How to validate your security program: Part 3

Jan. 20, 2016
Assessing personnel qualifications are important for monitoring ability to perform work and assigning proper compensation

Editor’s Note: This is the third of a multi-part series that provides 15 important perspectives from which to validate your security program. If this is the first article you have seen in this series, please read at least the introductory article before launching into the validation steps found in part one and part two

Validation Attribute: Qualified

Definition: 1. officially recognized as being educated, trained and/or experienced to perform a particular job; certified. 2. having the abilities, attributes, qualities, etc. necessary to fulfill a specific role.


Qualifications for personnel are important from a number of perspectives. Job qualification requirements must be useful for ensuring that the person appointed to the position can handle the assigned roles and responsibilities. They are a key factor in determining the level of pay appropriate for a person in a particular position (determined partly by the job market).

However, having qualified departmental personnel alone does not assure that the security department as a functional group is fully qualified to accomplish its objectives. Personnel must fully understand their roles and responsibilities, which may include company-specific training as well as site-specific training. Additionally, any service providers—such as those providing guarding services or technology installation, maintenance, and support—must also be qualified for the work they are doing and receive sufficient oversight to ensure that they are performing up to par and that personnel changes don’t disqualify them in any way. And importantly, the sum of the personnel capabilities must fulfill the requirements of the department as a whole—they must support all of the functionality required of the department.

Keeping qualifications up to snuff is likely to require:

  • Periodic training and performance reviews for internal and contracted personnel
  • Performance standards and reviews for contracted services (such as technology support)
  • Initial internal staff training and refresher training
  • Continuing education for staff
  • Annual review to ensure that performance standards are updated as appropriated

The above points should be well-documented, and annual reviews should check that training and performance requirements are consistent with the elements of the security program and current organizational needs. When that is done, there is a sound basis for asserting that personnel are qualified and that performance is up to par.

Qualifications Assessment

There is an outstanding tool that has been developed by the Security Executive Council, the leading research and advisory firm focused on security risk mitigation solutions, to determine the full scope of personnel qualifications required by the security department or function, and assessing the adequacy of the qualifications. This can be applied to any and all of the security personnel, including the department head or senior security leader.

For the assessment, the Council performed extensive research that identified six knowledge and skill areas, each having specific skill, knowledge or training requirements. These have been assembled into a chart on which ratings for each requirement can be marked.

For the assessment, an individual is rated for each skill, knowledge or training requirement as:

  • Expert
  • Adequate
  • Needs Improvement
  • Missing
  • Not Applicable

Because departmental requirements change over time, and because personnel improve their skills and obtain additional education, the assessment should be redone each year so that departmental requirements are updated, and individuals can be scored in light of the educational and experiential advancements, and against any new departmental requirements.

You can download the assessment chart from this location:

Validation Steps

Step 1. Download the Assessment Chart. This is a PDF document in which you can mark the ratings and then save the document.

Step 2. Determine Departmental Requirements. Using the outline of security program elements, identify and mark any items that are not applicable to your security program or your organization’s industry as “NA” for not applicable.

Step 3. Rate Yourself as Security Leader. For each applicable assessment element in the chart, rate whether your skills and knowledge relating to that element are expert, adequate, needs improvement or missing.

Step 4. Rate Your Subordinates. For each applicable assessment element in the chart, rate whether their skills and knowledge relating to that element are expert, adequate, needs improvement or missing.

Step 5. Determine Improvement Objectives. Create a table or chart in a word processor or spreadsheet document that contains these columns:

  • Name: Enter the name of security program element.
  • Status: Write a description of the status of skill and knowledge support that exists for the security program element.
  • Improvement Objective: Describe the improvement objective if improvement is needed.
  • Improvement Method: Describe how the knowledge, skill or experience improvements should be made to improve the departmental qualifications relating to that particular element.
  • Priority: Set a priority for the improvement according to protection or service needs, using immediate (ASAP), short term (accomplish within 120 days) or long term (within 12 months). Or use a different prioritization if required to fit the improvement objectives and improvement methods selected.
  • Cost/Effort: Determine and describe the financial cost and/or level of internal effort required to achieve the improvements.

Add the assessment starting and ending dates to the document to record when the assessment was done.

Step 6. Outline an Improvement Plan. Write down the key steps of an improvement plan, and follow up as necessary to get the plan approved and resourced.

Promoting Departmental Qualifications

Some security practitioners have printed out an 11” x 17” version of the chart (also available for download from the link above) and posted it on a wall in the security office, in an area where is it most easily seen by non-security people visiting the security office area.  Visiting personnel are typically very impressed with the chart, as they usually have had no idea of the actual scope of the security function.

Identifying departmental requirements and rating the qualifications of your security personnel enables organizational sponsors and decision-makers to support the steps you want to take to achieve the qualification objectives for your security function.

About the Author: Ray Bernard, PSP, CHS-III is the principal consultant for Ray Bernard Consulting Services (RBCS), a firm that provides security consulting services for public and private facilities ( Mr. Bernard has also provided pivotal strategic and technical advice in the security and building automation industries for more than 28 years. He is an active member of the ASIS Physical Security Council and the IT Security Council. For more information about Ray Bernard and RBCS go to or call 949-831-6788. Mr. Bernard is also a member of the Subject Matter Expert Faculty of the Security Executive Council (

About the Author

Ray Bernard, PSP, CHS-III

Ray Bernard, PSP CHS-III, is the principal consultant for Ray Bernard Consulting Services (, a firm that provides security consulting services for public and private facilities. He has been a frequent contributor to Security Business, SecurityInfoWatch and STE magazine for decades. He is the author of the Elsevier book Security Technology Convergence Insights, available on Amazon. Mr. Bernard is an active member of the ASIS member councils for Physical Security and IT Security, and is a member of the Subject Matter Expert Faculty of the Security Executive Council (

Follow him on LinkedIn:

Follow him on Twitter: @RayBernardRBCS.