Skip Navigation LinksASIS International / Membership / Member Center / Security Spotlight / Security Project Management

Security Project Management

Even the best organizations are only able to complete 80 percent of their projects on time, on budget, and on track with their original goals, according to the Project Management Institute’s 2015 Pulse of the Profession. Nonetheless, the report considers these organizations to be “high performers.”

At the other end of the spectrum, “low performers” only achieve these imperatives 60 percent of the time. Among this group, 46 percent admit to not fully understanding the value of project management.

Do these statistics reflect what happens when security professionals engage in project management? The authors and speakers featured in this month’s Spotlight on Security offer specific plans, strategies, and tactics that can help security project managers exceed the industry norms.

» View Past Security Spotlight Topics​

ASIS Members-Only Resources

An ASIS member benefit! Not yet a member?
Join today!

Project Management
Excerpt from Implementing Physical Protection Systems: A Practical Guide, 2nd Edition

Getting Things Done: Mastering Security Project Scheduling
Recorded ASIS/SIA webinar, 2015

The Integrators of the Future and How are They Managing Today’s Projects?
Recorded education session from ASIS 2015

Information Sources on Project Management
ASIS IRC Reference Guide

Free Resources

Available to ASIS members and nonmembers.
Website account required.​

Drafting a Blueprint for Security
Article from Security Management

Mastering Project Management
Article from Security Management

Principles of Project Management
Excerpt from Physical Security Principles

Managing Project Scope Creep: Identifying, Preventing, and Recovering From It
Recorded ASIS/SIA webinar, 2015

Project Management for Security Installations
Recorded education session from ASIS 2014

Free Resources

Drafting a Blueprint for Security
Security Management, January 2016
Author: Megan Gates, Assistant Editor
Based on interviews with four security management professionals, the article offers solid tips on how to navigate the security project management process. Those interviewed hold credentials in architecture, engineering, technology, and consulting and bring a range of global experience leading security construction projects. The following points are among their conclusions:

  • Know Your Team—identify the team to ensure that security is included in project discussions from the beginning.
  • Know Your Goals—make sure that the goals of the security department align with the goals of the new facility.
  • Know Your Documents—understand the manuals, floor plans, elevations, and drawings associated with the project and keep track of any changes.
  • Know Your Chain of Command—know who can help implement solutions should problems occur.

Mastering Project Management
Security Management, January 2012
Authors: Devin Reynolds, CPP, and M. David West, CPP
Using a project management approach to developing security policies is an effective way to earn buy-in from across the organization. The many steps to this approach can be summarized into the following phases fundamental to the successful management and completion of a project:

  • Planning and Development—includes identifying the stakeholders, assessing the need for the policy change, and setting goals for why the project is being revised.
  • Execution—includes setting a timeline for implementation, preparing guidelines for measuring compliance, and briefing managerial personnel before the launch.
  • Monitoring and Evaluation—includes tracking the effectiveness of the change on organizational behaviors and assessing lessons learned.

Physical Security Principles
ASIS International 2015
Editor: Michael E. Knoke, CPP
   Chapter 13: Principles of Project Management
The chapter begins by outlining what separates a project from the normal course of business:

  • Projects are temporary with a definite beginning and end.
  • Projects are designed to meet specific goals and objectives.
  • Projects are limited by the allocation of time and a budget.

The challenge for the security project manager, then, is to optimize the goals and objectives of the project while minimizing the time and budget needed to accomplish the task, thereby minimizing the operational impact on the organization. Other factors outlined include the goals and objectives of a security project, the various roles of security in the project, the phases of a project, the tools used in a security project, and the six phases of the process. The overall goal is to integrate physical, electronic, operational security elements into a cohesive solution based on a qualified risk analysis. The following two chapters provide exceptional detail on security project execution.

Managing Project Scope Creep: Identifying, Preventing, and Recovering From It
Recorded ASIS/SIA Webinar Series, August 13, 2015
Moderator: Kimberly Roberts, SIA
Speakers: Tracy Larson, WeSuite, LLC
Charlie Pierce, Leapfrog Training & Consulting
Project creep is the added deviation of time, resources, and budget to the originally agreed-upon scope of work. The speakers provide examples of how project creep affects both clients and integrators and consistently underscore the need for a clear understanding of the contractual obligations of both, which must be clarified in writing before the project commences. When delays or overruns happen, both parties must understand how change orders will be handled, how they will affect the outcome, and who will be responsible financially. The following examples are ways to controlling creep:

  • Agree on a detailed and specific scope of work.
  • Negotiate with subcontractors before contract signing.
  • Agree on communication tools and processes.
  • Monitor spending in detail regularly—clarity negates conflict!

Project Management for Security Installations
Seminar Session 3118, September 2014
Speaker: David Patterson, CPP, PSP, Security Management Group
Project management is becoming more important in today’s complex marketplace, says Patterson, and the process is a learned skill. Project management training and certifications are available, and security managers should become familiar with its established life cycles. Patterson then discusses how those five phases equate to the eight stages of a physical protection system life cycle through detailed charts and graphs. He defines a project’s critical success factors as those that:

  • Are SMART (specific, measurable, achievable, realistic, time-bound),
  • Provide a quantitative measure of impact,
  • Give clarity about what is expected, and
  • Contribute to the organization’s mission.

ASIS Members Only

Implementing Physical Protection Systems: A Practical Guide, 2nd Edition
ASIS International, 2013
Author: David G. Patterson, CPP, PSP
   Chapter 3: Project Management
After defining the purpose of project management, Patterson focuses on the personal qualities of a good project manager, including being well-organized, having analytical skills, as well as being process oriented and good at multitasking. He also identifies the supervisory attributes needed by a successful project manager, including leadership, team building, and oral and written communication skills. He advocates using a variety of tools such as the following:

  • A network diagram to capture all the elements of the work.
  • Contingency plans to include such factors as assumptions, lines of authority, and managerial support.
  • Obstacles with their risk probability and affect on schedule delay using the equation duration x probability = schedule delay.

Patterson closes with a discussion of activities that can be accomplished in parallel as well as physical protection system project “Rules of Thumb,” percentages of time and money that should be allocated to the phases of a such a project.

Getting Things Done: Mastering Security Project Scheduling
Recorded ASIS/SIA Webinar Series, August 20, 2015
Moderator: Kimberly Roberts, SIA.
Speakers: Tracy Larson, WeSuite, LLC
David Pedreira, ASSA ABLOY
Charlie Pierce, Leapfrog Training & Consulting
The speakers in this highly interactive Webinar begin by discussing the ways a project schedule can happen:

  • The security project schedule is part of a larger project schedule overseen by a general contractor.
  • The schedule is developed before a contract is signed between a client and integrator, defining the budget, scope of work, and timeframe.
  • The schedule is developed post contract-signing, which is problematic.

Optimally, the schedule should be built using a questioning strategy, asking who, what, where, when, how, why, and what else? Thinking through the project backwards is another way to ensure that all the pieces are accounted for in the schedule and to ascertain where time management is most needed. The Webinar covers such factors as scheduling tips and hints, monitoring schedule activities, using Gantt and PERT charts, estimating task time, and allocating and estimating needed resources. At various points, the moderator asks the audience of both clients and integrators to vote on how they would answer questions such as how will you improve the detail of your project schedules, and what will you do in the future to minimize schedule creep?

The Integrators of the Future and How are They Managing Today’s Projects?
Seminar Session 3118, September 2015
Moderator: Scott Dunn, Axis Communications
Speakers: Greg Hendrix, Tyco Integrated Security
Mike Kuhn, Convergint Technologies
Nicole McDargh, CPP, Securitas Security Services USA, Inc.
The moderator poses a number of questions to the speakers, who deal with project management in a variety of security contexts. They agreed that the pace of innovation in the field has fostered convergence of IT and physical security. In the past, the integrator’s job was just to hook up products and ensure that it was done right. Today, 50 percent to 60 percent of devices rely on a network, and technicians often have to know how multiple networks converge to make the systems operate for IT, security, HR, and plant operations. These factors change how project management is executed and received in a number of ways:

  • Clients can feel shortchanged when a project’s original scope of work specified a product that is now obsolete.
  • The integrator can now collaborate with the CSO in building a more holistic approach to security systems that were proprietary and isolated in silos.
  • The integrator can be a trusted advisory to help clients decide whether the perceived outcome of a project to move to a new platform is worth the security and corporate upheaval.

Information Sources on Project Management
ASIS IRC Reference Guide
This comprehensive review of articles, books, Webinars, and Annual Seminar sessions available on this topic through the ASIS O. P. Norton Information Resources Center can assist security professionals as they develop, implement, and manage the complexities of project management in today’s local, national, and multinational environments.