Mary, Mary, quite contrary, how does your garden grow? A very good question which we will try to answer in this short article. We will also try to answer the opposite question, what could kill off your garden? If that was not enough of a challenge, we will also suggest how to answer these questions for a communal garden.
For a sustainable garden it is better to nurture the plants you already have, or grow from seed, rather than buying mature plants: ‘ready-made’ plants may look great in the garden centre but there is no guarantee they will thrive when transplanted into your garden. That being the case, the key to success is twofold. First, to feed and water your plants or new seeds so they grow strongly. Second, to eliminate threats such as weeds, parasites and other pests. We also need to keep an eye open for unpredictable events like frost, drought or storm damage. Finally, we will need to monitor whether our efforts are proving successful: are we watering too much or too little; are we failing to keep the weeds and parasites down; are we spraying weedkiller in the wrong places; are the plants flourishing as well as they should?
In a communal garden the challenge is to make sure everyone knows who is doing what, that they have the time, skills, tools and other resources, and are actually keen and committed to their tasks. Imagine the shared pride when the first green shoots start to appear and flourish.
A communal garden of course would be anarchy without an overall vision and someone to guide and lead all our efforts – a Head Gardener perhaps. And when things get tough or start to look bleak from time to time, a dedicated Head Gardener would give us just the kick up the backside we need to get out there in the rain and snow.
It doesn’t stop there of course. If left untended the garden will soon deteriorate. Weeding, pruning and mowing are all needed to maintain the garden in its best condition. We will also have to adjust the garden to absorb changes in the seasons and other factors, possibly even building work or road construction.
But the editor is expecting an article on a subject we actually know about, security. (Phew….. Ed.)
If you have read our previous articles or have come across Security Management Systems (SeMS) you may recognise some similarities between an effective SeMS and a successful communal garden. The best model of SeMS, the UK CAA’s Framework document (CAP1223 available free from www.caa.co.uk) has ten chapters:
- Management commitment
- Threat and risk management
- Accountability and responsibilities
- Resources
- Performance monitoring, assessment and reporting
- Incident Response
- Management of change
- Continuous improvement
- SeMS education and security culture
- Communication
No doubt you will be able to see immediately how the
gardening story matches this. No? ? read on.
First of all, let’s make use of the security tools and processes we
already have. We don’t need to replace them with the latest software and
hardware at great expense and with questionable benefits. SeMS will help us use
what we have, to manage Threats and Risks (Chapter 2) effectively. We must
identify and understand the threats with a wide-ranging search not limited to
previously known threats. We must assess the risks imaginatively, not
constrained by assumptions, and determine how much should be invested in
mitigating the risks. We must think carefully how much money and time to spend
on weed killers and when and where to use them.
It is equally important to know how effective our efforts are proving. Performance monitoring (Chapter 5) is an essential tool for assessing how good security is. To be sure there will be green shoots and they will thrive we need to monitor how well we are doing the things, the right things. We really don’t want to over-water the plants out of an abundance of caution.
Security must be preserved when incidents arise. The Incident response (Chapter 6) both instigates temporary measures and restores security when the incident is closed. When storms strike, we can take some protective actions, but we will probably also have to effect repairs after it has passed.
SeMS must also explain WHAT must be done, and HOW to do it (WHY will be explained later). The WHAT should be enshrined in role descriptions or other means of assigning accountabilities and responsibilities (Chapter 3). We don’t want everybody mowing the grass, we need some people to do the weeding.
The HOW should be explained through education: in practice Education (Chapter 9) is likely to be as much about explaining the need, as it is about teaching new skills. We can all learn to be gardeners, even if some people have a natural talent or years of experience..
Resource management (Chapter 4) ensures the team has the right skills in the right quantities, including any contracted-in activities. It ensures the right equipment is in place and working. And it ensures the working environment is conducive to good results. The mower and the watering can need to be fit for purpose.
All of this is of little value if the people are not committed to it. Like any process, people will do their absolute best to make SeMS work if they believe it is important, that their manager believes it is important, and both they and their managers understand why security is important as well as the mechanics of the process. Management commitment (Chapter 1) should be demonstrated by top manager promoting the SeMS overtly, walking the walk as well as talking the talk. The staff must see the management message “Do as I do” not just “Do as I say”.
The management commitment must be seen widely, so Communication (Chapter 10) is a key SeMS process. The message must be constantly reinforced with fresh communications innovatively delivered – a regular email will not be read but a few words at the right time by the Head Gardener will work wonders. As will the Head Gardener putting in a shift of weeding or mowing too.
Continuous improvement (Chapter 8) finds better ways of working which may improve efficiency, may enhance security and/or may they more enjoyable or easier. The front-line staff often know what is not working well and engaging them in improving their work is both productive and good for morale. An astute Head Gardener will listen to anyone with suggestions about improving the garden or how it’s maintained.
Change Management (Chapter 7) protects the security systems and processes from being compromised inadvertently by environmental, physical or system changes. Frost protection may be prepared in anticipation of seasonal change.
A word about technology. Technology has its place in security of course, but you will have gathered from this article it is not a solution in its own right. It can also be expensive and unnecessary or even detrimental. It can distract us from what really matters, keeping things clear and simple. We will need lawnmowers, rakes and watering cans but not every garden benefits from a ride-on mower or combine harvester, nor from spraying weedkiller on the lawn to get rid of the weeds. Finally, a thought about the compliance inspection. On the day they judge the prettiest village competition, our garden may or not be at its best, but what really matters is our certainty that we have made it the best we can, all year round, and the satisfaction we have from that.
John Wood – Director, 3DAssurance
John was responsible at the UK CAA for developing the SeMS framework, working with and guiding many industry stakeholders. Experienced in design and implementation of effective strategic change in public and private sectors, John has been a lead designer of numerous governance, risk and compliance systems.
Andy Blackwell – Director, 3DAssurance
Andy is widely acknowledged as a SeMS and aviation security expert. As Head of Security at Virgin Atlantic, he was the first to implement the SeMS Framework. Now a leading SeMS exponent, Andy has authored numerous articles on SeMS and security, and speaks regularly at international security events.
