by Ray Bernard PSP, CHS-III
Feb-Mar 2017
Electronic physical security systems are built using information technology. So, an IT project manager with an excellent track record would seem to be in a good position to manage a physical security system deployment project. However, the reality is that for many physical security system projects, especially those that are large or complex, it takes industry-specific knowledge to successfully apply project management skills during project planning and deployment.
Q: We’ve had trouble in the past with IT-related issues in our security projects, so we utilized a project manager with a track record of IT project success for a major access, video and intrusion project. We still had big project problems. What do we do for our next site?
A: Security technology projects have aspects to them that most IT projects don’t have. That’s why 27.5% of questions for the CSPM® (Certified Security Project Manager) certification exam are on security industry-specific knowledge.
Additionally, the fact is that the larger the security systems project or the more complicated it is, the more important it is for the project to have skilled project management familiar with the physical security technology. The project that prompted the question above was a very technologically complicated project. Early project red flags would not have been obvious to someone not familiar with physical security system deployments. From the project management perspective, familiarity is more important than deep knowledge. It’s rare for a single individual to have deep knowledge in all aspects of a technology project, but feasible and desirable for a project manager to have strong familiarity with all aspects of a project.
Knowing the kinds of complicating factors that different types of technology deployments can have, can enable an IT project manager to reach out for just the right subject matter expertise. It can be critically important in the initial phases of the project, as “what’s not there that should be” situations are often the hardest to spot, from contracts to project plans to test plans and commissioning steps. This is one reason why I highly recommend the CSPM certification from the Security Industry Association (SIA) for anyone working on technology deployments for a living, or whose job responsibilities include providing project oversight for contracted security deployments. It’s not just for security integrator project managers.
The ideal large project situation is one where there is a CSPM on the client team, the consulting team, the security integrator team and each critical vendor support team. For smaller projects with no consultant it’s ideal to have a CSPM on the client staff as well as on the integrator’s team.
Understanding the CSPM Scope
If you are not a CSPM yourself, below are two eye-opening exercises that I highly recommend. They involve the use of the CSPM Examination Specifications, which are contained in the CSPM Candidate Information Brochure document, downloadable from the CSPM Application and Guide link on the Security Industry Association’s CSPM web page: http://bit.ly/cspm-sia. There are six knowledge and skills areas in the CSPM exam, with 114 specific competencies and tasks that exam questions can address. If you have been involved in security technology projects, where meeting the schedule, staying within budget, or achieving all the project objectives was challenging at best, you will likely find these exercises enlightening.
Reality Check
First, download the CSPM Candidate Information Brochure document and open it to page 18, where you will find the CSPM Examination Specifications. Keeping in mind your challenging or troublesome project experiences, scroll through the knowledge, competency and task items and see how many of them relate to aspects of the projects that were troublesome. Second, go through the list again, this time thinking of your project team—the client, consultant, integrator, and vendor project participants—and identify for each item where the strengths and weaknesses were among the team. Imagine how things would have gone differently if all the missing/weak aspects had been competently addressed.
If you are an IT project manager with physical security system responsibilities, you have several options. You can take SIA’s Security Project Management training, and in doing so broaden your own understanding and gain valuable fellow-student contacts who have more in-depth security technology experience. If you don’t already have a PMP® (Project Management Professional) certification, go for the CSPM certification. If you don’t yet have the physical security project experience hours to qualify for the certification, while gaining them you can use your new knowledge to ensure that your projects have the right subject matter expertise on the team or available to consult with. If you are an IT manager responsible for project manager performance on physical security projects, see that your PMs get CSPM certification, even those who are PMP-certified. Everyone will sleep better.
Write to Ray about this column at ConvergenceQA@go-rbcs.com. Ray Bernard, PSP, CHS-III is the principal consultant for Ray Bernard Consulting Services (RBCS), a firm that provides security consulting services for public and private facilities. Ray is an active contributor to the educational activities ASIS IT Security and Physical Security councils. For more information about Ray and RBCS go to www.go-rbcs.com or call 949-831-6788. Ray is also a member of the Content Expert Faculty of the Security Executive Council (www.SecurityExecutiveCouncil.com). Follow Ray on Twitter: @RayBernardRBCS
© 2017 Ray Bernard