Joe, Mike and Dave are all highly experienced security project managers, but they do not work for integrators. Rather, the three men – attributed here under pseudonyms to protect the business reputations of their partners – are administrators at various vertical market organizations where they exercise oversight of security installations and upgrades for their enterprises.
Joe and his team manage security for a regulated utility company with operations in several states; Mike oversees security operations for a publicly-held insurance company with more than 100 locations; and Dave is in charge of security projects for a local hospital system, which brings with it unique challenges, including infant safety and abduction systems.
Their common bond qualifies all three to share their insights into the work of integrators: Each has become a Certified Security Project Manager (CSPM). Despite their broad portfolios and wide-ranging responsibilities, the three men considered it critical to become certified as security project managers; and their CSPM certifications have provided them with insights that they would like to pass along to systems integrators.
The Security Industry Association (SIA), the nonprofit organization that certified them, knows why they went through the effort. SIA developed the CSPM credential to promote excellence among security project managers – and excellence comes from standardized processes for ensuring a project remains on time and on budget.
Without standardized processes, end-users and integrators agree that it is too easy for projects to go off course. Integrators say they are not always brought in at the design phase when missed steps might have been identified; end-users point to gaps in coordination and communication with their integrators, as well as between integrators and subs, and integrators and manufacturers.
“One of our big problems is inadequate coordination between disciplines,” explains Mike, who cites examples like “running pipe through a drop ceiling in a corridor where no one figured out who else has pipe or ductwork that needs to go in there, or beams that you have to go around, or cable that is more than the standard distance, which means we need another switch when it is beyond 300 feet.”
For Mike, that all adds up to change orders, which means added costs and delays.
The Importance of Certification
While systems integrators typically employ CSPMs, about 10 percent of people who have become certified are actually end-users. In separate interviews, Joe, Mike and Dave each expressed what they hoped to get out of the training and certification process – in a nutshell, to manage their projects and contractors more effectively. The CSPM certification and their combined experiences give each of them deep insights into what they would like their integrators to know and how they should do their jobs.
One thing upon which the project managers agree? They would like to see certified security project managers staffing their integrators. “If I were an integrator, it would be good for my security project managers, because it gets them to understand the entire business process –how you conduct meetings, who needs to be involved in the decision-making process, and so forth,” Mike says.
Adds Joe: “Everyone has certain common concerns – how much time you are spending on a job, invoicing in a timely manner, paying subs in a timely manner, keeping the contracts between you and subs clear, reporting requirements if you are publicly held, and who you have to report to and how you have to format that. Lower-level people not in management do not always see what is required or how it has to be done.”
“(Obtaining certification) has opened my eyes to how projects are managed, or should be,” Dave says. “It has been helpful in managing integrators, in project tracking, and in change management. It has helped me identify things that are often missed.”
Certifications such as the CSPM are more than initials after a project manager’s name – for the companies that employ security project managers, they enable a standardized delivery process that provides a uniform structure, format and formula that are applicable, regardless of differences in project type, scope or context. The iterative processes for project tracking, change management, setting team goals, defining member roles, and determining type and quantity of materials – all steps throughout the lifecycle of the project – are built on a common body of knowledge, developed by security project managers for security project managers.
To be fair, the value of CSPM has not escaped the nation’s largest integrators, many of which now specify the CSPM in their job descriptions or require it within six months of hire. “The ROI for the company, we believe, is based on having that uniform way for the project managers to look at something,” one integrator explains. “They will understand from the beginning to the end how to put the project to together, how to execute in the field, how to make sure all the details are met as they’re going through the steps, and again we believe that everyone speaking that same language will be a benefit to the company.”
With specific guidelines on how tasks are to be performed, the standardized processes built into the CSPM better equip end-users to analyze the performance of their security project managers in leading the project team, developing an appropriate project plan and facilitating efficient communication across all project levels.
Joe, Mike and Dave say they have worked with integrators that have excellent security project managers and others who fell short. In their experience, performance has been inconsistent.
One problem has been the disparate paths to the position. As Mike points out, security project managers are promoted into the job from different backgrounds, with different technical competencies. As their responsibilities change, they learn to do things according to how they are trained, and those ways are not necessarily optimum or sufficient.
Growing into the job without structured training specifically geared to security project management may also leave a project manager unprepared for the mushrooming complexities of managing projects across distributed enterprises with multiple locations, business units with different needs, and management processes that are highly variable. Even integrating security controls for a single site infrastructure can be an enormous undertaking.
Consider the security system managed by Dave and his hospital security team: It includes more than 2,000 card readers, nearly 3,000 cameras, visitor management systems, “blue light” emergency phone stations and infant safety systems with a video management system that controls who has access and what they are authorized to do. Dave depends on standard procedures for each project across this system to ensure successful implementation.
Despite the enormous investment in sophisticated technology, Dave says a security project manager can do much to ensure a project’s success by attention to one process with no dollar signs next to it. “The most important piece of a successful project is the one that costs the least: communication. I need to know that people working on the project are talking to each other.”
Marjorie Valin is a contributing writer for the Security Industry Association (SIA), the leading trade association for global security solution providers, as well as the provider of the CSPM certification. For more information on CSPM and how to qualify, please visit www.securityindustry.org/cspm.