Back to Basics: Functional Requirements

The first steps to deploying a holistic electronic security philosophy

Today, large companies are frequently expanding, and the end-result is a conglomerate of various companies that have been merged together. In these situations, it is highly unusual for the philosophy of the electronic security system — including functionality, scope of implementation and variety of manufacturers — to be standardized.

With the goal of moving to a more holistic electronic security philosophy, these organizations would be best served by developing functional requirements.

Functional requirements have been used for years to provide organization and structure to a security system, they allow for easier installation and upgrades in the future, and they ensure that future projects are cost-effective. The obvious goal is providing more consistent, uniform security across the enterprise.


The corporate culture often includes standards for the corporate mission statement, quality control, HR rules and regulations, IT infrastructure and hardware, and much more. The Security department can provide added services and benefits to the corporation through standardization as well.

Electronic security philosophy standards within a corporation are designed to:

1. Develop a common employee identification/access card;
2. Establish consistent procedures and alarm responses;
3. Provide cost savings in the security budget;
4. Ensure compliance with local/national codes and customer requirements;
5. Facilitate a consistent employee and visitor experience and expectation; and
6. Enhance information gathering.

So, what security functions should be standardized? To help answer this question, electronic security must be evaluated by desired functionality vs. the current evolved system — a.k.a. functional requirements. These requirements would state functional attributes that will enhance the electronic security system, thereby bringing about standardization.

For example, large corporations often share a common security access control problem: the lack of a standardized employee identification/access card. These corporations — often as a result of multiple mergers and acquisitions — are faced with access control card/badge systems from multiple vendors, which hinders an employee traveling among the various company facilities.

Management’s desire to develop a “one company/one employee identification access card” philosophy and mindset is hampered by the lack of a security functional requirement (using multiple employee identification badge/access cards).

Thus, the functional requirement might be to implement a standardized employee badge/access card that will facilitate easy movement within all locations of the corporation.

Functional Requirements across the Enterprise

A list of enterprise-wide functional requirements should be developed that will facilitate developing electronic and administrative security solutions. The solutions may overlap several functional requirements — but the requirements must exist before the solutions can be developed.

Implementation of security solutions should incorporate procedures, modifications to facilities and electronic security modifications. Each corporation will have unique requirements, but many are commonly shared, such as the universal employee badge/access card example, which will be referred to throughout this article.

There will be generally understood and/or implied ramifications regarding the universal badge example. Understood ramifications would be:

1. Employee badges must conform to a standard visual format (photo size, colors, information printed on the badge, use of nicknames, clearances, etc.); and

2. The badge will allow visual and electronic access to general areas within all corporate facilities.

Examples of implicit ramifications include the sharing of credential numbers across all facilities, while ensuring that there are no duplications of credential numbers. To address this, a manual and/or automatic process must be put in place. The automated process eliminates human error, although it adds to the overall cost of the system.

This content continues onto the next page...