Interviews

CSyP discussed

by Mark Rowe

Recently a security manager I’ve known for some years, Mike Topham, who was keen to discuss pursuing the CSyP journey contacted me. He wanted to know more about the whole subject of CSyP, so we agreed to meet, writes Peter Speight.

I have known and worked with Mike for many years and he has held a number of security management positions. I expected a relaxing cup of coffee and a general conversation with a couple of questions about CSyP thrown in … ‘how wrong I was’! Straight in, Mike’s starting point was:

– Why would anyone want to achieve this standard?
– What will it give/do for one? (what’s in it for me?)
– How will customers benefit?
– Who should apply and why?
– Do I have to do anything if I pass?

Joking apart we had a great meeting and agreed that Mike should carry out some detailed research into CSyP to get a feel for the ‘what, why and how’. Mike was right in his assessment that, as we head into the next few years, every aspect of the security environment in which we must all now live whether in a local, national or global business context, or as an individual, has become more complex, technically challenging and generally more unstable than ever before.

The sheer magnitude and range of threat types, from the technical vulnerability of information and systems, to fraud and terrorist activity, to the local protection of people, premises and business assets, including lone workers, has demanded the exponential development of the security sector. The emergence of fully risk-based methodologies along with this general growth has been accompanied by the development of many intelligent tools, both technical and academic but the landscape refuses to stand still, even for a moment.

In this maelstrom of activity, the burning question for customers has been where to turn to ensure that those who are engaged to advise on these matters are somehow up to the job and the best available. If you were charged with the construction of a bridge or the legal defense of a corporation, or wanted to select any one of a number of other types of professional, their industries or commercial sectors are often chartered, with a register of professionals available as guidance. Until relatively recently, the security industry had no such register for chartered security professionals, despite the growth of complex security threats.

At the first annual general meeting of the Security Institute, on February 1, 2001, the then Registrar and Secretary, Stewart Kidd set out the Institute’s short, medium and long-term objectives. The latter included the aspiration ‘to become the sole professional organisation representing the security manager’ and ‘to achieve Chartered status’. Senior security industry figures were also, in parallel, identifying a real need for a Chartered Security Professionals scheme as far back as 2007.

The same message was amplified later the same year by Bill Wyllie, at the time the Chairman of the Security Institute. Stuart Lowden, Managing Director of the manned guarding company Wilson James also simultaneously observed that much work had to be done before a chartered scheme for security professionals could become a reality. In 2009, however, that work had been done and was marked by the signing of a Royal Charter by Her Majesty, which was issued to the Worshipful Company of Security Professionals, a livery company in the City of London, allowing the appointment of chartered status for individuals meeting stringent admittance criteria.

The initiative was a joint venture developed by both the Security Institute and the Worshipful Company of Security Professionals and has become the means of recognising and maintaining the highest possible standards and ongoing proficiency of individuals in our industry. Chartered Security Professional (CSyP) is a professional certification in security. The certification has been established to show the attainment of strategic and higher operational level competencies in security. The Security Institute operate the Register on behalf of the WCoSP, and it is managed by the Chartered Security Professionals’ Registration Authority (CSPRA).

The criteria for joining the Register of Chartered Security Professionals is based to a large degree on the UK Standard for Professional Engineering Competence (UK-SPEC), but advice was also sought from the Foundation for Science and Technology and the Engineering Council. The final version of the criteria for becoming a Chartered Security Professional is therefore, to an extent, based on the criteria for Chartered Engineers. The first ten Chartered Security Professionals were admitted in a ceremony at Drapers’ Hall in the City of London on June 7, 2011.

To be admitted to the Register, applicants must have a strong understanding of general security principles (although you may be a specialist in one field), and be operating at a strategic or senior operational level of security practice as well as demonstrating a high level of competence in five key areas: Security Knowledge, Practical Application, Communications, Leadership and Personal Commitment.

Applications are also welcome from professionals working in the security sector, who are engaged primarily in teaching or in public or private organisations, involved in security activity. To remain a CSyP, CPD is mandatory, as is adherence to a professional code of ethics. The Security Institute operates all aspects of the Register including finances, PR and marketing and administration of the appointment of other organisations who may admit CSyPs, as managed by CSPRA. They are also responsible for establishing robust quality control processes for the scheme, and administering licensees.

The Security Institute and ASIS UK are both eligible to receive applications from potential Chartered Security Professionals, although you do not have to be a member of either organisation. It’s a testament to the vigorous protection of CSyP organisational standards, that it took ASIS UK a year of hard work to demonstrate compliance with relevant standards to be awarded a licence to manage CSyP registration applications. Both ASIS and the Security Institute are fully committed to CSyP on several levels including, mentoring and promotional activity.

The concept of chartered professionalism traces its roots back centuries, in fact to after the Norman invasion in 1066. Now, in the 21st century, being ‘Chartered’ is more relevant than ever in terms of winning and securing public trust. Across the professional landscape, from accountants to civil engineers, insurers and financial planners to legal and medical professionals, the chartered status stands out as an indicator of the highest standards of learning and ethical behavior. Increasingly, consumers are actively seeking out chartered practitioners where the gold standard for industry professionalism stands for competence, knowledge and ethical behaviour. The Register itself aims “to promote, support and encourage standards of excellence, integrity and honorable practice in conducting the profession of security practitioners and to aid societies and other organizations connected to such profession.”

The chairman of the CSPRA is Lord Carlile of Berriew QC, who is committed to the enhanced level of professionalism the new Register will bring to the sector. He says:

“I am delighted that we have produced a registration process as good as any for other professions. Our Chartered security professionals can truly be regarded as members of a quality and regulated body. This is the beginning of a major new organisation, in which industry and the wider public can have full confidence.”

The five core competencies required for registration are weighted in favour of security knowledge and application skills. The weighting also requires CSyPs to be better than average, and that achieving a mark of “good” across the board is not enough. Applicants must be better than good to be admitted as a CSyP. Those applying must be of undisputed integrity and have a good level of expertise, operating at a strategic level or the senior end of operational level of security practice. Admittance to the Register demonstrates to clients, employers, peers and the public, an ability to perform at a high standard, and a commitment to continuing professional development.

This initiative has also attracted successful applicants from not only the UK; we have CSyPs in Australia, USA, Canada, UAE, Spain, France, Albania, Cote d’Ivoire, The Netherlands, Czech Republic, Switzerland and Hong Kong. As substantial as the foundations are, and as undeniable as the commitment of the industry is to adapting to modern customer needs, to fully understand why an individual should submit themselves to the rigours of registration, we have to understand what the advantages of achieving CSyP status are to the individual for it to become attractive to the next generation of security professionals.

Firstly, though, it’s worth having a look at the changes in the structure of the security sector in general and specifically the change towards robust management of risk that might lead an individual to want to become engaged in a particular industry career path. For a long time now, customers have been increasingly unhappy with the single dimension security service delivery, with some fairly weighty voices calling for better informed, bespoke risk profiling of their businesses and a move towards Enterprise Risk Management (ERM) on a service partnership level. Traditionally, ‘security’ has been a grudge purchase by some clients for a variety of reasons, which inevitably leads to price-driven procurement decisions based on hourly charge rates. The result has often been poor delivery by poorly motivated security officers in a poorly-resourced environment.

This corporate mindset is slowly changing within the industry but still pervades among many of the current customer base. In essence, the key must be to manage expectation at the outset by demonstrating the professionalism, flexibility and tailored offering which our industry is now able and geared-up to deliver. A potential customer needs to be encouraged to base procurement decisions on the value added by the security services package, based on a risk management methodology, and not simply on the charge rate for the officers delivering those services. So often the procurement process extends only to a discussion concerned with where uniform costs, management fees or training costs can be trimmed to drive contract costs down. As such the lowest bid often wins, ensuring a continued race to the bottom in a competitive market. This approach is a bit like walking into a car show room and basing a purchase decision on how much the steering wheel or gearbox costs as the basis for negotiating price. What we tend to do however, is compare the value we think we will get from one make or model against another based on performance, specification and customer feedback.

This needs to be how the procurement world looks at security service delivery, now that complex threats pervade every corner of an organisation, in ways that are ever more difficult to detect. We can no longer sit at the staff door and call ourselves security but must drive to become actively involved in the full range of enterprise risk mitigation with our customers, including crisis first response, and we must press to become integrated service partners if we are to protect our customers fully.

So, why register for CSyP?

Simply, the answer is to demonstrate that we understand and stand by the concept of professionalising the security industry to a single, transparent and continually relevant standard, at the same time as sending a message into the market place that we have adapted to changing customer needs and put our house in order, so that choosing a professional or a service provider from within our industry is now possible in a way that mirrors the seriousness of current threats.

Registration as a CSyP also requires a demonstrable personal commitment to development of security in its wider sense, through supporting colleagues, the public, our neighbourhoods. Applicants should not just try to attain the CSyP status without fully appreciating the ongoing commitment ‘ it’s not a tick box exercise’. Change and development of any industry is necessarily driven by the needs and demands of the end user which is no less true of our industry. However, it is also true that the more rapid the change, the more critical the parallel development of an infrastructure becomes in order to protect continuity in standards and, therefore, both credibility and successful delivery. The development of the academic calibre of today’s security industry managers and executives, bares scrutiny in this context and is demonstrated no more clearly than in the list of educational establishments and qualifications being offered that include disciplines across the spectrum of risk, crisis management, business continuity and business management.

About the author

Dr Peter Speight is the Licensee Representative – ASIS UK on the CSyP’s management committee, the Chartered Security Professionals Registration Authority (CPSRA). Visit https://www.security-institute.org/rcsp/management_the_register.

Related News

  • Interviews

    Crime blog

    by Mark Rowe

    Crimestoppers, the 0800 crime-reporting line charity, has launched a national blog. The charity wants to engage with the public about crimes that…

  • Interviews

    ABC Report

    by Mark Rowe

    For a second year, third party violations of anti-bribery and corruption laws top the list of perceived risks for compliance professionals surveyed…

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing