Whether you are building a security program to better protect your home or to better protect your company, there must be some logic behind the plan.  Security solutions, in our opinion, arrange themselves in what is referred to as the Security Solution Hierarchy.  As you go through the Security Solution Hierarchy, you will see there is a logical approach to developing solutions that are cost-effective to each institution.  To ensure a maximum cost/benefit ratio for dollars budgeted to the security needs of the Hospital, it makes sense to approach the fixes the way they are suggested in this model.

The hierarchy contains three levels. The bottom of the hierarchy represents the least costly remedies, while moving up through the second and third levels the remedies become more costly.

Level One
Behavior Modification
The security solutions contained within this level include but are not limited to such methodologies as policies and procedures, education and security awareness, as well as the implementation of various types of public relations strategies intended to further the goals of a solid security and loss prevention program.

It is important, that all employees understand which behaviors are appropriate and which behaviors are inappropriate.  All too often, the assumption is made that everybody knows what is right and wrong; however, this assumption is often fallacious. Employees must know what is expected of them. To revisit security awareness as one of the topics contained in behavior modification, it is important to understand exactly what is meant. Security Awareness Programs provide a means for improved security through employee involvement and do so with little or no budgetary impact. Security Awareness Programs are the single most cost-effective method in gaining a positive, productive security and loss prevention program. Employees should be encouraged to take part in the goals of the security awareness program; and, furthermore, they should be sold on the benefits to them as well as the institution.  Security awareness programs, in fact, must be positive, not negative. The security goals contained in level one can mostly be gained through education and require little financial resources.

Level Two
Electro-Mechanical
Obviously, one cannot simply impose several policies and procedures and educate the employees and expect all the security problems to go away.  It often is necessary to ensure the security program has some teeth.  Therefore, it is necessary to implement various and appropriate physical security methodologies.  Some of those methodologies include lock and key systems, access control systems, closed-circuit television systems, alarm systems, lighting, etc.

It will be the goal of SMSI, to follow the guidelines of the Security Solution Hierarchy (see attachment). Therefore, the first objective will be to develop a set of recommendations that have little cost attached to them by recommending training as well as security awareness programs at your Hospital. Only after completing this level, will we delve further into solutions requiring electromechanical remedies. For example, it makes no sense to recommend the use of closed-circuit TV if there is no one assigned to watch the monitors unless the goal is evidentiary only. The ergonomics of watching a plethora of monitors must also be considered.

Level Three
Personnel
As we build our security program, develop policies and procedures, and ensure that we are making satisfactory use of physical security methods such as those mentioned earlier, it then becomes necessary to employ the use of security personnel such as uniformed officers.  Security personnel (or security surrogates) should be the glue that holds the entire security program together.  They give the program life, meaning and direction.  To the degree the security personnel are effective and competent, the security program works and to the degree that they do not meet satisfactory standards, the entire security program suffers.

The use of security personnel as a security method is the most expensive fix that one can apply.  It is, therefore, important that if security personnel are necessary, they personify the professionalism and integrity that a security program should exude.

These three levels referred to as the Security Solution Hierarchy provides a model and a framework within which the consultant can easily operate.  The Security Solution Hierarchy is always in the mind of the consultant when evaluating existing security methodologies and comes into play again when the consultant seeks to find remedies that are effective as well as cost-efficient. 

One of the ironies in looking at this Hierarchy is the tendency for many organizations to turn this Hierarchy upside down.  Often, the first response to a security problem is to go out and hire uniformed security personnel. If this is done without regard to the other levels of the Hierarchy, an inadequate security program is almost guaranteed.  The Security Solution Hierarchy provides a logical model from which to develop a comprehensive security program form the bottom up.

The key factor implicit in the Security Solution Hierarchy is that security solutions should start with low cost procedural and training solutions and progress slowly to more costly solutions, only if needed. Higher cost solutions should be applied, only after less costly solutions have been exhausted and significant risk remains.