Post Orders are the backbone of any security program. They clearly define the duties and actions taken by personnel. Whether the focus is access controls, command center dispatch protocols, visitor policies, or other disciplines, clearly documented expectations are imperative. All too often this primary documentation is lacking for security officers. The procedures listed may be out of date, inconclusive, vague or poorly written. Ultimately, setting set staff and the program itself up for failure. How can you excel at your job if you are not sure what ‘IT’ is exactly, don’t have a procedural reference guide to use as a job aide, or have conflicting directions between verbal and written instructions?
Confusion and disrepair is often attributed to ownership and attrition; e.g., the previous security manager wrote the existing orders 10 years ago, has since left the company and no one has taken ownership of the document since. To make matters worse you can’t locate the original electronic document to edit! Sound familiar?
Whether you operate a proprietary or contracted security force at your organization, the post orders must be treated as a ‘living document’ and its development and maintenance cannot be neglected. Security posture or policy may evolve frequently depending on the industry requirements. Is it clearly understood who takes ownership of the post orders when using a security service provider? How can a third party write effective procedures between two entities without intimate knowledge of their customer’s policies and access to various departments (i.e., legal, HR, EH&S, etc.). The responsibility of keeping post orders current is collective, while the ownership rests with the proprietary security department.
Clear documentation and understanding of procedural duties are essential for any security operation. An effective set of post orders does not need to illustrate every possible scenario that security may face or copy the corporate policies verbatim adding excessive pages. Most of us won’t retain the details of a 280-page document overnight, so don’t expect each member of your security team too when responding to an incident. Keep away from long winded ‘legalese’ and utilize bullet steps when indicating a process or procedure, especially those where actions vary depending on the situation. Make the document easy to read and refer to as needed by the people who rely on it daily.
Remember these tips to keep your orders in order:
- Take Ownership – Security team has lead, but make sure all stakeholders are included in drafting
- KISS – Keep it brief and to the point, no need to explain the policy just the actions required
- Review & Update Periodically – At least twice a year and after any security incident
- Document – Communicate changes made and record them effectively in the same document
- Train & Test – Train new employees thoroughly and regularly test knowledge comprehension
Just as important as drafting concise and relevant post orders are the training and comprehension of those orders by security staff. All personnel should be fluent in their content and procedural steps. Introductory training time and ongoing periodic refresher training is a key element of functional security. Simulated practice drills of procedural knowledge and emergency event responsibilities is a great way to keep things fresh and focused. All security staff should sign acknowledgements of having been trained on and provided the post orders for the facility. Subsequent updates and edits should require signature as well. The reality of security work is that the anomaly that goes unnoticed or quickly addressed is what causes the most damage or disruption.