During my professional career, I have worked on numerous projects across the Middle East and in the UK. The stage at which the security consultant is engaged tends to vary greatly, covering various phases of planning and design, and in the worst case, after construction has commenced.
It has become apparent that when engaged once construction has begun, or even in latter design phases, it becomes increasingly difficult to implement a sound security strategy, and the cost of doing so tends to be higher than if security had been considered properly from the outset of the project.
There are multiple stages to the design process, as outlined by RIBA. Best practice dictates that security should be considered across each of these stages, however, we typically find ourselves engaged at stage 5, which is considered too late in the process for the provision of security protection objectives.
When these security protection objectives are then considered and solutions are sought, it tends to cause issues for all involved, more so when construction has started as retrofit can be both costly, and have a negative impact on the aesthetics of the building.
The first step once engaged at a later phase in the project, is to undertake a security risk assessment to fully understand the current threat profile and identify which threats have been effectively mitigated and where the gaps are. In general, a security consultant considers a number of security design principles for the built environment, these include: Deter, Detect, Delay/Denial, Response and Recover (DDDRR), CPTED, the SSPM bets practice manual from the Abu Dhabi Urban Planning Council (UPC), the relevant country federal standards and blast mitigation.
Typically, the issues that arise could have been prevented had security been considered at the start, or at least handled in a more cost-efficient manner. Building orientation is a perfect example; on a recent project, the design failed to consider multiple security elements, from the vehicle entrances and exits that had no provision for vehicle denial measures or searching and screening of vehicles, to the lift access which did not consider security in any way, meaning unauthorized personnel or members of the public could access floors they shouldn’t.
On another project, the threat profile for the region meant that a blast assessment should have been carried out. Once completed it became apparent that the building could not withstand multiple bomb blast scenarios, and as such retrospective measures had to be implemented. This included adding Ground Floor Glazing Reinforcement and catch wires to the ground floor windows. This was costly, time consuming and impacted the look and feel of the public facilities and reception area.
On occasion, we find a security measure has been identified and implemented, but no real thought has been given to how this will work from an operational perspective. A recent hotel project in the MENA region had included the provision of a K9 division for searching people and vehicles arriving at the property. This is great in theory; however, no consideration had been given to covered space for the dogs or the guards to protect them from the elements, and there had been no space allocated to kennels to house the off-duty animals.
A final example is that of mail and luggage screening. If the risk assessment dictates that it is necessary to implement search and screening for people and vehicles entering the property, surely it makes sense to also scan luggage, mail and packages arriving on site? If no process or technology is in place, this would be a simple way to bypass security systems and insert a potentially harmful substance or IED into the building.
There are various reasons that lead to a security consultant being engaged at a late stage. There tends to be a perception that in many locations security “isn’t a big issue” and that the risk profile for an area is already understood so a Threat and Risk Assessment is an unnecessary cost. This is often coupled with the belief that security is not a complex programme; security design has been done before and can be replicated on the new project. However, security is not a one size fits all solution. Equally, threat profiles vary between countries and even within a country, and are always changing based on socio-political conditions around the globe. On these occasions, there is a tendency to focus on surveillance and access control only.
Initial design emphasis typically focuses on the main design aspects of the building (architectural, structural and civil). Security is not considered as a standalone discipline, and usually becomes the responsibility of the MEP/ELV contractor. The problem here is that this team doesn’t consider the architectural, physical or operational security solutions that fall outside of the MEP remit.
The contractual mechanism can also pose a challenge; who appoints the security consultant? In addition, the security scope is often omitted or insufficient when outlined in the tender document, and doesn’t appreciate the implications of security on early stage design
I believe it is time to start heavily promoting early engagement of security consultants, and in general, understanding of the importance of a solid security strategy. Security is no longer a problem restricted to certain regions; crime prevention and counter terror measures are now required all over the globe, and protecting people and assets should be a priority. As such it is paramount that all security risks have been considered early in the design. Ultimately, this will save costs incurred from the need to implement retrospective security measures, ensure security design complements building aesthetics and guarantee design supports delivery of operational security.
A move to early engagement would help to improve the overall safety and security of the built environment.