Printer Friendly

Phasing into control.

SYSTEM MANAGEMENT FOR card access systems is best discussed when it is broken down into three phases: selection, implementation, and management.

Most administrators pay significant attention to the implementation phase but fail to pay adequate attention to the selection and management phases. Often, the first indication of inadequate planning occurs about halfway through the implementation phase of a large system when the supplier requests the name of the person who will set up, configure, and enter all the necessary data to begin the system's function.

The selection phase is by far the most important yet most neglected phase. It is the most expensive phase, considering the resources needed to accomplish each of the three tasks, not including the actual cost of the system and installation. The staffing or consulting fees for selecting and designing the system far outweigh the costs of internal resources of implementation and ongoing management if the system is properly selected and specified.

The selection phase should not be rushed or formulated by staff without appropriate expertise. Combining opinions of several individuals, some of whom are consultants, is the best method.

The entire selection phase should be done before contacting any suppliers, unless it is done casually to obtain basic system descriptions. Many suppliers are extremely helpful but only somewhat knowledgeable on system design. Most often, the senior contact person will be a sales expert, not a security expert.

Seven tasks make up the selection stage: risk analysis, conceptual design, hardware design, system specification, hardware specification, bid letting, and bid review and supplier selection.

Each is critical to the success of a system. Success can be described in terms of user acceptance, system dependability, the cost-effectiveness of maintenance as well as future expansion, and, most importantly, the ability to accomplish the project objective.

Often security experts are not technically or mechanically inclined. Therefore, tasks should be assigned carefully.

For example, the security director might be quite competent at completing a risk analysis and determining what areas, items, and processes need to be protected. He or she may have expertise in conceptual design, too. But his or her area of expertise might not include hardware design. If that is the case, a consultant should be used.

The following is a good example of a downfall in system selection performed by an individual who does not have adequate expertise. A security director wants to implement a turnstile card access system for a large manufacturing plant. He selects a wonderful name brand system, using the unselfish, endless assistance of the supplier's senior sales manager as a key consultant.

The third day after installation the security director discovers that union representatives have moved the time clocks from inside the facility to outside the facility. This is done so that union members get paid for the 22 minutes they must stand in line waiting to be admitted through the new access control system because no one ever thought of the term "throughput rate."

System specification includes detailed features the software will contain, the master control unit, the maintenance agreement, methods of controlling future costs, the ability for expansion, and more.

Additional points in the system specification element that affect a system include maintenance agreements, unit pricing, and expansion capabilities. Adequate planning allows the user to contract with the vendor for prices of individual units, such as an additional card reader, an electromagnet, or cards for a specified price at a percentage of increase for a specified period.

Typically this is overlooked, and the negotiations with the supplier are inadequate. Items such as maintenance agreements, unit pricing, and expansion capabilities are best negotiated as part of the initial bid so that the user may have a long-standing relationship with the supplier.

Hardware specification is again best accomplished by an experienced, technical security practitioner. This person must have up-to-date information on the most cost-effective, reliable, and creative ways to interface different hardware with a system.

The final two elements that make up the selection phase are bid letting and bid review and supplier selection. Considerable skill is involved here. The art of negotiation is an area of expertise all its own, and considering today's legal liabilities, the wording of a purchase, supply, and maintenance agreement is critical. These areas should have the input of purchasing department personnel, consulting engineers, the maintenance director, and the construction manager, to name a few.

It is quite common to outline specifically what the qualifications of suppliers must be, who will do the installations, when installations will take place, who will clean up the messes, who will patch up disruptions in the architecture, who will get security clearances for contractors, and what codes and ordinances must be followed.

The selection phase determines exactly what the user will end up with or should have ended up with if the supplier does not install what was agreed on, its cost, the future costs, the user's future relationship with the supplier, the system's ability to accomplish its original objective, and the final result of the project. This makes selection the most important phase, requiring the most attention to detail and as much expertise and planning as possible.

THE IMPLEMENTATION PHASE OCCURS in one of two environments, while a new facility or structure is under construction and not yet inhabited or in an existing, occupied facility. In both environments systems implementation can be accomplished successfully. However, implementation in an unoccupied facility under construction is far easier, less expensive, and has greater user acceptance since users don't have to submit to changes in procedures.

Significant considerations should be taken into account when implementing a system while a facility is under construction. By understanding the intricacies of the card access system at the selection phase, the user can implement the system more effectively and less expensively.

For instance, specifications for the type of wire, conduit, and electrical enclosures required for multiplexers, recessed boxes for readers, door contacts, and audible devices can be issued to the electrical contractor on-site. The contractor can also perform the work faster, cheaper, and better than the card access supplier's personnel. This is a common way of saving significant cost.

It is far better to implement a large system while the facility is under construction. More often, however, this is not possible. Yet, this should not preclude the implementation of a system in a finished facility. It simply requires a little more creative and detailed planning to account for finished surfaces, disruption of activities, and system turnover from the old to the new.

Helpful hints for a successful implementation in an inhabited facility include extensive communication with management, employees, employee representatives-such as unions or supervisors-and all end users. Advance notification, including demonstrations of how the system will work, how it will provide better service to the users, and what its security benefits will be can make all the difference in increasing user acceptance. The notification program can provide a preventive quality, where users understand their accountability for vulnerable areas and assets.

The implementation phase requires significant resources from the management division. Depending on the size of the facility, the number of users, the importance of uninterrupted operation, the physical distance between devices and the management group, and the complexity of the system software and hardware, the amount of resources required from the management division could vary significantly.

The division managing the system will be required to configure the system through extensive data entry, organize journals and user manuals for different levels of users (such as operators, administrators, and managers), and obtain approval from all affected divisions regarding access levels, decision trees, response instructions, record-keeping functions, card access issues, and ID format changes.

The implementation stage will undoubtedly require cross-training several individuals in system management so that the facility will not be paralyzed should employees go on vacation or be terminated. Further consideration should be given to 24-hour operations so that some level of contact between users and system administrators exists at convenient times for shift workers.

The implementation phase requires much attention to understanding the system-its limitations and its advantages. These should be used to the best advantage to deal with the large number of requests for additional access, hour changes, system failures, and audit trails for investigative purposes.

THREE AREAS OF RESPONSIBILITY make up the management phase: the systems manager, operators, and a support person. The systems manager's responsibilities include the software; backups; information protection; access levels programming; liaison with the supplier, technicians, and maintenance staff system evaluations; supervising operators; and others.

The operators monitor the system continuously. Ironically, many companies that plan on spending upwards of three quarters of a million dollars on a card access and alarm monitoring system find it difficult to understand the necessity of having at least one terminal in an area where an operator is present 24 hours a day, seven days a week, 365 days a year.

The systems manager and operators are critical to a successful operation. These individuals must be diligent in their data entry and handling of alarms and activities of the system. They must be dedicated, honest, intelligent, and organized individuals who can competently deal with the contingencies that arise.

If there is no location in the facility with a 24-hour monitoring center, five full-time operators should be added so that one individual is on duty 24 hours a day. The location of the monitoring terminals; the security of the room; backup systems; backup notifications for operator failure; air quality and temperature; and communication devices such as telephones, radios, pagers, or others necessary to respond to system exceptions should also be considered.

The final area involves the support person-the division's frontline contact with card users, administrative assistants, the maintenance staff, and senior management. The support person needs to be service oriented; be skilled in public relations; be able to demonstrate proper hardware use; understand access levels, time frames, and system parameters; and maintain order when the systems manager is not available.

The selection, implementation, and management of a card access and alarm monitoring system is a major undertaking. One cannot assume that the only expense is with its purchase and installation. Poor planning may lead to an ineffective, overpriced, underused, or unaccepted system. Additionally, it could cause serious harm due to unplanned expenditures, mismanagement, or inconvenience to large numbers of personnel.

On the other hand, good planning can allow for a tremendous amount of added security, comfort, and organization for the division. Proper assistance should be sought when making what may be the most significant expenditure of the department to ensure the system not only serves the department's objectives but also shares corporate objectives.

About the Author . . . Howard A. Moster is director of corporate security for Triple Five Corporation Ltd. in Edmonton, Canada. He is coauthor of Executive Family Protection and is completing A Management Guide to Card Access Systems. Moster is a member of the advisory committee for the University of Alberta's security management program and a member of ASIS. This article was written on behalf of the ASIS Standing Committee on Physical Security.
COPYRIGHT 1990 American Society for Industrial Security
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 1990 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:Cards: The Key to the Future; special access control supplement; system management for card access systems
Author:Moster, Howard A.
Publication:Security Management
Date:Nov 1, 1990
Previous Article:You've come a long way, badges.
Next Article:Predicting the future.

Related Articles
Holding down the fort.
Access for success.
A card access education.
I survived an upgrade.
Graduating to higher security.
When security means business.
A hospital staves off security ills.
Technology treats hospital's ailments: new CCTV and access control systems help one Ohio hospital increase security while addressing...
A sense of security: colleges and universities get serious about building access control.

Terms of use | Copyright © 2017 Farlex, Inc. | Feedback | For webmasters