printer friendly version

The acquisition, care and feeding of security consultants

(The primary requirement for any consultant is that he or she is knowledgeable in the field and has no vested interest in products or services.)

Since this article kicks off 'Consultant's Corner', it seems logical to dedicate it to some thoughts on the subject of consulting. Lightheartedly, a consultant is the person who, when you ask for the time, borrows your watch, tells you the time and then pockets your watch!

Webster's defines a consultant as 'an expert who is called on for professional or technical advice or opinions', broad enough to cover half the working population! In the security industry, as in other industries, the term is used extensively as a euphemism for salespersons, but, for a purer definition, it would be useful to look at some of the requirements for membership in the International Association of Professional Security Consultants (IAPSC):

* Most of the consultant's time must be spent in the security practice.

* The consultant may not be associated, financially or otherwise, with any product or service other than the provision of consulting, eg, cannot be a system or manpower salesperson, cannot accept any compensation from a sales company, cannot have any equity holdings in an equipment company and cannot pay or accept any referral fee.

The primary focus of these requirements is to ensure that the consultant is knowledgeable and has no vested interest in any product or service being recommended. The consultant should be impartial and owe allegiance only to the client who is paying the fees.

It is interesting to browse through the IAPSC membership directory to see just how many different areas of expertise are covered by professional security consultants:

* By industry: Retail, warehousing, financial, insurance, cultural, hospitality, education, utilities, medical, resorts, entertainment and sports, residential, high-rise offices, gaining, parking, computing/telecommunications, transportation, pharmaceutical, criminal justice, manufacturing.

* By services: Condition surveys, risk/vulnerability analysis, systems design, protect management, manpower planning, training, classified material programs and management, executive protection, hostage negotiation, forensic, expert witness testimony, loss prevention, policy/procedures development, crisis management, disaster control/recovery planning, crime statistics, counterespionage, terrorism counter measures.

* By assets: Executive/VIPs and their families, intellectual property, trade secrets, financial data, negotiables, sporting and special events, objets d'art, power and communication grids, pipelines, construction sites.

In the interests of brevity, we will focus on the target of this publication, security technology and design. The consultant in this area can help you, from conception through operation, in the implementation of access control, alarm monitoring, CCTV and associated systems. Let us ask the why, when, what, how and how much questions.

Why use a consultant? If the project is of a size that, even if you have expertise, your regular duties do not allow you adequate time to ensure a quality outcome, you should consider hiring a consultant. The consultant is on board for only the duration of the project and does not need the overhead of office space or the hiring/termination process of additional employees. Another positive benefit is the objective and different perspective that an outsider brings. Additionally, the consultant brings a wealth of experience from the multitude of projects on which he or she has worked. This experience is invaluable in knowing what will, and will not, work in your environment.

When should you hire the consultant? For the consultant to be most effective, as early as possible in the project. Do not fall into the trap of trying to save money by waiting until the last possible moment or until the project has fallen behind schedule. Remember, the consultant may perform miracles every day, but the impossible is usually outside his/her scope of work!

What can the consultant do for you? A consultant will often have a wide variety of services to offer; following are those that are most applicable to a security system design and implementation project. Some tasks you may wish to do yourself or with your staff; if this is part of a large construction project, part of the work may be done by other members of the design/construction team.

* Needs analysis: A study of your facility and operations to determine what assets are important to the success of the business, what the threats and risks are, or likelihood of those threats occurring, and what intrinsic vulnerabilities need to be considered.

* Condition survey: An evaluation of current security programmes (manpower, procedures and systems).

* Operations survey: Identification of how the facility operates, including hours of operations, traffic flow into and out of the facility and between departments. Should include an analysis of corporate culture and managerial support for a security programme.

* Recommendations report: A description of the analysis of findings from the prior tasks, and recommendations for systems solutions to the vulnerabilities discovered. A comprehensive report should cover recommendations on other security-related programme elements, may include a preliminary implementation plan and should provide a first-cut budgetary estimate of capital and recurring costs.

* Report presentation: A meeting at which the consultant presents the findings and recommended solutions, and is available to discuss alternative approaches and associated costs.

* Systems design and documentation: Whether you are planning to procure the systems sole source (a favourite contractor) or by competitive bid, the conceptual recommendations need to be developed into detailed plans, riser diagrams, installation drawings, equipment schedules and specifications. The more detail and accuracy, the lower the contractor's price, since 'fudge factors' need not be added to cover the unknown. If this is a new construction project, the consultant will need to coordinate with other design team members and with the architect for electrical door hardware, the finish of exposed security devices and space in closets for multiplexers and power supplies; with the electrical engineer for main power requirements, security lighting, backboxes, conduit and life safety interfaces; and possibly with a landscape architect for perimeter barriers. The consultant will represent your security needs at design team meetings.

The consultant may have standard detail drawings for the mounting of most common equipment and will probably start with a 'master' specification which has been tuned to include the lessons learned from previous projects. These tools increase the professionalism and completeness of the design documentation (construction documents) and reduce the time and cost to prepare a good design. However, they should not replace the need to develop systems solutions that address the specific needs of your project; no two projects are ever the same and you should not accept a 'cookie cutter' approach based on someone else's facility.

* Procurement support: Holding a site walk-through meeting with bidders and resolving technical questions, analysing bids received and preparing an award recommendations report, interviewing candidate contractors and assisting in final negotiations. A good consultant will save you the cost of his services in this task alone.

* Construction services: The best design will serve little purpose if it is implemented poorly. In this phase there are many tasks that the consultant can perform to help keep the project on track and on schedule. Reviewing shop drawing submittals; site visits to observe installation progress and quality, and to meet with the contractor to resolve any problems; witnessing acceptance testing and developing a punch list of defects; checking, or performing, operator training; reviewing final as-built documentation.

How do you select a consultant? Start by determining the scope of work that you would like the consultant to perform. You may add or delete tasks when you interview candidates, but it is useful to have a general idea beforehand. Network your peers for recommendations. Check in directories, such as Robert McCrie's Security Letter Source Book and call the IAPSC headquarters; they can match the type of services you require with two or three suitable consultants in your geographic area and send you biographies on each.

Prepare a Request For Proposal (RFP) to issue to the candidates that describes the project and the services you need. The more definitive you can be concerning the scope of services, the easier will be your judging task. A face-to-face interview is very important; between the consultant's proposal and the interview look for:

* Chemistry: Is this person on the same wavelength? Did he/she fully understand your RFP?

* Manner and appearance: Will they be acceptable to the corporate managers who the consultant will need to meet?

* Approach: Does the consultant discuss how to identify your specific needs or does he/she jump to recommending solutions? What meetings does he/she plan to attend?

* Experience: Has the consultant worked in the same or similar industries, and with a similar corporate culture?

* Work capacity: What other projects is the consultant working on and will there be time to give your project the necessary priority? Note that it is not unusual for a consultant to be engaged in many projects at any given time.

* Communications ability: Both verbal (at the interview) and written (ask to see a report that the consultant has prepared). The consultant must be able to present ideas logically and non-technically.

* Allegiance: Is the consultant independent of equipment manufacturers and sellers? If not, how will this taint recommendations?

* Reputations and references: Try to develop references other than those offered in proposals. Ask about the consultant's worst projects, what the difficulties were and how they were overcome; then check those references.

If you have time, modify your RFP based on proposal and interview responses and re-issue it to your short list of candidates for final proposals.

How much will a consultant cost? The story is told of the retired plant engineer who was asked to return to work to help resolve a problem with a piece of equipment that had brought the production line to a halt. The 'consultant' listened to the piece of equipment, took out a piece of chalk and marked an 'X' to show what needed fixing. The company questioned his $10 000 bill and asked the 'consultant' to justify the high cost for 10 minutes of his time. The reply was that $10 was for the time spent and for the cost of the chalk, and $9 990 was for the expertise of knowing where to place the 'X'. The bill was paid.

Although not many security consultants calculate their fees this way, it does explain why rates vary and why the higher rates may not be the most expensive. A more experienced consultant may charge more, but use less time and develop better and less expensive solutions than a cheaper one.

There are a number of ways that you can ask prospective consultants to present their fees:

* Lump sum (firm fixed price).

* Hourly rates to a maximum ('upset') fee.

* Cost plus, to a maximum. 'Cost plus' refers to actual salary for the consultant and technical staff plus a multiplier to cover benefits, support staff, administration, overhead and profit.

In addition, except with a lump sum fee, the consultant will charge for project-related expenses such as travel, printing and plotting, mail, telephone and fax. These costs may be billed at cost or with a small mark-up (10%) to cover administration. Request a maximum so that you will be able to compare total fees.

Typically, the consultant will calculate fees based on an estimate of the actual number of hours required (level of effort) to perform all the tasks.

How do you make the consulting experience work to the benefit of both you and the consultant? The 'chemistry' mentioned in the selection process is very important, but equally important is a clear understanding by both you and the consultant of what deliverables (reports, documents, meeting minutes) are expected and how many copies, what the target dates are (schedule), what the review process is, when the consultant can submit fee and expense invoices, any special format or information required on invoices and when the consultant should expect payment.

With this information up front, the consultant can concentrate on serving the interests of you and your company to the best of his or her ability.

References:

1. Security Letter Source Book. Edited by Robert D. McCrie, CPP, and distributed by Butterworth-Heinemann, (800) 544-1013.

2. International Association of Professional Security Consultants (IAPSC) David Aggleton.

Share this article:

Further reading: