There are many areas of risk that companies and organisations must deal with in the short and longer terms: competitors, the market, financial management, IT system vulnerability, data, premises and members of staff, etc.
Collectively, several areas of risk may be grouped under one heading, that of security. This includes retaining staff because they feel safe at work, securing the brand and name, the protection of premises from attack by criminals or terrorists, the protection of data from rivals or hackers and 'natural' disasters (such as flood and fire).
Managing risk: there's a cost
It's a fact of life that managing risk to an acceptable level invariably involves cost. Arriving at the wrong solution can mean the difference between profit and loss. Having decided what measures need to be taken against a specific risk, there's a further balance to be struck between the cost of acquiring those measures and their value to the business.
Boards of Directors place a high priority on identifying risk, and deciding how best to secure their business against it – delegating the implementation to others. Judging by current trends, the responsibility for implementing those decisions is increasingly being left to normal company purchasing processes, where cost is all-too-often the deciding factor.
Purchasing goods and services is normally (and traditionally) executed through the tendering process. In simple terms, the aim of tendering is "to extract the best value for money" when it comes to security. Today, that definition is seen to be inefficient, and thus has been expanded to include "...within budgetary constraints, and with savings targets".
Tendering: opportunity for change?
During the course of the past decade or so, tendering has gone through a metamorphosis. In its original form the tendering process was – and still is – simple and well-established. Prepare a specification, send it to selected companies, compare results and appoint the winner. While this works well enough, it doesn't allow for the traditional approach of the security manager who "knows who he wants, and arranges the tender list to make sure he gets it". It also stifles any opportunity for effective change, opens up the potential for abuse and – importantly – doesn't identify value for money.
The next step in the transition was the involvement of the purchasing arm. Starting to appear on the selection panel in addition to the traditional security manager was a very different person, often younger and less dominating. It was this person, from the purchasing department, who held the real power... and you ignored them at your peril.
Up pops the purchasing manager
The latest transition is shifting the process of selection through tendering firmly into the hands of the professional purchasing manager. Driven by the need to identify real value for money and the requirement for transparency, the process has become much more refined through the application of professional procurement techniques.
During this transition, the tendering process for manned security has developed into five distinct parts, including:
- the pre-tender questionnaire – designed to select suitable companies for the tender list;
- the preparation and distribution of the specification as part of a tender document to those on the tender list;
- an analysis of results with a view to preparing a shortlist;
- presentation by those on the shortlist to a tender selection panel;
- final negotiations leading to an appointment.
While not wishing to quarrel with what is clearly a fair and effective (if ultimately tortuous) process which – if followed properly – can lead to a useful end result, there are some comments worth making here.
The first point is to understand who's running this process. A professional purchasing manager is exactly that. Someone whose job it is to purchase the maximum value product or service at the minimum cost. While there may be professional advisors to assist, the process is purely cost-driven.
Second, tendering is an increasingly time-consuming process which favours larger contracting companies who have the resources to put together professional bids. Many smaller companies who are equally (or more) competent are frightened off by the sheer weight of professional resource needed to respond with any hope of success.
In-house security management is increasingly devoted to the corporate function, and has little time or additional resources for managing guarding contracts. This is often the preserve of facilities and building managers who can boast other competencies
Third, there must be a consideration of value for money. The most frequent complaint against security companies goes something along the lines of: "The security officers are OK, but I never see a manager". Why is this?
To be perfectly frank the answer is both simple and obvious. Nonetheless, it's well worth reviewing in some detail here because it does lie at the very heart of the tendering process in today's private sector.
Is cost-cutting an option?
In order to remain competitive in a cut-throat market, there are three basic areas in which manned security contractors can look to cut costs: pay to staff, profits and management/administration. Cutting pay is generally unacceptable to customers, self-defeating and very much the curse of a generally low paid industry. Cutting back on the number of officers is also not an option.
Profits in the guarding industry are – on the whole – pretty poor. Margins have been slashed since the early 1990s, and the effort needed to produce what margins are left is sometimes barely worth making. The effect on profits resulted in service providers not being able to invest in offering the service the customer needs. Therefore, it makes little sense for a customer to attack what are already low profits and expect to receive a high standard of service delivery in return. That doesn't compute at all.
All of which leaves management and administration as the only areas ripe for pruning. Evidence shows that this is precisely what has happened over the past decade or so, leading – and quite rightly so – to accusations of poor management support.
At the same time, security companies have worked on automating their administration to reduce costs and allow more management time for clients. However, this demands an investment in IT systems which is costly... and may not be available because of low profitability. A vicious circle benefiting no-one.
Improving management support also demands investment in selection, training and motivation which again cannot occur if the profits aren't there to support this key area for ensuring levels of service provision. One of the other casualties from the contracting-out 'revolution' has been the in-house expertise in those companies other than the larger concerns. Security companies need to be professional in the advice they are able to give, as well as in what they do.
What is 'value for money'?
If tendering is about finding value for money, then it's worth reviewing what that actually means. First, it infers that the customer places a value on a capability that it lacks in its need to counter a risk to its own business. That capability can be divided into two – advice and implementation.
From hereon in, a company has essentially three options:
- contract out the advice and the service to implement it;
- keep the advice in-house and buy-in the implementation;
- keep both in-house.
While all three options are widely used, according to BSIA statistics the full in-house option has halved in size since 1993. The other two options are normally decided by either the size or nature of the business.
The second point about value for money is that it works both ways, which exposes the inherent flexibility of the tendering process. The receiver of the service wants to gain as much value as possible in return for as little expenditure as possible. This is balanced by the service provider's point of view, where the less income they receive, the less value they can offer in return. The security company's dilemma is that, in order to have a chance of providing the service, they MUST be competitive. No two ways about it.
The temptation for the security service provider, then, is to put in a price based on their expectation of a contract award rather than an ability to deliver what's specified. While the evidence is anecdotal, this view is supported by the apparent 25%-35% churn rate in contracts (not uncommon among guarding companies).
The temptation for the security service provider is to put in a price based on its expectation of a contract award rather than an ability to deliver what’s specified. While the evidence is anecdotal, this view is supported by the apparent 25%-35
Budgets should be set by making a sensible evaluation of the cost of a service which a given company wants to acquire. However, in today's cost-driven world, most companies have targets to make savings on budgets, and will try to acquire that service at below budget price by applying the tender process. Understandable, but since every action has an equal and opposite reaction the result may not be in line with the original risk assessment and plan.
For example, a requirement may be calculated at a cost of £x. The tender process may deliver the service to meet that requirement at £x minus 5%. However, that 5% reduction in income to the service provider means that they will remove value from the service which they're providing. They must do so if they're going to make any sort of profit at all. The effect of that 5% removal of value means that the service provided to the end user isn't going to be the one that was specified to meet the original risk assessment.
Thus a 5% reduction in the charge may well represent a 20% reduction in the effectiveness of the service, therefore rendering the customer company vulnerable by exposing it to the potential for a serious incident from which it may have difficulty in recovering.
For the end user, changing security contractors is a disruptive process, while tendering is both costly and time consuming for managers who already have plenty of other jobs to be getting on with. Making sure it is 'right first time' has to be sensible.
Intention as opposed to method
So what can we do? Is there a better way of tendering for manned security services?
The intention must be to select a service provider that's willing and able to work with the customer to mutual benefit. Fine words, but what do they mean in practical terms?
If it's accepted that the one constant in an ever-changing world is change itself, then the first casualty of the tender process will be the specification against which the tender was measured. What price now the selected company chosen to perform a service which itself is constantly changing? So the first priority must be to choose a security company that's able to cope with change. This means it must have the mental and physical agility which will not just follow change when required, but institute change of its own accord.
The second priority is to seek a company that can find ways of contributing to the business by adding value to its services. There are several ways in which this goal may be achieved. For the guarding contractors, their professionalism lies in delivering and managing people under specified circumstances away from their own premises.
Rarely does that professionalism lie in the competence to deliver high quality advice on a multitude of security and related business support services. That is something left to the consultant and in-house management.
The third priority is to find a security company with the built-in expertise that can offer the advice the customer needs to add value to the business.
Sensible and innovative solutions
Another point to bear in mind is this. Guarding companies naturally tend to see success in terms of numbers of people employed/hours worked. Asking them to employ less people is a problem. That said, the security companies who succeed are going to be those that can offer long term cost savings while maintaining sensible profit streams. This can be achieved, and will inevitably lead to reduced numbers of staff, but it demands a change in attitude on the part of customer and supplier alike.
Source
SMT
Postscript
Patrick Dealtry is principal of The Patrick Dealtry Security and Management Consultancy (tel: 01243 544762, e-mail: pdealtry@pdconsultancy.co.uk)
No comments yet