A security management guide: the role, training, certification, degrees and standards

Avatar photo

Author Bio ▼

IFSEC Insider, formerly IFSEC Global, is the leading online community and news platform for security and fire safety professionals.
October 25, 2016

Sign up to free email newsletters


The Video Surveillance Report 2022

Security management is the term most commonly used to describe the role of heads of security and other¬†security professionals. In this guide we explore the scope of¬†the¬†roles, training, qualifications and standards of a group also know within the industry as ‘end users’.

Security management: what does it involve?

The role of security management involves the identification of one‚Äôs assets ‚Äď buildings, people, products, information and infrastructure ‚Äď and the development and implementation of policies, procedures and measures to safeguard these assets.

Methods used to understand what controls might be appropriate to protect assets include information classification, risk assessment, risk analysis, and the rating of system vulnerabilities.

In many workplaces, a security manager is tasked with ensuring physical security in a real world environment¬†‚Äď protecting not only products and merchandise but also the personal security of employees, visitors and clients or customers in the workplace. The advance of IT over the last 25 years has also created a role for security managers to ensure the protection of digital information, although the level of knowledge and skills required for this role is likely to involve the appointment of a specialist IT security manager.

The security manager, perhaps in liaison with the health and safety and facilities managers, may be responsible for overseeing the work environment, ensuring employees follow safe work behaviours and ensuring compliance with relevant health and safety, security and fire safety standards and legislation.

Security managers will be expected have up-to-date knowledge of their employer’s key systems and technologies, such as access control, intruder detection, perimeter security and CCTV. Managers who have responsibility for the operation of a CCTV control room must ensure their video surveillance systems are used correctly and conform to the Information Commissioner’s Office’s Public Space Surveillance Standards.

In the event of an incident, they will be expected to liaise, cooperate and coordinate with other internal departments, as well as external agencies, such as emergency services.

The regulator: The Security Industry Authority

In the UK, the main regulator of security practice is the Security Industry Authority (SIA), whose duties involve the mandatory licensing of individuals undertaking activities in the private security industry. Licensing covers manned guarding (eg door supervision, personnel protection, the transit of monies and valuables, public space CCTV surveillance, etc), key management and the immobilisation of vehicles.

To gain a license, security operatives will need to provide evidence of the appropriate knowledge, training and qualifications to carry out their duties.

In 2014 IFSEC Global produced a report in conjunction with the SIA that provided valuable information and insights around the Regulator’s licensing regime.

Training and qualifications

Training and qualifications are a key focus of the Security Institute, the UK’s largest professional membership body for security professionals. Its vision is for the sector, as a whole, to become recognised and respected for its professionalism by government, business and the public.

In November 2014, the Institute launched its Manifesto for Professional Security. As part its manifesto, it has called on education bodies to help it examine the future development of structured learning programmes to upskill the security workforce.

It has also urged government and its agencies to engage in a meaningful and ongoing dialogue to ensure it develops in a way that is fully consistent with the needs of government and society.

Its portfolio of accredited qualifications, which are offered through the Institute’s education partner, Perpetuity Training, include the Certificate in Security Management, the Diploma in Security Management, and the Advanced Diploma in Security Management.

The certificate is designed for anyone relatively new to security, while the Diploma is aimed at those who are seeking to progress in their careers. The Diploma is formally recognised by three UK universities:

  • Bucks New University;
  • the University of Portsmouth; and
  • the University of Leicester.

Perpetuity Training became the first private organisation to launch its masters degree in security management when it introduced International Security and Risk Management at IFSEC 2016 (see video below).

Aimed at addressing issues of shrinkage and internal theft, training organisation Skills for Security has recently introduced a¬†two-day ‚Äėinvestigative interviewing‚Äô course on carrying out internal investigations ‚Äď from planning interviews, handling witnesses, taking appropriate notes, and¬†dealing with representatives,¬†through to¬†coming up with suitable questions, conducting an interview, and efficient and effective decision-making.

Security management standards

It should be noted that as a regulated industry, the barriers to entry for training organisations in security are relatively low, so organisations should take care to consider the quality of the professional qualification and learning delivered.

In addition to individual qualifications and learning courses, there is also a security management standard for organisations. Published in July 2015, British Standard 16000 provides a generic security management framework, highlighting the essential principles of security management and demonstrating how security can be embedded in an organisation.

It is designed to help support an organisation’s viability, productivity, reputation, resilience and sustainability. It recognises the following: that security management is an important strategic capability; that effective security management is far more than simply reacting to threats and risks; and that organisations can identify opportunities and gain competitive advantage.

The standard covers guidance on:

  • developing a security framework;
  • carrying out a risk assessment;
  • understanding security in the context of an organisation;
  • implementing and monitoring a security programme; and
  • introducing security solutions ‚Äď physical, technical, information, procedural and personnel.

BS 16000 complements existing management standards relating to areas such as the environment, business continuity and risk, including ISO 27001, ISO 14001, ISO 22301, ISO 22313, ISO 31000 and ISO 9001.

The BSIA’s British Security Awards 2022 winners revealed as event returns to live format

The BSIA annual British Security Awards returned to a live format for 2022, with the winners having been announced.

Westfield UK enhances security and efficiency with Genetec unified security platform

Genetec has announced  that Westfield UK has implemented a Genetec Security Centre across its Stratford City and London sites. 

Dame Julie Kenny DBE DL revealed as new chair of RISC

Dame Julie Kenny DBE DL has been elected to serve as Chair of the UK’s Security and Resilience Industry Suppliers Community (RISC).

ACRE announces Feenics and Matrix acquisitions

ACRE has announced the acquisitions of access control specialists, Feenics, and, Matrix, to round off 2021. 

Bill Zalud Memorial Award for Professional Excellence 2022 winners announced

The International Foundation for Protection Officers and Security Magazine has announced the 2022 recipients of the Bill Zalud Memorial Award.

Why more organisations are centralising crisis management decisions

Harriet Brennan shares why she believes more organisations are choosing to adopt a centralised crisis management approach.

Abloy UK announces course dates for new Foundations CPD course 2022

Abloy UK has revealed the dates of its Academy Foundations and Foundations Plus CPD courses for 2022.

Linx International Group becomes a SABRE Licensed Company 

Security and risk management consulting firm, Linx International, has announced it has become a SABRE licensed company.  

How can security technology support 21st-century prison systems?

Traka highlights how new security technology such as access management is a chance to ‘re-write the existing rulebook’ in prison systems.

Responding to a crisis ‚Äď Making a case for improved resilience

Russ Timpson details how the Crisisboardroom kit can assist security leaders in managing and responding to crisis events.

Listen to the IFSEC Insider podcast!

Each month, the IFSEC Insider (formerly IFSEC Global) Security in Focus podcast brings you conversations with leading figures in the physical security industry. Covering everything from risk management principles and building a security culture, to the key trends ahead in tech and initiatives on diversity and inclusivity, the podcast keeps security professionals up to date with the latest hot topics in the sector.

Available online, and on Spotify, Apple Podcasts and Google Podcasts, tune in for an easy way to remain up to date on the issues affecting your role.


Related Topics

Notify of
Inline Feedbacks
View all comments