-
Advancing Security
Professionals A discussion paper to identify the key actions
required to advance security professionals and their contribution
to
Australia
Produced by the Interim Security Professionals Taskforce
5 March 2008
Your views are sought Your views on the questions in this paper
can be forward to the Taskforce via email
or in person at the Consultative Forums around Australia. For
details, see www.securityprofessionals.org.au
Dates of Consultative Forums are listed at
www.securityprofessionals.org.au/Your_views.html
The project is supported by the Australian Government
Attorney-Generals Department.
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
Page 2
Taskforce information Interim Security Professionals Taskforce
Members The members of the Interim Taskforce serve on the taskforce
as knowledgeable individuals and not as representatives of
particular organisations. Name Email Don Williams
[email protected] Brett McCall
[email protected] Julian Talbot
[email protected] Michael Kinniburgh
[email protected] Peter Anderson [email protected]
Jason Brown [email protected] Paul Murphy
[email protected] . Bruce Howard [email protected]
Athol Yates [email protected] Kelly
[email protected] Steve Barlow [email protected]
Observers Richard Clarke [email protected] Peter Wythes
[email protected] Taskforce administration Name Email
Telephone Athol Yates [email protected] 02 6161
5143 Consultative Forums dates and locations
Timing Date State Location 4-6pm
Thursday, 27 March Canberra
Conference Room, Australian Homeland Security Research Centre,
First Floor, Australian Institute of International Affairs
Building, 32 Thesiger Court, Deakin ACT 2600
4-6pm Tuesday, 1 April Melbourne
McCall Security, Unit 3, 484 Graham Street, Port Melbourne
4-6pm Wednesday, 2 April Hobart
Tasmania Division, Engineers Australia, Royal Engineers
Building, 2 Davey Street, Hobart
4-6pm Wednesday, 2 April Sydney
ATMAAC International, Level 1, 102 Bennelong Road, Homebush
Bay
4-6pm Thursday, 3 April Brisbane
Queensland Division, Engineers Australia, 447 Upper Edward St,
Brisbane
4-6pm
Thursday, 17 April Adelaide
Lincoln Rowe Room, South Australia Division, Engineers
Australia, 11 Bagot Street, North Adelaide
4-6pm Friday, 18 April Perth
Western Australia Division, Engineers Australia, 712 Murray
Street, West Perth
4-6pm
Wednesday, 16 April Darwin
Conference Room, Northern Division, Engineers Australia, Survey
House, 14 Shepherd Street, Darwin
Registration is essential for catering and preparation reasons.
To register, you can:
Email: [email protected] Tel: 02 6161 5143
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
Page 3
Contents Taskforce information
.................................................................................................
2
Interim Security Professionals Taskforce Members
............................................... 2Taskforce
administration
.........................................................................................
2Consultative Forums dates and locations
...............................................................
2
Overview
....................................................................................................................
41 Background
.........................................................................................................
62 Purpose of this paper
..........................................................................................
83 Defining security professionals
...........................................................................
94 Key standards for professional practice
............................................................ 11
Potential frameworks for professional practice standards
..................................... 115 Improving the status and
recognition of security professionals ......................... 136
The minimum standards, competence and continuing professional
development requirements for security professionals and their
specialisations ............................. 157 A regulation /
registration / licensing / accreditation system
.............................. 168 Enhancing accountability of the
work of security professionals ......................... 179
Advancing the views of security professionals to government,
industry, professional associations, the community and the media
........................................ 1810 Feedback
........................................................................................................
20Annex A Elements of the security continuum
...................................................... 24Annex B
Professionalism
....................................................................................
26Annex C Elements of a Profession
......................................................................
27Annex D Qualification Frameworks
.....................................................................
29Annex E SWOT Analysis
....................................................................................
33Annex F Security and security-related professional and industry
associations in Australia 35
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
Page 4
Overview Security professionals are a group of security
practitioners vital to the protection of government, commercial
organisations, non-government organisations and the community. If
the security continuum is considered as having personnel who work
in the tactical, operational and strategic sectors, then this
discussion paper predominantly relates to those working at the
senior end of the operational sector and those in the strategic
sector. These personnel are referred as security professionals in
this paper.1 Unfortunately security professionals have not been
able to contribute their full potential to the nations security and
safety due to a number of reasons including:
a lack of understanding by security users of the difference
between the quality and capabilities expected of those providing
front-line operational services, such as manpower and technology,
and those providing professional services security advice, such as
security advisors and security risk managers;
a lack of standards defining the expected knowledge, competency
and ethical behaviour of security professionals;
a lack of appropriate licensing, registration, accreditation and
assessment of security professionals;
a lack of a unified voice advocating the interests of security
professionals. Following the 2007 Security Professionals Congress
where the problems were identified, an Interim Security
Professionals Taskforce was established to advance the security
profession. The Taskforce has produced this paper which summaries
the problems, proposes statements for discussion, and asks
questions of security stakeholders. The purpose of this paper is to
generate discussion on the major questions facing the security
professionals, and based on feedback from the paper, propose a way
forward that advances security professionals and their contribution
to Australia. Views on these proposed actions are sought from
stakeholders including:
Security associations Security consultants Security consumers
and purchasers Security employers and contractors Security managers
Security manpower staff Security policy makers Security
regulators
All stakeholders are welcome to submit their views via email to
[email protected] or in person at the Consultative
Forums listed at www.securityprofessionals.org.au/Your_views.html
or on page2. Following the feedback, the Interim Security
Professionals Taskforce will prepare the final report that will
include draft recommendations for advancing the security
profession, and a draft action plan to implement the
recommendations. 1 For details of the roles of personnel working in
the tactical, operational and strategic sectors, see page 29.
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
Page 5
This will be refined on the:
25 May 2008, Melbourne, at the Security Professional Association
meeting on the day prior to the 2008 Security Professionals
Congress
26-27 May 2008, Melbourne, at the 2008 Security Professionals
Congress Information at www.securityprofessionalscongress.org.au/.
The Congress will debate, select and refine the final
recommendations and action plan. A formal Security Professionals
Taskforce will be selected at the Congress to implement the
recommendations.
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
6
1 Background Security professions (defined as those working at
the senior end of the operational sector and in the strategic
sector of the security industry) is a critical group which supports
the protection of government, commercial organisations,
non-government organisations and the community. Unfortunately it is
a group that has not been able to contribute its full potential to
the nations security and safety primarily due to the fact that
there is no clear understanding of the security profession, and
there is no common voice, partly because of the disparate origins
of members of the profession. This problem is compounded by the
fragmentation within the security profession, lack of relevant
qualifications and accreditation, and regulatory confusion between
it and the much broader security industry (which includes providers
of guards, equipment installers and vendors). Over the last few
years there has been increased discussion at meetings, conferences
and seminars on the need to define and promote the professional end
of the security services continuum. To assist this discussion, a
Security Professionals Congress was held in Melbourne in May 2007.
The Congress was attended by approximately 150 delegates
representing all aspects of the security profession including
in-house security managers (from the public and private sectors),
consultants, ITC specialists, physical security consultants,
security engineers, procedural specialists, facility managers, risk
managers, emergency managers, business continuity consultants,
academics and educationalists. Organisations participating in the
Congress were:
ASIS International ACT, Victoria, NSW & New Zealand Chapters
Australian Homeland Security Research Centre Australian Information
Security Association Australian Institute of Professional
Intelligence Officers Engineers Australia Information Systems
Security Australia Institute of Security Executives International
Association of Bomb Technicians and Investigators Australian
Chapter Risk Management Institution of Australia SECIA Victorian
Security Institute
The Congress was based on a series of presentations by senior
security professionals and six workshops where delegates were
required to review specific topics related to defining and
promoting the security profession and making recommendations on the
way ahead. The main concerns identified during the Congress
were:
1. Professional standards for practice 2. Qualifications and
training 3. Registration system based on competence 4. Status and
recognition 5. Accountability based on a code of ethics 6.
Commonality and standards across security professional
specialisations
It was of interest to note that three common themes emerged from
all workshops:
1. a requirement to formalise qualifications, certifications and
professional recognition; 2. the need to alter the perception of
the security profession; this was portrayed as
differentiating between the security profession and the security
industry which provides important services and products, and
contains professional members, but is not the security
profession;
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
7
3. the need to establish a group representing the security
profession. It was recognised that such a body should provide the
forum to address the other two key issues.
On the day prior to the Congress, there was a meeting of
professional associations representing security professionals.
Representatives of twelve associations attended, representing
Australian-based and international organisations, and there were
also representatives from New Zealand. This was the first such
meeting. The Australian Homeland Security Research Centre (AHSRC)
partially funded the attendance of these groups to the meeting. The
key topic of the professional associations meeting was the ability
to work together to promote the security profession. It was
recognised that no one body represents the needs of all security
professionals or speaks on behalf of the broader profession. A
recommendation from the meeting was the investigation of the
feasibility of establishing a peak body. The Australian Homeland
Security Research Centre (AHSRC) organised, coordinated and hosted
the Congress and the meeting of associations in May. It paid for
the accommodation of key representatives of the security
professionals to engage them in the activity. The AHSRC has stated
that it is not interested in becoming a peak group; however, it
strongly supports enhancing the security profession to ensure that
it makes a greater contribution to national security and community
safety. Don Williams CPP coordinated the Congress program and
facilitated the Congress. Funding This project is supported by the
Australian Government Attorney-Generals Department.
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
8
2 Purpose of this paper The purpose of this paper is to generate
discussion on the following major questions facing the security
professionals.
How are security professionals defined? What are the key
standards for professional practice? How can the status and
recognition of security professionals be improved? What should be
the minimum standards, qualifications and continuing
professional
development requirements for security professionals and their
specialisations? What is an appropriate
regulation/registration/licensing/accreditation system? What are
the best ways to enhance accountability for the work of
security
professionals? How can the voice of security professionals be
best represented to government,
industry, professional associations, the community and the
media?
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
9
3 Defining security professionals People who work in the
security industry can be divided into many categories.2 Typical
categories include:
Business continuity professionals Crowd controllers Facility
managers Intelligence professionals Investigators Security advisors
Security equipment installers Security manpower providers Security
researchers Security risk managers
However, a category which is not normally identified is security
professionals. This term is quite distinct from security
professionalism that encapsulates the professional delivery of a
security product or service. The term security professional in no
way implies that security professionalism is limited to security
professionals. A key characteristic of security professionals is
that they are required to take responsibility for security projects
and programs in the most far-reaching sense. They provide
significant input into the shaping of security decisions and the
environment in which the security system functions. This requires
that they:
understand the requirements of clients and of society as a
whole; work to optimise social, environmental and economic outcomes
over the lifetime of
the product or program; interact effectively with the other
disciplines, professions and people involved; ensure that the
security contribution is properly integrated into the totality of
the
undertaking. The work of security professionals is predominantly
intellectual in nature. Security professionals have a particular
responsibility for ensuring that all aspects of their work are
soundly based in theory and established practice. One hallmark of a
security professional is the capacity to break new ground in an
informed and responsible way. Security professionals may lead or
manage teams appropriate to these activities, and may establish
their own companies or move into senior management roles in
security and related enterprises. For the security profession to be
considered a profession in its own right, it is required to have,
as other professions, the following characteristics:
Distinct body of knowledge Agreed and enforced standards of
behaviour/ethics Standards of education Formal requirement for
professional development College of peers
2 See Annex A for a list of elements of the security
continuum.
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
10
Statements for discussion A security profession is defined as
the group composed of those who provide advice to senior managers
as in-house security advisors, security managers or external
security consultants, and who have or provide:
the highest standards of professionalism; leadership; up-to-date
expertise; quality and safety; independent and quality advice.
In Australia, the characteristics of the security profession are
assessed as:
Distinct bodies of knowledge 9 Agreed and enforced standards of
behaviour/ethics 8 Standards of education ? Formal requirement for
professional development ? College of peers 8
Questions
1. Do you agree with the definition of security profession and
if not, how would you define it?
2. Do you agree with the assessment of the characteristics of
the security profession?
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
11
4 Key standards for professional practice Professional practice
standards are those standards which security professionals need to
comply with in order:
to uphold the public interest; to ensure the integrity of the
work for which they are responsible; to discharge their
professional obligations.
Standards are concerned both with professional competencies and
with working methods, practices and procedures.
Professional practice standards are divided into the following
areas: Professional knowledge Professional practice Professional
engagement
They should all contribute to the following objectives:
Independence and Objectivity Confidentiality Proficiency Due
professional care Maintaining up-to-date expertise Continual
improvement Ethical behaviour Responsibility to society and the
environment Responsibility to the client or employer
Professional practice standards enable security practitioners
to:
assess their own performance; demonstrate professional standing
against agreed criteria to their stakeholders; identify areas where
improvement is needed; re-assess their performance after changes
have been implemented.
Key issues in professional practice standards are:
competence versus quality standards; continuing professional
development; development of standards.
Potential frameworks for professional practice standards A
number of frameworks exist already for describing the skills,
competencies, knowledge and abilities of a given profession or
industry. The four key frameworks are:
1. alignment with the Australian Qualifications Framework (AQF);
2. certification levels based on responsibility and competence; 3.
role-based requirements framework; 4. alignment with Security Risk
Management Body of Knowledge (SRMBOK) Practice
Areas and Activity Areas. These frameworks are outlined in Annex
C.
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
12
Statements for discussion Security professionals require
professional practice standards in the following areas:
Professional knowledge Professional practice Professional
engagement
Some of these standards already exist but are not sufficiently
unified or coherent. The frameworks to create professional practice
standards are:
alignment with the Australian Qualifications Framework (AQF);
certification levels based on responsibility and competence;
role-based requirements framework; alignment with defined and
recognised practice areas.
Questions
3. From your specialisation or perspective, what are the key
existing professional practice standards in the areas of:
professional knowledge; professional practice; professional
engagement.
4. What are the best frameworks to create professional practice
standards?
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
13
5 Improving the status and recognition of security
professionals
Professionals enjoy a high social status, regard and esteem
conferred upon them by society. This status is not an inherent
right, but is granted by society. It arises primarily from:
higher social function of their work, regarded as vital to
society as a whole and thus of having a special and valuable
nature;
existence of technical, specialised and highly-skilled work
often referred to as professional expertise;
training involving obtaining specialist education and
qualifications; restricted entry to the profession based on
competence; training requiring regular updating of skills.
For professionals, maintenance of public status depends on the
public's belief that professionals are trustworthy and provide the
level of expertise expected of them. Where there is no consensus on
how to raise the status of professionals, there appear to be two
distinct groups of thought.
A series of actions to raise the status of a profession. No
overt action can be effective in raising the status of a profession
as recognition of
a professions importance. This will occur naturally if the
professional produces unique and valued high quality work, and
makes a significant contribution to society.
If action is effective in raising the status and recognition of
a profession, below are the key actions that are normally
taken.
Increase in positive media coverage of security professionals
Introduction of awards for security professionals Increase in
remuneration Encourage more women to become security professionals
Security professionals featuring in media programs, notably news
broadcasts and
documentaries Representation of the concerns of security
professionals to politicians Security professionals giving talks to
non-security groups Security professionals informing other
professional groups (e.g. engineers and
project managers) of the work of security professionals Increase
in entry standards for security professionals Increase in the
inter-personal skills of security professionals so that they can
better
communicate in the workplace, industry and to the community
Protection of term security professional Introduction of specific
licensing requirement for security professionals Promoting a
security professional post nominal Creation of a representative
voice for security professionals Inviting non-security
practitioners to meetings of security professionals
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
14
Statements for discussion Security professionals have low status
and recognition due to:
a lack of understanding of the specialised knowledge required by
security professionals;
confusion in the publics understanding of the difference between
security manpower staff and security professionals.
Questions
5. Are you satisfied with the status, trust and recognition of
security professionals? 6. Do the levels of professional status,
trust and recognition of security professionals
need to be addressed? 7. What are the key initiatives to raise
the status, trust and recognition of security
professionals?
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
15
6 The minimum standards, competence and continuing professional
development requirements for security professionals and their
specialisations
For some specialisations of security professionals, there are
standards, qualifications and continuing professional development
requirements. For others there are none. The reasons for the
standards, competence and continuing professional development
requirements include:
protection of the consumer from poor service and goods;
protection of the consumer by providing guidance on the quality of
professionals.
The standards, qualifications and continuing professional
development requirements specified for security professionals need
to conform to the framework selected for professional practice
standards as listed in Section 4. That is, the standards can be
based on:
educational qualification; competence; experience; roles.
Statements for discussion Referring to Section 4, there are four
main frameworks that will drive any requirements for minimum
standards, competence and continuing professional development
requirements for security professionals and their specialisations.
Questions
8. For the security profession as a whole, do you believe that
minimum standards, competence and continuing professional
development requirements are needed? If so, what should they
be?
9. For specialisations, do you believe that minimum standards,
competence and continuing professional development requirements are
needed? If so, what should they be?
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
16
7 A regulation / registration / licensing / accreditation
system
The regulation/registration/licensing/accreditation systems vary
across State and Territory jurisdictions and elements of the
security industry. The system for certain elements of the security
industry is well developed and targeted in areas such as crowd
controllers and installers. However, for security professionals,
the systems are mostly irrelevant as they either do not apply to
groups of security professionals, or they provide no indication of
competence (or other public good benefit). Examples of the former
are that the systems do not apply to information security
consultants and government security advisors. Examples of the
latter are that the systems provide no indication of competence
when selecting professionals in security facility design and blast
design. Statements for discussion A security
regulation/registration/licensing/accreditation system is of value
to security professionals, security consumers and society. The
existing security regulation/registration/licensing/accreditation
systems of the States/Territories are mostly irrelevant to security
professionals. Security professionals should not be required to be
part of the States/Territories systems. A national system should be
developed or alternatively, specialisations of security
professionals should fall under existing national schemes.
Questions
10. Do you believe that the existing security
regulation/registration/licensing/accreditation systems of the
States and Territories are irrelevant to security
professionals?
11. Can you suggest an ideal system for the regulation of
security professionals and specialisation?
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
17
8 Enhancing accountability of the work of security
professionals
Currently, it is difficult to determine how individual
practitioners can be held accountable given that there are
currently few, if any, minimum standards against which security
professionals can be judged. The licensing regimes for consultants
in some jurisdictions set standards for qualifications (usually a
Cert IV) and for registration as a business, insurance coverage,
etc, but these do not directly reflect standards for ethical or
professional behaviour. Most of the security-related industry or
professional organisations have codes of conduct. A common concern
is that disciplining members for codes of conduct breaches is done
infrequently by the organisations as it results in members
resigning before disciplinary action is finished. Enforcement also
results in lost membership fees for the organisation. Some
contracts require minimum levels of Professional Indemnity (PI)
insurance but the relevance of the insurance cover to the work
undertaken is not often verified. PI coverage should reflect that
the applicant has demonstrated to the insurance provider that they
are an acceptable risk in terms of qualifications, experience and
business practices for the work they undertake. Requiring
participants to demonstrate PI coverage for the work undertaken
would help make them more accountable. Statements for discussion
There are poor formal mechanisms for accountability for security
professionals as there are few minimum standards against which
security professionals can be judged. Existing codes of conduct and
enforcement mechanisms are limited in benefit for security
consumers to take action against security professionals. Security
professionals require either:
a whole-of-profession code of conduct that is enforced by a
party that does not depend on membership fees with disciplinary
action is linked to licensing, or
existing codes of conduct and enforcement mechanisms are
strengthened. Questions
12. Do you believe that formal mechanisms for accountability for
security professionals need to be improved?
13. What do you suggest are the best ways to improve
accountability?
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
18
9 Advancing the views of security professionals to government,
industry, professional associations, the community and the
media
There is no single voice speaking on behalf of security
professionals. However, there is a range of industry and
professional bodies that represent elements of the security
continuum. For example:
ASIAL, ISE, VSI and other security-specific organisations
represent elements of the security industry.
ASIS International represents individual security consultants
and managers. Other associations represent specific areas of
expertise such as ITC security, risk
analysis and bomb security. Non-security associations represent
those who also work in related fields such as
Emergency Management, OH&S and Facility Management. The
number of security-related organisations makes it difficult to
promote a common image. Non-security professional groups, such as
Facility Management and Emergency Management, do not have as many
representative bodies and hence have a more cohesive set of
guidelines, expectations and public information capabilities.
Government policy makers and regulators currently have no
organisation that they can seek guidance from in relation to the
security profession. There are six options for advancing the voice
of security professionals to government, industry, professional
associations, the community and the media. Below is a table
identifying the options. Option Explanation Status quo Continue
with the current situation Regular, informal meetings of security
professionals
Regular informal meetings of professionals could be held to
discuss topics of interest and concern. This could be achieved
through an annual congress.
An association of associations
An association of associations could be formed where
security-related professional bodies meet and discuss topics of
interest and concern, and develop collegiate responses.
Lead association A lead association could be appointed to
represent others. This option, while providing a single point of
contact, may suffer from extended discussion over which
organisation is best suited to lead.
An associated society
An associated society could be created within an existing parent
body such as Engineers Australia. The associated society would
invite individual members and a prerequisite could be membership of
an existing security-related professional body. An associated
society would adopt the codes of conduct, compliance and
accountability standards of the parent organisation.
A new security professional institute
A new security professional institute could be formed that would
require minimum standards for members, possibly including
membership of an existing security-related professional body. An
institute could have sub-groups/colleges for each specialisation
representing the specific requirements of each sector. An institute
could attain standing as a recognised professional body with
membership being respected by clients and peers.
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
19
Annex E contains a SWOT (Strengths, Weaknesses, Opportunities
and Threats) analysis for each option. Statements for discussion
The views of security professionals are not consistently or
effectively heard by government, industry, professional
associations, the community and the media. Improvements to
advancing the views of security professionals need to be made. The
key mechanism to advancing the views is to develop a unified voice
on topics of concern (which may be different from concerns of other
elements of the security continuum). The options are:
Regular, informal meetings of security professionals An
association of associations A lead association An associated
society A new security professional institute
Questions
14. Do you believe that the views of security professionals are
not consistently or effectively heard by government, industry,
professional associations, the community and the media?
15. Do you think that a more unified voice of security
professionals is required? 16. If so, which option is
preferred?
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
20
10 Feedback Feedback on all aspects of this discussion paper is
actively sought, particularly in relation to the Statements for
Discussions and the Questions at the end of each section. Feedback
can be provided via email to [email protected] or
by attending one of the Consultative Forums.
ConsultativeForumsdatesandlocationsTiming Date State
Location
4-6pm
Thursday, 27 March Canberra
Conference Room, Australian Homeland Security Research Centre,
First Floor, Australian Institute of International Affairs
Building, 32 Thesiger Court, Deakin ACT 2600
4-6pm Tuesday, 1 April Melbourne
McCall Security, Unit 3, 484 Graham Street, Port Melbourne
4-6pm Wednesday, 2 April Hobart
Tasmania Division, Engineers Australia, Royal Engineers
Building, 2 Davey Street, Hobart
4-6pm Wednesday, 2 April Sydney
ATMAAC International, Level 1, 102 Bennelong Road, Homebush
Bay
4-6pm Thursday, 3 April Brisbane
Queensland Division, Engineers Australia, 447 Upper Edward St,
Brisbane
4-6pm
Thursday, 17 April Adelaide
Lincoln Rowe Room, South Australia Division, Engineers
Australia, 11 Bagot Street, North Adelaide
4-6pm Friday, 18 April Perth
Western Australia Division, Engineers Australia, 712 Murray
Street, West Perth
4-6pm
Wednesday, 16 April Darwin
Conference Room, Northern Division, Engineers Australia, Survey
House, 14 Shepherd Street, Darwin
Registration is essential for catering and preparation reasons.
To register, you can:
Email: [email protected] Tel: 02 6161 5143
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
21
Feedback Response Table The following table may be used to
answer the specific questions raised in this paper. Additional
comments and suggestions are sought. Please complete and fax to 02
6161 5144.
Question Response 1 Do you agree with the definition of
security
profession and if not, how would you define it?
2 Do you agree with the assessment of the characteristics of the
security profession?
3 For your specialisation or perspective, what are the key
existing professional practice standards in the areas of
Professional Knowledge
Professional Practice
Professional Engagement
4 What are the best frameworks to create professional practice
standards?
5 Are you satisfied with the status, trust and recognition of
security professionals?
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
22
6 Does the level of professional status, trust and recognition
of security professionals need to be addressed?
7 What are the key initiatives to raise the status, trust and
recognition of security professionals?
8 For the security profession as a whole, do you believe minimum
standards, competence and continuing professional development
requirements are needed? If so, what should they be?
9 For specialisations, do you believe minimum standards,
competence and continuing professional development requirements are
need? If so, what should they be?
10 Do you believe that the existing security
regulation/registration/licensing/accreditation systems of the
States and Territories are irrelevant to security
professionals?
11 Can you suggest an ideal system for the regulation of
security professionals and specialisation?
12 Do you believe that formal mechanisms for accountability for
security professionals need to be improved?
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
23
13 What do you suggest is the best ways to
improve accountability?
14 Do you believe that the views of security professionals are
not consistently or effectively heard by government, industry,
professional associations, the community and the media?
15 Do you think that a more unified voice of security
professionals is required?
16 If so, which option is preferred?
Additional comments
OPTIONAL - Name and email address:
___________________________________________________ Please complete
and fax to 02 6161 5144.
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
24
Annex A Elements of the security continuum The following is an
indicative list of those involved in providing security products
and services.
SecurityServices
SecurityManagementServicesAudit & compliance Business
continuity management Crisis & emergency management Enterprise
security planning & assessment Intelligence planning, provision
or analysis Red teaming Risk compliance Risk management Scenario
planning Security management benchmarking or gap analysis Security
policy, plans, documentation Security project management Security
risk management Threat analysis Vulnerability analysis
Physicalsecurityservices Access control system design Alarm
system design Architecture Blast modelling CCTV system design
Communication system design Correctional and detention facilities
design Crime prevention through environmental design Critical asset
identification Engineering vulnerability analysis Facility
hardening Fire and safety Forensic Perimeter security design
Physical security assessments Physical security reviews Security
systems design Specification writing Systems integration Technical
surveillance counter measures (e.g. de-bugging)
Personnelsecurity Close protection Drug testing Executive and
close personnel protection Kidnap, ransom and extortion support
Overseas travel security support Personnel screening and vetting
Polygraph services Private investigators Surveillance and
counter-surveillance Training & education
GuardingArmed guards (uniformed and plain clothed) Bodyguards
Casual guarding (eg major event) Crowd controllers Patrol services
Security drivers Security guard dog handlers Uniformed security
officers
LosspreventionFraud prevention Loss and prevention
Physicalsecurityproducts
GeneralAccess control Alarms Baggage and freight screening
Biological detectors Biometrics Cameras CCTV Chemical detectors
Detection and control devices Document or product identification
Doors and locks EOD and UXO Fencing and perimeter security Gates
Guard houses ID systems Incident management software Jammers Locks
and hardware Mail screening Safes and record protection Signage
Smart cards Surveillance and monitoring systems Turnstiles Vehicle
barriers Vehicle ID systems Video intercoms Weapons and
munitions
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
25
PersonnelSystemsandEquipment Body armour Goggles and glasses
Hygiene Less-than-lethal weapons Navigation and GPS NBC clothing
Night vision Protective clothing Weapons
Communications Command and control Communications security
Frequency hopping Hand-held Intercom Mobile internet Satellite
Secure communications Tactical Video conferencing Voice Over IP
(VoIP)
Medical Decontamination First Aid equipment and supplies Medical
services Mobile hospitals Stretchers and litters
InformationsecurityComputer forensics Computer systems security
and privacy Encryption IT security policy, plans and documentation
IT security contract management IT security management Software
engineering System & product design Virus and malware
RelateddisciplinesEmergency management OH&S Facility
management Risk management Security academics Human resource
management
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
26
Annex B Professionalism The Shorter Oxford Dictionary defines
'profession' as 'a vocation, a calling, especially one requiring
advanced knowledge or training in some branch of learning or
science'. Further it describes a professional as 'having or showing
the skill of a professional person, competent' and
'professionalism' as 'the body of qualities characteristic of a
profession or professional'. Similarly the Macquarie Dictionary
defines the noun 'profession' as 'a vocation requiring knowledge of
some department of learning or science, especially one of the three
vocations of theology, law, and medicine (formerly known
specifically as the professions or the learned professions): a
lawyer by profession'. Secondarily as 'any vocation, occupation,
etc'. Thirdly, as 'the body of persons engaged in an occupation or
calling: to be respected by the medical profession'. It further
defines professionalism as 'someone belonging to one of the learned
or skilled professions'. Similarly the Accounting Professional
& Ethical Standards Board identified fundamental principles
that must be upheld for a person to be considered a professional
accountant. These are:
(a) Integrity (b) Objectivity (c) Professional competence and
due care (d) Confidentiality (e) Professional behaviour
The Australian Library and Information Association has developed
standards of professional excellence for teacher/librarians. These
are: Professional Knowledge, Professional Practice, Professional
Commitment. Each of these has four subsets of practice or behaviour
that specifically identify the measure of excellence that
identifies professional behaviour. The principles embodied in these
above definitions appear in various forms throughout the body of
literature attempting to define profession or its attributes. In
considering these and a multitude of other definitions of
'profession' across such occupations as legal practice, medicine,
education and pharmacy, a number of key elements can be identified
as necessary to be present for an area of employment to be
considered a discrete profession. Another opinion is tha security
practitioners support and implement the vision of their
communities, employers and clients through advocating and building
effective protective security programs that contribute to societal
security. A security professional holds recognised security
qualifications, defined as eligibility for membership of a security
association. Within the broad fields of security and risk
management, security professionals are uniquely qualified to select
and apply a broad range of protective security measures.
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
27
Annex C Elements of a Profession Distinct body of knowledge The
first principle in determining the existence of an independent
profession is having a distinct body of knowledge relevant to the
profession. The practice of security in the areas of personnel;
physical, electronic, information and communication technology; and
security management demonstrate that this body of knowledge exists
and is fundamental to good practice. This body of knowledge in any
profession is both academic and practical and is supported by
research development and application. This is the case for the
security profession. Standards In the discussions concerning
professionalism the term Standards is used in two contexts:
standards as measures of values-based ethical behaviour and
standards as a measure of performance or quality of work, process
or technology. All the professions surveyed address both types of
definition of standards and most have national or internationally
articulated quality, process and performance standards. The
security profession readily demonstrates adherence to standards in
the latter definition. First and foremost are international and
domestic process standards or technical standards, provided by the
International Standards organisation (ISO) and Standards Australia,
which form the backbone around which security professionals
practise their profession. Standards Australia and the National
Centre for Security Standards has effectively mapped the security
and associated quality standards applicable to the security
profession. Similarly, ASIS International has an international
Standards and Guidelines Commission and is a category A liaison to
the ISO. The security profession can readily demonstrate the
existence and the fundamental position of standards of this type in
the profession. Competence Professionalism in all cases is attested
to by the competency of those who claim to practise the profession.
Competence in this case is best defined as the demonstrated skills
and knowledge to practise the profession. Competence is derived
from training, on the job and institutionally, and education, and
the demonstrated application of such skill and knowledge to the
tasks or challenges of the endeavour. Demonstrating competence is
the measure by which most persons will measure the profession.
Measures and standards for competence form an integral part of any
profession and are partly articulated in some of the education,
training and national licensing regimes. Professional competence is
also generally a requirement for membership of professional
associations. Professional development All professions surveyed
consider that ongoing professional development is a prerequisite
for considering an individual to be a professional and therefore
accepted as member of a profession association. Further, Engineers
Australia and the Risk Management Institution of Australasia,
amongst many professional bodies, consider it to be a significant
criterion for ongoing recognition as a member of such an
association.
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
28
College of peers All professions have as the basis for their
recognition of their professional grouping arrangements that link
peers together and recognise other practitioners of the discipline
as their fellows. The college can be informal or formal, but need
to be sufficient delineated so that members recognise each other
through the attributes of the profession they practise. A college
can generally accept or reject members on grounds of incompetence
or poor behaviour and therefore establish standards as described
above and as also addressed under Ethics below. Groups such as ASIS
International, SecMan and the International Security Managers
Association maintain a peer relationship for their members. Ethics
In discussing standards above, the behavioural standards that have
been adopted by the medical, legal, engineering and accountancy
professions provide guidance on how this issue needs to be
approached. Rather than adopt any existing Security values, ethics
or behavioural standards statements, it is appropriate that this be
a matter for considerable discussion and debate.
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
Page 29
Annex D Qualification Frameworks A: Qualifications-based Table 1
below illustrates the alignment of the Australian Qualifications
Framework (AQF) with Security Practice Areas.3 Table 1: Aligning
the AQF with security Practice Areas
AQF Qual Physical People Management Information ICT
11 PhD Technical Specialist or Senior Consultant
10 Masters Degree Chief Security Officer (CSO) or Senior
Consultant
9 Graduate Diploma Chief Security Officer (CSO) or Senior
Consultant
8 Graduate Certificate
Physical Security Consultant
Personnel Security Consultant
Security Risk Management Consultant
Information Specialist
ICT Security Specialist
7 Bachelor Degree
Security Manager
Vetting Manager
Security Manager
Intelligence Manager
ICT Security Manager
6
Advanced Diploma
(Certification e.g. CPP)
Operations Manager
Vetting Manager
Security Manager
Intelligence Analyst
5 Diploma
Agency Security Adviser
Vetting Supervisor Team Leader
Intelligence Collector
ICT Security Adviser
4 Certificate IV Installer
Senior Vetting Officer Supervisor
Intelligence Operative
Security Admin
3 Certificate III
Control Room Operator
Vetting Officer Team Leader
2 Certificate II Guards*
* In Victoria Cert III is the entry level qualification for a
security guard.
3 As defined in the Security Risk Management Body of Knowledge
(SRMBOK), Risk Management Institute of Australia, 2008
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
Page 30
B: Certifications-based Professional associations commonly use a
certification-based framework based on members reaching certain
standards. For example, a three-tiered certification approach has
been adopted by the Australian Institute of Project Management. The
levels are:
QPP (for those who have been certified at Level 4, Qualified
Project Practitioner); RPM (for those who have been certified at
Level 5, Registered Project Manager); MPD (for those who have been
certified at Level 6; Master Project Director).
The Facility Management Association (FMA) similarly recognises
three levels of accredited Facility Manager (AFM). These levels
are:
AFM1 (Practice), AFM2 (Manage) and AFM3 (Lead).
Adopting a similar approach in the security area might provide a
similar approach as illustrated in Table 2. The example below is
provided for illustration and discussion only but it illustrates
that there are many pathways to achieving relevant experience and
the required professional abilities. The Direct, Manage and
Practice levels of the security professional are (in this example)
underpinned by a Technician level leading to a four-tiered
certification framework.
Points Required
Quals Min in security
Experience Example
Security Director
22 AQF 8+
AQF 5 10 years B SecSc (7) + 15 years experience (15) = 22
pointsor PhD (11) + 11 years experience (11) = 22
Security Manager
15 AQF 7+
AQF 5 5 years B SecSc (7) + 8 years experience (8) = 15or M
SecSc (10) + 5 years experience (5) = 15
Security Practitioner
13 AQF 5+
AQF 4 5 years Cert IV security (4) + Cert IV Frontline mgmt (4)
+ 6 years experience (6) = 14
Security Technician
8 AQF 3+
AQF 3 3 years Cert III security (3) + Trade Certificate (3) + 3
years experience (3) = 9
Table 2: Example of a Tiered Professional Practice Certification
Standard
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
31
C: Role-based Standards Frameworks Role-based standards
frameworks are based on the roles and responsibilities of security
professionals and how they are categorised into Strategic,
Operational or Tactical responsibilities across a number of job
requirements.
Chief Security Officer Security Manager
Security Operations Manager Supervisors Shift Leaders Security
Staff
1 to 3 year < 12 months < 3 months
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
32
D: Practice Area-based Framework The work of security
professionals can also be categorised and assessed according to the
Practice Areas which they are involved in and the phase of security
activities (pre-event or post-event) as illustrated below.
Activity AreasActivity AreasINTELLIGENCE
PROTECTIVESECURITY INCIDENT
RESPONSE RECOVERY &CONTINUITY
Activity AreasActivity AreasINTELLIGENCE
PROTECTIVESECURITY INCIDENT
RESPONSE RECOVERY &CONTINUITY
Practice AreasPractice AreasPhysicalPhysicalSecuritySecurity
PeoplePeopleSecuritySecurity
ICTICTSecuritySecurity
Information Information SecuritySecurity
SecuritySecurityManagementManagement
Practice AreasPractice AreasPhysicalPhysicalSecuritySecurity
PeoplePeopleSecuritySecurity
ICTICTSecuritySecurity
Information Information SecuritySecurity
SecuritySecurityManagementManagement
ProjectManagement
RecoverDocuments
Reconstruction
Peer SupportCounselling
NetworkRestoration
IntelligenceProfessionals
Fraud Analysts
Investigators
CustodialOfficers
DecryptionSpecialists
IncidentControl
Public Affairs
Firefighter
First Aid
Emergency Comms
Chief SecurityOfficer
IT Security Advisers
Close PersonalProtection
Vetting Officer
FirewallProgrammer
Figure3: Example of Categorisation of Practice Areas against
Activity Areas4
4 Practice Areas and Activity Areas as defined in Security Risk
Management Body of Knowledge (SRMBOK)
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
33
Annex E SWOT Analysis This annex provides a SWOT (Strengths,
Weaknesses, Opportunities and Threats) analysis for each option.
Status quo Strengths No costs, time or effort in establishing
new
structure. No minimum standards for entry of participation
other than those legislated.
Weaknesses No improvement over current situation. Security
profession remains fragmented. No minimum standards for entry
of
participation other than those legislated. No minimum standards
for behaviour or
ethics. No increase in the status of the security
profession. Opportunities Security profession open to any who
wish to
join.
Threats Ongoing desire by participants to change the
status quo. Clients not seeing improvement in
professionalism of security practitioners. Regular, informal
meetings of security professionals Strengths Opportunity for
participants to meet and discuss
issues. Opportunity to present a united front on
discussed issues to government, etc.
Weaknesses Attended only by some of the participants. Only
programmed issues discussed. No minimum standards for entry of
participation other than those legislated. No minimum standards
for behaviour or
ethics. Opportunities Open to all participants. Not seen as
representing a particular
organisation or group.
Threats Cost to attend. Needs coordination and planning by
an
interested body (currently AHSRC). Not seen as being truly
representative. May be boycotted by an organisation or
sector. An association of associations Strengths Provides focal
point for security organisations. Seen as representing wide range
of security
participants. Can be a single voice for the profession.
Weaknesses Only reflects members so those
organisations represented. Some start up costs.
Opportunities Identification of issues of mutual concern. May be
able to argue for self-governance. Funding from member
associations.
Threats Inability to gain agreement on issues. Ability for
association representatives to
meet.
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
34
Lead association Strengths Single point of contact. Seen as
representing wide range of security
participants. Can be a single voice for the profession. Minimal
start-up costs.
Weaknesses May not been seen as truly representative. Issues for
lead association may differ from
the others.
Opportunities May be able to argue for self-governance.
Threats Possible extended discussion over which
organisation is best suited to lead. Other associations not
willing to participate.
An associated society Strengths Seen as part of parent body with
associated
status. Limited start-up costs.
Weaknesses Need to raise the society for association. Need to
convince the parent association to
accept affiliation. Opportunities Parent body able to provide
secretarial,
administrative support, etc. Membership and behaviour laid down
by parent
body. Adoption of accountability standards of the
parent organisation May be able to argue for self-governance.
Could make membership of existing body a
prerequisite as it reflects technical acceptance in a
speciality.
Threats May not be acceptable to a parent body. Need to meet
parent body requirements for
entry, qualifications, professional development, etc.
A new security professional institute Strengths Can set minimum
standards for members,
possibly including membership of an existing security-related
professional body.
Can become a recognised and respected professional body.
Can set audit compliance and enforce code of conduct.
Weaknesses Will require the establishment of a permanent
office/staff. Will take some time to establish. Will require
costs to run = membership fees.
Opportunities Establish colleges/subgroups to represent
specialisations, e.g. IT, physical, in-house security managers,
government security advisors.
Membership can become a mark of professional acceptance.
Can become single point of contact for security professional
issues.
Could be aligned to Engineers Australia or similar body.
Could make membership of existing body a prerequisite as it
reflects technical acceptance in a speciality.
May be able to argue for self-governance.
Threats Opposition from existing industry
organisations. May meet opposition from existing security
organisations.
-
Advancing Security Professionals: Discussion Paper
www.securityprofessionals.org.au
35
Annex F Security and security-related professional and industry
associations in Australia
Below is a (non-exhaustive) list of security and security
related professional bodies and associations in Australia:
ASIS International Australian Information Security Association
Australian Institute of Private Detectives Australian Institute of
Professional Intelligence Officers Australian Security Industry
Association Limited Business Continuity Institute eSecurity
Innovation and Awareness (SECIA) Facility Management Association
Information Systems Security Australia Institute of Security
Executives International Association of Arson Investigators
International Association of Bomb Technicians and Investigators
International Association of Certified Fraud Examiners
International Crime Prevention Through Environmental Design
Association National Australian Security Providers Association
National Security Association Australia Risk Management Institution
of Australasia Security Agents Institute WA Venue Management
Association/International Association of Arena Managers Victorian
Security Institute
25 - 27 May 2008Melbourne
Information: 02 6161 5143
Register now for early bird
discountwww.securityprofessionalscongress.org.au
The Congress will focus on the report of the Interim Security
Professionals Taskforce. The Taskforce is supported by the
Australian GovernmentsAttorney-Generals Department.
Who should attendSecurity professionals in all industriesRisk,
intelligence & business continuity professionalsSecurity policy
and regulatory authorities
Advanced NoticeAdvanced NoticeSecurity Professionals Congress
2008Security Professionals Congress 2008
Incorporating Security Incorporating Security Associations
Meeting 25 May 2008 Associations Meeting 25 May 2008 Security
Professionals Congress 26 & 27 May 2008Security Professionals
Congress 26 & 27 May 2008
Key topicsIncreasing the status of the professionSetting minimum
competency standardsIdentifying education and articulation
pathsForming a representative bodyDrafting a code of ethics and
enforcement mechanism
Your views matterThe Congress will provide you with the
following opportunities to share your views and knowledge on the
future direction of security professionals:
Discussion and debatesWorkshops and small group discussionVoting
and ballots