Monday, November 13, 2006

The Erosion of Security Management

Managers in general (at all levels, in most industries) are not the Type-A, aggressive personalities that they once were. Once the business management gurus with their new philosophies convinced the business world that management was a committee process (thereby making business management gurus a ton of money), it was the beginning of the end for strong management personalities. There is a “management-by-committee” adage that says “…when everyone’s in charge, no one’s in charge…” Once managers realized that they were not personally going to be held accountable for success or failure, the need for strong individual management traits waned. And this phenomenon was no where more apparent than in Security and Loss Prevention, because this new philosophy meant that the Security Manager (or Director, or VP) was no longer personally responsible or accountable for managing little things – like shrinkage or loss or security problems. In fact, there was actually incentive for a Security Manager to manage as little as possible – because the less that the Manager’s personal “stamp of approval” was on the overall security program, the greater was his “plausible deniability” that growing problems were not his fault. So Security Managers bought into this new philosophy hook, line and sinker - until today, when we have a bunch of easy-going, wishy-washy, namby-pamby Security Managers (and Directors and VPs) who cannot and do not assert their knowledge or authority to do the right thing.

See, management by committee is not a new concept; even I was involved in the management-by-committee process in the olden days. But there was a big difference: the “committee” that used to exist was the committee formed by the key managers and executives, each having fairly autonomous authority and responsibility for his own area of expertise. No one presumed to tell the Security Manager how to do his job because that is exactly what it was – HIS job (just as it was with Merchandising and Personnel and Marketing, etc.) So it was important for the Security Manager to be strong, because he would be sitting at the table with the strong Merchandise Manager, and the strong Personnel Manager, and the strong Marketing Manager, etc., each trying to push forward his own ideas and agenda.

But then the concept of management-by-committee changed – now it meant that EVERYONE had a say in EVERYTHING. And this was BAAADDD!!!!!!!! Because everyone did not have a thorough understanding of anyone else’s issues and problems. Management-by-committee as currently constituted is bad – it is slow, a waste of resources, and results in poorer decisions because the decisions are being made by uninformed persons. (Here's a great personal anecdote to illustrate: I was once assigned to be the team leader for a QA committee on parking. First question, per QA guidelines: "Who are our customers?" My immediate response - since I was the Security Director and responsible for parking - was "Everyone who parks on our property for any reason." WRONG!! Much too simple! We had to identify each and every one of our customers. So we spent 3 hours - approximately 60 man-hours of professional time - identifying each and every customer. And at the end of that time, do you know what our answer to the question was? "Everyone who parks on our property for any reason." The very answer I gave in 3 seconds, over 3 hours prior!!)

I’m from the old school – I have lost 3 positions as Corporate Director because I refused to water down the programs that I had so meticulously built. And here’s the scenario that played out in those 3 positions; and the scenario that plays out daily today in so many organizations:

Problems abound (shrinkage, theft, all kinds of security problems), so a strong leader is needed to solve the immediate problem. A pro-security executive is put in charge of the LP/Security function who recruits/hires a strong security manager/leader. A strong, aggressive program is built which ultimately solves the problems. The strong manager is assertive and dynamic, builds a strong program and is given full executive support.

BUT…. in the course of solving the problems with the strong program, a few feathers will almost of necessity be ruffled among the other ops managers, because things that make for good security do not always make life easy for everyone else (e.g., a security program that requires associates to use a single exit point and have belongings checked isn’t very popular; a security program that has those beautiful tall displays lowered because of sight lines isn’t very popular; the security program that scuttles the new refund procedure because it has the potential for rampant abuse isn’t very popular; etc. etc. etc.). So the strong security manager begins to be viewed as a naysayer and not a team player. And this is especially bad, because the manager has solved some problems, and now when other managers look at the result (as opposed to the reasons for the result), they only see the resulting success and say that a strong program (and a strong manager) are no longer needed. So a new executive is put in charge of security, who believes that the current state of low shrinkage and few serious problems is the natural state of things, and begins to cut the rug from under the strong manager. And a good strong manager who is dedicated to his principles will see what is going on and ultimately will not last. And he leaves and someone who fits the new mold (the easy-going, wishy-washy, namby-pamby manager) is brought in and the program suffers and things get bad and no one can figure out why??!!?? And the cycle begins anew.

So…how many managers and directors and VPs do you know that would have the intestinal fortitude to leave a position based on principle? I truly believe that there are not many of us left.

And THAT'S the cycle that leads to Security Managers who are not strong, who let others who are stronger run the security departments. THAT’S why local security managers report to local business and operations managers instead of senior security executives. (When I was in Retail at the store LP Manager level early in my career, I reported to the Director of LP…PERIOD! I once had a Store Manager unload a shipping cart of merchandise that was under surveillance because that was not my job...and I told him so...and he called the Director of LP who told him so. And the Store Manager unloaded the cart, and then I inventoried it. Those days are long gone.)

So as I’ve said, the current state of weak security management is largely our own fault………..

1 comment:

Me said...

Absolutely brilliant commentary on the current state of Security Management Jon. I have felt this way for a long time and am growing quite weary of those who have weakened our roles.