SECURITY ROLES ANALYSIS
Security Roles Analysis
This report offers a critical evaluation and exploration of different security responsibilities in the market. In this case, the report offers an evaluation of five different security vacancies as advertised. In this case, the focus is on the difference in responsibilities, duties, as well as the required skills and personalities respectively.
Compliance and Risk Management Advisor
This is a new position and responsibility that is arising in a majority of the global organisations. In this regard, the development and adoption of this position as a key organisational component are a response to changing government regulations. For instance, the Australian government developed the risk management and safety regulations. These renew regulations that are oriented at creating a conducive working environment in the workplace. In the wake of the industrial revolution and the subsequent globalisation, organisations mainly focused on profit maximisation, which is a shareholder value maximisation theory approach. However, this was at the expense of the employees. This is as illustrated in the figure below on rising USA employee workplace injuries.
Figure 1; Workplace risks in the USA
Source: Property Casualty, 2015
One of the classical evaluations and models for the advocating of an employee safe and secure working environment could be cited back to the Hawthorne studies. Under the Hawthorne studies, it was evident that employees working in a well lighted and spacious environment, there was more productivity as well as more employee motivations respectively. A further need to develop secure and safe working environments could be linked to the rising instances of employee injuries and even deaths in the workplace. Thus, as a means to ensure that this rising social challenge is mitigated, governments across the globe have developed relevant strategic systems and regulatory frameworks to tame this challenge.
The requisite responsibilities of a compliance and risk management advisor require that one has a clear legal and cultural experience and understanding of the society. In this case, the posted requisite task was in the Australian market context, thus, it is imperative that the selected candidate should have the relevant cultural understanding. This is because culture plays a critical role in influencing employee behaviour. According to the Hofstede cultural dimensions model, an employee and individual culture impacts on nature and willingness to which such individuals are willing and able to take risks in the market. As such, while as some employees would be willing to take higher risks, others would be less willing to take such risks. This means that organisations that have their employees as high-risk takers will face a more need to create conducive and safe working environment as the employees are bound to be less cautious and worried about their own safety. The second key requirement for the selected candidate is the need to have a clear understanding of risk management practices across the globe. In this case, although an organisation could have shared culture and practices, every risk is different. In this regard, organisational risks vary in both their frequency, the certainty of occurrence and impacts upon occurrence. In essence, all organisational functions, the risk management function included operate under scarce human and financial resources in the market (Herath & Rao, 2009). This means that it is vital and of utmost relevance that the key players in such organisations functions learn and establish a priority system. In this case, the process of prioritising risks in organisations is a risky process whose minor failure and mistakes would have catastrophic impacts on the entire organisational operations. Thus, this means that the selected candidate should have the risk management technical skills to ensure that the prioritisation process is developed and executed right.
Finally, the requisite candidate is expected to have good inter-relationship skills. The advisor is expected to offer advice on the development of a safe and secure environment for the employees. As such, in order to learn and understand their needs, the organisation requires that the advisor will establish relationships with both the employees and managers in order to understand their working conditions and areas that they would feel needed improvement. In theory, the process of risk management is a continuous process. This means that the process of managing risks is not static and thus need to be changed and adapted to the changing organisational and market environments respectively. Thus, the above analysis indicates that the developed plan and requirements for a compliance and risk management consultant advisor are in line with the theoretical underpinnings under which the selected candidates are expected to perform and operate under.
Security Manager Position
The security manager position as advertised is presented as a position that will be aiding in the formulation of the organisational security details and needs in the market. A number of theoretical arguments and models underpin the security manager role as well as the requisite skills and expertise required in the market. On one hand, in order to understand this role and responsibilities, it is vital to understand why an organisation requires a security manager. In any organisational establishment, there are numerous physical assets that should be secured at all times. In this case, the assets represent a major organisational long term invested capital and as such are a major share of the shareholders equity. Thus, there is need to ensure that the assets are protected. The second category of assets that needs securing is both the employees and visitors such as customers and partners respectively. In this case, it is important to ensure that while they are in such organisational premises, their security is guaranteed.
This has led to the use of both in-house and third party security agencies that offer the required security services. However, whether outsourced or applied through the in-house approach, it is imperative to ensure that the security practices are aligned with the organisational goals and practices such as investments and budgeting. Thus, this created the fundamental need to establish the office of the security manager. This is a security trained expert with management skills. Such an expert is expected to ensure that the required services to protect and secure an entity are offered and availed within the available and allocated budgetary costs. One of the core roles in security management is coordination. Theoretically, it is argued that one of the key causes of security failures and ineffective response systems, especially in emergency situations is the lack of proper coordination. As such, aspects such as the lack of proper communication channels, backup and business continuity response systems for an organisational security system in the event their main response system is in operations are among the key failures in providing organisational security systems. As such, it is imperative that in the sourcing of an organisational security manager, the recruited and selected persons have the requisite team management and organisational skills. The possession of such skills ensures that they are able to position and align the security team, both in the house and externally sourced to effectively respond as and when needed in emergency and security threats situations.
The final, yet very core skills for the security manager are ICT management skills. In the modern security context, a majority of the security threat are propelled through intensive and superior knowledge of ICT skills. Thus, in order to ensure that an organisational security system is well equipped and ready to handle emerging issues, the recruited and selected security manager should posses the relevant ICT skills, The possession of these vital skills are an imperative in ensuring that the manager is able to prepare key security systems such as the CCTV monitoring systems among others in an organisation. In most of the organisations, here are ICT enhanced and supported security systems such as MAC controls to regulate against internal breaches and unauthorised accesses. In this case, if the security manager has the requisite skills and understanding of such ICT systems operations, they will enable and support the organisation in handling and dealing with the emerging issues with respect to both internal and external security violations, threats and breaches respectively. Thus, the above theoretical and critical analysis of the duties and responsibilities, as well as the rationale of a security manager in an organisation illustrates that such managers require ICT, coordination, and management skills respectively.
Physical Specialist Management
This is a specialist role through which the office holder is tasked with the provision of physical security management systems in an organisation. In this case, a majority of the specialist roles are in policy formulation, coordination and evaluation respectively. With regard to policies development, organisational behaviour theories hold a number of arguments. It is argued that a key feature of an organisational policy success is the ability by such a policy to evolve and advance with changing market and organisational needs and requirements. Thus, based on this understanding, it is vital that organisational security policies are matched to the changing market trends as well as organisational conditions. On one hand, external market changes in the environment could be the evolving nature of security risks and threats in the market. For instance, in the current global market, the risk of terrorism is emerging and growing as a major concern to organisations as illustrated in figure 2 below. Thus, this implies that organisational security systems should be developed and engineered to respond to such changing market contexts respectively.
Figure 2: Rising Threat of Terrorism
National Commission on Terrorism, 2012
If in the future, the above changes, it is important that the physical security specialists are able to respond and develop the required policies for their employer organisations. On the other hand, a second trend in the international physical security market is the use of ICT systems as a major tool to supplement human security workforce (Akhgar & Arabnia, 2013). Although organisations in the traditional contexts used manual security measures, this has changed to automation systems, that
is changing and evolving on a regular basis. As such, based on the above changes, it is evident that it is imperative and critical for a security specialist to understand and respond to these changes respectively. Thus, this analysis underscores that in the recruitment of a physical security specialist, organisations should enrol persons who not only have the right skills in policy formulation, but who are agile and responsive enough to the changing global market situation. This will ensure that the employed specialists are effective in aligning the ventures physical security systems with the changing market conditions, as well as with emerging physical security threats.
A second critical role and requirement in the formulation of organisational security management systems is the cost-effectiveness of such strategies. As already mentioned above, organisations operate in market contexts that are characterised with a shortage of resources, especially in financial resources. As such, the employed security specialists should be able to effectively utilise the allocated budgetary resources. In this case, they should be good decision-makers and evaluators who can effectively prioritise an organisational security needs in the order o their significance and likelihood of occurrence respectively. Through the possession of such critical skills, the security specialists would ensure that the proposed and implemented policies, as well as the implementation processes are cost effective, yet yielding the best and highest benefits to the organisations.
The final key requisite skills required for the physical security specialists are the monitoring and evaluation skill. In this case, such specialists need to develop effective monitoring and evaluation systems. Such systems explore on the ability and extent to which the effectiveness of the current security systems can be evaluated. Through the development of such effective systems, would ensure that the ventures can evaluate their systems weaknesses and identify areas for improvement. As such, this is a strategic and guaranteed approach through which an organisational security system could be improved. (Adomi, 2011). It is vital to understand that no single organisational operational system is effective and perfect. Thus, the process of monitoring and evaluation and the subsequent improvement process are a fundamental pillar and component in the development of effective and successful organisational systems in the long run period. Through the possession and execution of such activities, such a physical security specialist would ensure that the organisation attains long-term market sustainability.
The advertised role and vacancy are on offering security advice on design and support systems. The role has emerged as a result of the changing global market management and operational systems. On one hand, the global market is changing in the global market is towards the use of project management systems. In this case, instead of managing organisational investment and development agendas under the traditional functional systems, this has shifted towards the use of cross-functional project management teams. The formulation and the use of such systems ensure that an organisational operation has all the required skills and expertise and is operated over a specified period of time as well as within a set pre-determined operational budget respectively. However, the rise of this changing market conditions has evolved to include a number and a series of overall market changes in the market. For instance, the formulation of projects has created new security risks that were not inherent and normal in the traditional management systems. For instance, the use of project management approaches creates the risk and security threat of the process of managing such information systems to guard against external and unauthorised access (Talbot & Jakeman, 2013).
As such, most of the organisations have developed security consultancy teams, comprising of the security specialists who provide security designs and directives on how to manage such projects information as well as the overall assets included and involved in the project teams responsibilities execution. The requirements of the security specialists in such project management systems include the development of an ongoing evaluation of project risks. As understood under the project management literature, an organisational project undergoes a life cycle starting from the start, development, implementation, and closure stages respectively. In this case, each of the stages faces a diverse yet different set of security risks, that the security specialists are expected to explore and develop proactive preventative and security control measures respectively. In addition, it is vital to understand that unlike the normal process of managing organisational operations, projects vary from one another. This means that although some security risks, such as lack of assets management systems could be uniform across the projects in an organisation, each project is unique and as such depends on and faces a number of unique security risks and threats.
Based on the above analysis, it is apparent that a security specialist would be expected to be well versed and experienced in project management risks and security threats. The possession of these skills would serve as guidance in the formulation of subsequent project management security systems. In this context, one of the most fundamental skills that the security specialist must pose is an understanding of project management. As such, in this context, a clear and informed understanding of the project management process would ensure that the security specialists are able to fundamentally and critically evaluate organisational projects. This includes the use of key project management tools such as PERT and Gantt charts. In a proactive security systems development, the specialists would rely on the use of such tools to proactively anticipate and identify potential security risks and threats respectively.
However, besides the possession of the project management and security analysis skills, the security specialists must possess key relational ad team working skills. In this case, it is not possible to develop such systems evaluations and security systems designs in isolation as individuals. However, such specialists are expected to function and operate in teams in the design of the relevant security systems in the market. Therefore, in order to make such teams functional and effective, it is vital that each of the selected security specialists possess the right team working and relational skills. Through the development of this strategic skills, the risk of repeated and numerous team conflicts that delay and lower team effectiveness and performances are reduced over the long run period.
Senior VP, Head of Security Management-Corporate Banking
This is a security position that is involved in ensuring security in the financial corporate industry in the market. A number of theoretical underpinnings can be applied to understand and explain why the position is relevant in the corporate banking industry, as well as the rationale and need for special skills and requisite personalities of the involved persons. In order to explain this position rationale, it is best to reflect back to the 2008 global financial crisis analysis. Post evaluation reviews and studies have established that one of the causes of the GFC in 2008 was the lack of proper security systems, especially with regard to internal operational risks and failures in the market. In this regard, most of the organisations in the financial industry faced the security threat on the lack of credit repayments and well as failing liquidity stability in the market. Similarly, some of the organisations failed due to a lack of proper ICT system that could evaluate and monitor the market operations in the market. Therefore, in order to ensure that the financial sector players do not fall back to this security risk into the future is through the establishment of a security function (Federrath & Gollmann, 2015). In this case, the security function is offered a high status in the financial industry to the extent that they have a high recognition where the head of the function is a company VP in the banking industry.
One of the key functions would be an evaluation and exploration of the banking industry internal and external systems risks, especially with respect to security risks that pose the grates risks of failure and non-functionality in the market. As such, this means that the role of the function is to develop, propose and implemented key financial security systems and designs in the market. These systems play a crucial role in ensuring that organisations are not only effective and resilient to the existing market security risks in the market, but are also agile and flexible enough to adapt to the changing global market situations and conditions respectively. Thus, in order for one to fit into this position, they should first have the basic security management skills in the financial industry. One of the main skills and evaluation of this qualification would be past experiences through serving in other even if lower positions in security and risk management in the financial sector. Although the global financial sector operates as a uniform standardised market, every economy has its unique risks and security threats in the market. As such, it is vital that the recruited persons have a combination of both a global outlook of the financial industry risks and threats as well a domestic outlook to ensure that the developed designs and policies are in line with international standards and requirements, while meeting the unique domestic corporate financial industry risks and security threats respectively.
In summary, the above report offers an analysis of five different security vacancies. The exploration of the above vacancies indicates that the security docket in the global organisations is a large component that has different levels of responsibilities. In this case, the evaluation has established that the changing global market security conditions, industries served and the nature and size of the venture plays a critical role in determining and influencing the type of security threats and risks faced and as such the security jobs offered respectively.
Adomi, E. E. (2011). Handbook of research on information communication technology policy: Trends, issues and advancements. Hershey, PA: Information Science Reference.
Akhgar, B., & Arabnia, H. (2013). Emerging trends in ICT security. Waltham, Massachusetts : Morgan Kaufmann/Elsevier
Federrath, H., & Gollmann, D. (2015). ICT systems security and privacy protection: 30th IFIP TC 11 International Conference, SEC 2015, Hamburg, Germany, May 26-28, 2015, Proceedings.
Herath, T., & Rao, H. R. (2009). Protection motivation and deterrence: a framework for security policy compliance in organisations. European Journal of Information Systems, 18(2), 106-125.
National Commission on Terrorism, (2013). Countering The Changing Threat Of International Terrorism. Retrieved From < http://fas.org/irp/threat/commission.html >
Property Casualty, (2015). Here are the top 10 most costly U.S. workplace injuries. Retrieved From < http://www.propertycasualty360.com/2016/01/26/here-are-the-top-10-most-costly-us-workplace-injur >
Talbot, J., & Jakeman, M. (2013). Security risk management body of knowledge. Hoboken, N.J: Wiley.