The concept of integration has evolved for some time and has recently gained much momentum in organisations and this has influenced security management to some extent. Integration is related to total quality management because of its holistic approach. Much of the theoretical literature on integration reviewed was mainly on SSI. Fay (2011: 411) articulates the three main parts of integration as people, processes and physical security. Integration entails that people, processes and physical security are interlinked. While Fay (ibid) provides a good descriptive model of integration, the review observed that the author left out the key component of information communication technology which links integrated systems. Business operations are driven by information in various formats which can be verbal communication, written communication or through information technology systems. Therefore, the review noted that information systems are a key driver of ISS. If this reasoning is sufficiently applied, the availability or non-availability
42
of information within the security system can impact on the effectiveness of the system. Timeous availability of information in a security system can lead to the prevention and detection of security incidents. This would be the case with the use of, for example, electronic article surveillance, CCTV and intrusion alarm systems. These systems are sources of information which can lead to an occurrence being responded to. This demonstrates that the effectiveness of security systems is dependent on the availability of reliable, dependable and accurate information.
Fay (2011: 412) further discloses that when the sub-systems work together, they are said to be in harmony with one another to achieve predetermined objectives. Accordingly, this study was in agreement with Fay’s observations that stand-alone systems cannot achieve effective unity of purpose. Security systems which are purposefully integrated are more effective than stand-alone systems. An example of this would be a CCTV system integrated with an electronic access control system. However, the concept of integration should not be misconstrued as to mean that stand-alone security measures are not necessary. In fact, security sub-systems are derived from a combination of stand-alone security measures combined into a system. In some situations, stand-alone security measures may still be cost-effective. This would be a case like for example with a gate in a relatively crime free residential area. Stand-alone security measures act as support elements to an ISS and are therefore essential components of a security system.
Du Plooy (2012:3) made similar observations on integration by emphasising a comprehensive approach to risk management through consolidation of previously fragmented systems (often isolated in silos or separate compartments) in order to improve organisation effectiveness. Compartmentalisation can be attributed to the functional organisation structure which is predominant in most organisations. When security is viewed as an independent function, it may not be aware of what is happening in other functions of the organisation. In an integrated set-up, security activities are linked to other business functions. Armstrong (1992: 35) adopts a simplistic but comprehensive framework of human resources integration with other functions of the organisation, a framework which was found to be applicable to integrating security with other business
43
functions. The framework is depicted in Figure 3.3 later in this review in a security management integration context. Clifford (2004: 193) highlights the concept of dualism which ascribes to the fact that something is related or not related to security. The dualism mind-set may be predominant in some industrial organisations where security may be viewed as a backyard function and this may have negative implications to the organisation. Clifford (2004: 203) also holds the view that the integration theme is becoming more popular that Security Management (the industry’s trade magazine) runs a regular section titled, “Focus on Integration”. Clifford (2004: 105) elaborates that the seemingly independent aspects of a security system are not so independent but should work together to ensure a seamless ISS. However, caution should be applied because it can be difficult if not impossible to achieve an absolute security system which is impenetrable at an industrial facility. An absolutely seamless ISS could have the potential to constrain business operations through excessively costly security measures comprising personnel security, physical security, information security, interdepartmental dependencies and legal liability issues. In most business security system designs, the element of cost is essential because the security system will be funded from the operations which the system seeks to protect. In the Security Risk Management Model, Rogers (2011: 17) provides for cost implications through a return-on-security investment exercise. Rogers (2011: 76) demonstrates the cost implications of security measures in a diagrammatic representation which is shown in Figure 3.1 below.
44
Figure 3.1: Relationship between risk and security costs
Risk
Cost
The above diagram indicates that as risk drops due to security measures being implemented, there is a relative rise in security costs. The point of equilibrium in the diagram is where risk and cost levels meet. The major weakness of the above model is that in practice, it is difficult to arrive at such levels in quantitative terms. However, the model conveys the fact that it is important to accept that security measures are implemented at a cost relative to the risks which they seek to manage.
To conclude the theoretical foundations of SSI, Jackson (2003: 1) acknowledges that a system is a complex whole the functioning of which is dependent on its sub-systems and interactions between those sub-systems. In the scope of Jackson’s assertion, it is important to understand the parts of a security system in order to understand the whole system. Jackson (ibid) further clarifies that sub-systems interact to ensure integration and co-ordination of the system through input from the environment, processing and output back to the environment. However, Jackson (2003: 6) cautions that a system should not be closed but opened for it to interact with the environment. According to Jackson (2003: 49), system analysis in the context of security management focuses on problem identification through security risk assessment. This is then followed by determination of possible solutions through recommendation of security measures. The cost implications of the security measures are evaluated by way of a return-on-investment exercise because
45
it is important to appreciate the benefits of the security system in the context of its costs. The risk consequences or limitations of the security system should be identified and appropriate safeguards put in place.
Jackson (ibid) discloses the attributes of a system which include that it should be multifunctional in order to co-ordinate various functions. The system design should specify requirements for implementation. In addition, it should be an effectively proposed solution which meets user requirements.
The above presupposes that security systems should be enterprise-wide cutting across all functional disciplines. It was also Jackson’s (2003: 31) conviction that organisational problems are interdependent and require resolution through an integrated approach. This observation is highly applicable to most industrial organisations because one function of the company may be dependent on other functions to achieve its functional objectives which then contribute to ultimate organisational goals.