Formalizing the Security Process
Although it has facilities around the world, the biotech company lacked a formalized security program until 2017. Incident management was not part of the firm’s genetic makeup. Until then, incidents were handled in an ad hoc fashion. One staff member’s security incident requiring documentation and follow up was another staffer’s nonissue. And when an incident was reported, no parameters existed that guided how to classify the incident, what information should be captured, or what should be included in a narrative description. Security personnel couldn’t easily retrieve incidents, identify trends, or analyze data.
After about two years of using an incident documentation system that still didn’t give the team the visibility and consistency they needed, the security team decided to invest in its own solution. Flexibility, ease of use, and scalability were considered indispensable. Security needed a tool that could perform officer dispatches and that could be tailored to its specific needs. An optimal solution would incorporate site assessments and enable the company to audit its threat management, business continuity, and resilience functions. The biotech chose a suite of software tools by Resolver.
Installation and the requested customizations went smoothly, but the software presented a learning curve. Whereas the guard service provider’s incident reports contained 2 mandatory fields to complete, the Resolver incident management module had more than 15. “That was a double edged sword,” says the security manager. Security staff now needed to accurately and more completely document every incident, including all parties involved, location, type of incident, actions by the officer, final disposition, and so on. “While valuable, it was initially difficult for the team,” the security manager says. “They were not used to capturing multiple data points.”
In the past, officers dispatched to a scene would document an event with handwritten notes. Now all that data had to be entered into the system, in a particular way, requiring officers to be comfortable with data entry. The security manager worked with their internal training coordinator to create videos showing officers how to fill out reports, maneuver through the various fields and pull-down menus, and otherwise navigate the software. “They went from basically having nothing to having a full-fledged case management system that all started with the dispatching module,” the security manager says.