Unfortunately many experienced Security Managers either oppose the external, independent Security Consultant or do not fully realise the benefits that this professional can actually provide to them through the Security Risk Assessment. The assessor is in no means there to undermine the Security Manager, or to affect his respected position in the company, and should actually be seen as an ally who has the ability to dispense knowledge and advice that the Security Manager can not only use to his advantage, but to that of the entire company, including the financial aspect of the corporation, Health & Safety and Emergency & Disaster Management Planning.
Several Security Managers have found it difficult to present the board or management with a security problem that requires funding or backing. When doing so alone his opinion or his case remains unheeded by the decision makers. Having the detailed Security Risk Assessment report in hand and having the facts presented by an expert and professional outsider will enable the board members to fully understand the risks and threats present. This in turn allows for budget planning in regards to security to be better managed and fairly allocated. Furthermore most companies feel that security is not a problem as they have not yet been targeted by a crime or experienced loss through such an attack. Only after such an incident has occurred and it is too late are large amounts of money assigned to remedy the problem. Unfortunately this is only a temporary fix until either another similar incident occurs or a new one replaces the original problem. Ultimately this still results in excessive and unnecessary spending on behalf of the company.
Another influencing factor is that the Security Manager may feel he is unable to reveal the full truth in regards to the security status, drawbacks or the losses of the company to the board. This could be that he may not wish to offend anyone or incur the wrath or doubt of management, which in turn could adversely and directly affect his employment and position at the company. As an outsider, the independent Security Consultant feels no such obligation and will reveal the actual status as is in an unbiased, honest and factually supported manner. The detailed Security Risk & Threat Assessment report explains all weaknesses and vulnerabilities within the security status in a concise, clear and understandable way.
Many professionals make use of outside experts on a daily basis. Think of your GP who may call in the assistance of a specialist, such a neurosurgeon or a podiatrist, should his training not be able to identify or remedy the patient’s specific problem. This is the manner in which the Security Manager should view the independent assessor. The Security Consultant has the relevant experience and up-to-date knowledge due to extensive and ongoing research in regards to security solutions, practices, necessary documentations and technology to provide the Security Manager with the best of guidance and expert advice.