The Toyota Way

This column introduces lean perspectives and tools and provides a path for security practitioners to follow in applying lean principles.


The Toyota Production System, waste elimination, and process/continuous improvement are all used synonymously with lean throughout the world. The foundation of the Toyota Way is based on the simple, yet elusive goal of identifying and eliminating waste in all work activities. In fact, when you look at a process as a timeline of activities, material and information flows, and chart the process from start to end, you will find a depressing amount of waste — usually far more waste than value-added activity. But seeing the waste is not the same as eliminating it. The challenge is to develop a systematic method for continuously identifying and eliminating waste. A sporadic removal will yield pockets of improvement, but the system-wide benefits that Toyota enjoys are achieved by following a cyclical method of continuous improvement.

Value Stream Mapping Approach
Lean experts look at operations from a value stream perspective. Value stream mapping can be narrowly viewed as a technical tool to design your lean system. But the real power is as an organizational intervention to get the right people to become dissatisfied with the waste in their system, develop a shared, realistic vision for the future, and develop an action plan they are enthusiastic about.
Value stream mapping is more than a neat tool to draw pictures that highlight waste, though that is certainly valuable. It helps to see linked chains of processes and to envision future lean value streams. Underlying value stream mapping is a philosophy on how to approach improvement.

Security Value Stream Mapping Exercise
Value stream mapping consists of two types: current and future state. Current state maps provide a visual representation of the way information and workflow is occurring at present. The future state map is the application of the lean tools as a visual roadmap, displaying how to eliminate the waste identified in the current state.

Let’s walk through the steps for creating a value stream map for the security function. For best results, begin by assembling a core team of security personnel (including management). Create a process capture form (name, date, department, job title or function, process name). The process capture form is to be filled out by each team member, without exception. The form is meant to capture the processes, not the individual tasks. Use the form for 30 days to capture what is currently going on and what processes are consuming employees’ time. Categorize the processes as critical or non-critical.
Critical processes are those processes that directly impact the customer and/or have a direct financial impact on the organization. Critical Process examples include:

• Response to medical emergencies
• Handling bomb threat calls
• Administration of First Aid/CPR
• Evacuation of the facility
• Response to hazardous chemical spills
• Providing cover for sudden terminations

Non-Critical Processes are those processes that are necessary, but do not have an immediate impact on the customer or financial impact on the organization. Classifying these will provide a solid foundation of process information (data) required prior to the introduction and application of the lean tools. Non-Critical Process examples include:

• Issuing parking citations
• Providing escorts
• Conducting facility tours
• Providing video footage to support investigations
• Writing incident reports
• Inspection of incoming and outgoing packages

Use the form to first capture current processes. Brainstorm with the team to generate a list of common processes for the department. This will allow everyone to begin to think in terms of processes. You will most likely not be able to list all the processes, but list as many as possible and leave space on the form for additional ones.
Experience has shown that confusion can exist between defining a process and a task. Do not get hung up on the difference. At this time, it is only important to document current segments (processes or tasks) of employees’ time that comprise their day.

The following process and task definition will assist in providing a framework for understanding the basic difference between a process and a task: A process is a series of tasks (or steps) required to complete a unit of work or obtain a result. A task is a unit of work within a process — many tasks are required to complete a process.
Remember, employees will be new at this and most likely there will be a mix of processes and activities (tasks) listed. Work with the team to further define the differences once the initial processes have been gathered.

Next month’s column will continue with this value stream mapping exercise. If you would like to contribute your insights or suggestions, please email them to me at Derrick_Wright@baxter.com.

Derrick Wright, CPP, is the security manager for Baxter Healthcare, Cherry Hill, N.J. With more than 19 years of progressively higher management experience in a highly regulated pharmaceutical manufacturing environment, he has built a converged security program that focuses on top-of-mind business issues as well as technology interoperability to support improved business processes. Derrick is a member of the Security Executive Council and the Convergence Council of the Open Security Exchange (OSE), where he provides insight and direction for working group activities.