make endsmeet and continually left with no time forfamily and/or community life.

The Living Wage FoundationThe Living Wage Foundation focuses on threekey areas: accreditation, intelligence andinfluence. The organisation offers accreditationto employers that pay the Living Wage – orthose committed to an agreed timetable ofimplementation – by awarding the Living WageEmployer Mark. There’s also a Service ProviderRecognition Scheme designed for third partycontractors who pay their own staff the LivingWage and always offer a Living Wage optionwhen submitting tenders.

In terms of intelligence, the Living WageFoundation provides advice and support toemployers and service providers implementingthe Living Wage. This takes the form of BestPractice Guides, Case Studies from leadingemployers, model procurement frameworks andaccess to specialist legal and Human Resourcesadvice. Importantly, the Living Wage Foundationalso co-ordinates the announcement of the newLiving Wage rates each November.

When it comes to influence, the Living WageFoundation provides a forum for leadingemployers and service providers to publiclyback the Living Wage, working diligently withPrincipal Partners who bring financial andstrategic support to the table.

At £7.85 per hour, the current Living Wage –itself calculated according to the basic cost ofliving in the UK – is 21% higher than theNational Minimum Wage. The Living Wagefigure rises to £9.15 per hour in London. With agreat deal of publicity being given to it –including endorsements from high profilefigures such as Prime Minister David Cameron,the former Labour Party leader Ed Miliband andBoris Johnson, the Mayor of London – it’s anidea that’s growing in popularity. So much so,

Much attention is now being paidto the excellent Living Wagecampaign orchestrated in the UKby the Living Wage Foundation.Why is it of such great importancefor businesses and their employeesoperating in the private securitysector? Peter Webster offers hisconsidered opinions on the matter

The Living Wage: Steppingin the Right Direction

Peter Webster: Chief Executiveof Corps Security

OpinionSecurity'sVERTEXVoice May2015_riskuk_apr15 11/05/2015 15:31 Page 14

in fact, that during 2014 the number ofaccredited Living Wage employers more thandoubled, with over 1,000 employers across theUK having now signed up to the scheme.

In many ways this isn’t surprising. Anindependent study examining the businessbenefits of implementing a Living Wage policyin London found that more than 80% ofemployers questioned believe the Living Wagehas enhanced the quality of the workcompleted by their staff, while absenteeism hassubsequently fallen by approximately 25%.

Two thirds of employers reported asignificant impact on recruitment and retentionwithin their organisation while 70% of them feltthat the Living Wage had actively increasedconsumer awareness of their commitment to bean ethical employer.

Another poll, this time commissioned by theNationwide Building Society, suggests thatpeople feel employers should pay the LivingWage if they can afford to do so. 75% of thosequestioned in the survey believe thatemployers should be required to reveal whetherthey are Living Wage payers with an indicationthat more than half of the population are morelikely to use the goods and services realised byLiving Wage employers.

From our own point of view, we’re certainlybeginning to see more and more customerslooking at ways in which to pay the Living Wageand so improve the incomes of their contractsecurity guarding personnel.

Companies are now increasingly beginning toview their participation in the Living Wagecampaign as something of a ‘Badge of Honour’.That campaign has – and very cleverly, in myopinion – drawn on companies’ ongoing andincreasing desires to demonstrate high levels ofCorporate Social Responsibility.

Issues affecting security providers Companies aren’t always signing up for purelyaltruistic reasons, either. They realise that thereare negative connotations in paying theNational Minimum Wage, particularly so if theirprofits are high. This is the case in sectors likethe financial world where there are some veryhigh earners. How would the public feel if suchblue chip companies were paying securityofficers the National Minimum Wage to protecttheir people and property while affording otherpersonnel directly on the books hundreds ofthousands of pounds in bonuses?

As stated, increased staff motivation andretention rates, reduced absenteeism and lowerrecruitment costs are some of the commonbenefits reported following implementation ofthe Living Wage. These are all issues that

directly affect the security sector. On that basis,it’s my firm belief that we all need to look at thelong-term benefits of buying into this idea.

Sceptics might suggest that moving to theLiving Wage from the National Minimum Wagesimply means paying the same people moremoney for doing the same job. Although in theshort term that’s perfectly true, it would alsomean that those same people take greaterpride in their work, feel more valued, are betterengaged with their employment andincreasingly committed to their roles.

For employers, it realises reduced staff churn– another problem that has been around forsome time – and the ability to make a moreworthwhile investment in training as personnelare less likely to leave the host company.

Looking towards the longer term, better payalso means that the security business sectorbecomes far more attractive as a career optionand, as a direct result, higher calibre peoplewill want to join our ranks.

15www.risk-uk.com

Opinion: Security’s VERTEX Voice

Extensive KPMG report finds attitudes and awarenesstowards the Living Wage are “on the up”Research around the Living Wage commissioned by KPMG has highlighted thatattitudes and awareness towards the campaign are changing in a massivelypositive way, with almost 80% of adults questioned suggesting that they’veheard of the initiative, writes Brian Sims.

Looking at the social mobility issues facing the UK, the survey polled 4,500adults and 500 16-17 year olds to chart their views, duly finding that seven outof ten UK adults would consciously shop in favour of a Living Wage accreditedretail chain – representing a rise of more than 10% in less than 12 months.

“It’s clear from the poll that ensuring the lowest paid in society are treatedfairly should be near the top of the agenda for both Government andemployers,” explained Mike Kelly, head of the Living Wage programme at KPMGUK. “With all of the main political parties citing action on Living Wage in their2015 General Election Manifestos, the pace of change is accelerating. Nearly aquarter of the listed FTSE 100 businesses are now accredited, and more andmore employers are reaping the benefits of joining this movement.”

Rhys Moore, director of the Living Wage Foundation, added: “The LivingWage is no longer a neutral debate. The number of accredited businesses nowstands at over 1,400. With 80% of adults and 60% of 16-17 year olds havingheard of the Living Wage, this issue is now squarely mainstream thanks in largepart to the leadership of enlightened employers.”

The KPMG study finds that 60% of adult males and 70% of adult females citeemployers not paying enough as the reason people in the UK are living inpoverty, a belief shared by 55% of 16-17 year olds.

On a regional basis, the survey shows that Northern Ireland has the highestproportion of earners in the UK paid below the Living Wage (at 27%) and hasthe lowest awareness of the Living Wage across the UK regions. Only seven outof ten people in Northern Ireland have heard of the Living Wage compared tonine out of ten in Scotland, which is the most conscious region.

“The advent of the TUPE Regulations has prevented wagesfrom going backwards at the time of contract change buthas done little or nothing to help improve many wage rates”

*The author of Risk UK’s regularcolumn Security’s VERTEX Voice isPeter Webster, CEO of CorpsSecurity. This is the space wherePeter examines current and oftenkey-critical issues directlyaffecting the security industry. Thethoughts and opinions expressedhere are intended to generatedebate among practitioners withinthe professional security and riskmanagement sectors. Whether youagree or disagree with the viewsexpressed, or would like to makecomment, do let us know (e-mail:[email protected] [email protected])

OpinionSecurity'sVERTEXVoice May2015_riskuk_apr15 11/05/2015 15:31 Page 15

Integrating, monitoring and protecting

0845 121 0802 www.rht.co.uk

From physical security, emerging cyber-threats, advanced PSIM to smart monitoring services; we work hand-in-glove with customers to ensure total protection.

So whatever the threat or challenge at Reliance High-Tech we have the expertise, experience and resources to deliver the best solution.

Call us now to discuss your requirements in strictest confidence.

The risks faced may change but Reliance High-Tech re-mains one step ahead. For over forty years we have been trusted by government departments, major corporations and private customers to provide protection at the highest level.

Innovators in security technology


Last August, the threat level faced by the UKfrom international terrorism was raisedfrom ‘Substantial’ to ‘Severe’. According to

the Joint Terrorism Analysis Centre and theSecurity Service, this means that a terroristattack is now considered ‘highly likely’.

Subsequent terrorism-related episodesoccurring in Sydney, Paris, Copenhagen andPakistan – and, in particular, the diverselocations that were targeted – served tohighlight the importance of regular securityreviews for businesses.

Companies should not just be reviewing theirsecurity strategies, policies and plans in light ofsuch incidents. In truth, they should be doingso on a continual basis.

Very few businesses will actually be thedirect target of a terrorist attack. It’s more acase of them preparing for the ‘overspill’ of anattack, such as having to evacuate theirpremises in response to a local threat episode.

Assessing the risks faced by your businessmust start with the Risk Register, a key riskmanagement tool that helps businessesidentify the day-to-day risks they face and thebest ways in which to counteract them.

From that point onwards, contingency planscan be developed to detail how a businesswould react to each threat, whether it belocking down the building completely orevacuating all personnel.

At the very heart of that contingency planshould be an understanding of the potentialimpact of each threat.

Thinking on a broader scale, companysecurity and risk managers should be askingthemselves vital questions such as ‘What drivesthe business?’, ‘What can we cope without?’and ‘What’s essential for the business tosurvive?’ Only then can organisations prioritisethe ‘essentials’ that should be covered bydetailed business continuity planning.

As a business, it’s absolutely vital to knowwhat you’re protecting yourself against. Today,we’re not just threatened by large-scale terrorattacks but also ‘lone wolf’ or self-radicalisedassailants who may not even be directly relatedto terrorist organisations but possibly sufferfrom mental health problems.

In fact, today’s organisations are facingthreats to their business continuity that canarise in any number of ways, whether from aplanned attack, a bomb threat or even a floodor power outage within key buildings.

Looking for continuous improvementShould a security breach result in theevacuation of a facility, this may lead tomembers of staff having no access to their

company’s offices for a considerable amount oftime. Ensuring continuity in such a situationshifts the focus from the business’ securitymeasures to its IT facilities. Considerationshould be given to this as part of the businesscontinuity planning process.

Organisations ought to review whether theirIT facilities are adequate enough for staff tomanage their work and securely access datafrom home if necessary. For those businessesoperating across multiple sites, key rolesshould be prioritised to ensure that theindividuals involved are able to work off-site,making it much easier for a business to remainresilient in the face of adversity and worktowards a return to normality after an incident.

Simply having plans in place isn’t enough.Businesses should routinely check and exercisecontinuity plans to ensure their relevance fitsthe purpose. It’s the smallest details that canmake the biggest difference, such as ensuringthat all members of staff’s contact details areregularly checked and updated when andwhere necessary.

Staff should also take on key roles within thecontingency plans. This doesn’t necessarilyhave to be a senior member of the team. In fact,it’s more beneficial if roles are assigned tothose who are regularly at the office rather thanthe less readily available. It’s also essential to

17www.risk-uk.com

Contingency and Continuity:Security in the Corporate Sector

Mike O’Neill CSyP FSyI CPPPSP: Chairman of the BritishSecurity Industry Association’sSpecialist Services Section

When it comes to businesses operating in the corporatesector, recent events around the world – among them theterrorist attacks in Paris and Sydney – have provided a starkreminder of the importance of deploying effective securitymeasures. As Mike O’Neill explains, though, companiesshouldn’t only be reviewing their security strategies, policiesand plans in light of potential terrorist attacks. Rather, theyought to be doing so all the time

BSIA Briefing

BSIABriefing May2015_riskuk_may15 11/05/2015 12:49 Page 18

18www.risk-uk.com

BSIA Briefing

assign deputies to each keyrole, ensuring that someonewill always be on-site orotherwise readily availablewho knows the plans and willbe able to react accordingly.

Of course, terrorism isn’t theonly potential security threatfaced by businesses across thecorporate sector. The changingnature of crime in the UK –from burglary and ‘smash andgrab’ raids to insider fraud anddata breaches – means that

there has never been a better time forbusinesses of all sizes to conduct acomprehensive review of their securitystrategies, in turn ensuring that a robust plan isin place featuring procedures designed to helpthe business survive a security breach.

Commitment to securityResearch conducted in 2014 by the BritishSecurity Industry Association sought to gaugethe extent to which security and businesscontinuity is considered a ‘business essential’,while also enabling a better understanding ofthe security procurement process in a numberof business sectors including transport andlogistics, construction, education, retail,healthcare and local authorities.

According to the results of this research,security and business continuity is indeed atthe forefront of the ‘corporate consciousness’.Over 80% of respondents reported that securityis considered an essential expenditure by thecompany’s Board, while almost 90% ofinterviewees confirmed that their businessalready has a comprehensive and strategiccontinuity plan in place.

Perhaps reflecting this overall commitment tosecurity, only 28% of respondents reported thattheir business had experienced some kind ofsecurity breach in the previous 12 months, withtheft/robbery, cyber attack and data breachescited as the top three risks.

Despite this, and somewhat surprisingly,regular reviews of security arrangements don’tseem to be high on the priority list for manycompanies. While respondents to the BSIA’sresearch reported that they deploy a range ofsecurity measures – with CCTV, physicalsecurity, intruder alarms and access control

among the most popular – only 20% of thosequestioned review their security solutions everythree years or less.

The majority of respondents reported thatthey never put their security contracts out totender or review their current supplier list.

Choosing a security supplierFor 80% of businesses, choosing a securitysupplier is the responsibility of either theFinance Department or the ProcurementDepartment, a worrying trend brought aboutlargely by the economic downturn wherein afocus on price and cost-cutting has, in manycases, taken precedence over the knowledgeand experience of the traditional role of the in-house security manager or director.

With security measures often being selectedon the basis of price alone, it must be said thatthe presence of an expert advisor can make allthe difference when evaluating the suitability ofa solution or otherwise reviewing theeffectiveness of current security and businesscontinuity measures.

It can sometimes be difficult for a business toadequately identify the Risk Register under itsown steam. As such, outsider knowledgeprovided by professional security consultantscan prove to be invaluable.

Security consultancies provide independentprofessional support to ensure that measuresrequired by clients correspond to both existingand emerging threats while at the same timecomplementing an organisation’s particularenvironment and specific remit.

Working closely with the host business,consultants help to design a security strategythat’s holistic in nature and complements thebusiness’ operation in order to address theprotection of people, buildings, assets and,ultimately, reputation. Security consultants canalso act as the ‘project manager’, overseeingthe implementation of security controls andensuring that all of the necessary proceduresare carried out to the required standard.

When conducting its corporate securityreview, if a business does choose to employ theservices of a specialist security business then itbecomes absolutely essential they choose areputable company that meets with the relevantstandards for its products or services.

Members of the BSIA’s Specialist ServicesSection offer a high quality service and haveextensive experience in assisting businesseswith their specialist and challengingrequirements both here in the UK and on theinternational stage. Visit the BSIA’s website at:http://www.bsia.co.uk/sections/specialist-services.aspx for more information.

“Businesses should routinely check and exercise continuityplans to ensure their relevance fits the purpose. It’s thesmallest details that can make the biggest difference”

BSIABriefing May2015_riskuk_may15 11/05/2015 12:50 Page 19

POSSIBLE STARTS HERE

RUN Milestone Mobile

AND WITNESS ANY MOMENT

WHEREVER YOU ARE

Instant access to your video surveillance from your smartphone or tablet

Compatible with all XProtect® video management software (VMS) and the Milestone Husky™ NVR series, the free Milestone Mobile app gives you secure access to your video surveillance system anytime, anywhere. Available in 27 languages, the app lets you conveniently view live video, as well as playback and export footage from your smart device.

Discover how to expand your surveillance and security system capabilities with XProtect video management software at milestonesys.com

Milestone Systems UKTel: + 44 (0) 1332 869380

Milestone will be exhibiting at IFSEC UK 2015. Visit our Booth no. E750 to learn more about XProtect® video management software and Milestone Husky™ NVRs!


20www.risk-uk.com

Security services, products and proceduresare increasingly seen as servants of widerrisk management issues. Certainly, today’s

end users have learned to be suspicious ofsecurity solutions providers who emphasiseproducts – notably technical security systemslike CCTV – and services seemingly absent ofany cognisance around identified risk issues.

As is the case with all multinational andcomplex businesses, there’s a recognition thatrisks are an essential part of everyday life andsomewhat unavoidable. Taking control ofinformed risks, though, is part of goodbusiness practice and allows for risks to be

identified, analysed, evaluated and treated. Access control, intruder detection andCCTV systems all have their place as

security solutions, but unless thecomplete systems are designed

and installed based on asound, risk-informed

platform they willresult in littlemore than an

illusion of protection.Real protection can only be

achieved when resources arecarefully allocated to security’s most

pressing needs.Systems and even manpower resources

should be informed by both a fullunderstanding of the host organisation’s risksand the Operational Requirement (OR) for theresource allocation.

To establish the requirement for the fourbroad facets of security – namely manpower,technical systems, physical security assets andprocedures (and, in particular, the proportionsrequired of each) – in an integrated mannerdemands that in-depth audits and assessmentsare a prerequisite when it comes to developingrisk-informed security strategies.

The process of conducting these ‘operationalsurveys’ from which the site risk assessmentand security audit reports will be produced –and which, moving forward, will frame thedevelopment of the security strategy and itsoperational plan – is designed to support the

business in providing a first class integratedsecurity ‘solution’ aimed at protecting people,property and assets based on sound securityrisk management.

One primary goal of these operationalsurveys, then, is the production of a securitystrategy document. This needs to begin with anunderstanding of the threats and hazards to theorganisation, be they external/internal: threats(the ‘product of man’), hazards (natural eventssuch as extreme weather and pandemics, etc),accidents (structural collapse, death on site) ortechnical events (malfunctioning systems, forinstance). Assets at risk may then be identifiedand their vulnerability to the threats andhazards assessed so as to arrive at acomprehensive risk overview.

Two factors are fundamental to the processof establishing risk profiles: the consequence(or impact) of a risk event occurring and thelikelihood (or probability) will be estimated, inturn generating a risk rating or risk profile.

The latter is usually illustrated in amanagement tool dubbed a Risk Matrix,illustrated by means of what’s commonlyreferred to as a Heat Map.

That, in a nutshell, is the risk assessmentand analysis process. Influencing both of thesefactors is the issue of vulnerability. Forexample, poor security controls may well affectthe likelihood of a threat occurring while poorcontinuity arrangements could increase theconsequence. It follows that a detailed andthorough understanding of current securityarrangements – both good and bad – isabsolutely essential.

The ERM FrameworkEnterprise Risk Management (ERM) is theprocess of planning, organising, leading andcontrolling the activities of an organisation inorder to minimise the effects of risk(s) on itscapital and earnings. That process is expandedto include not just risks associated withaccidental losses, or traditional threats andhazards, but also financial, strategic,operational and other risks.

ERM, then, may be defined as “anorganisational-wide approach to developingtechniques that assist in having the culture,processes and structures in place that aredirected towards the effective management ofpotential opportunities and adverse effects.”

Traditionally, organisations develop an ERMFramework based on – and consistent with –the internationally-recognised principles and

Prioritising risk management issues and organising a riskresponse are key remits for today’s security professionals.What, though, are the main elements underpinning eachtask? In the first instalment of an exclusive three-part seriesfor Risk UK, Peter Speight and Peter Consterdine consider theBest Practice approach

The Security Market: Solutions to Risk

PrioritisingRiskManagementIssuesandRiskResponseREVISED May2015_riskuk_apr15 12/05/2015 12:00 Page 20

processes outlined by ISO 31000: RiskManagement – Principles and Guidelines inorder to manage change and uncertainty. TheERM Framework should apply to all operationaland business unit levels, and assists inachieving the organisation’s strategic objectivesby bringing a leading practice and a systematicapproach to identifying, analysing, mitigatingand reporting risk and control.

Adopting an ERM process will lead toenhanced and proactive decision-making andimprove the host organisation’s performancesince it combines governance, risk andopportunity management, compliance andfinancial reporting.

The next stage is to assess how themanagement of the four areas of security – theaforementioned manpower, technical systems,physical security assets and securityprocedures – either help or hinder themanagement of identified risks. This procedure,otherwise known as the security audit, is likelyto expose vulnerabilities and engender asummary of recommendations.

The conclusion to the investigative aspectshould be the production of comprehensive riskmatrix tables.

Risk management in focus At this juncture, discussions can be generatedaround priorities for addressing those riskswhere existing management actions, when setagainst risk tolerance and appetite, may leavethe business exposed. These discussions andworkshops will enable the construction of asecurity strategy document and thedevelopment of tasks designed specifically toachieve the desired security framework.

The purpose of socio-political riskassessments is to highlight conditions inrespect of the current socio-political climatethat may or may not render a particular siteand/or operation a vulnerable environment. Thepolitical segment concentrates on how affairs athome and abroad worsen or improve thepossibility of, for example, terrorist activities.Additionally, there will be an overview aroundcrime and social disorder both locally andregionally as well as the existing socialconditions that could impact a given site.

Notably, the risk issues addressed are thosefeaturing in the National Risk Register and theregional Community Risk Register.

Site risk assessments are conducted tooutline what assets held by a site or businessmay be at risk and from what hazards, threats,accidents and/or technical issues, in additionto the severity of damage (referred to as‘consequence’) that may flow from a given risk

event. In turn, this leads on to the likelihood ofsuch an event occurring, the riskquantification/assessment (illustrated bymeans of that Risk Matrix) and, finally, thepriorities for action and risk management.

In parallel with the assessment of risk, thesecurity audit identifies how the environmentand current security arrangements either helpor hinder the management of the identifiedrisks. These are often referred to as impactfactors. Impact factors may be internal – and,as such, within the influence of the business tocontrol – or external and, that being so, broadlyoutwith an organisation’s ability to influence.

Many external threats and hazards often sitwithin the high impact/low probability categoryand are captured by the accompanying socio-political risk assessment. Organisations usuallyfeel there’s little they can do about such risks.They’re wrong. In truth, there are manystrategies here that will help the business feelit has some control over its own destiny.

The Operational RequirementBased upon the risks identified during the riskassessment and the existing measurescurrently in place to mitigate those risks dulyidentified during the security audit, the nextstep is to develop a detailed OR for eachsecurity measure (CCTV and manpower, etc)required to mitigate the identified risks.

The established OR will be based upon twoalternative criteria: develop the best possible

21www.risk-uk.com

Prioritising Risk Management Issues and Risk Response

Dr Peter Speight CSyP DBAMPhil MSc MIRM:Director of Risk andConsultancy at Securitas

Peter Consterdine isManaging Director of FutureRisk Management

“Systems and even manpower resources should be informedby both a full understanding of the host organisation’s risksand the Operational Requirement for the resource allocation”


22www.risk-uk.com

Prioritising Risk Management Issues and Risk Response

OR given existing available resources anddevelop the OR based on a ‘greenfield’ site,starting with a clean sheet of paper andproducing, in effect, a ‘Wish List’.

Where appropriate, the OR will: • Set out the steps that must be taken to

effectively mitigate the various identifiedsecurity threats facing the organisation’soperational capabilities, employees,contractors, visitors, property and assets

• Use technologies and innovation to producecost-effective processes designed to mitigatethe identified security threats

• Ensure that all recommendations are, broadlyspeaking, aligned with any pertinent nationaland international security standards

A well-written OR can be an effective vehiclefor relaying the needs of the organisation’ssecurity systems in an easily understood formatthat helps avoid the countless hours of timeand other resources that would otherwise bewasted on speculating requirements. Researchshows that the foremost reason whyprogrammes or projects fail is due to a lack ofdetailed requirements at the outset.

Efforts invested up front to develop a clearunderstanding of the requirements paydividends in the positive outcome ofprogrammes, not to mention the savings inboth time and money arising from not having torealise corrective actions for putting aprogramme back on track (if that’s possible).

Faced with the problem of potential intrudersat a sensitive facility, the host business’security manager might define the OR as ‘Builda wall’ whereas the real OR is ‘Detect, thwartand capture intruders’. Your wall may – or maynot – ‘thwart’ intruders, but it would neitherdetect them or facilitate their capture. In short,the solution wouldn’t solve the problem.

The robust capability gap to ‘detect, thwartand capture intruders’ includes no pre-conceived solutions and prompts us to analysealternative conceptual solutions beforechoosing the best one.

One way to ensure that you’re defining aproblem rather than a solution is to begin thestatement of the OR with the phrase: ‘We needthe capability to…’ It’s nearly impossible tocomplete this sentence with a solution (‘awall’), but far easier to do so with a problem(‘capability to detect intruders’).

Capability gaps and requirements ought toaddress what a system should do rather thanhow to do it. This approach is sometimesreferred to as capability-based planning. It’s avery simple yet powerful concept.

Requirements versus solutionsWhen employing efforts to elicit and explainthe OR using any of these methods, it’simperative to steadfastly avoid requirementsthat define potential solutions or otherwiserestrict the potential solution space. While it’sboth necessary and useful to understand thecurrent state-of-the-art within a giventechnology space and harbour knowledgeabout potential solutions that may already bein development, requirements are meant tosimply define problems.

Properly drafted requirements allow for avariety of solutions – each with their ownadvantages and disadvantages – to beconsidered as potential ways to address aproblem. Solution-agnostic requirementsprevent limiting and defining the outcome ofproduct realisation. This is useful given that anopen and honest review of a location’s securityneeds might show that a preconceived notionabout a desired solution may turn out not to bethe best one, or that modifications to existingproducts or services may be both necessaryand useful to their end users.

A requirement is an attribute of a product,service or system necessary to produce anoutcome(s) that satisfies the needs of a person,group or organisation. Requirements, then,define ‘the problem’. In contrast, ‘the solution’is defined by technical specifications.

Defining requirements is the process ofdetermining what to make before making it.The definition creates a method in whichappropriate decisions about product or systemfunctionality and performance can be madebefore investing the time and money to developthem. Understanding requirements early onremoves a great deal of guesswork in theplanning stages and helps to ensure that endusers, product developers and/or systemsintegrators and installers are on the same page.

Requirements provide criteria against whichsolutions can be tested and evaluated. Theyoffer detailed metrics that may be used toobjectively measure a possible solution’seffectiveness, ensuring informed purchasingdecisions on products, systems or services thatachieve the stated operational goals.

A detailed OR analysis can also uncoverhidden requirements as well as discovercommon problems across programmes andvarious operating components.

“The robust capability gap to ‘detect, thwart and captureintruders’ includes no pre-conceived solutions and prompts

us to analyse alternative conceptual solutions”

*Next month: Requirements-pull, the technology push,cyber threats and theresilience (and cyber security)of technology in today’s builtenvironment landscape


www.jacksons-fencing.co.uk

TREATMENT

GU

A R A N T EEYEARSYEARS G

U

A R A N T EE

SE

RVICE LIFE

YEARSYEARS

Call 0800 41 43 43to speak to an expert

AU

TOMATION

GU

A R A N T EEMONTHMONTH

Timber andsteel fencing

Vehicle and pedestrian gates

CPD training

Noise barriers Pedestrian safety

Vehicle access and parking control

Access control Cycle, recycling and fuel storage

Working with you to deliver safe, secure and sustainable projects.At the forefront of design innovation, we’ve been providing safety and security for homes, education, commercial and industrial developments for almost 70 years.

Our portfolio includes RoSPA approved, LPS 1175 certifi ed and Secured by Design preferred security fencing and gate solutions, environmental noise barriers, storage, automated access control and decorative timber fencing, gates and landscaping features; all designed to give a service life well beyond our 25 year guarantee.

Find out about our products and services including drawings, data sheets, Q40s and CPDs at www.jacksons-fencing.co.uk.

Improving your visionwith our solutions.


24www.risk-uk.com

The negotiation of security contracts is toooften lengthy and can test the goodwill ofboth sides. The process of negotiating and

finalising the contract itself deserves specialattention along with key terms which may provedifficult to negotiate. Let’s deal with both theprocess and those key terms.

The seller will need to carry out anexamination of the buyer’s business andsecurity requirements both for the purposes ofrisk assessment and the subsequentpreparation of assignment instructions. They’llalso need to review the detail of informationabout the employees of the outgoing provider.

Accordingly, the beginning of the contractprocess will often be the buyer’s insistence onthe seller entering into commitments ofconfidentiality by way of a confidentiality letteror what’s termed a non-disclosure agreement(NDA). NDAs are perfectly enforceable in lawprovided that they are well drawn.

The next document to be recommended is aletter of intent or ‘Heads of Terms’ designed toset out in brief everyday language the keyterms of the agreement which the buyer andthe seller are in the course of negotiating.There should be a timetable attached settingout milestones to be achieved along the waytowards contract signature.

Letters of intent should be expressed to benon-binding. In this way, they can be safelyused as a convenient vehicle for negotiating thekey terms of the contract before drafting of thecontract begins on a formal basis.

If the buyer wishes to proceed by invitationto tender then this process itself dictates that atimetable is used. My experience tells me that

the same discipline should be employed in allnegotiations of security contracts. It’s alsoimportant for each party to appoint a team ofpeople to work on the contract processencompassing individuals from operations,finance, management, Health and Safety,Human Resources and legal.

In the course of agreeing the timetable, theparties involved should pencil in one or twomeetings within the process just in case they’renecessary for resolving any difficulties. Ameeting conducted at the right time can saveweeks of unproductive communications.

Many of the issues which cause problems inbringing a contract to final signature arefocused on legal aspects. The lawyers on eachside should be permitted to talk to each otherand resolve these legal issues. In myexperience it doesn’t help for these issues to benegotiated by the commercial members of eachteam who will tend to adopt a strong defence oftheir company’s own position, but will not bequalified to find the ‘work-around’ required tobring the contract to signature.

The first contract draft of the agreement canbe provided by either the buyer or the seller. Ifit should be provided by the buyer, it may be anadaptation of a general purposes procurementagreement. Alternatively, the seller may providetheir own contract. In either case, all-too-oftenthe Terms and Conditions offered by one partyto the other are one-sided in favour of thatparty and, in effect, challenge the other party topick up every single point and ‘turn it around’to achieve a reasonable position.

There’s no harm in such an approachprovided that both parties are aware of what’sachievable by way of negotiation and move tothose acceptable positions without any unduedelay or acrimony.

Services to be providedThe contract must contain a detaileddescription of the services to be provided bythe seller. The description should be on the‘input’ basis, which means that all of the taskswhich the seller is to perform are duly set out.The seller’s performance can then be managedagainst their contractual obligation to performthose services both diligently and promptly.

The seller will only be liable to the buyer ifthey fail to carry out those services in the waythat they’ve committed to carry them out, arenegligent or in breach of statutory duty. Thiscommitment by the seller is capable ofinsurance: the seller’s insurers will provide

Written contracts forsecurity services areboth difficult andimportant. They dealwith issues of highrisk, often for longperiods of time, andtheir content may becomplex and specialistin nature. In the firstinstalment of a two-part series for Risk UK,John Spratt coversnegotiationprocedures, ServiceLevel Agreements, KeyPerformanceIndicators and price

Contractual Basics, Negotiations and Risk

NegotiatingContractsforSecurityServicesREVISED May2015_riskuk_apr15 12/05/2015 11:59 Page 24

cover against claims set against the seller forlosses suffered by the buyer as a result of theseller’s fault.

Sellers will generally refuse to sign a contractwherein their services are described on an‘output’ basis which means that the sellerguarantees certain outcomes. The prime reasonwhy the seller will not agree an output-baseddefinition of services is that they will not beable to obtain insurance to cover the risk offailure to perform.

The description of the services will besupported by a service level agreement (SLA)committing the seller to reach certainstandards against key performance indicators(KPIs). SLAs should be as simple and easy tomanage as possible, and ought to reward theseller for extraordinarily good performance aswell as penalise them for any poor activity. Inthat way, the buyer can be sure that the sellerand their members of staff will be motivated toperform well.

The SLA will be monitored by key personnelappointed by each party often with the sellerself-recording against the KPIs and reporting tothe buyer. Most security contracts are forperiods of over 12 months and often for threeyears. During the term, no doubt the buyer’sbusiness will change shape and theirrequirements for security services will alsochange. On that basis, there should be a robustchange control mechanism in the contractwhereby the buyer can require the seller tochange the services provided by serving anotice on the seller setting out the alterationsrequired. This section of the contract shouldprovide for consultation and fair adjustment ofthe price based on the changes noted.

The seller will have relied upon the turnoverin the contract over its whole term to arrive attheir price, and will not welcome the buyerreducing the services under the contract. If thebuyer wishes to reduce the services thenfrequently the parties will agree that the lengthof the notice of the required reduction will varyaccording to the percentage reduction of theservices so that a substantial reduction shouldonly be available on, say, three months’ notice.This will enable the seller to do their best toconsult with their members of staff, redeploythem and avoid the expense of redundancy.

Frequently, the parties will agree that, inthose circumstances, the seller will becompensated for any redundancy paymentsthat they cannot avoid. The parties involvedshould also be aware that reduction of theservices may involve reduced staff facing safetyrisks. This should be taken into account.Sellers will object to any attempt by the buyer

to restrict them from providing security serviceseither within a geographical area or tocompetitors of the buyer (whether named orotherwise). In sensitive situations, the sellerwill offer assurance to the buyer of ‘ring-fencing’ staff on the buyer’s contract and interms of matters arising around confidentiality.

Examination of the priceAt the outset of any longer term contract, theseller will incur significant expense by way ofrisk assessments, the preparation ofassignment instructions, price calculations andmanagement time for negotiation. Often, theseller will seek to defray this upfront cost byrequiring a reasonable term of the contract (forexample, three years).

The seller will object to the buyer’s request tobe able to terminate for convenience on, say,three months’ notice but, in my experience,ultimately the seller will be prepared to allowthat term, duly relying on their own abilities toperform the Terms and Conditions of thecontract to the buyer’s satisfaction and, indoing so, avoid early termination.

The seller’s calculation of the price, andparticularly so in security guarding contracts,will be based on the employment informationprovided to them by the outgoing serviceprovider. They will seek the right to a priceadjustment to the extent that the employeeinformation is wrong.

Over the course of a three-year contract theseller may be prepared to agree on their pricesbeing fixed across the term by self-forecastingany increase in cost they anticipate.

Alternatively, they may agree a best price atthe outset of the contract on the basis that itwill be capable of adjustment in the event of anincrease in their costs caused by inflation or bydint of a change in the law (such as the movefrom licensing of security officers to thelicensing of security companies themselves).

Cash flow is always an importantconsideration for both buyer and seller. Theseller will try to agree with the buyer that theymay invoice at the beginning of each month,with the invoice to be paid at the end of themonth. This means that they’re giving littlecredit to the buyer. However, if – for example –the buyer insists on payment 90 days from theend of each month, the seller is having to carry90 days of the buyer’s cash flow.

*For the second article in thistwo-part series which appearsin the June 2015 edition ofRisk UK, John Spratt willexamine liability issues, theTUPE Regulations andtermination (or suspension)of security contracts

25www.risk-uk.com

Negotiating Contracts for Security Services

John Spratt: Corporate Partnerat Spratt Endicott

“SLAs should be as simple and easy to manage as possible.They ought to reward the seller for extraordinarily goodperformance as well as penalise them for any poor activity”

NegotiatingContractsforSecurityServicesREVISED May2015_riskuk_apr15 12/05/2015 11:59 Page 25

26www.risk-uk.com

The last three years have witnessedsignificant progress at Reliance High-Tech,the independent security systems

integrator serving end user organisationsacross both the private and public sectors.

In the utilities space, for example, thebusiness now holds framework and supplyagreements with a number of leading providers,among them EDF, Bristol Water, South WestWater and Western Power Distribution (onbehalf of whom the company now managescirca 900 UK sites).

“Several years ago our presence in theutilities sector was minimal,” explainedmanaging director Terry Sallas as we begandetailed discussions at Reliance High-Tech’sWinnersh Triangle headquarters in leafyBerkshire. “We decided to focus on this area atthe outset of the recession. It represented agood fit for us in terms of our offer.” A decisionthat has proven to be an astute move.

Sallas duly informed Risk UK that there hasalso been significant progress in the corporateestates arena encompassing the worlds offinance, manufacturing and pharmaceuticals.

“We work with Air Products across the UKand Europe and also supply Pfizer, RubbermaidNewell and Morgan Stanley at European sitesby way of our local service technology providerpartners,” stated Sallas.

Importantly, the business has investedheavily in quality systems, operational deliveryand its customer service-focused

infrastructures, expanding into new offices inthe Midlands and ploughing substantial capitalinto IT systems at the Pontefract andWythenshawe Monitoring Centres, both ofwhich serve as hubs for many of the new IT-centric offerings and services being developed.

In the lone worker field, Reliance High-Technow protects approximately 50,000 individualsacross the public and private sectors.

“The Digital Interview market is one that hasreally crystallised for us,” enthused Sallas.“When we last met for an interview, Brian, asyou know we were targeting this marketincluding Greater Manchester Police, theMetropolitan Police Service and the WestMidlands Police as potential partners. Now,we’re upgrading interview suites across all ofthese estates. These three represent the largestDigital Interview estate in the UK. We alsosupply a number of other UK police forces,including West Lothian, Sussex and ClevelandPolice with Digital Interview and traditionalsecurity solutions for their custodial facilities.”

No doubt, then, that Reliance High-Tech –under Sallas’ forward-thinking leadership – hasmade strong choices when it comes to themarkets it targets and the bespoke servicesoffered within them, the business choosing toalign itself with high-level and specialisttechnologies for high grade security and CriticalNational Infrastructure-style environments.

Interestingly, and very much mirroring currenttrends, Sallas said: “Many end user customersare operating what you might call an holisticapproach to security, encompassing not onlyphysical security but also considering IT, data,information and people.”

High levels of dataAccording to Sallas, Reliance High-Tech’s keycustomers and markets are characterised by anumber of issues. As stated, they’re nowincreasingly holistic in their approach, requiringhigh levels of data and information from theirchosen solutions.

“Actionable intelligence will increasinglybecome a key deliverable and differentiator forthe future,” outlined Sallas.

End users also demand a great depth ofproven security and IT expertise. Reliance High-Tech’s project managers for its police service-related business work predominantly with theIT teams and must absolutely understandIT/security crossover issues around data andsecurity software.

“We’re finding that end users want standardand uniform technology across their sites,typically coupled with risk and securityvulnerability assessments,” explained Sallas.

During Risk UK’srecent discussionswith Terry Sallas,managing director atsystems integratorReliance High-Tech,Brian Sims discoversthat the nature ofvalue required by endusers from theirsecurity solutionsproviders is changing

Preparing for Integration

Terry Sallas: ManagingDirector at Reliance High-Tech

TheRiskUKInterview May2015_riskuk_apr15 11/05/2015 16:47 Page 26

“Access control systems are very important forassisting identity management programsamong the corporates and universities.”

Again mirroring current trends, Sallas pointedto an increased diversity of stakeholdersinvolved in decision-making processes forsecurity, and more so for corporate regimeswhere IT has a key influence in terms of theultimate provider and overall spend. The‘network issue’ is still alive and kicking, then.

“Today’s end users are also requiringpragmatic partners,” urged Sallas. “Theirpriorities evolve on a continual basis. Thatbeing so, they need the breadth of resource toreadily accommodate change, but also theflexibility such that they can address newrequirements, ambiguities and uncertainties.”

Perhaps the key point to note here is that thenature of value required by end users from theirsecurity solutions providers is changing. It’s nolonger enough for companies like RelianceHigh-Tech to be able to only design and installsecurity systems. That element of the equationwill never cease to be crucial, of course, but it’snow equally as much about the advice given onfuture-proofing, cost and risk as well asdemonstrable engagement with other keystakeholders across the estate.

“Customers require you to have the ability topartner,” opined Sallas. “In some cases, thatrequirement is such that you need to work withlarge IT and technology organisations assecurity has now become part of a significantlybroader agenda. Today’s specialist securityintegrator must be able to speak the rightbusiness language, stand their ground onsubject matter expertise and collaboratetowards a common end goal.”

Convergence and The CloudConvergence is no longer the ‘New Kid on theBlock’, of course, but it’s also not going away ina hurry. “We need to consider data storage,networks, language, technologies, licenses,server maintenance, skills and partners as wellas data security,” affirmed Sallas. “In fact, thelist of considerations could be endless.”

Taking that discussion a stage further, whatabout ‘The Cloud’? “The Cloud will furtherimpact the nature of what it is we do, affectinginstallations, commissioning, data, services andreporting. We’re investing in a suite of cloudservices for our customers similar to PhysicalSecurity Information Management-centricsolutions but more specific to clients’ ownoperational issues and providing live data andKPIs via bespoke portals and dashboards.”

Not surprisingly, Sallas then points out thatcompliance and regulation is increasing in

scope, and notably so for the utilities providers.For their part, service solutions must nowstretch beyond the traditional maintenanceplans offered by the industry. Rather, they willneed to be proactive in orientation while thenature of service issues will change.

“Customers are going to need very specificservice plans. Some of our service offerings willbecome market-specific and, in some cases,include other services such as lone workersolutions and asset tracking as standardfeatures. They may also move towards beingcondition-based in nature.”

A great many of the critical systems involvedwill need to be monitored remotely on a 24/7basis with IT experts at hand.

“Our police maintenance programs,” saidSallas, “are now as much about data, evidencestorage and retrieval as they are concernedwith hardware issues.”

Clearly, Sallas is a firm believer that securitysolutions will become as much about theintelligence and data they can offer an end usercustomer as they are about providing the basics(ie safeguarding people, property and brand).

Going forward, there will be an increasedspecialism in technology. “Analytics will reallycome into its own,” asserted Sallas. “Securityintegrators will have to be increasingly adeptand capable of working with many specialisttechnologies in multiple areas and markets.Integration could continue to be a major issuefor security installers and end users.”

27www.risk-uk.com

The Risk UK Interview

“Today’s specialist security integrator must be able to speakthe right business language, stand their ground on subjectmatter expertise and collaborate towards a common end goal”

TheRiskUKInterview May2015_riskuk_apr15 11/05/2015 16:47 Page 27

28www.risk-uk.com

Although its scholarly origins as a renownedSchool of Medicine and Surgery date backto 1834, Newcastle University in the year

2015 is very much a modern day academicestablishment offering a first class studentexperience in what is undoubtedly one of theUK’s most vibrant cities.

Ample proof of its pedigree is outlined by thefact that Newcastle University has just beenapplauded as one of the very best there is inThe Times’ most recent Higher Education WorldUniversity Rankings – this highly-respectedNorth East seat of learning sits comfortablywithin the Top 200 – while also occupying asimultaneous slot in The Sunday Times’ UKUniversity Guide Top 20.

With the opening of Newcastle UniversityMedicine Malaysia (NUMed) four years ago,Newcastle became the first UK university toestablish a medical campus overseas. NUMed

now boasts more than 200 students and, intime, will train upwards of 1,000 medics tosupport Malaysia’s Health Service.

The worldwide footprint doesn’t end there,though. Newcastle University also boasts apresence in Singapore (by dint of NewcastleUniversity International Singapore, or NUIS forshort). Operated in partnership with theSingapore Institute of Technology, this boldventure has also experienced tremendousgrowth over the last few years.

Maintaining essential serversBeing a modern civic establishment, NewcastleUniversity runs over 1,400 networked PCs,operates 24-hour computer clusters and sociallearning spaces, administers a lecture recordingsystem and also features an award-winningLanguage Resource Centre.

As a direct result, between its UK andoverseas campuses, Newcastle Universitymaintains around 1,000 essential servers whichhelp to deliver productivity, virtual learning andspecialist applications.

In days gone by, members of the dedicated ITDepartment had used Microsoft ISA loadbalancing technologies to ensure availabilityand enhance the fault tolerance of servicedelivery. However, given the discontinuation ofMicrosoft’s load balancing platforms and aplanned upgrade to a new version of Exchange,the decision was taken to source an alternativesolution that offered the raw performance andfeatures needed to match continual growth.

David Clark – infrastructure systemsspecialist within the Information Systems andServices team at Newcastle University –explained: “Although the initial focus was allabout load balancing, the upgrade we werelooking for was one that could potentially offeradditional benefits around enhancing

Higher education environmentscombine the technologyrequirements of large-scaleenterprises with a unique set ofdemands around security. In afollow-up to last month’s VerticalFocus on the Education Sector,Brian Sims examines the datamanagement solutions configuredfor Newcastle University and theUniversity of the Arts London

Everything’s Under Total Control

CriticalInformationandDataManagementREVISED May2015_riskuk_apr15 12/05/2015 11:57 Page 28

performance and providing a key resource tosupport other initiatives across the university.”

According to Clark, the balance betweenperformance and features afforded by A10Networks’ Application Delivery Controllers(ADCs) rendered the company an early shortlistcandidate. “We liked the look of the pricingmodel, which included all of the features withina single cost,” explained Clark. “This wasimportant as we had to consider other featuressuch as SSL Offload, compression and securityenhancements for any future deployment.”

More robust platformIn the end, Newcastle University deployed twoADCs in an active-passive failover scenario. Thedeployment offered a seamless migration fromthe existing Microsoft ISA load balancingsolution with a system that could also loadbalance non-HTTP protocols such as MessagingApplication Programming Interface traffic.

On top of that, the installation allowed for amore robust platform for load balancing theBlackboard virtual learning environment.

With the core load balancing requirementnow duly satisfied, Newcastle University’sInformation Systems and Services teammembers swiftly began to examine how theadditional features could be used for improvingapplication and service delivery.

In practice, the ADCs are employed to deliveradditional web-based applications forNewcastle University, including its CitrixXenApp and SAP Supplier Portal, while theplatforms also provide SSL Offload to reducethe processing workload on application servers.

“We’re making good use of the datacompression features,” enthused Clark, “whichhave reduced the bandwidth associated withcertain tasks by around 50%. What weappreciate most, though, is that the solutionjust sits there and does its job withoutrequiring additional management time andresources. During failover tests, in fact, it hasproven transparent to end users.”

Scaling web application deliveryThe University of the Arts London is recognisedas a vibrant world centre for innovation,comprising six internationally-renownedcolleges. In point of fact, it’s Europe’s largestuniversity for art, design, fashion,communication and the performing arts.

Operating in the digital age, the University ofthe Arts London leverages web technologies toprovide a multitude of applications and servicesfor its students and faculty. Presently, itadministers more than 25 websites withinteractive content, including bandwidth-

intensive graphic applications. Theinfrastructure spans two data centres andconsists of Apache servers running on VMwarethat communicate with – and retrieveinformation from – the MySQL and Oracledatabases on the back end.

In recent times, the University of the ArtsLondon began a new web service projectdesigned to create an architecture capable ofproviding optimised content delivery for sitevisitors. University of the Arts London selectedfour AX 2100 new generation server loadbalancers for a higher performance andscalable solution. The balancers chosen featureGlobal Server Load Balancing (GSLB), URLswitching and custom health checks.

GSLB balances web servers across Universityof the Arts London’s two data centres to ensurehigh availability. URL switching deliversservices hosted on the University of the ArtsLondon domain based upon the contents of theURL. Requests are then directed to the relevantservers located in the private address space.

In terms of custom health checks, theseabsolutely ensure that servers are availableand, as previously stated, readily able tocommunicate with – and retrieve data from –the back end MySQL and Oracle databases.

29www.risk-uk.com

Critical Information and Data Management

“Between its UK and overseas campuses, Newcastle Universitymaintains around 1,000 essential servers which help to deliverproductivity, virtual learning and specialist applications”

CriticalInformationandDataManagementREVISED May2015_riskuk_apr15 12/05/2015 11:58 Page 29

HD CCTV FROM VISTA g Web: vista-cctv.com g Email: [email protected] g Tel: 0118 912 5000

ALL WILL BE REVEALED...Join us at IFSEC where we’ll be announcing some exciting new developments. To celebrate, we’re giving away a host of prizes including thousands of pounds’ worth of Amazon vouchers, product discounts and much, much more. Simply find the card inserted in the June edition of this magazine, scratch away the panel, and bring it to the Vista stand to see what you’ve won – there’s a prize for every card!

In addition, come along to see the new winning combination of qulu and HP. Working in partnership, we have developed a range of servers to support the new qulu 2.3 software. Features of this latest software edition include video wall, failover and integration with Paxton Access Control.

VISIT US AT:Stand D1300


Security and Fire Management

Ground Control: Challenges Facing Stadium Security TeamsCase Studies: Surveillance in the Barclays Premier LeaguePitch Perfect: Perimeter Protection Solutions Best PracticeHealth Conscious: Integrated Systems for Fitness Centres

May 2015

Modern Sporting SpectacleSecurity Management in the Leisure and Events Sector

LeisureandEventsSectorSupplementFrontCover May2015_001 11/05/2015 15:25 Page 1

Elephant proof.Our cameras are much tougher than they look. That’s because we don’t just give them a few strikes during testing, as you might expect. Instead, we subject them to about 30 heavy strikes – directly on their weakest spots. Don’t worry though, we keep them away from elephants.

It’s just one of the tough tests Axis cameras face, so you can be sure you’ll always get the best image quality and high performance – no matter what’s thrown at them.

Learn more about Axis’ quality assurance work at axis.com/quality

Visit Axis at IFSEC:ExCeL London

Booth E1000 June 16-18


All entertainment facilities pose securitychallenges, but sports stadiums top thelist. These arenas, in which thousands of

people regularly congregate, have to meet verydemanding security and safety criteria. Theonly responsible choice for end users is to takeadvantage of state-of-the-art technologypreferably combined into an integrated systemfeaturing fire detection, video surveillance,access control, intrusion detection andPA/voice alarm solutions.

Smart surveillance is now very much with us.This involves digitally analysing the signal froma CCTV camera using Intelligent Video Analysis(IVA) algorithms. IVA compares real-time videowith predefined rules for detecting alarmsituations or suspicious activity. Today’salgorithms are capable not only of motiondetection, but also of detecting specific objectslike abandoned bags and even suspiciousbehaviour such as loitering or straying intoforbidden areas – all in real-time.

During stadium operating hours, such smartsurveillance systems may be combined with anaccess control solution (and an intrusioncontrol system outside of those hours) toprovide optimum security and early warning ofany suspicious activity.

IVA-enabled systems can be configured totrigger a recording only when events thatviolate the predefined rules are detected. Thisdramatically reduces the amount of recordingdisk capacity required and can generatesignificant reductions in running costs whileallowing security personnel to concentrateexclusively on incidents that require humanintervention or decision-making.

Monitoring begins in the car parkingareas so that potential troublemakers canbe outlined before they enter. Securityscreening at the entrance may includebody and bag searches designed toexclude the possibility of weapons andbombs being smuggled in and videocapture of attendees. It can even includeelectronic visitor identity verification sothat if trouble should subsequently ariseinside the stadium, those involved may beimmediately pinpointed and their namespassed to those police officers on duty.

Provision of video evidenceBesides the standard dome and PTZcameras used to monitor stadium interiorssuch as the approach tunnels, restaurants andcorporate hospitality suites, many stadiumsecurity teams now deploy vandal-proofmegapixel CCTV cameras directed at the standsfrom pitch level.

Just two or three cameras can monitor acomplete stand and zoom in to identifyindividual offenders. Special directionalmicrophones can also produce an audio recordof the event to provide support for videoevidence in a Court of Law.

Thanks to the latest IVA software, CCTVcameras can even identify offenders by thecolour of their clothing and track themthroughout a facility, even to the car parkingareas where Automatic Number PlateRecognition software is able to pick out theowners of specific vehicles.

Digital data generated by today’s advancedIVA systems is also recorded for use after thefact as a forensic tool. To facilitate searchingrecorded video, the more advanced IVAalgorithms serve a video management function,automatically generating metadata files senttogether with the video footage to therecording medium.

These files are much smaller and easier tosearch through than the digital video files ofold. Manual search of video footage that mayhave taken days or even weeks can now becompleted in seconds by scanning themetadata with smart search facilities.

A venue the size of a stadium inevitably hasmultiple security, safety, communication andbuilding automation issues to address. It’s fairto say that an integrated system can go a longway towards facilitating a safe and securevisitor experience while also contributing toreductions in overall running costs.

Ground Control

33www.risk-uk.com

Risk managers at today’s modernstadiums take full advantage of thelatest security technologies forobserving, anticipating andeliminating threats. Here, AdamBreeze discusses the challengesfacing stadium security teams andthose operating in other largeentertainment venues and outlinesthe solutions being developed tomeet them head on

Leisure and Events Sector: Stadium Security

Adam Breeze: StrategicMarketing Manager at BoschSecurity Systems

LeisureandEventsSectorStadiumSecurity May2015_riskuk_apr15 11/05/2015 15:24 Page 2

Established back in 1882, Burnley FootballClub is one of the longest-establishedworldwide. Set in the heart of the old

Burnley mill town, its Turf Moor home has acapacity of 21,500 and enjoys average gatesabove 19,000, with anything up to 4,000 seatsallocated to away supporters on match days.

The club was promoted to the BarclaysPremier League at the end of last season, inturn triggering a multi-million pound facilitiesand IT upgrade which included funds forchanging the legacy analogue-based CCTVsystem to a hybrid IP and CCTV set-up by dintof Axis Communications’ network cameras anda Mirasys hybrid NVR system.

A total of 64 new cameras were installedcovering the stadium, turnstiles andconcourses. The new system also provides totalcoverage of all 40 turnstiles through which fanspass on match days. Cameras trained on eachturnstile capture images of the individualsshowing their tickets at the turnstile.

The new electronic ticketing system enablessecurity staff to view images of the owner of agiven ticket on-screen as fans pass through thegates. Those thought to be using the wrongticket can then be tracked and positivelyidentified via the network cameras. Thisadditional layer of surveillance has reducedticket fraud quite significantly as adults tryingto enter the ground with concession or childtickets are identified and then stopped.

Inside the stadium, during the first fourmonths of the 2014-2015 Barclays PremierLeague season the ground safety team, workingwith Lancashire Constabulary (whose officers

station themselves in the stadium’s ControlRoom on match days) have been able topositively identify a number of peoplecommitting public order offences or potentiallyplacing other fans and/or players at risk.

By way of example, two convictions havebeen handed down following pyrotechnics-related offences caught by the AxisCommunications cameras within the first fourmonths of deployment.

Operating on three 10 Tb-capacity servers,the Mirasys system manages and enables therapid distribution of video recordings in caseany incidents should occur.

Mirasys Spotter and Media Exporter softwareis used to rapidly recover and export relevantrecorded images to DVD if the police need totake further action in terms of prosecuting anindividual. A total of 3 Tb of video data iscollected by the system on each match day.

Detailed views of supportersHadrian Thorne, managing director of installerThorne Access & Security, explained: “Weselected the 6045-E PTZ dome and Q1765-LEcameras for the 1080p HDTV images they candeliver over long distances. The fact thatoperators can gain a detailed view of anindividual sitting in the away supporters’ WestStand from a camera situated some 125 metresaway that’s fixed on a pole just below the roofof the East Stand says it all.”

Doug Metcalfe, stadium and operationsmanager at Burnley FC, added: “The camerasare capable of delivering positive identificationson a rapid basis such that we can act swiftlywhen it comes to catching perpetrators andremove offenders if they’re deemed to bejeopardising the safety of other fans.”

The dedicated ground safety officer forBurnley FC at Turf Moor is Cliff Edens. “Thecameras have proven their reliability foridentifying individuals in the crowd,” enthusedEdens, “pinpointing their location and helpingus to act with confidence when it comes towarning or removing offenders depending onthe severity of the incident in question.”

34www.risk-uk.com

Daren Lang: BusinessDevelopment Manager forNorthern Europe at AxisCommunications

Line of Sight Network surveillance specialist AxisCommunications has assisted thein-house management team atBurnley FC in delivering a state-of-the-art ground safety system forTurf Moor which includes camerasrendering 1080p HDTV images.Daren Lang details the proceduresand practitioners involved

Leisure and Events Sector Case Study: CCTV at Burnley FC

LeisureandEventsSectorCaseStudyBurnleyFC May2015_riskuk_may15 11/05/2015 15:14 Page 34

Come and see us at IFSEC 2015. Stand F700, Hall S5.

Intelligent solutions from Bosch

Bosch Security Systems provides intelligent products and servicesto maximize the benefits of a connected security solution.


The majority of specifiers and architects are quite surprised athow many questions we would ask before recommending aspecific type and configuration of perimeter fencing for their

planned sporting arena. The first consideration centres on how the space is going to be

used and what sports are going to be played within it. Our mostpopular requests are for fencing around five-a-side football,basketball and netball pitches followed by tennis courts andhockey pitches. All require different markings and run-off areasaround the pitch or court and appropriate goal areas. With goodplanning these can normally be incorporated into the perimeter.

Think about the orientation of play. The safety and securityspecialist might want capacity for a full-sized football pitch, withsmaller five-a-side variants at right angles. A single orientationof play might allow the reduction of side fences to just 1.2metres in order to reduce costs and, at the same time, create aless ‘caged-in’ field of play.

What’s the environment like? Do students alone use the pitcharea? Will play be supervised? Where’s your pitch sited? Nearbybusy roads, railway tracks, canals or rivers and utility stationscan pose significant risks and be potential death traps duringthose times when balls inevitably escape the field of play.

Five metre-high fencing will keep more balls within the sportsarena than would three metre-high solutions. Netting canopiesdesigned to catch balls are imperfect as they can quicklydeteriorate, require a good deal of maintenance and providepockets above the fencing where balls can be trapped and lurepupils towards net roofs that will not support their weight andwhere there’s a hard surface beneath.

Cater for disabled end users by making all gates 1.2 metreswide rather than 800 mm and, typically, have them openingoutwards (unless, of course, this risks them opening towards aramp or stairway).

Finally, place gates at opposite corners of the field and colourthem differently such that they’re obvious as an escape routeeven in the hours of darkness.

36www.risk-uk.com

Pitch PerfectWhen deployed in the leisure sector, perimeterprotection must be functional, safe for endusers, low maintenance, represent good valueand fit in with its environment. As Mo Ali dulydiscovers, there’s more to sports fencing thanmeets the eye

Leisure and Events Sector: Perimeter Protection Solutions

Mo Ali: Sales Manager forSports Systems at Zaun

LeisureandEventsSectorPerimeterProtectionSolutions May2015_riskuk_may15 12/05/2015 14:20 Page 36

Late at night or during the small hours whenmost of us are sound asleep, an ever-increasing number of people across Britain

are busily pumping iron, running on treadmillsor pretending they’re taking part in the Tour deFrance while furiously pedalling their in situexercise bikes. Welcome to the world of ‘The24/7 Fitness Centre’.

Satisfying the demands of today’s healthconscious brigade, multi-location fitness chainsare now springing up all over the UK andEurope. Sited in numerous settings, theyenable members to continue benefiting fromtheir membership deals and maintain theirfitness regimes even while they’re away onbusiness or on holiday.

Managing membership status, access controland security, then, has become an additionalchallenge for risk professionals operatingwithin the leisure sector. How might thatchallenge be successfully tackled, though?

Scalability is a key consideration for anyfitness centre chain looking to implement asecurity system designed to manage multiplesites. If the business plans rapid expansionover the coming years then it’s important tounderstand how many ‘users’ the chosensystem is able to manage.

Many integrated access control and securitysolutions widely available on the UK andEuropean markets have a maximum limit set fornumbers of users within either the hardware orsoftware. This means that once membershipnumbers exceed the user threshold, you’ll beforced to implement a new security system orotherwise introduce individual systems for eachsite, in turn substantially increasing securityoutlays and ongoing maintenance costs.

Be sure to choose a security system with theoption of having ‘millions of users’. In this way,scalability will never be an issue for yourcompany. It’s also very important to establishthat your chosen system can manage changesand updates to all user profiles in real-time.

One intelligent systemWhy invest in individual, lower-grade securitysystems for every one of your company’s fitnesscentres when you could install a single solutionthat manages all sites? This type of system willafford provisioning if you open new fitnesscentres in the future. Having just one systemalso means that security can be managed byone administration team. There’ll be no need toemploy security staff for every site.

A quality security system should be able tomanage membership access on a local, regionaland national basis. Furthermore, most fitnesscentre groups offer varied levels of membership

so the system needs to cater for such a need aswell as identify if a given member has accessrights to just their local centre, a group ofregional centres or all centres across the chain.

Always allow for training costs andimplementation time when evaluating the rightsystem for your fitness centres. How long will ittake your administrator to understand how toadminister the system? What accreditedtraining is offered by the manufacturer so thatyour administrators can fully understand thebest approach to managing and controllingyour security set-up?

To simplify the learning process, opt for asolution employing intuitive, interactiveschematic maps of all your sites such that yourteam members can simply access and controlthe security at any given site.

An integrated security solution ought todeliver an administrator secure access via anyInternet-enabled PC, laptop and/or mobiledevice. ‘Anywhere access’ is also beneficial for24/7 fitness centres if a security alert shouldtake place during unmanned hours.

The power of integrationRun your fitness centres smarter and moreefficiently by not wasting time and costs onadministering different systems. Select asecurity regime that also exists to control andmanage other aspects of your environmentsuch as lighting, heating and cooling.

Leisure and Events Sector: Security for Fitness Centres

37www.risk-uk.com

Health ConsciousHow does a fitness chain offer 24/7 opening while retainingand maintaining high levels of security, a Duty of Care to itsmembers and profitability for the host organisation? TimNorthwood provides advice on how leisure facility securityand safety managers might select the right system forsatisfying the business’ needs both now and into the future

Tim Northwood: GeneralManager at Inner Range Europe

LeisureandEventsSectorSecurityforFitnessCentres May2015_riskuk_apr15 11/05/2015 15:23 Page 2

Leisure and Events Sector: Security for Fitness Centres

A scenario could be that, at 3.00 am, Joe TheBodybuilder leaves one of your centres. He’sthe only one at your premises so, when hedeparts, Joe dutifully shuts the door behind himand everything’s secure. However, all the lightsare still on: a complete waste of energy andcosts for the business.

What if, when Joe exits the building, theinternal lights automatically turn off after 15minutes if no-one else arrives on site? Then,when Sarah The Solicitor turns up at 5.00 amfor an early morning workout, the internallights automatically turn on when she entersher PIN code.

This ‘cleverness’ can also be applied tosecurity systems such as CCTV and, of course,your membership software. Most fitness centrebusinesses will run software that enrolsmembers via an online portal from which feesand gym location/regional access are selected.To make administration highly efficient, theintegrated security and access system needs tobe able to dovetail with this solution at asoftware level. In this way, when any changesare made to the membership system they’reimmediately reflected within the integratedaccess and security system.

You’ve implemented a system that keepsnon-members out of the premises on a 24/7basis, then, but what about a Duty of Care tofitness centre members when resident on yourpremises? You cannot possibly vet everymember, and you might encounter a number ofsituations on site such as a conflict betweenmembers that spirals out of control or amedical emergency at a time when the centreisn’t staffed. In short, you want to ensure that ifan incident does happen there are facilities inplace that will act as protection.

The implementation of panic or help buttonsthat, when pushed, energise audio monitoringmeans that your designated Control Centreoperators have complete visibility of yourpremises thanks to CCTV and can take thenecessary emergency action to ensure Duty ofCare for members.

Avoid lost membership cardsMany fitness centre managers have opted forPIN codes rather than a physical membershipcard because cards can often be lost or stolenand replacing them is a costly business. Whenselecting a security system always ask how thesystem will prevent PIN code abuse (eg the PIN

code being used by multiple people). Goodsecurity systems should be able to identifywhen the same PIN number or credential isused at the same location twice within a settime period or across multiple sites within apredetermined timescale. The system should beable to automatically suspend the memberinvolved until the issue is resolved.

PIN code management is particularly relevantduring unmanned hours because it ensures thatonly your members can gain access and anyunauthorised entry will be revoked as well asreported to an administrator who can thenimmediately access the system and check CCTVimages to ensure that no unauthorised peoplehave gained entry to the premises.

If your gym attracts the kind of members whorequire a highly protective environment thenyou may wish to consider investing in abespoke biometric access control terminal.

Also, if freelance trainers pay the business afee on attendance, look to select a securitysystem that can deliver reports highlighting thenumber of hours they were at your facilities ona given day, week or month. Valuable insight onattendance patterns can save both cost andtime when it comes to resolving anydiscrepancies that may arise. Such functionalitymay also be used to monitor and report on staffattendance patterns.

Intelligent security reporting permits you tolearn when your fitness centres run under andabove capacity, in turn allowing measures to beput in place that ensure you can retain a highlevel of customer satisfaction and increasepromotion or incentives that encouragemembers to attend at quieter times.

How could you use member attendanceinformation to your best advantage? Thereporting functionality of any good integratedsecurity system provides intelligent data thatthe host business might use for marketing anddevelopment purposes. System intelligencealso facilitates a proactive approach towardsmarketing and sales.

For example, you could set reports to analysemembers who do use your Out of Hoursfacilities on a regular basis. This informationcould be used to deliver specific detail relevantto them, or perhaps they could be sent afeedback questionnaire on ways in which theyfeel the service may be improved for end users.

Likewise, such reports could identifymembers who’ve stopped coming to the gym ona regular basis and may be at risk of cancellingtheir membership. Opportune e-mailsencouraging their attendance might justincrease customer loyalty and, ultimately, boostongoing membership sales.

38www.risk-uk.com

“Good security systems should be able to identify whenthe same PIN number or credential is used at the same

location twice within a set time period”

LeisureandEventsSectorSecurityforFitnessCentres May2015_riskuk_apr15 11/05/2015 15:23 Page 3

Since 2001, St Mary’s Stadium has served asthe home of Barclays Premier League clubSouthampton FC. The purpose-built

stadium can hold more than 32,000 fans,making it the largest football stadium in theSouth of England outside London.

Mark Hannibal, the venue’s safety manager,recently sought to upgrade the stadium’s videosurveillance system that’s used to monitor theseating areas, the club shop, entrances and carparks from an analogue camera-based regime toone that employs HD technology for improvedimage quality.

Hannibal and his safety officer team decidedto place their faith in Panomera MFS technology

developed by Dallmeier, particularly forsafeguarding away fans in the Northam Stand.“We’d heard about this new technology at aconference organised by the Football SafetyOfficers Association,” explained Hannibal.

Thanks to a patented sensor concept, MFStechnology makes it possible to keep the entireNortham Stand in view at one time. Even whenthe security operators are zooming in on a givenindividual, the system continues recording therest of the scene. This ensures that no incidentis left unseen.

Several IP appliances are in operation forrecording the Panomera systems, as well asother DMX appliances capable of recording bothanalogue and IP cameras. RAID 6 ensures thehighest possible availability of the data.

Hannibal’s dedicated safety officers haveseveral SeMSy workstations at their disposalsuch that police officers can access the cameraimages generated in rapid time.

The entire system – including theworkstations – was already preconfigured forplug and play flexibility and installed by CalderaFire & Security.

Watching Over ‘The Beautiful Game’The safety of both home and awaysupporters is paramount atSouthampton FC’s St Mary’sStadium. As Steve Hodges states,the solution is based on HDsurveillance in tandem with adedicated team of safety officers

Leisure and Events Sector Case Study: Southampton FC

Steve Hodges: ResponsibleProject Manager at Dallmeier UK

LeisureandEventsSectorCaseStudySouthamptonFC May2015_riskuk_apr15 12/05/2015 14:52 Page 40

The skills of our people, alongside the best in technology produce total integrated solutions that safeguard your business.

0800 716 586www.securitas.com

Securitas, a true focus on Security


Arguably, the scheduled 2015 revision toISO 9001 Quality Management Systems ismore of an evolution than a revolution. The

update will incorporate Annex-SL for a degreeof familiarity, while all the basics of ISO9001:2008 persist. The process approach sosuccessful in the 2008 iteration – complete withits underlying ‘Plan, Do, Check, Act’methodology – remains evident.

However, we must be careful not to discountone or two fairly significant changes. For astart, there’s many examples of newterminology. ‘Product’ is now ‘Goods andServices’ and ‘Supplier’ becomes ‘ExternalProvider’ while references to the ‘QualityManual’ are removed altogether.

It’s the new emphasis on ‘risk-basedthinking’ that really captures the attention.David Sharp is managing director at AletheiaIMS, a company providing integrated qualitymanagement and airfield assurance for NATO,the UN and the US Government (among others).David’s extremely knowledgeable about ISO9001. He explained to me that, previously,organisations had greater flexibility to developand implement their own methodology aroundthe standard, but that the update “appears tobe becoming more formalised”.

According to Sharp, there’s “a notable moveto expanding risk knowledge and awarenessthroughout the entire organisation and not justfrom within the safety departments. For most,this presents itself in the form of KeyPerformance Indicators and objectives.”

Of note is the change in focus away from a‘Management Representative’ towards overallmanagement interaction and responsibility. Nolonger will it be sufficient for the qualitymanager or CEO to be the only senior managerinvolved in the QMS. Rather, this shall becomeeveryone’s responsibility, promoting a betterunderstanding of Quality Assurance andencouraging staff to invest more in the process.

During our conversation, Sharp also stated:“As time progresses and the understanding ofrisk continues to increase, a traditional opinionof what a risk ‘is’, then, is changing. Now, it’sfair to state that the financial, reputational,competitor, regulator and legislator-centricrisks are also being taken into consideration.”

New form of governance modelThis change in direction to encourage ‘risk-based thinking’ will force organisations notalready doing so to concentrate wholly on riskmanagement and risk-based models ofgovernance. A greater emphasis on suchthought will bring enhanced focus on achievingvalue for the company and its customers.

Organisations are being encouraged to thinkabout the ‘cause and effect’. The identificationof risk and the control of risk is now arequirement of the new revision, meaningcompany management must understand howtheir business works – as well as the processesthey have in place – so as to be able toanticipate risks before they become‘undesirable’ events.

This doesn’t mean a full risk managementapproach, but instead forces organisations –and particularly senior management – to takemore responsibility around risk. While manybusinesses may already practice some level ofrisk-based thinking, the challenges within ISO9001:2015 will include the ability todemonstrate such an approach within QMS.

Commitment to changeDespite the three-year grace period,organisations are going to have to demonstratetheir commitment to change and also begin todevelop plans for its implementation. On apractical level, there’s no way that auditors andcertification bodies can wait until 2018 andthen complete all recertification.

As a ‘starter for ten’, it would be goodpractice to familiarise yourself with the changesto ISO 9001 and start to align your businesswith the new requirements. In terms of the risk-based approach – which will have the biggesteffect on the majority of organisations – itwould be prudent to consider implementing arobust risk management plan if one’s notalready in place. In short, examine how toaddress risk right across the business.

Organisations are advised to remain fullycompliant with the ISO 9001:2008 documentwhile preparing for and implementing thechanges needed for ISO 9001:2015.

ISO 9001 2015: Assimilation, Adaptation and Change

41www.risk-uk.com

The Quality Management SystemsStandard ISO 9001 was last revisedseven years ago. The next update,which is scheduled to appearbefore the end of 2015, will see thedocument evolve and integrate withother standards and managementsystems. Andrew O’Hara recountsthe main changes on the horizon

ISO 9001 Quality Management Systems Standard 2015 Update

Andrew O’Hara: StrategicResearch Analyst at Gael

ISO9001QualityManagementSystemsStandard2015Update May2015_riskuk_apr15 11/05/2015 15:13 Page 2

Security solutions for today’s challenging times

Global economic pressuresare forcing organisations toreview expenditure acrossthe board. But, the securityissues remain the same. So, do you cut your security?

Pilgrims offers a complete andcomplementary range of security,communications and support services,backed by an unmatched commitment to the highest level of quality, efficiency and client care, to reduce costs not cover.

Our expertise and global experience allowus to deliver robust, practical solutions fortoday’s challenging financial climate.

For more than ten years, Pilgrims has beensupporting clients across the globe, protectingand enabling their businesses to continue inspite of threats from terrorism, seriousorganised crime and natural disasters.

Our personnel are handpicked for theirexperience, skills, training and personality to match the requirements of our clients.This, combined with our continual exposureto the world’s hot spots and difficultregions, makes Pilgrims the ideal choice foradvice and support.

Pilgrims provides a global service, with localknowledge through our employment oflocal personnel, quality control, continualongoing training and our relationships withspecialists and local partners.

ConsultancyOperational ConsultancyManned GuardingTrainingInformation and IntelligenceCommunications SupportTechnical SystemsEquipment

We can help you find the right solution.Call Pilgrims on: +44 (0)1483 228 786

www.pilgrimsgroup.com


Over the years, Hostile Vehicle Mitigation(HVM) techniques have evolved tocounter ever-increasing threat levels.

Security professionals now have access notonly to stronger, more resilient roadblockersbut also stylish surface and shallow-mountedsolutions which make for aesthetically pleasingintegrated security systems in high profileareas. In truth, HVM products now exist tosecure virtually every type of location.

As roadblockers and bollards have evolved,so too have the threats we face. Terrorists arebecoming increasingly co-ordinated and brazenin their attacks, leading to more and more sitesopting to install HVM products. Automatedbollards and roadblockers have become acommon sight in modern cities.

However, HVM control systems have notprogressed at the same rate. Most installationsstill rely on simple push button operation, inturn offering limited functionality and virtuallyno feedback for operators. This may not presenta major problem in smaller installations – forexample a single roadblocker controlled by asecurity officer stationed in an adjacent hutwith a good line of sight to the unit – butserious issues can occur with large installationsfeaturing tens or even hundreds of HVM unitsoften working in banks of five or more.

As we see the increasing convergence ofmodern technology with mobile phones andtablets acting as fully-featured media andcontrol hubs, so end users are coming to expecta similar level of integration from securityproducts. The big red push button is becomingan increasingly archaic technology consigned toold James Bond movies.

The HVM industry is beginning to moveforward with enterprising, innovativemanufacturers introducing intelligent modularremote control and monitoring systemsdesigned to bring HVM solutions right up-to-date and implement a degree of future-proofingthrough adaptable modular design.

Interaction with end users Intelligent control and monitoring systemsbring a much wider range of interaction to theend users of automated perimeter securitysolutions. A well-designed, fully-featuredsystem can offer remote control of automatedproducts via mobile phone, tablet or theInternet. It can provide detailed feedback onmany aspects of a product’s performance andstatus and intelligently control banks of

multiple units to ensure that security ismaintained at all times.

Remote control and monitoring via a range ofdevices offers a number of benefits to the enduser. The most obvious is that of a moremodern user experience. As stated, devicesmay be controlled via a tablet or mobile phoneapp or through a web interface rather than abutton. The real advantages, though, becomeapparent as you scratch beneath the surface.

Any device used for control can also be therecipient of monitoring data sent from thecentral system. This means that users can beimmediately notified of damage to units or ofpending service requirements via e-mail, SMSor push notification through a dedicated app nomatter where they are in the world.

Holders of verified mobile phones maysecurely request data on specific roadblockeror bollard arrays via a text message. This datacan include elements such as – among others –unit status, the number of operationsperformed and ambient temperature.

Having this data immediately availablewithout even being on site can be of hugebenefit to busy security, risk and facilitiesmanagers who can monitor roadblocker andbollard performance on an accurate basis.

Counter-Terrorism: Hostile Vehicle Mitigation Techniques

43www.risk-uk.com

Intelligent Control and Monitoring in HVM

Given the increasing convergence of modern technology,with mobile phones and tablets acting as fully-featuredmedia and control hubs, end users are now coming toexpect a similar level of integration from their securitysolutions. Is this expectation being mirrored in the worldof Hostile Vehicle Mitigation products? Debbie Healdassesses the current state of play

CounterTerrorismHostileVehicleMitigation May2015_riskuk_apr15 11/05/2015 13:03 Page 43

Counter-Terrorism: Hostile Vehicle Mitigation Techniques

Functions such as service reminders are fullycustomisable dependent on site specifics whilesystems may be set to supply regularpredefined reports as required.

Fully-intelligent systems also have the abilityto control individual units or arrays to a levelthat traditional control systems simply cannot.If one unit in an array is damaged or develops afault then an intelligent control system willautomatically assess which part of the array isimmobile and present the operator with a rangeof options for continued use.

Finally, modern control systems can bedeveloped to be modular in nature. This can beof benefit to the end user as it means theydon’t have to pay for functionality that isn’trequired. It also means that, if increasedfunctionality is required in the future, it may bequickly and easily added to the system.

Radar-based speed detectors Modular systems on the market currentlyinclude radar-based speed detectors (which cantrigger events based on a user-specified speed)and a GSM module which adds in-built SMSand mobile network functionality.

Virtually any site can benefit from theaddition of intelligent control and monitoring,but larger installations with high numbers ofroadblockers or bollards will see advantages.

One recent project in the US featuring almost100 individual shallow-mount automatedbollards operating in ‘airlock’ arrays of up to 17units wouldn’t have been possible without anintelligent control system developed in-house.

The project uses an intelligent control systemcoupled with a standard push button controlmodule for the security operatives on site. Thisallows for simple, traditional control combinedwith extremely detailed remote monitoring thatfeeds data from all of the units on a huge siteto a single central monitoring station.

As soon as a unit is damaged the sitemanager can be notified directly rather thanwaiting for a message from on-the-groundoperatives to filter back to the appropriateperson. The decision can then be made as towhether to continue operating the array withone bollard immobilised or to lock the entirearray and ensure continued security.

Although larger sites do stand to benefit themost from intelligent control, smaller-scaleinstallations can see a number of advantages.

Maintain security at all timesBy way of another example, take a site wherethere’s a small roadblocker operated by asimple keypad. There’s no operative on locationand no staff on site outside of office hours, butaccess is required around the clock.

The intelligent monitoring system is able tonotify site management and maintenanceprofessionals at all times as to the status of theblocker. It can be set to send a text as soon as afault or damage is detected and also relayperiodic status updates and service reminders.

Site management are even able to text arequest to the system’s number to receive animmediate reply detailing the status of theblocker. This means that access – and security –can be maintained at all times with as littleservice disruption as possible.

Looking to the future, we should expect tosee increasing levels of integration betweenperimeter security technology and otherelements of building and city infrastructure.Barriers will be linked to number platerecognition and mobile phones and integratedwith building heating and lighting systems.

There’s also no doubt that end users willexpect their security systems to synchronisewith the same control and monitoring hubsthey use for all other systems.

A modular intelligent control and monitoringsystem can provide all of this and more.Choosing the right system right now is animportant decision that could have implicationsfurther down the line. It’s vital to select aproduct that’s as future-proof as possible and,ideally, one that benefits from good after-salessupport. While off-the-shelf systems can beappealing in the short run due to their low pricepoint, the support when they go wrong or whenyou need to upgrade can be non-existent.

Look for a bespoke modular system designedand built in-house by a company that willsupport you five, ten or even 20 years into thefuture as the host business’ security andoperational requirements morph and change.

Debbie Heald is Managing Director of Heald

44www.risk-uk.com

“Virtually any site can benefit from the addition of intelligentcontrol and monitoring, but larger installations with high

numbers of roadblockers or bollards will see advantages”

CounterTerrorismHostileVehicleMitigation May2015_riskuk_apr15 11/05/2015 13:04 Page 44

Your Business.Our Solution.

Access Controlreaders designed forstyle and function.

Because everyonedeserves peace of mind

[email protected]

+44 (0) 1202 723 535


46www.risk-uk.com

Chartered Security Professional GarryEvanson – head of security and emergencyplanning at London’s iconic Westminster

Abbey – has wasted no time in communicatinghis vision for the future of The Security Instituteand the way in which the organisation will berun during his chairmanship.

Having assumed the ‘hot seat’ at theInstitute’s AGM in March, an open letter tomembers saw Evanson swiftly set out his keyobjectives. Most important of all, perhaps, theformer lieutenant colonel in the British Armywho served the Royal Military Police with suchgreat distinction is anxious to reassure allInstitute members that the organisationremains first and foremost for the benefit of itsmembers and the wider profession.

“Some of the actions we’ve taken over thepast twelve months have been very muchbusiness-orientated,” asserted Evanson, “but Iwant to make the point that we’re amembership organisation run on soundbusiness principles rather than a business thathappens to be a membership body.”

Evanson went on to comment that, while it’simportant that The Security Institute continuesto generate the financial surpluses that enablethe organisation to meet its stated objectives,realising those surpluses must never becomethe primary aim. “We have a responsibility tothe profession and to everyone within it,” saidEvanson, “but of course our primary aim must

always be the development of our members ontheir own professional journey.”

Evanson also restated The Security InstituteBoard’s commitment to delivering Charteredbody status within the shortest realistic time-frame, duly recognising that this particularstatus quo may not be achieved as quickly assome members perhaps envisage.

“Achieving that coveted Chartered status issomething that pans out over a number of yearsand, in most cases, involves a number ofapplications. I can think of at least oneestablished professional body with tens ofthousands of members that began theapplication process back in 1966 and onlyachieved its Royal Charter in 1989.”

Evanson continued: “There are many criteriawe have to meet if we’re to be held worthy ofthe Charter. We are working and will continueto work diligently on this. We’re doing all theright things as set out by the Privy Council, butthere remains much ground to cover and agreat deal of hard work to be completed.”

The Manifesto: “a game-changer”The excellent Manifesto for ProfessionalSecurity issued by The Security Institute inNovember last year is, Evanson believes, “agenuine game-changer” for the professionalbody. “We have publicly adopted a position thatlooks out beyond our own narrow interests as amembership organisation and tried to offersomething that will be of value to everyoneworking within our specialist sector, no mattertheir level at the present time.”

Elaborating on that point, Evanson outlined:“In the past, we have perhaps been perceivedas an organisation that concentrates only onsenior people within the sector. Indeed, our aimduring the first phase of our existence was tobring as many leaders as possible within thesecurity profession into the ranks ofmembership. As my predecessor Emma Shawstated at our AGM, though, the ‘future’ of TheSecurity Institute effectively started in 2014.”

The Manifesto is quite clear about TheSecurity Institute’s commitment to educationand encouragement for anyone with ambitionto become the best that they can be. It’s aboutsetting out career paths so that entrants intothe profession can identify what they will needto learn and the skills they will need to acquireto progress upwards through the profession inall of its diverse areas.

“We need to ensure that professionalknowledge is readily available to individualsand organisations,” urged Evanson, “but, inorder to perform the role within the professionwhich we intend to, we need to be much more

In his first interviewsince becomingchairman of theorganisation, GarryEvanson outlines hisplans for deliveringstep change at TheSecurity Institute.Brian Sims listenswith great interest

Delivering Step Change atThe Security Institute

Garry Evanson MSc CSyPFSyI: Chairman of TheSecurity Institute

TheSecurityInstitute'sViewREVISED May2015_riskuk_apr15 12/05/2015 12:02 Page 46

inclusive in terms of who we allow to become apart of our organisation.”

To this end, Evanson promises “a stepchange” in the way in which The SecurityInstitute works with members of the securityprofession. “It has always seemed to me thatour membership rules prevented us fromworking with members of the profession atthose points when they most needed the helpof a respected and established professionalbody in their corner. By focusing on seniorprofessionals, we’ve been working with peoplewho have, in the main, already met thechallenges that lie ahead on the path to asuccessful career in security.”

Delivering the changesThe Security Institute will be working on twobroad fronts to deliver the step change Evansonpromises. Education will be key. The Institutealready enjoys a close working relationshipwith both Buckinghamshire New University andLeicester University to accredit and endorsecertain courses at undergraduate and post-graduate levels. In time, the intention is to workwith all universities and colleges runningsecurity qualifications and offer studentmembership of the Institute to all those takingcourses through said institutions.

“The key to success in any profession”explained Evanson – who served as group headof security operations at DeLaRue plc from2007 to 2012 – “is having a solid educationalfoundation on which to build. A foundation thatruns from entry level qualifications all the waythrough to doctoral level. We will actively seeklinks with educational institutions to promotesecurity education qualifications and will alsobe ensuring that our own educational offeringsare robust and developed in line with theevolving needs of security practitioners.”

Later this year, The Security Institute will belaunching a new Level 7 study path offering apost-graduate level qualification course tothose already holding its Level 5 Diploma orwho are otherwise academically qualified.

The other key front for a professional body is,of course, membership itself. “Studentmembership will be one of the ways towardsfull membership and, eventually, fellowship ofThe Security Institute,” stated Evanson, “but weare conscious of many other people working insecurity at levels below management whoaspire to build their careers and climb theladder. We most certainly want to help theseindividuals further their careers and toestablish a career-long relationship with them.”

The Security Institute is able to welcomethose individuals as associate members.

Alternatively, where the organisationsemploying them become corporate members ofthe Institute, they can then become affiliatemembers, each with an eye set firmly ondeveloping their security career.

“Somewhere out there are individuals justbeginning their career in our sector who willeventually become the Chartered SecurityProfessionals of tomorrow. We’re determined togive these people the best possible chance ofdoing just that.”

Evanson firmly believes that, over the comingfive years, the increasing visibility of privatesector security providers in work formerlyhandled by the police service, the growingcomplexity and connectedness of everyday life,the burgeoning risks posed by those who seekto harm our society and the sheer ubiquity ofsecurity cameras and security providers aregoing to place security highly in theconsciousness of the public at large.

“When that happens,” explained Evanson,“people will begin to think about what we do asa profession being something they might pointtheir sons and daughters towards as a long-term career. When they do, we will be there toanswer whatever questions they may ask aboutthe sector and about what it means to becomea recognised professional within it.”

Fresh and invigorated purposeWhen asked for a concluding message to RiskUK’s readers about The Security Institute’splans, Evanson paused for a moment’s thoughtbefore offering a definitive response.

“We intend to be an organisation that has aplace within it for everyone in this industry. Youmay be a senior professional at the top of yourgame who wants to become a CharteredSecurity Professional. You might be a seniormanager who wishes to develop further or toput something back into the profession. Youcould be a lower or mid-career professionalwho wants the sense of community, commonpurpose and practical support that aprofessional body offers along with the chanceto develop or keep your skills up-to-date. Youmay be a field operative aspiring to climb thecareer ladder, or perhaps a young graduateseeking to take your first steps in thisprofession. Whatever the scenario in play we’rethere for you, and what’s more we’ll be therefor you for the rest of your career.”

47www.risk-uk.com

The Security Institute’s View

“Somewhere out there are individuals just beginning theircareer in our sector who will eventually become theChartered Security Professionals of tomorrow”

TheSecurityInstitute'sViewREVISED May2015_riskuk_apr15 12/05/2015 12:02 Page 47

48www.risk-uk.com

Let’s play a game of word association. Foreach of the following words or phrasesthink of one word that springs readily to

mind: Interrogation/Confession/Liar/Suspect/Good Cop, Bad Cop. How many of your answerswere positive or negative? Here are somesuggestions I thought of in response: Torture/Duress/Confrontational/Police/Trickery.

While I’m not suggesting that, in ourcorporate worlds, we adopt or apply suchmethods within our interviews or corporateinvestigations, I would ask you how many timesyou’ve heard these words or phrases used inyour own environment. Do these wordsfacilitate conversation or act as a barrier?

How do we face up to the challenges ofapplying consistent and ethical interviewstandards across a global estate?

For many sector professionals investigativeinterviewing is seen as something of an artthat, while taught, must be practised anddeveloped over time if the procedure is tobecome effective and efficient.

The world of interviewing is well serviced bya variety of applications and training models –Wicklander-Zulawski, REID, PEACE andPolygraph are obvious examples – but whichone is right for you? This doesn’t include theself-trained expert. The type of person that hasbeen heavily influenced by the ‘CSI effect’having watched complete box sets of thatenduringly popular crime drama.

From my own perspective, I’m fortunateenough to have trained in all of these models

which are credible and well adopted in ourenvironments, but I often question whether wemay have over-complicated the basic skills ofcommunication. In attempting to answer thatquestion, perhaps we should begin by askinganother one... What, exactly, is an interview?

An interview is a conversation with apurpose. Whether applied in a complianceenvironment or the HR arena, unless we’remerely exchanging ‘chit chat’ it’s fair to suggestthat most of our conversations have a purpose.For example, conversations involving thenegotiation of a new salary, applying for a newrole or quizzing an employee over an allegedcompliance violation. All have a purpose.

How do we determine success?What, then, determines the ‘success’ of such aconversation? The answer is effective planning.Using a simple model you may have seenbefore, we can work through the particulars.

Why? and What?Why are we seeking this conversation and whatis the objective? You would be surprised howmany times people come out of an interviewfailing to have achieved the objective(s) or evenhaving asked the relevant questions.

As part of an investigative process, aninterview is often seen as an opportunity toexchange information, establish facts andsecure an account. More importantly, though, itshould be used as an opportunity to listen.

Who?Who is going to conduct the interview orconversation? Do we give sufficient

When focusing on corporateinvestigative interviewingprocedures, are today’sorganisations perhaps somewhatguilty of over-complicating thebasic skills underpinning successfultwo-way communication? CorinDennison examines the correctprocedures that ought to beinvoked wherein informationsharing is every bit as vital as theomission of negative terminology

Tactical Interviewing: Interrogation or Conversation with a Purpose?

InTheSpotlightASISInternational May2015_riskuk_apr15 11/05/2015 15:11 Page 1

consideration to competence, qualification and,more importantly, confidence? An effectiveinterviewer should be an effectivecommunicator, possibly a subject matter expertbut definitely someone who’s familiar with thefacts and the objectives.

How many times in an interview environmentis the interviewer more anxious than thesubject being interviewed? Confidence can be achallenge and, equally so, can over-confidence.

Where?Where will the conversation take place? Is aglass office a suitable location for a complianceinterview, or maybe a coffee shop? You maysmile but I’ve experienced both scenarios. Theselection of a suitable venue can be tactical,but we also have to consider the practicalitiesof our own working environment at all times.

When?Timing, they say, is everything. We shouldconsider how this can impact on the success ofour interview. Is a Friday just ahead of theweekend really appropriate? Or maybe justbefore lunchtime? Is your subject actually in theoffice or even available?

How?In my opinion, the most important factor ininterview engagement is the application. Howare you going to achieve your objective(s) andpurpose(s)? What’s the most effective methodfor a particular subject, and are you confidentof being able to execute that method? What’syour definition of success?

With the ‘How’, I always like to considerpotential barriers. What might be a barrier tothe interview or conversation taking place orbeing effective? For a global business, it’s fairto say that language is always a challenge, notonly in terms of conversing directly but in theinterpretation of what’s being said. It’sabsolutely essential here to quality assess andconfirm understanding.

Another barrier is effective listening andactually hearing what the other person issaying, even if you don’t agree with what’sbeing said or the account doesn’t fit with yourpurpose. Work to the 80/20 model. In otherwords, 80% listening and 20% talking.

When it comes to bias or pre-determinedopinion, again we should revisit the objective.Why enter into a conversation or interview ifyou’ve already decided the outcome or made adecision? While bias is a natural humaninstinct, it’s one that’s often ‘detected’ by theother party during a conversation and will notfacilitate easy communication.

Similar to language, tone is also hugelyimportant. When you talk you want to be heardand, at the very least, acknowledged. Linked tolistening skills, engagement is absolutelycritical to effective communication.

Tell, Explain… and Show“Tell me something new.” In point of factthere’s nothing new here except to say thatwe’ve returned to the basics. A simple three-step process: ‘Tell, Explain... and Show’.

Apply each to a conversation and to your‘questioning technique’.

TellThis is often referred to as the ‘free recall’ oraccount. “I will tell you the purpose or objectiveof the interview or conversation, imparting ordisclosing some information that will facilitatethe process. You tell me what you know or whatyou need to answer my question.”

The question often asked by a subject in acompliance interview is: ‘What’s this about?’Why avoid or deflect this question which wouldbe an obvious barrier to achieving an answer?

ExplainHaving entered into a conversation you maywish to add information or explain the context.Alternatively, you may ask the question:“Explain what you’ve just told me”. Again, thisis a simple application of the questioningprocess to establish the necessary facts.

ShowAs a demonstration of sharing information youmay wish to show or share with the other partysomething relevant to the conversation, orotherwise ask them to show you. This is oftenreferred to as a ‘challenge phase’.

Some of you may now be questioning theapplication of such a simple model, particularlywhen applied to complex interviews orinvestigations, but let’s revisit the wordassociation exercise and the barriers we face.

Negative terminology is often used to applypressure on a subject whether tactically orinadvertently, but this will impact on thesuccess of an interview. The objective in mostcompliance interviews is securing a confessionas opposed to an account. Any personalinvestment in that goal can cloud both theinterviewer’s judgement and focus.

49www.risk-uk.com

In the Spotlight: ASIS International UK Chapter

Corin Dennison CPP:Director of Profit Protectionand CoE Investigations at theadidas Group

“When it comes to bias or pre-determined opinion, again weshould revisit the objective. Why enter into a conversation orinterview if you’ve already decided the outcome?”

InTheSpotlightASISInternational May2015_riskuk_apr15 11/05/2015 15:12 Page 2

Telephone : 0191 296 3242 www.ssaib.org

Appointed Security Industry Authority (SIA) Approved Contractor Scheme (ACS) Assessing Body. ISO 9001and Product Certification for Key Holding and Response Services, Door Supervisors, Static Site Guardingand Mobile Patrol Services, Event Stewarding, Crowd Safety, Security Wardens, Cash and Valuablesin Transit, Close Protection Services and Security Dogs. Contact us for a free no obligation quote.

The leading certification body for Guarding Services.

CERTIFYING SECURITY

SSAIB

solut ions for a safer world

solutions for a safer worldsafer world

CONTRACT SECURITY SERVICES LIMITEDCASH & VALAUABLES IN TRANSIT (CViT) SERVICE PROVIDER

CASH PROCESSING & BANKING SERVICE(INCLUDING COLLECTION AND PROCESSING FROM CAR PARK MACHINES)

CASH CONSOLIDATION SERVICESECURITY GUARDING AND MOBILE PATROL

HEAD OFFICE:CHALLENGER HOUSE

12 GUNNERSBURY LONDON W3 8LH

T: 020 8752 0160 F: 020 8992 9536E: [email protected]

www.contractsecurity.co.uk

SALES:T: 01622 792639 F: 01622 882084

E: [email protected]

DEPOTS:Brentford, London | Larkfield, Kent | Andover, Hampshire

5 LANE


The Corporate Manslaughter and CorporateHomicide Act 2007 states that anorganisation will be guilty of the offence of

corporate manslaughter if the way in which itsactivities are managed or organised causes aperson’s death and amounts to a “gross breachof a relevant Duty of Care owed by theorganisation to the deceased”.

Firms found guilty of corporate manslaughterwill be liable for an unlimited fine. The Act alsoallows the courts to call for a publicity orderthat requires the named organisation topublicise details of its conviction.

The Corporate Manslaughter and CorporateHomicide Act followed on from the RegulatoryReform (Fire Safety) Order which became law inOctober 2006 (‘The Challenges of Implementingthe Fire Safety Order’, Risk UK, April 2015,pp52-53) and has changed the way in which thefire safety of buildings is managed andenforced. From the building owner’sperspective, the major transparent change hasbeen the removal of Fire Certificates.

The Fire Safety Order places the onus of firesafety in buildings squarely on the shoulders ofthe ‘Responsible Person’. All fire precautionsprovided will be subject to maintenance andinstalled and maintained by a ‘CompetentPerson’, but how do you prove competence?

Let’s define the word ‘Competent’. Thedictionary says: ‘Competent, Adjective: Havingadequate ability, knowledge or authority;Adequate, effective…’ It doesn’t mean the fontof all knowledge, then, but rather just enoughknowledge is necessary. Certainly, that meansenough knowledge must be present so as notto perform a task in the wrong manner.

My particular interest is active fire protection.Systems here are the fire detection and alarmsolutions and extinguishing fire protectionsystems within a building. In the event of a fire,these systems will detect the fire, alert the Fireand Rescue Services and provide a means ofextinguishing any blaze depending upon thetype of system installed.

Qualifications and competence Many of our Association’s members supply andservice portable fire extinguishers. This sectoris one that’s often singled out for attack by theless scrupulous companies, the latter’s viewbeing: “This fire extinguisher business soundseasy. Now, where should I start? All I need is acredit account with a supplier or distributor, ora VISA card to buy products off the Internet, afew customers and a couple of guys to work forme. Oh, hang on. I forgot the white van.”

What don’t they need? Well, that’s easy, too.They don’t need to prove that they have any

relevant qualifications, competence, scruples oreven knowledge.

Now, you may think I’m kidding here butbelieve me that’s exactly how some of thesecompanies start up. Even more unbelievably,they do manage to source work. The attitude ofthis type of contractor is: “Let’s face it. Surely itcan’t be that difficult? Anyway, what couldpossibly go wrong?”

An example of contractors lacking scruplesare those that ‘shine and sign’ fireextinguishers. In North America, ‘shining andsigning’ describes the process where celebritiesshow up to a convention or at a book launch toradiate their personalities and then sign plentyof autographs for their adoring public.

Try as I might I cannotcondone this process insteadof a proper service for a fireextinguisher. I guess you doreceive radiant heat from afire, but I’ve never yet seen aconflagration place itssignature into a neatlydecorative small notebook.

Here in the UK, the phraserefers to those fire protectionmaintenance companieswhose operatives believe

51www.risk-uk.com

Active fire protection systems rely entirely upon correctdesign, installation and maintenance regimes otherwisethey will not work in the right manner. That’s why it’s sovitally important for organisations to employ competentcontractors. Graham Ellicott outlines how end users mightgo about selecting the best company for the job at hand

FIA Technical Briefing

Fire Protection Regimesfor End Users: How To Avoid Lawsuits

Graham Ellicott:Chief Executive of theFire Industry Association

FIATechnicalBriefing May2015_riskuk_apr15 11/05/2015 14:27 Page 2

FIA Technical Briefing

that the servicing of a fire extinguisher involvesthe removal of a yellow duster from their bag tobe followed by a biro. The former is used towipe the dust from the extinguisher while thelatter is employed to sign the appropriatepaperwork as evidence that the proper level ofservicing has been carried out.

I’ll not bore you with the detail but to ‘shineand sign’ misses out 99.999999% of BS 5306Part 3 which deals specifically with portable fireextinguisher maintenance.

As to what can go wrong, well when youconsider that a fire extinguisher is a pressurevessel it doesn’t take much imagination toconclude that it could seriously injure itsoperator in the event of a malfunction that hasbeen brought on by either flawed or otherwiseseriously lacking maintenance procedures.

Now, where did I put my dictionary? Ah yes,there it is. Found it… ‘System, Noun: Complexwhole; Set of connected things or parts;Organised body of things...’

For active fire systems to work, they must bedesigned, installed and maintained in thecorrect fashion. I can hear some of you sayingto yourselves: “If a few corners are cut there’snot going to be a problem, is there?” Wrong.Active fire protection systems are not designedto be abused. They rely entirely on correctdesign, installation and maintenance otherwisethey will not work properly. That’s why it’s soimportant to use a competent contractor.

Choosing a competent contractorHow, then, do end users select a competentcontractor? They’ll all tell you they’re the goodguys, so where would you look for assistance inselecting the best solutions provider? Well, as ataxpayer why not refer to Government fireguidance documents which state:

“Third party certification schemes for fireprotection products and related services are aneffective means of providing the fullest possibleassurances, offering a level of quality, reliabilityand safety that non-certificated products maylack. This does not mean goods and servicesthat are not third party approved are lessreliable, but there is no obvious way in whichthis can be demonstrated” and: “Third partyquality assurance can offer great comfort toemployers as a means of satisfying you thatgoods and services you have purchased are fitfor purpose and as a means of demonstratingthat you have complied with the law.”

How to select a competent contractor, then,is alluded to by Government. You need one thatbelongs to a third party certification scheme. Inmany cases, such schemes are run inconjunction with a Trade Association or indeeda number of Trade Associations.

Many of you will be tempted, though, by theother alternatives on offer, such as installersapproved, recognised or registered bymanufacturers. Do not succumb to thisparticular temptation. Remember… Everyoneexcept a third party has a vested interest.Always look to have the work carried out bysomeone who expects to be checked by a thirdparty – one that doesn’t work for the samecompany or for a supplier to the company.

Third party certificated installers understandthe importance of proven products that arecorrectly designed, installed and maintained.These companies are generally members of aTrade Association with an enforceable Code ofPractice. This extra level of cover will mean thatyou, the client, can be confident that the workwill be carried out to the highest standard withregard to quality of work on site and thehighest standards of business integrity.

More often than not, skilled third partycertificated installers ‘get it right first time’ sothere will be fewer problems on site.

An added bonus is that product traceability isabsolutely assured.

Certificates of ConformityThird party certification breeds Best Practiceand means worthwhile Certificates ofConformity are issued. This will give confidenceto the specifier, client and the enforcer that thejob in question has been carried out to the veryhighest standards.

In the event of a disaster scenario, lawyerswill come looking for the person with thebiggest pockets. It’s highly likely that the use ofa third party certificated company would beseen as a basis for a sound defence in theevent of a lawsuit.

In the worse case scenario where someone iskilled in a fire, the possibility of a breach of theCorporate Manslaughter and CorporateHomicide Act becomes a distinct possibility.Again, the use of a third party certificatedcompany could be highly beneficial to theaccused organisation defending such an action.

Avoid the lawsuit. Don’t use the guys that‘shine and sign’ and operate from the unmarkedwhite van. Rather, make sure they’re clamped ortowed away to the pound.

The message is abundantly clear… Use onlythird party certificated installers for your activefire protection solutions.

52www.risk-uk.com

“Third party certificated installers understand theimportance of proven products that are correctly designed,

installed and maintained”

FIATechnicalBriefing May2015_riskuk_apr15 11/05/2015 14:27 Page 3

OxyReduct® fire prevention

R E M O V I N G T H E

T H R E AT O F F I R E .

The new Library of Birmingham has

chosen OxyReduct® to protect its

valuable archives, the same as over

700 other businesses and organisations

around Europe.

No matter how good your fire detection,

extinguishing or suppression system is, a fire

has to start for it to work – so some damage

is inevitable. In mission critical applications

where any business interruption is unaccep-

table or where warehouse stock or archives

are invaluable, a different approach to fire

prevention is needed.

OxyReduct® employs innovative technology

that continuously reduces the oxygen level in a

room by adding nitrogen to the air. The oxygen

is reduced to a level in which combustibles do

not inflame and an open fire is impossible.

Importantly, people can enter the area of risk.

Visit our in-house demonstration facility and

experience a fire-free environment at first hand.

www.wagner-uk.com


54www.risk-uk.com

Within the business world it’s fair to saythat most successful leaders and theircompanies have made mistakes,

endured failures and, hopefully, learned muchfrom such experiences. We all want to succeed.One way of ensuring that success isforthcoming is, wherever possible, to learn fromthe errors of others and avoid repeating them.

Essentially, that’s the purpose of this articleand, indeed, of what we do as a business. AtDarwin Clayton, we draw on the experiences ofour clients and our own in-depth knowledge ofthe security sector accumulated over time toprotect companies’ interests in what is now ahighly litigious landscape.

In the security sector, by understanding aclient’s business it’s possible to tailor cover toprovide the most cost-effective protection andalso add value by sharing Best Practice and, asstated, learning the lessons from poor practice.

The claims experiences of clients and othersecurity contractors can be highly educational.Most of the claims we see fall under three mainareas of cover: employer’s liability, publicliability and inefficacy/contractual liability. Let’sexamine each of them in turn.

Employer’s liability in detailSecurity companies have a statutory duty toprovide a safe working environment for their

employees. That responsibility also extends toyour client’s premises, although you may nothave complete control.

It would also be advisable to look out fordangers such as slippery steps, malfunctioninggates, cramped Security Control Rooms withtrip hazards or tatty old chairs and other itemsof furniture that may present a hazard.

It’s no defence to plead that there wasnothing you could have done about suchworking conditions. It’s your responsibility towork with the client to ensure that yourmembers of staff are indeed operating in a safeenvironment.

If some of these issues seem trivial then dobear in mind that the costs of overlooking themcan be significant. Insurers recently paid outmore than £65,000 to an employee who injuredhis back when a chair collapsed. The piece offurniture was known to be faulty. Despite thisand other known facts – ie that the chair inquestion was the property of the securitycontractor’s client and the security officer, ofheavy build, was carelessly swinging back andforth on it – the company was still held liablefor its employee’s injury.

It’s important to inspect the premises and tobe mindful of the activities and duties of yourstaff on site. At the start and end of the workingday, for example, security operatives are oftenresponsible for unlocking or locking up. Thismay involve opening and shutting heavy gatesand doors, sometimes in cold or otherwiseinclement conditions and without assistance.

In one case, an operative was crushed whena sliding gate came free of its runners. Therewas nobody else on site to assist the securityofficer and the injuries he received proved fatal.

While this is an extreme and rather tragicexample, the message here is salutary. In short,it’s the employer’s duty to identify risks on theclient’s site and take the appropriatepreventative action.

In the second of two articlesdedicated to essential self-protection measures for today’ssecurity companies, TinaChittenden shares some invaluableinsights relating to the mostcommon causes – and real-lifecases – behind insurance claims.Subjects including employer’sliability, public liability, inefficacyand contractual liability are all partof the mix

A Problem Shared isa Risk Managed

Tina Chittenden:Head of the Security Sectorat Darwin Clayton

SecurityServicesBestPracticeCasebook May2015_riskuk_apr15 11/05/2015 16:45 Page 54

Given its wide scope – covering injury to thirdparties and damage to property – it’s perhapsnot surprising that a high proportion of claimsare made against public liability insurance.

Most tend to be for commonplace incidents,such as a barrier being brought down on a caror delivery vehicle. We’ve also covered claimsfor water damage where security operativeswere the only people on site when a buildinginterior or stock has been damaged and theyare thus held responsible. For example, as theresult of a tap having been left running in akitchen and causing subsequent water damage.

Common sense and staff training will limitthe risks here, but random events and humanlapses will happen. Where a trend emerges inclaims, management should investigate theunderlying causes and, with the support oftheir insurance provider, devise a plan of actionwhich may include changes to work procedures,training or the company’s systems.

Efficacy: the main pointsEfficacy is an area of cover that needs to betailored carefully for each industry. As asecurity company you are expected to carry outall duties in a safe and considerate manner, butyou also run the professional risk of beingliable for any losses suffered by your client as aresult of a failure of service.

The more usual scenario is a theft from theclient’s premises where a security officer haseither failed to carry out his or her patrols ormissed an obvious opportunity to raise thealarm. The evidence of a security lapse canitself be all-too-obvious. In one case when acamera captured intruders moving freely abouta building and – via a reflection on the CCTVscreen – the security officer’s feet were seen tobe ‘parked’ in a comfortable positionthroughout, no soundtrack was needed tocomplete the peaceful scene. The footagepretty much said it all and, as you might expect,the quite substantial claim was not contested.

Fortunately, incidents like these are rare in awell-managed security company. Managementteams that take a keen interest in howmembers of staff perform their duties –underpinned by surprise site visits, regular call-backs and other forms of checks to establishthat procedures are being correctly followed –absolutely reduce the risk of failure.

If companies cut back on supervision toshave costs on contracts, these types of claimwill rise and so will the insurance costs.

Claims around extraneous dutiesAs last month’s article (‘Securing The SecurityCompanies’, Risk UK, April 2015, pp54-55)

intimated, in recent years we’ve seen a largeincrease in the number of claims arising fromextraneous duties.

The additional responsibilities clientsoutsource to their security contractors cansometimes be onerous. If your securityguarding staff are the only people on site orotherwise available when these tasks need tobe performed, it’s somewhat difficult to resistclient requests.

When clients make these demands, though,it’s essential to consider the scope of the newduties – and how they might impact on securityguarding activities – and also assess anyadditional risks (and manage them).

You should agree an appropriate charge andhave the terms written into the securitycontract. An important distinction to make hereis whether it’s the ‘function’ that’s beingdelegated or the ‘responsibility’. It’s moreprudent to accept that security operatives willcarry out the task, while the client’s staffremain responsible for managing this activity.

Clients have faced large contractual liabilityclaims after taking on extraneous duties suchas setting thermostatic controls or addingweighbridge operation to gatehouse duties.

In one unfortunate case, a security officerwas instructed to override a faulty generatorconnected to a warehouse sprinkler systemwith consequences that, unfortunately, weresomewhat predictable.

Make sure you know what your members ofstaff are actually doing on site for each contractand be certain to share that knowledge withyour insurance advisors. Keeping tabs on sucha simple procedure could save your business agood deal of money, not to mention alleviatingunnecessary stress.

55www.risk-uk.com

Security Services: Best Practice Casebook

“Management teams that take a keen interest in howmembers of staff perform their duties – underpinned bysurprise site visits – absolutely reduce the risk of failure”

SecurityServicesBestPracticeCasebook May2015_riskuk_apr15 11/05/2015 16:45 Page 55

56www.risk-uk.com

Despite there being evidence and logicalreasoning to the contrary that’s freelyavailable, the hype around ‘cyber’

continues to exist. The $64,000 question to beasked is a simple one: ‘Why?’

Let’s explore why, when assessing two simplewords taken together – ‘risk’ and ‘appetite’ –from multiple perspectives we derive the hypeand confusion that we do and, moreimportantly, how we might tackle it.

‘Risk appetite’. Simple words to say, perhaps,but more difficult to address in practice. Thepoint is that we all have different risk appetites,both as individuals and as companies. In thisso-called ‘cyber’ world there are very differentorganisations out there with very different riskappetites. Those same organisations face vastlydifferent risks but, alas, they’re all confusinglybundled under the heading ‘Cyber Risk’.

That scenario serves to create a ‘PerfectStorm’ that gives ‘cyber’ its hype and makes itsmanagement so difficult.

Addressing ‘The Perfect Storm’Cyber risk – when viewed through theoperational and enterprise risk lens of acorporate – amounts to perhaps a strongbreeze in meteorological parlance. That beingso, businesses can set a sensible risk appetiteand control the risk accordingly.

However, in this world of interconnectedbusiness, if you were to add a few strongbreezes together that all happen to be blowing

towards your company you will indeed realisethe ‘Perfect Storm’.

For its part, ‘The Cyber Wind’ blows towardscompanies from several quarters, includingstrong breezes emanating from Government,regulators and the insurance community as wellas members of the public (ie customers).

Government addresses the issue with twohats on. First, it has a defined role in terms ofpromoting UK plc. Government wishes the UKto be seen as a safe and secure place in whichto do business, in turn maintaining and growingthe UK’s economic role on the global scene.Second, the Government holds ultimateaccountability for national security.

Both roles naturally have exceptionally lowrisk appetites. They also rely on corporates forcontrolling large elements of the risk exposure.

That’s Strong Breeze Number One, then.Strong Breeze Number Two comes from theregulators who, among other things, carry theresponsibility to ensure market stability andthat companies protect their customers in theirgiven sectors. By inference, they too have avery low risk appetite, arguably lower than theirregulated companies. A situation which, aftermonths or years of persuasive tactics,eventually only leads to more regulationdesigned specifically to force through the levelof risk control they would wish to see.

Aside from a focus on personal data that’sgoverned by the Data Protection Act 1998 and’policed’ by the Information Commissioner’sOffice, regulators have yet to really show theirteeth in relation to ‘cyber’.

However, this is most certainly a strongbreeze that could become a regulatoryhurricane in its own right if and when theparties concerned choose to really flex theirregulatory muscle over ‘cyber’.

Data loss insurance is relatively mature in theUK but policies to cover operational losses from

Confronting the so-called ‘CyberWorld’ are many different types oforganisation with dissimilar riskappetites. In the final instalment ofan exclusive three-part series forRisk UK, Colin Lobley explains whythis scenario serves to create a‘Perfect Storm’ that affords ‘cyber’such hype and, importantly, rendersits management somewhat difficult

Sailing The Perfect Cyber Storm

Colin Lobley: Subject Experton Security Strategy andRisk Management

CyberSecurityandRiskAppetite May2015_riskuk_apr15 11/05/2015 14:20 Page 1

cyber incidents are not. In terms of our friend‘cyber’, many insurance providers are steeringclear saying that it’s ‘uninsurable’ (‘The CyberRisk’, Risk UK, April 2015, p5) or that they’reunwilling to offer policies as it’s impossible toprice the risk.

Sticking with the weather analogy, this blowsout a powerful message to the market asStrong Breeze Number Three – cyber risks aretoo uncertain to control and the incidents couldwell be massive in scale.

Initially, at least, it would be logical toassume that customers have low risk appetitewhen it comes to buying secure services. Asindividuals, none of us wants to have our datastolen or our online transactions stopped forany period of time. However, real worldresearch shows that not many of us really actwith our feet.

Customer satisfaction – and notably whenlinked to regulatory initiatives around treatingcustomers fairly – becomes Strong BreezeNumber Four.

Steering The Corporate VesselUnfortunately, most companies find themselvesin the midst of this ‘Perfect Storm’, duly beingblown in all directions and left unsure as towhich way they should steer the corporatevessel. While there may be no ‘silver bullet’answers, I do believe that there’s a better andmore logical process to go through based ontraditional risk management principles.

We need to be absolutely clear what we’retalking about here. There’s no such thing as‘cyber’ risk. It’s simply too big and broad abucket to be of any use and, that being thecase, absolutely needs to be broken down intomanageable component parts.

Operational and Enterprise RisksWhat’s the likely impact (measured againstcorporate objectives) should your IT andinformation-enabled operational processes beaffected by a malicious or non-maliciousincident? What are the threats to thoseoperational systems? How likely are they givenyour current controls? What’s your riskappetite? Is your exposure higher or lower? Theanswers to these questions will afford abaseline of required cyber security investment.

Political RisksHow important a stakeholder/customer isGovernment to your business? If it’s veryimportant then investing more finances towardsbetter control of cyber risks is necessary toshow your support for Government policies andstrategies and ensure continued good relations.

Regulatory and Compliance RisksHow heavily regulated is your business? Withwhat initiatives from the regulators do youneed to comply? What legislation must youcomply with? What are the impacts – whenassessed against corporate objectives – if youfall foul of non-compliance? If they’re high thenspend more on cyber security.

Have you sourced a provider of cyberbusiness impact insurance? Is the policy cost-effective versus spending more on controls toreduce the likelihood and/or impact? If notthen expend more resources on cyber security.

Customer Satisfaction RisksWhat would be the impact if your customersbecome disgruntled with your organisation dueto a cyber-driven operational incident? Thehigher the likely impact, the greater theinvestment needed in cyber security.

Remaining on an even keelWhile a cyber attack could – in the event of anexceptionally low likelihood ‘Perfect Storm’ –mean the end of your company or bring downan entire sector, so too might an extremeweather event plus any number of other things.

No company, large or small, has the money tocompletely prevent those sorts of exceptionallyhigh impact risks, but they do invest tominimise against lesser versions of theseevents. For example, buildings are designed towithstand strong gale force winds but not so afull-blown hurricane. Similarly, they canwithstand ground tremors and minorearthquakes but not one that’s huge in scale.

Balance sheets can survive a minorfluctuation in exchange rates but perhaps notthe complete collapse of a given currency.Likewise, companies can survive one largecyber incident but will not survive a major cyberattack every month (or, indeed, a prolongedperiod of falling out of favour with Government,regulators or their customers).

At the end of the day, managing risk issomething of a balancing act. Take on too muchand shareholders become twitchy or you sufferlosses at a scale that’s significantlydetrimental. Take on too little and shareholdersare twitchy that you’re not pushing theboundaries in order to grow the business.

By its very definition, then, managing risk isall about managing uncertainty.

57www.risk-uk.com

Cyber Security and Risk Appetite

“‘The Cyber Wind’ blows towards companies from severalquarters, including strong breezes emanating fromGovernment, regulators and the insurance community”

CyberSecurityandRiskAppetite May2015_riskuk_apr15 11/05/2015 14:22 Page 2

58www.risk-uk.com

The perennial debate focused on whetherthe security sector can be described as a‘profession’ and those who work in it as

‘professionals’ will only be settled when thenecessary traits associated withprofessionalism are in place.

Those traits include certification based oncompetency, university-level training andeducation and the development of skills basedsquarely on sector knowledge. We’re steadilymoving towards meeting these requirementsand the Register of Chartered SecurityProfessionals, recognised as the Gold Standardfor practitioners, is a classic example ofprogress made to date.

The continued drive for professionalism hasalso led to the development of a number ofvocational security courses at bothundergraduate and postgraduate levels, whilethe more enlightened private sector trainingcompanies now align their courses with theNational Qualifications Framework and linkthem – through credit values – to recognisedhigher education establishments and their ownacademic programmes.

Quality training in various security skill setsis an integral part of ‘professionalisation’ and,what’s more, absolutely key to businesssuccess. Indeed, many businesses alreadyrecognise that investment in training has apositive impact when it comes to improvingstaff knowledge and skills.

However, some are less aware that goodquality training has much wider-reachingbenefits than simply teaching core operationalskills or ensuring compliance with mandatorylicensing requirements.

In truth, the provision of good quality trainingfor employees demonstrates that members ofstaff are highly valued by the business andplays an integral role in job holder retention,boosting staff morale at the same time asimproving the organisation’s bottom line.

Knowledge and understandingNow more than ever before, securityprofessionals are aware about the importanceof having sound knowledge and understandingof their field at their fingertips. That said, it’sall-too-easy to overlook the importance ofdeveloping a versatile, transferable skill setalongside expertise in a chosen discipline.

In fact, transferable skills should be a keycomponent of any rounded Curriculum Vitae,particularly so in a challenging economicclimate where the ability to demonstrate viabletransferable skills will, more often than not,deliver a significant competitive advantage.

Examples of transferable skills include – butare in no way limited to – those centred onbusiness management and finance, leadership,people management, evaluation and criticalthinking, information gathering and researchand, last but not least, communication.

With increasing demands and feweropportunities to take time out of work, it can bedifficult to find windows for learning, notably ina sector like ours where irregular workschedules and plenty of travel arecommonplace. Thankfully, the days in which theonly way to gain a qualification would be toattend a college once or twice a week are nowlong gone. Many flexible learning options areavailable, with both distance and onlinelearning gaining in popularity.

Good quality education materialsWhen delivered in the correct fashion, distancelearning can be as effective as traditional face-to-face teaching. Good quality learningmaterials, a high standard of support fromtutors and appropriate and timely feedback onassignments are all essentials.

Distance learning is used for a wide range oftraining, from short courses taking a few hoursto complete through to postgraduatequalifications lasting a few years. Distancelearning via e-learning is now increasingly indemand as all the relevant course materialsand contact with tutors can be accessed simplyby using the Internet.

The Security Institute’s Certificate andDiploma in Security Management (‘Diplomaticendeavours’, Risk UK, March 2015, p59) areboth delivered online and bear testimony –through the increasing numbers of learnersundertaking these courses – to how quality e-learning is now recognised and can bringtangible benefits to the candidates involved.

From a practical perspective, distancelearning courses often require a heavierinvestment in the development of learningmaterials than face-to-face training. Interactiveelements, such as online videos, take time to

If they are to succeedin what’s now a highlycompetitive economiclandscape, today’sbusinesses need to behighly skilled,innovative andadaptive. Byassociation, theirmembers of staffrequire a wider varietyof skills and tools toperform their roles tothe highest standard.Angus Darroch-Warrenreviews theimportance of trainingand delivery methodsdesigned to attain thebest results

Investment in Training:The Key to Professionalisation

Angus Darroch-Warren BA(Hons) MSc CSyP FSyI PSP:Senior Consultant and GroupDirector at Linx International

TrainingandCareerDevelopment May2015_riskuk_apr15 11/05/2015 16:49 Page 58

produce and can be costly to do so. It must alsobe remembered that high quality writtenmaterials remain the bedrock of any effectivedistance learning courses. Authors may need tolearn new styles and/or develop new skills toensure that educational materials areappropriate for a virtual learning environment.

Maintaining the tutor-learner relationshipmust also be considered as the availability oftutors and their ability to respond to queries ina swift manner is essential when it comes tosupporting learners. Therefore, it’s important toconsider how and when learners might contacttheir tutor(s).

Face-to-face learningGiven the wide-ranging benefits of distancelearning, why should anyone choose face-to-face learning? Face-to-face learning remains apopular method – the school and universitysystems are good examples here – while thereare a number of advantages to such teachingthat are difficult to replicate effectively within adistance learning programme.

The first reason for selecting face-to-facelearning as a chosen option is quite simple.Some people are just better suited to (orotherwise prefer) face-to-face learning.Different people learn in different ways and atvarying speeds, and face-to-face teaching suitssome learning styles more than others.

Motivation is a big factor, too. It can bedifficult to remain focused on distance learning,perhaps even more so when this is completedon a part-time basis. Life becomes a finebalance between studying and other prioritiesand sometimes this can and often does have abig impact on motivation and enthusiasm.

One of the biggest advantages of face-to-facelearning is the relatively shorter time in whichtraining can be delivered. Focusing exclusivelyon learning can be an exciting and rewardingexperience, while it’s much easier to maintainhigher motivation over a shorter time frame.

There are, of course, some skills that areeasier to learn face-to-face than via distancelearning. It would be very difficult to learn todeep sea dive without putting on a diving suitand jumping into the sea! From a securitysector viewpoint, skills like security surveying,conducting investigations, interviewing andspecifying security technology need to betaught using practical, hands-on methods suchas scenario-based instruction.

Learning by doing has proven to be a popularand effective delivery method, although thisdoesn’t preclude supplementing ‘classroom’learning with some online teaching in aspectsof theory (ie blended learning).

Face-to-face learning affordsopportunities to learn informally as wellas formally. Learners often learnfrom each other. Sharingindividualexperiences,anecdotes andinformalopinionsabout topics canserve as usefulpointers fordiscussion andknowledge.

The spontaneousquestions arising fromgroup discussions oftenprovide interesting learningpoints. Discussions in securitymanagement courses may bring up keylearning points which can be analysed inrelation to an individual’s working environmentand the risk profiles of their host organisation.

Addressing perceived weaknessesDuring face-to-face training tutors not only havea chance to use interactive methods of learningsuch as scenario-based exercises, but they’realso able to express their enthusiasm about asubject in a more animated way.

In addition, it’s easier for the tutor to gaugethe level of understanding throughout thecourse as part of the assessment process. Theysimply need to look around and judge bodylanguage rather than assess the nuances oflanguage used in e-mails or how someonesounds on the telephone.

Spending time with the learner will allow forone-to-one sessions to address perceivedweaknesses. This is something that’s notusually available when the focus is on adistance learning programme.

Contrary to popular belief, training is actuallymore important during an economic downturn.Harsh financial climates put pressure oncompanies to boost efficiency. If they’re tosucceed, businesses need to be highly skilled,innovative and adaptive. By association, theirmembers of staff are likely to require a widervariety of skills and tools to fulfil their jobfunctions. That being so, it’s vitally important tounderpin staff members’ personal developmentwith high quality vocational training.

59www.risk-uk.com

Training and Career Development

“In truth, the provision of good quality training for employeesdemonstrates that members of staff are highly valued by thebusiness and plays an integral role in job holder retention”

TrainingandCareerDevelopment May2015_riskuk_apr15 11/05/2015 16:49 Page 59

Risk in Action

60www.risk-uk.com

O2 Arena awards five-year event control contract to ISCEvent, venue and premises security specialist Integrated Security Consultants(ISC) has been awarded a five-year contract to supply CCTV and radio channelcontrollers to The O2 Arena in London.

Following a competitive tender process, the company has been chosen toprovide both controllers and senior controllers for the complete range of eventsheld at the internationally-renowned venue.

Live music and events due to be staged at The O2 in the near future includeconcerts by Paolo Nutini and The Kaiser Chiefs. The popular venue in London’sDocklands is also set to host the Barclays ATP World Tour Finals and StrictlyCome Dancing Live. Indeed, the 20,000 capacity venue is the UK’s secondbiggest indoor arena and now one of the busiest in the world.

ISC’s personnel team will provide the ‘eyes and ears’ of the venue’s securityoperation, relaying information between front line security and stewarding staffand venue management as well as liaising with fire, medical and externalsecurity teams where and when necessary.

In practice, ISC’s staff will monitor the movements of up to 60,000 people perday with The O2 Arena filling and emptying as many as three times on multipleevent days. Importantly, the company has ensured continuity of service bywelcoming the existing site controllers into its own dedicated team.

“ISC is an industry leader in the event security field, recognised for its qualityof service and ability to integrate security operations within a venue’s widerstructure,” commented Paul Griffiths,ISC’s business development manager.

“The O2 is one of the UK’s iconicbuildings. We’re extremely privilegedto be working in partnership with TheO2 Arena team to provide them withthis critical function, and we verymuch look forward to supporting andenhancing operations at the site overthe next five years.”

Crossrail guarding to bedelivered by Servest Group

Servest Security – which is part ofthe Servest Group – has beenchosen by joint venture ATC(Alstom, TSO and Costain) as thesecurity guarding solutionsprovider for the final system-wideCrossrail project.

The four-year contract will seeServest Security deliver security

guarding and mobile patrol services to thesecond phase of this high-profile scheme.

ATC will be fitting-out the necessary trackand power equipment within the 21 kilometresof twin tunnels that stretch under the city ofLondon. This work will be carried out withinthe tunnels and span the route covering RoyalOak, Pudding Mill Lane and Plumstead

Portals. Servest Security has experience ofprotecting Crossrail, having already workedwith the project for several years now.

For this new contract, Servest has designeda bespoke security package for the complexneeds of Crossrail (the largest constructionscheme in Europe and the biggestinfrastructure project undertaken in the UK).

In essence, Crossrail is a 118-kilometre (73-mile) railway line under construction inLondon and its environs. It should begin fulloperation in 2018 with a new East-West routeacross Greater London. Work began in 2009 onthe central part of the line (a tunnel throughcentral London) and connections to existinglines that will become part of Crossrail.

“We’re delighted to have won this contractand look forward to working with ATC over thenext four-year period,” enthused MichaelLamoureaux, md of Servest Security.

PEL Services set to take care of firealarm maintenance for the BRECommercial fire, security and communicationsystems provider PEL Services has beenawarded a three-year, fully-comprehensivecontract for fire alarm service and maintenanceat the Building Research Establishment’s (BRE)headquarters in Garston, Hertfordshire.

The BRE is a world-leading, multi-disciplinarybuilding science centre with a mission toimprove buildings through research andknowledge generation. In fact, the BRE hasbeen making a hugely positive difference to thebuilt environment since 1921.

Richard Tattersall, estates compliancemanager at the BRE, told Risk UK: “We hadbeen working with a single fire alarm supplierfor 15 years and were looking for a morecomprehensive agreement. PEL Services wassuccessful in the tender process. The companyis flexible when it comes to meeting our needsand we’ve been very happy with the level ofservice received.”

For PEL, the awarding of this contractvalidates the business’ continual commitmentto providing a high quality service and productsthat meet the most demanding of standards.

RiskinAction May2015_riskuk_may15 11/05/2015 16:43 Page 1

61www.risk-uk.com

Risk in Action

Affinity Water relies on Zaun’sSuper10 for single meshSecurity Rating 2 fence orderSecurity fencing manufacturer Zaun hastaken its initial order for the company’sHiSec Super10 system – believed to bethe first single mesh to be certified toSecurity Rating 2 (SR2).

Zaun will supply and installapproaching 100 metres of the SR2-rated HiSec Super10 along with a seriesof Super10 gates for security systemsintegrator Reliance High-Tech on behalfof client Affinity Water.

The contract is Zaun’s first sinceSuper10 was certified to LPS 1175 SR2(Certificate Number: 1164a/01) by theLoss Prevention Certification Board(LPCB) and entered into Issue 7 of theLPCB’s Red Book.

Affinity Water insisted on SR2 fencingto surround four enclosures at two sites to the north west of London.

Zaun will install four metre-high, blue-coated Super10 fencing to surround awater tower and electric sub-station and a similar-sized loading bay togetherwith single and double leaf gates at one site.

Two similar enclosures rendered from three metre-high silver powder-coatedSuper10 will go in at another water station nearby.

Reliance High-Tech, of course, is a leading security solutions provider toCritical National Infrastructure markets including the water, power generationand telecommunications sectors.

Fike Safety Technology safeguardscustomers at Corey’s Sports BarManagement at Corey’s Sports Bar, arefurbished nightspot in Tamworth, hasinvested in fire detection solution from FikeSafety Technology (FST).

Located in the town centre, the new baropened at the end of last year and offers localresidents music, entertainment and food sevendays a week.

FST-approved systems integrator Justice Fire& Security has designed and installed a firesafety solution based on FST’s popular Duonetsingle-loop intelligent addressable fire alarmsystem. “The technology built into the Duonetpanel is designed to significantly reduce falsealarms and provide the flexibility required fordemanding environments such as nightclubs,”explained Steve Grant, installations manager atJustice Fire & Security. “This flexibility,combined with the benefits of FST’s multi-criteria detectors, made Duonet an obviouschoice for the project.”

Forty devices including Multipoint ASDdetectors, call points, sounders and beaconshave been installed in the bar. These detectorsprovide high performance and flexibilitythrough multiple choices of detection modecombined with an optional built-in 90 dBAsounder and strobe. Units can be set to a singlemode or a combination for different settings.

Each detector also has an in-built loopisolator as well as optional I/O for local controland switching.

This single device can be used in all firedetection applications simply by changing itsmode of operation. For example, the detectorsprotecting the dance floor have beenprogrammed to a heat mode as the bar oftendeploys a smoke machine for effects. Thisflexibility also allows the system to be easilyreconfigured if the layout of the venue shouldchange at any point in the future.

To aid evacuation in the event of a firescenario, standalone strobes have beeninstalled in the toilets as well as on detectorson the dance floor.

LOCKEN upgrades accesscontrol for critical basestation site infrastructuresESB Telecoms (ESBT), a subsidiaryof Ireland’s public electricitydistribution company, hascontracted LOCKEN to upgrade itsaccess infrastructures.

The contract – which covers theprovision of 1,000 access systemsfor Global Systems for MobileCommunications base stations at

450 locations throughout the country – follows on from a pilot programme thatallowed ESBT to ascertain the benefits of LOCKEN’s access control solution.Subsequently, ESBT decided to protect Points of Presence cabins in order tocomply with Health and Safety regulations.

Located in remote sites often exposed to wind and rain, ESBT’s facilities mustbe accessible to a 1,700-strong contractor crew, 95% of whom are external thirdparties. The LOCKEN solution is ideal for controlling access to infrastructure atsuch locations, ensuring thousands of access requests are granted each month.

The LOCKEN solution is integrated with the ESBT extranet, significantlyimproving operational effectiveness by enabling the automatic transfer of datato LOCKEN’s advanced software suite.

Similarly, work access authorisations generated from the ESBT extranet willautomatically generate access rights via LOCKEN’s software.

RiskinAction May2015_riskuk_may15 11/05/2015 16:44 Page 2

62www.risk-uk.com

Technology in Focus

Financial institutions set tobenefit from video-drivenanalytics and insight thanks toMarch Networks’ Searchlight4March Networks has introduced theSearchlight4 for Banking. This video-based business intelligence solutionprovides banks with “exceptionalinsights” into customer service,operations and marketing, in turnhelping them improve performance.

Importantly, Searchlight4 for Bankingdelivers powerful search and investigation capabilities that enable financialinstitutions to reduce the costs associated with ATM skimming, cash harvestingand other fraudulent activities.

Searchlight4 for Banking extends the benefits of integrated data byincorporating intelligent analytics – including people counting, queue lengthand dwell time – from March Networks’ MegaPX indoor analytics dome camera.

Searchlight enables bank managers to identify potential fraud and reduceinvestigation times considerably with integrated video, audio and transactiondata plus the ability to search across multiple sites on a simultaneous basis.

Managers can easily view statistics on which branch, teller or ATM has themost withdrawals or deposits over a certain amount, for example, and pull upthe recorded video for further review. In addition, the software can proactivelyalert managers or investigators to suspicious activity at an ATM which couldindicate skimming or cash harvesting.

The March Networks software makes it easy to review suspicious activitiesusing synchronised video and audio.

“Searchlight extracts relevant information from vast hours of recorded videoand data and turns it into effective business intelligence,” explained Net Payne,chief marketing officer at March Networks.www.marchnetworks.com

Magic motiondetectors fromSiemens: ‘OneSize Fits All’Security Products fromSiemens has introducedits field-proven Magicmotion detector seriesto the UK market. TheMagic PIR and Dualmotion detectors are described as “anexciting new advance” in security thatprovide the “most reliable, convenient andcost-effective” solution for industry-leadingcatch performance and false alarm immunity.

Suitable for commercial environments, thedetectors perform well even under harshconditions, such as in rooms with rapid andextreme temperature fluctuations that cancreate false alarms.

Magic Mirror PIR and Dual models areoffered in either 12 metre or 18 metre rangesand are optionally available with integratedanti-masking technology.

The new Magic PDM-I12(T) and PDM-I18(T)make use of the patented Magic Mirrortechnology from Siemens, which “sets newstandards” in detection sensitivity andenables an extremely compact design.www.siemens.co.uk/securityproducts

Honeywell expands Performance Series IP NVR range withaddition of eight and 16-channel modelsHoneywell has expanded its range of Performance Series IP embedded networkvideo recorders (NVRs), giving end user customers more flexibility whendesigning customised IP video systems.

Now available in eight or 16-channel models, the embedded NVRs arecompatible with Honeywell’s equIP Series and Performance Series IP cameras,broadening options for IP-based surveillance systems.

“Making the transition to IP cameras doesn’t have to be a big hassle or a bigburden on customers’ wallets,” said Uli Hopfstock, product manager for theEMEA region at Honeywell Security Group. “Our range of embedded NVRsenables security installers toprovide HD IP video surveillancesolutions tailored to end usercustomers’ channel capacity needsat a cost-effective price point.”

Customers can select from awide range of IP cameras,including Honeywell’s recentlyreleased equIP Series S range.www.honeywell.com/security/uk

Axis introducesfirst model innew series ofmulti-sensorfixed domes Axis Communications’new Q3709-PVENetwork Camera hasthree 4K sensors thattogether provide a detailed 180 degreeoverview of a large area, outdoors as well asindoors, in an efficient one-camera installation.

The cameras offer video with “unparalleled”streaming performance, smoothly capturingmovements in high detail.

As the first camera in the new Q37 Series, theQ3709-PVE provides situational awareness oflarge areas, making the camera ideal for citysurveillance applications as well as logisticscentres, airports and train stations.

“An effective one-camera installationaffording overview and image detail at thesame time is an efficient way to ensure thatsurveillance needs are met in large openareas,” commented Erik Frännlid, director ofproduct management at Axis Communications.www.axis.com

TechnologyinFocus May2015_riskuk_may15 11/05/2015 16:46 Page 62

63www.risk-uk.com

Technology in Focus

Smart+Guard helps end users toreduce call point vandalism,accidental damage and misuseThe new Smart+Guard from Vimpex is a toughpolycarbonate hinged protective cover that caneasily be installed over a range of call points,emergency switches and other devices toprovide protection from vandalism or misuse.

Smart+Guard can also be fitted with anintegral battery-powered alarm that, whenlifted, emits an ear-piercing 90 dB alarm,warning the user that the device is foremergency use only and should not betampered with. This alarmed version boasts athree-year battery life and incorporates a lowbattery warning LED.

In its red form, Smart+Guard is commonlyinstalled over fire alarm break glass call pointsto protect the break glass from deliberatemisuse or accidental damage, subsequentlyreducing incidents of false fire alarms.

Smart design and engineering providesinstallers and end users alike with anaesthetically pleasing but tough protectivecover that’s both easy to install and retrofit.www.vimpex.co.uk

Checkpoint Systems’ RFIDupgrade kit for EVOLVE iRangeantennas enables retailers to usesingle tag for inventory visibilityand loss preventionCheckpoint Systems has unveiled an RFIDupgrade kit for its EVOLVE iRange P10antennas, giving retailers a smoothmigration to RFID by enabling the use of asingle tag for both inventory visibility andloss prevention.

In practice, the upgrade kit is fitted byCheckpoint Systems service technicians toexisting or new P10 antennas.

The P10 RFID leverages all the advantagesof RFID technology while serving as apowerful solution for loss prevention atentrances/exits and a strong visualdeterrent to would-be shoplifters.

It supports differentiated alarms based onthe quantity and/or value of themerchandise leaving the store and alsoCheckpoint’s patented Wirama Radar forsuperior tag-read accuracy, directionalityand location. This enables retailers to placemerchandise closer to exit doors whileminimising the risk of false alarms.

In addition to retailer advantages,consumers benefit because stores canmonitor inventory more closely andreplenish ‘true’ out of stocks, such thatitems they seek will be available on shelveswhen purchasing online through click andcollect or buying directly in stores.www.checkpointsystems.com

Securitech Software tacklesreal-time compliance automation

With margins squeezed and regulationincreasing, it’s vital that processes arestreamlined and automated to maximiseefficiency and enforce Best Practice.

In the context of the highly regulatedsecurity sector, compliance activities can besplit into two areas: external and internal.

Securitech Software delivers softwaresolutions that enable real-time complianceautomation. In essence, these solutionsautomate all of the host business’ complianceprocesses that have traditionally been manualin nature. The software ensures all processesare adhered to, enforces auditability, makescertain issues are dealt with and, moreimportantly, that compliance is achieved in away that reduces workload.

Primarily aimed at securitycompanies operating securityguarding, mobile patrol, keyholding and monitoringregimes, Securitech Software’sreal-time complianceautomation solutions removemanual form filling anddocument completion whileencouraging the move towardspaperless processing.

The software also eliminatesdata integrity and availability issues – there’s‘one version of the truth’.

In addition, the Securitech Software solutionenhances process and procedure control andenforces individual accountability for thepractising end user while resolving those all-important quality management issues.www.securitechsoftware.co.uk

TechnologyinFocus May2015_riskuk_may15 11/05/2015 16:46 Page 63

Discover security atifsec.co.uk/Risk

The global stage for security innovation and expertise

Plan your travel to IFSEC International today by using our handy travel centre. Visit ifsec.co.uk/travel to book discounted travel and accomodation. Join the community: #IFSEC @IFSEC ifsecglobal.com/Risk

Plus, year round news and insight on IFSEC Global.com and with key global events bringing the latest in security to new regions.

Organised by


Appointments

65www.risk-uk.com

AppointmentsRisk UK keeps you up-to-date with all the latest peoplemoves in the security, fire, IT and Government sectors

George QuigleyGeorge Quigley has joined KPMG as a partner tobolster the company’s rapidly-growing CyberSecurity Practice. Quigley takes up this roleafter moving from BDO where he was a partnerand led the business’ Technology Risk andAdvisory Services Practice.

He boasts over 20 years’ experience intechnology risk and information security. Thatexperience encompasses helping organisationsto understand their security risk appetite andoverall security exposure (including thoseissues specific to them in relation to their sectorand profile and how this impacts their riskmanagement frameworks).

Over many years, Quigley has implementedtechnical security solutions and carried out arange of security testing. His experience alsoincludes ISO 27001 and the Payment CardIndustry Data Security Standard (PCI DSS).

In addition to his dedicated security work,Quigley harbours significant experience in allareas of corporate governance and risk andcontrol frameworks.

Quigley is a Fellow of the Institute ofChartered Accountants in England and Walesand chairman of the IT Faculty at the Institute.He’s also a certified information systems auditorand a certified information security manager.

At KPMG, Quigley will lead the cyber securityteam in the London region where he’ll beworking with and supporting FTSE 250 firms,SMEs and emerging companies in banking.

Garry Evanson CSyP FSyIThe Security Institute hasinstalled Garry Evanson BAMSc PgDip PGCE MCGICSyP FSyI as its newchairman in place of EmmaShaw CSyP FSyI MBA FCMI,who now stands down aftera hugely successful twoyears in office.

Evanson is head of security and emergencyplanning at Westminster Abbey, a role he hasheld since February 2012. The Abbey, of course,is an iconic living Church, a designated WorldHeritage site and a ‘Royal Peculiar’ where theDean is directly responsible to the Monarch.

Prior to joining the world of private security,Evanson was a lieutenant colonel in the BritishArmy, serving with the Royal Military Police.

For the past decade, Evanson has also servedas chairman of the Royal Military PoliceAssociation’s (RMPA) Hampshire branch basedin Aldershot. The RMPA is the natural ‘home’ forserving and retired Royal Military Police (RMP)personnel who wish to retain their links tofellow servicemen and to the Corps. TheHampshire branch is part of the national RMPAnetwork overseen by the RMP’s RegimentalHeadquarters located within the Defence PoliceSchool at Southwick Park in Portsmouth.

From November 2007 through until February2012, Evanson was group head of securityoperations at DeLaRue plc, the world’s largestintegrated commercial banknote printer andpassport manufacturer employing over 4,000staff and producing more than 150 currenciesworldwide. The company is a trusted partner ofGovernments, central banks and issuingauthorities around the world and is listed onthe London Stock Exchange.

Mike HaleyCifas – the UK’s Fraud Prevention Service – hasannounced the appointment of Mike Haley asthe organisation’s new deputy chief executive.The appointment commences on 18 May.

Haley moves to Cifas from his role as anassociate director in Grant Thornton’sForensics, Investigation and Recovery Division.He brings over 25 years’ experience of tacklingand preventing fraud across the public, privateand not for profit sectors to the role.

Haley has considerable experience ofdirecting investigations as well as developingprevention and detection strategies having ledinvestigative teams in the NHS, the Ministry ofDefence, the Office of Fair Trading, Her

Majesty’s Revenue & Customs and theSolicitors Regulation Authority.

Haley’s role as a director at the NationalFraud Authority saw him develop multi-agencystrategies to tackle a range of fraud typesincluding mortgage fraud, identity fraud andmass marketing fraud, in turn placing thediscipline of fraud prevention centre stage.

Commenting on the appointment, Cifas’ CEOSimon Dukes said: “I’m delighted that Mikewill be joining Cifas as he brings with himextensive knowledge of the fraud landscapeand vast experience of working with partnersacross Government, industry and lawenforcement. Indeed, Mike brings a degree ofvision that will help us to prevent more fraudand build strong partnerships.”

Appointments May2015_riskuk_may15 11/05/2015 12:47 Page 65

Appointments

66www.risk-uk.com

Gordon BrockingtonG4S Facilities Management, the FM division of globalsecurity company G4S plc, has appointed GordonBrockington as its new strategy and businessdevelopment director.

Previously group business development director atESG and, prior to that, director for market developmentwith Balfour Beatty Construction Services UK,Brockington has significant experience in both the publicand private sectors having worked with central and local Governmentdepartments throughout the UK.

His expertise stretches across business and market strategy, outsourcing,contract management and executive leadership within a number of industries.

G4S FM’s interim regional managing director Darren Jones said: “I would liketo welcome Gordon to the G4S Facilities Management business. With hisextensive sector experience, Gordon’s well placed to help us deliver our growthstrategy in both the public and commercial sectors as we look to strengthenour position in the UK, Channel Islands and Ireland FM markets.”

Gordon Brockington stated: “I’m delighted to be joining the FM business atG4S. This is a hugely exciting opportunity and I’m very much looking forward toworking towards increasing the business’ market share.”

Paul HopkinPaul Hopkin, author of thewidely-used andreferenced textbookentitled Fundamentals ofRisk Management, hastaken up the post oftechnical director at theInstitute of RiskManagement (IRM). As a result, Hopkin willnow oversee the IRM’s dedicated and extensiveprogramme of thought leadership, emergingrisk analysis and risk practitioner guidance.

Hopkin was head of risk management at theBBC between 1997 and 2000, after which hebecame director of risk management at TheRank Group until 2006. He then moved toAirmic and took on the role of technicaldirector. Here, Hopkin co-authored thecompany’s Roads to Resilience research report.

Between 2007 and 2012, Hopkin served aslead examiner for the IRM’s prestigiousInternational Certificate in Risk Management.

Speaking about his appointment, Hopkin toldRisk UK: “This is a fascinating role to take on.I’m looking forward to helping the Institutedeliver the leading-edge analysis and advicerequired by today’s risk practitioners.”

Sam Hodkin and Craig BennettShowsec is gearing itself up for furtherexpansion in the North of England with theappointment of two new area managers.

Sam Hodkin (pictured, left) has beenconfirmed as the new area manager in Leedswhile Craig Bennett (pictured, right) will takeup a similar role in Sheffield.

The two appointments represent anothermajor endorsement for the company’s highly-acclaimed Management DevelopmentProgramme, meaning that six graduates ofthe ground-breaking initiative have nowprogressed to become area managers.

Alan Wallace, Showsec’s regional managerin the North of England (pictured, centre),commented: “This is another significant stepin the company’s development throughoutthe region. We’re looking to expand ourfootprint all over the United Kingdom andYorkshire is clearly an area where there’senormous potential for progress.”

David WardThe hugely successfulCross-Sector Safety andSecurity Communications(CSSC) initiative – apartnership between lawenforcement agencies,local and nationalGovernment organisationsand private sector businesses – has appointedDavid Ward (managing director at WardSecurity) to the position of chairman for itsnewly-created Southern Region covering Kent,Surrey, Sussex and Hampshire.

Operating across a wide range of sectors, theCSSC aims to help businesses remain safe andsecure by providing information that will assistthem to develop robust resilience andemergency preparedness plans. This isachieved by delivering accurate, timely andauthoritative messaging and information on anongoing basis and in times of major incidents.

“We’re delighted to have David Ward onboard as chairman of the CSSC SouthernRegion,” explained Don Randall MBE, chairmanof the CSSC initiative. “His vast experience anddeep understanding of the need for effectivesecurity across both the business and publicsectors will be a huge benefit in helping tofurther establish CSSC within the communityand oversee the initiative’s implementation.”

David Ward added: “In addition to deliveringa truly holistic security intelligence,communications and response infrastructure,CSSC also succeeds in realising the overallfeeling of ‘security’ within the community whichis hugely important.”

Appointments May2015_riskuk_may15 11/05/2015 12:48 Page 66

ACCESS CONTROL - BARRIERS, BOLLARDS & ROADBLOCKERSHEALD LTDHVM High Security Solutions "Raptor" "Viper" "Matador", Shallow & Surface MountSolutions, Perimeter Security Solutions, Roadblockers, Automatic & Manual Bollards,Security Barriers, Traffic Flow Management, Access Control SystemsTel: 01964 535858 Email: [email protected]: www.heald.uk.com

ACCESS CONTROLKERI SYSTEMS UK LTDTel: + 44 (0) 1763 273 243Fax: + 44 (0) 1763 274 106Email: [email protected]

ACCESS CONTROL – BARRIERS GATES & ROAD BLOCKERSFRONTIER PITTSCrompton House, Crompton Way, Manor Royal Industrial Estate,Crawley, West Sussex RH10 9QZTel: 01293 548301 Fax: 01293 560650Email: [email protected]: www.frontierpitts.com

ACCESS CONTROL

ACCESS CONTROL – BIOMETRICS, BARRIERS, CCTV, TURNSTILESUKB INTERNATIONAL LTDPlanet Place, Newcastle upon TyneTyne and Wear NE12 6RDTel: 0845 643 2122Email: [email protected] Web: www.ukbinternational.com

ACCESS CONTROL MANUFACTURERNORTECH CONTROL SYSTEMS LTD.Nortech House, William Brown CloseLlantarnam Park, Cwmbran NP44 3ABTel: 01633 485533Email: [email protected]

ACCESS CONTROLAPT SECURITY SYSTEMSThe Power House, Chantry Place, Headstone Lane, Harrow, HA3 6NYTel: 020 8421 2411Email: [email protected]

B a r r i e r s , B l o c k e r s , B o l l a r d s , P A S 6 8

ACCESS CONTROLACTACT – Ireland, Unit C1, South City Business CentreTallaght, Dublin 24 Tel: +353 (0)1 4662570ACT - United Kingdom, 2C Beehive MillJersey Street, Manchester M4 6JG +44 (0)161 236 [email protected] www.act.eu

ACCESS CONTROL & DOOR HARDWAREALPRO ARCHITECTURAL HARDWAREProducts include Electric Strikes, Deadlocking Bolts, Compact Shearlocks,Waterproof Keypads, Door Closers, Deadlocks plus many more T: 01202 676262 Fax: 01202 680101E: [email protected] Web: www.alpro.co.uk

ACCESS CONTROLCOVA SECURITY GATES LTDBi-Folding Speed Gates, Sliding Cantilevered Gates, Road Blockers & BollardsConsultancy, Design, Installation & Maintenance - UK Manufacturer - PAS 68Tel: 01293 553888 Fax: 01293 611007Email: [email protected]: www.covasecuritygates.com

...andlots

more

ComputerSecurity

Anti-Climb Paints& Barriers

Metal Detectors(inc. Walkthru)

Security, Search& Safety Mirrors

Security Screws &Fastenings

Key ControlProducts

Empty Property &Lone Worker Alarms

Traffic Flow &Management

see ourwebsite

Best Value Security Products from Insight Securitywww.insight-security.com Tel: +44 (0)1273 475500

www.insight-security.com Tel: +44 (0)1273 475500

ACCESS CONTROL – SPEED GATES, BI-FOLD GATESHTC PARKING AND SECURITY LIMITED4th Floor, 33 Cavendish Square, London, W1G 0PWT: 0845 8622 080 M: 07969 650 394F: 0845 8622 090info@htcparkingandsecurity.co.ukwww.htcparkingandsecurity.co.uk

ACCESS CONTROLINTEGRATED DESIGN LIMITEDIntegrated Design Limited, Feltham Point, Air Park Way, Feltham, Middlesex. TW13 7EQTel: +44 (0) 208 890 5550 [email protected]

ACCESS CONTROL, CCTV & INTRUSION DETECTION SPECIALISTSSIEMENS SECURITY PRODUCTSSuite 7, Castlegate Business ParkCaldicot, South Wales NP26 5AD UKMain: +44 (0) 1291 437920 Fax: +44 (0) 1291 437943 email: [email protected]: www.siemens.co.uk/securityproducts

apr15 dir_000_RiskUK_jan14 07/04/2015 15:52 Page 1

BUSINESS CONTINUITY MANAGEMENTCONTINUITY FORUMCreating Continuity ....... Building ResilienceA not-for-profit organisation providing help and supportTel: +44(0)208 993 1599 Fax: +44(0)1886 833845Email: [email protected]: www.continuityforum.org

AUTOMATIC VEHICLE IDENTIFICATIONNEDAP AVIPO Box 103, 7140 AC Groenlo, The NetherlandsTel: +31 544 471 666Fax: +31 544 464 255E-mail: [email protected]

BUSINESS CONTINUITY

PHYSICAL IT SECURITYRITTAL LTD

Tel: 020 8344 4716Email: [email protected]

CCTV

CCTV & IP SECURITY SOLUTIONS PANASONIC SYSTEM NETWORKS EUROPEPanasonic House, Willoughby Road Bracknell, Berkshire RG12 8FP Tel: 0844 8443888 Fax: 01344 853221 Email: [email protected] Web: www.panasonic.co.uk/cctv

INFRA-RED, WHITE-LIGHT AND NETWORK CCTV LIGHTING RAYTECUnit 3 Wansbeck Business Park, Rotary Parkway,Ashington, Northumberland. NE638QWTel: 01670 520 055Email: [email protected] Web: www.rayteccctv.com

CCTVG-TECGtec House, 35-37 Whitton DeneHounslow, Middlesex TW3 2JNTel: 0208 898 [email protected]

DIGITAL IP CCTVSESYS LTDHigh resolution ATEX certified cameras, rapid deployment cameras and fixed IP CCTV surveillance solutions available withwired or wireless communications.1 Rotherbrook Court, Bedford Road, Petersfield, Hampshire, GU32 3QGTel +44 (0) 1730 230530 Fax +44 (0) 1730 262333Email: [email protected] www.sesys.co.uk

CCTV SPECIALISTSPLETTAC SECURITY LTDUnit 39 Sir Frank Whittle Business Centre, Great Central Way, Rugby, Warwickshire CV21 3XHTel: 0844 800 1725 Fax: 01788 544 549 Email: [email protected] www.plettac.co.uk

ACCESS CONTROLSECURE ACCESS TECHNOLOGY LIMITED

Authorised Dealer

Tel: 0845 1 300 855 Fax: 0845 1 300 866Email: [email protected]: www.secure-access.co.uk

COMMUNICATIONS & TRANSMISSION EQUIPMENTKBC NETWORKS LTD. Barham Court, Teston, Maidstone, Kent ME18 5BZwww.kbcnetworks.com Phone: 01622 618787Fax: 020 7100 8147Email: [email protected]

CCTV/IP SOLUTIONSDALLMEIER UK LTD3 Beaufort Trade Park, Pucklechurch, Bristol BS16 9QHTel: +44 (0) 117 303 9 303Fax: +44 (0) 117 303 9 302Email: [email protected]

CCTV POLES, COLUMNS, TOWERS AND MOUNTING PRODUCTSALTRON COMMUNICATIONS EQUIPMENT LTDTower House, Parc Hendre, Capel Hendre, Carms. SA18 3SJTel: +44 (0) 1269 831431Email: [email protected]: www.altron.co.uk

ACCESS CONTROL – BARRIERS, GATES, CCTV ABSOLUTE ACCESSAberford Road, Leeds, LS15 4EFTel: 01132 813511E: richard.samwell@absoluteaccess.co.ukwww.absoluteaccess.co.ukAccess Control, Automatic Gates, Barriers, Blockers, CCTV


TO ADVERTISE HERE CONTACT:Paul Amura



CONTROL ROOM & MONITORING SERVICES

DISTRIBUTORS

THE UK’S MOST SUCCESSFUL DISTRIBUTOR OF IP, CCTV, ACCESSCONTROL AND INTRUDER DETECTION SOLUTIONSNORBAIN SD LTD210 Wharfedale Road, IQ Winnersh, Wokingham, Berkshire, RG41 5TPTel: 0118 912 5000 Fax: 0118 912 5001www.norbain.comEmail: [email protected]

ADI ARE A LEADING GLOBAL DISTRIBUTOR OF SECURITY PROD-UCTS OFFERING COMPLETE SOLUTIONS FOR ANY INSTALLATION.ADI GLOBAL DISTRIBUTIONChatsworth House, Hollins Brook Park, Roach Bank Road, Bury BL9 8RNTel: 0161 767 2900 Fax: 0161 767 2909Email: [email protected]

TRADE ONLY CCTV MANUFACTURER AND DISTRIBUTOR

COP SECURITYLeading European Supplier of CCTV equipment all backed up by an industry leading service and supportpackage called Advantage Plus. COP Security, a division of Weststone Ltd, has been designing, manufac-turing and distributing CCTV products for over 17 years. COP Security is the sole UK distributor for IRLAB products and the highly successful Inspire DVR range.More than just a distributor.

COP Security, Delph New Road, Dobcross, OL3 5BGTel: +44 (0) 1457 874 999 Fax: +44 (0) 1457 829 [email protected] www.cop-eu.com

ADVANCED MONITORING SERVICES EUROTECH MONITORING SERVICES LTD.Specialist in:- Outsourced Control Room Facilities • Lone Worker Monitoring• Vehicle Tracking • Message Handling • Help Desk Facilities • Keyholding/Alarm ResponseTel: 0208 889 0475 Fax: 0208 889 6679E-MAIL [email protected]: www.eurotechmonitoring.net

CCTV & IP SOLUTIONS, POS & CASH REGISTER INTERFACE, EPOSFRAUD DETECTIONAMERICAN VIDEO EQUIPMENTEndeavour House, Coopers End Road, Stansted, Essex CM24 1SJTel : +44 (0)845 600 9323Fax : +44 (0)845 600 9363E-mail: [email protected]

WHY MAYFLEX? ALL TOGETHER. PRODUCTS, PARTNERS,PEOPLE, SERVICE – MAYFLEX BRINGS IT ALL TOGETHER.MAYFLEXExcel House, Junction Six Industrial Park, Electric Avenue, Birmingham B6 7JJTel: 0800 881 5199Email: [email protected]: www.mayflex.com

EMPLOYEE SCREENING SERVICESTHE SECURITY WATCHDOGCross and Pillory House, Cross and Pillory Lane, Alton,Hampshire, GU34 1HL, United Kingdom www.securitywatchdog.org.ukTelephone: 01420593830

sales@onlinesecurityproducts.co.ukwww.onlinesecurityproducts.co.uk

FIRE AND SECURITY INDUSTRY RECRUITMENTSECURITY VACANCIESwww.securityvacancies.comTelephone: 01420 525260

EMPLOYMENT

IDENTIFICATION





SECURITY PRODUCTS AND INTEGRATED SOLUTIONSHONEYWELL SECURITY GROUPHoneywell Security Group provides innovative intrusion detection, videosurveillance and access control products and solutions that monitor andprotect millions of facilities, offices and homes worldwide. Honeywell integrates the latest in IP and digital technology withtraditional analogue components enabling users to better controloperational costs and maximise existing investments in security andsurveillance equipment. Honeywell – your partner of choice in security.Tel: +44 (0) 844 8000 235E-mail: [email protected] Web: www.honeywell.com/security/uk

INTEGRATED SECURITY SOLUTIONS

THE LEADING CERTIFICATION BODY FOR THE SECURITY INDUSTRYSSAIB7-11 Earsdon Road, West MonkseatonWhitley Bay, Tyne & WearNE25 9SXTel: 0191 2963242Web: www.ssaib.org

INDUSTRY ORGANISATIONS

TRADE ASSOCIATION FOR THE PRIVATE SECURITY INDUSTRYBRITISH SECURITY INDUSTRY ASSOCIATIONTel: 0845 389 3889Email: [email protected]: www.bsia.co.uk

INTEGRATED SECURITY SOLUTIONSINNER RANGE EUROPE LTDUnits 10 - 11, Theale Lakes Business Park, Moulden Way, Sulhampstead,Reading, Berkshire RG74GB, United KingdomTel: +44(0) 845 470 5000 Fax: +44(0) 845 470 5001Email: [email protected]

PERIMETER PROTECTIONGPS PERIMETER SYSTEMS LTD14 Low Farm Place, Moulton ParkNorthampton, NN3 6HY UKTel: +44(0)1604 648344 Fax: +44(0)1604 646097E-mail: [email protected] site: www.gpsperimeter.co.uk

UPS - UNINTERRUPTIBLE POWER SUPPLIESADEPT POWER SOLUTIONS LTDAdept House, 65 South Way, Walworth Business ParkAndover, Hants SP10 5AFTel: 01264 351415 Fax: 01264 351217Web: www.adeptpower.co.ukE-mail: [email protected]

POWER SUPPLIES – DC SWITCH MODE AND ACDYCON LTDCwm Cynon Business Park, Mountain Ash, CF45 4ERTel: 01443 471 060 Fax: 01443 479 374Email: [email protected]

The Power to Control; the Power to Communicate

POWER

PERIMETER PROTECTION

STANDBY POWERUPS SYSTEMS PLCHerongate, Hungerford, Berkshire RG17 0YUTel: 01488 680500 [email protected]

ADVANCED PRESENCE DETECTION AND SECURITY LIGHTING SYSTEMS

GJD MANUFACTURING LTDUnit 2 Birch Business Park, Whittle Lane, Heywood, OL10 2SXTel: + 44 (0) 1706 363998Fax: + 44 (0) 1706 363991Email: [email protected]

UPS - UNINTERRUPTIBLE POWER SUPPLIESUNINTERRUPTIBLE POWER SUPPLIES LTDWoodgate, Bartley Wood Business ParkHook, Hampshire RG27 9XATel: 01256 386700 5152 e-mail:[email protected]

COMPLETE SOLUTIONS FOR IDENTIFICATIONDATABAC GROUP LIMITED1 The Ashway Centre, Elm Crescent, Kingston upon Thames, Surrey KT2 6HHTel: +44 (0)20 8546 9826 Fax:+44 (0)20 8547 [email protected]

SECURITY PRODUCTS AND INTEGRATED SOLUTIONSTYCO SECURITY PRODUCTSHeathrow Boulevard 3, 282 Bath Road, Sipson, West Drayton. UB7 0DQ / UKTel: +44 (0)20 8750 5660 www.tycosecurityproducts.com





SECURITY

CASH & VALUABLES IN TRANSITCONTRACT SECURITY SERVICES LTDChallenger House, 125 Gunnersbury Lane, London W3 8LHTel: 020 8752 0160 Fax: 020 8992 9536E: [email protected]: [email protected]: www.contractsecurity.co.uk

QUALITY SECURITY AND SUPPORT SERVICESCONSTANT SECURITY SERVICESCliff Street, Rotherham, South Yorkshire S64 9HUTel: 0845 330 4400Email: [email protected]

PHYSICAL CONTROL PRODUCTS, ESP. ANTI-CLIMB INSIGHT SECURITYUnit 2, Cliffe Industrial EstateLewes, East Sussex BN8 6JLTel: 01273 475500Email:[email protected]

FENCING SPECIALISTSJ B CORRIE & CO LTDFrenchmans RoadPetersfield, Hampshire GU32 3APTel: 01730 237100Fax: 01730 264915email: [email protected]

INTRUSION DETECTION AND PERIMETER PROTECTION

OPTEX (EUROPE) LTDRedwall® infrared and laser detectors for CCTV applications and Fiber SenSys® fibreoptic perimeter security solutions are owned by Optex. Platinum House, Unit 32BClivemont Road, Cordwallis Industrial Estate, Maidenhead, Berkshire, SL6 7BZTel: +44 (0) 1628 631000 Fax: +44 (0) 1628 636311Email: [email protected] www.optex-europe.com

V

INTRUDER AND FIRE PRODUCTSCQR SECURITY125 Pasture road, Moreton, Wirral UK CH46 4 THTel: 0151 606 1000Fax: 0151 606 1122Email: [email protected]

INTRUDER ALARMS – DUAL SIGNALLINGCSL DUALCOM LTDSalamander Quay West, Park LaneHarefield , Middlesex UB9 6NZT: +44 (0)1895 474 474F: +44 (0)1895 474 440www.csldual.com

INTRUDER ALARMS AND SECURITY MANAGEMENT SOLUTIONSRISCO GROUPCommerce House, Whitbrook Way, Stakehill Distribution Park, Middleton,Manchester, M24 2SSTel: 0161 655 5500 Fax: 0161 655 5501Email: [email protected]: www.riscogroup.com/uk

ONLINE SECURITY SUPERMARKET EBUYELECTRICAL.COMLincoln House,Malcolm StreetDerby DE23 8LTTel: 0871 208 1187www.ebuyelectrical.com

LIFE SAFETY EQUIPMENTC-TECChallenge Way, Martland Park, Wigan WN5 OLD United KingdomTel: +44 (0) 1942 322744Fax: +44 (0) 1942 829867Website: http://www.c-tec.co.uk

PERIMETER SECURITYTAKEX EUROPE LTDAviary Court, Wade Road, BasingstokeHampshire RG24 8PETel: +44 (0) 1256 475555Fax: +44 (0) 1256 466268Email: [email protected]: www.takex.com

SECURITY EQUIPMENTPYRONIX LIMITED Secure House, Braithwell Way, Hellaby, Rotherham, South Yorkshire, S66 8QY. Tel: +44 (0) 1709 700 100 Fax: +44 (0) 1709 701 042 www.facebook.com/Pyronixwww.linkedin.com/company/pyronix www.twitter.com/pyronix

SECURITY SYSTEMSBOSCH SECURITY SYSTEMS LTDPO Box 750, Uxbridge, Middlesex UB9 5ZJTel: 01895 878088Fax: 01895 878089E-mail: [email protected]: www.boschsecurity.co.uk

SECURITY SYSTEMSVICON INDUSTRIES LTD. Brunel Way, Fareham Hampshire, PO15 5TX United Kingdomwww.vicon.com

SECURITY EQUIPMENTCASTLESecure House, Braithwell Way, Hellaby, Rotherham, South Yorkshire, S66 8QYTEL +44 (0) 1709 700 100 FAX +44 (0) 1709 701 042www.facebook.com/castlesecurity www.linkedin.com/company/castlesecuritywww.twitter.com/castlesecurity

INTRUDER ALARMS – DUAL SIGNALLINGWEBWAYONE LTD11 Kingfisher Court, Hambridge Road, NewburyBerkshire, RG14 5SJTel: 01635 231500Email: [email protected] www.webwayone.co.ukwww.twitter.com/webwayoneltd www.linkedin.com/company/webwayone





Sophistication is not about size The Integriti Security Management System is an IP connected access control

and intruder security system that offers sophisticated centralised management

for both small systems on a single site, or large systems distributed across the

country or across the globe.

With a growing list of new installations take a moment to think of what you’re missing! The Integriti system offers an

advanced suite of software,

hardware and integrated

solutions to deliver complete

management of your entire

integrated system.

Have you tried Integriti yet?

+44 (0) 845 470 5000Inner Range Europe LimitedUnits 10-11 Theale Lakes Business Park

Moulden Way, Sulhampstead

Reading, Berkshire RG74GB UNITED KINGDOM

[email protected]

a4 integriti 0ne page UK.indd 1 4/12/2013 8:40 am


Documents

Risk UK May 2015