Case Study
Charles Dillon has just been hired by Resources Unlimited, a moderately critical manufacturing facility that produces various military products. To familiarize himself with the facility layout and its physical safeguards, Dillon takes note of several security deficiencies: collapsed mesh at several points in the outer perimeter fence; burnt out security lights; and an inoperable CCTV system.
Dillon reports the issue to his boss, the chief operating officer (COO). The COO is not overly concerned but assures Dillon he will discuss the issue with the chief financial officer (CFO) to see if funds can be acquired to correct the deficiencies outlined by Dillon.
A week later, the COO informs Dillon that the CFO said the matter was nothing to be concerned about. Both the COO and the CFO agreed the deficiencies had existed a long time before Dillon had been hired, and nothing negative had happened. Dillon was not happy with the decision, and to avoid being the scapegoat should the deficiencies result in a serious security breach, he sent a memo to the COO and the CFO to routinely inform them of problems with a potential for loss. The COO chewed out Dillon for not being a team player and added that the CFO was not happy as well.
While reading the companys security policy, Dillon was pleased to see in the policy a requirement for the CSO to conduct a thorough security inspection at least once annually or when circumstances dictated the need for such an inspection. The inspection report had to be routed to the executive team, which included the COO, CFO and the chief executive officer (CEO), who happened to be the owner of the company.
Dillon conducted the inspection along with an outside consultant with expertise in physical security. In addition to the deficiencies already discovered, Dillon and the consultant found a prior refusal by the CFO to provide funds for the purchase of needed security equipment, such as walkie-talkies, and supplies for administering first aid; a defective fire alarm system; a tool crib that allowed plant workers to remove any tool they wanted without accountability; and the absence, during non-working hours, of locking devices on entry points to the companys manufacturing plant, a condition that provided opportunities for theft of products and tools and sabotage of critical machinery.
The consultant pointed out an interesting condition: a path formed by feet led from the rear of the plant, traversed through a collapsed portion of the perimeter fence, and ended in the employee parking lot. Dillon obtained from security files and files of the plant manager a steady increase in the number of items and materials disappearing from the plant. The missing property consisted mainly of hand tools and copper wiring. Over a period of five years, the value of the loss had tripled.
Dillon composed an inspection report that called for the acquisition of physical security safeguards that even the consultant thought was overkill. The safeguards Dillon recommended included an entirely new perimeter fence; new security light poles and lamps along the entire fence line and in the employee parking lot; a new CCTV system; an electronic access control system; a fire detection and suppression system; above-ground and below-ground sensors on both sides of the perimeter fence; two golf carts for exterior patrolling; an employee to control tools leaving the tool crib; six more guards; and a formal guard training program.
When the inspection report reached the CEO, Dillon was invited to a meeting with the CEO, the COO and the CFO. The COO denigrated the recommendations because he believed they would negatively impact productivity. The CFO said the cost of implementing the recommendations would negatively impact the bottom line.
The CEO, however, was more concerned with the losses. He suspected that Dillon was trying to make a point and that some of the recommended safeguards was needed but much of it not needed. The CEO was also upset that the COO was unaware of losses at the plant and that the CFO was approving tool purchases without considering why the purchases were necessary. The CEO concluded the meeting by saying he would seriously consider the report and make a decision.
To the student: Did Dillon make a mistake by overstating what was really needed to correct the deficiencies? What do you think will happen to Dillon and/or his job? What do you think the CEO will do? Why did Dillon bring in an outside expert to assist the inspection?