No, I am not related to Barrack Obama. I hear they managed to find some link from his family to some family in Ireland...well, that's obvious, his surname starts with "O"...
The idea of acceptable degrees of risk is something that maybe needs to be thought about in light of recent things going on in the land of Nippon. When you look at the way major construction projects are awarded in other sectors you have to wonder whether it's any better in sectors where the whole risk thing is actually important.
We all know the way big projects work. Some guy has a great idea and decides he wants to build something. He employs a design team to turn his idea into a stack of documents. A main contractor agrees to turn the stack of documents into a stack of bricks and mortar. A bunch of sub-contractors agree to do the bits that the main contractor can't do.
The sub-contractors may never get to meet the original guy with the idea. They may get to see the stack of paper...but the main contractor will usually tell them the price is the most important factor, and because these sub-contractors have usually been in this game for a while, that's probably what they believe too.
So they ignore the stack of paper and they give a price based on the cheapest equipment they can find.
Ok, sometimes it doesn't work that way...but when you're building a big building the job of writing the specification is a difficult one. It's really not very likely that you're going to get it right (not first time, anyway), so even if the sub-contractor works to the word of the specification, the end result probably will not match the original guy's original idea.
That brings us on to the subject of the people who produce the big stack of paper in the first place. Maybe they'll use a specialist security consultant, but maybe they won't.
What is the job of a security consultant anyway? The way I see it, the job of a security consultant is to talk to the client, understand the assets to be protected, understand the risks and potential losses, advise on how to minimize the risk based on the physical layout and operation of the premises, and then to define a budget for the risk mitigation systems.
That's it.
Systems design? How many security consultants have actually gone out and installed a camera or an access control reader? Some maybe, but not many. Who better to understand what is the best way to implement the system than an integrator?
Okay, a lot of security integrators will want to push their own favorite line of equipment because that's how they'll make the most money, so you may want an independant voice in amidst the noise to make sure the whole thing doesn't get dragged into a dark alley and beaten with a rubber hose. I get that, but let's face it when you get up into the big boy's league of system platforms a good integrator can make any platform perform any function. Note that I said a Good Integrator.
So anyway, what about those nuclear power stations? You think things are done any different? You really think there's not an idea guy, a bunch of paper stack guys, a main contractor and a bunch of sub-contractors fighting to get their cheapest range of toys into the mix?
I heard a report the other day from the UAE where the guy in touch of planning the build of the country's nuclear power stations was saying that "every step" has been taken to make sure they are as "safe as they can be". Yeah? Really? And everyone makes a whole lot of money and go lives a long way away...and up at the top of a mountain...
No comments:
Post a Comment