Total Security Management
Encyclopedia
Total Security Management (TSM) is the business practice of developing and implementing comprehensive risk management
and security practices for a firm’s entire value chain
. This business process improvement strategy seeks to create added value for companies by managing security and resilience requirements as core business functions rather than as reactionary expenditures. TSM implementation involves a thorough evaluation of key internal and external stakeholders, distribution channels, and policies and procedures in terms of a firm’s level of preparedness for a variety of disruptive events.
TSM encourages companies to manage security initiatives as investments with a measurable return and seeks to transform security from a net cost to a net benefit. In applying TSM, the theory holds that companies may be able to realize cost savings, improve business processes, reduce theft, enhance asset management, increase brand equity and goodwill, and improve preparedness and resiliency.
, the first U.S. Secretary of Homeland Security. According to Secretary Ridge, the book offers a, “comprehensive solution for approaching security in the context of sound business practices.”
According to Dr. Kent N. Gourdin of the National Defense Transportation Association, "This book reflects the changing view of management regarding security. Still seen by many as both an additional cost and an impediment to good service, security is emerging as another competitive variable that firms can use to add customer value."
The TSM approach built upon scholarly research on the issue that stressed the importance of security as a key component of the supply chain
. An April 2004 report for the IBM Center for The Business of Government
noted, "Just as a chain is no stronger than its weakest link, a supply chain is only as secure as its weakest link, which includes the suppliers, manufacturers, wholesalers, retailers, carriers, terminals, and governmental institutions that plan, manage, facilitate, and monitor the global movement of goods. Additionally, the conclusions in a July 2006 Stanford Graduate School of Business
report titled, “Supply Chain Security: Better Security Drives Business Value,” state that, “…when properly leveraged, investments in supply chain security may not only be offset to some extent by benefits…but, in fact,…can overall have a positive impact on a company’s bottom line.”
(TQM), an approach made famous by the work of W. Edwards Deming
. The TQM concept revolutionized the manner in which quality was perceived in industry, encouraging it to be integrated into the core business processes of a firm.
In the Foreword to Securing Global Transportation Networks, Secretary Tom Ridge
writes: "The paradigm that now exists in transportation security is similar to the paradigm that existed when the now revered Dr. W. Edwards Deming tried to convince the business world in the 1960s that quality mattered. The now well-accepted theory of Total Quality Management was not initially met with open arms in the United States. I suspect that there are many professionals in the transportation industry today who may not endorse security management as a core business function that can create value. My hope is that readers will embrace the concepts of the TSM approach offered within Securing Global Transportation Networks and act upon them."
from a non-core objective to an essential business function. This process includes establishing and creating a compliance management plan, implementing operational processes, evaluating the effectiveness of those operational plans, making appropriate changes as necessary, sharing successful lessons learned with internal and external stakeholders, and pursuing continual, incremental improvement.
Securing Global Transportation Networks details case studies of many large companies that benefited from the implementation of aspects of the TSM approach, including FedEx
, Home Depot, Hutchison Port Holdings
, Maersk, Procter & Gamble
, and Target
, amongst others.
Risk management
Risk management is the identification, assessment, and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities...
and security practices for a firm’s entire value chain
Value chain
The value chain, is a concept from business management that was first described and popularized by Michael Porter in his 1985 best-seller, Competitive Advantage: Creating and Sustaining Superior Performance.-Firm Level:...
. This business process improvement strategy seeks to create added value for companies by managing security and resilience requirements as core business functions rather than as reactionary expenditures. TSM implementation involves a thorough evaluation of key internal and external stakeholders, distribution channels, and policies and procedures in terms of a firm’s level of preparedness for a variety of disruptive events.
TSM encourages companies to manage security initiatives as investments with a measurable return and seeks to transform security from a net cost to a net benefit. In applying TSM, the theory holds that companies may be able to realize cost savings, improve business processes, reduce theft, enhance asset management, increase brand equity and goodwill, and improve preparedness and resiliency.
Formulation
The concept of Total Security Management was first introduced in the book Securing Global Transportation Networks: A Total Security Management Approach, published by McGraw Hill in 2006. This title was co-authored by Luke Ritter, J Michael Barrett, and Rosalyn Wilson, with the Foreword written by Governor Tom RidgeTom Ridge
Thomas Joseph "Tom" Ridge is an American politician who served as a member of the United States House of Representatives , the 43rd Governor of Pennsylvania , Assistant to the President for Homeland Security , and the first United States Secretary of Homeland Security...
, the first U.S. Secretary of Homeland Security. According to Secretary Ridge, the book offers a, “comprehensive solution for approaching security in the context of sound business practices.”
According to Dr. Kent N. Gourdin of the National Defense Transportation Association, "This book reflects the changing view of management regarding security. Still seen by many as both an additional cost and an impediment to good service, security is emerging as another competitive variable that firms can use to add customer value."
The TSM approach built upon scholarly research on the issue that stressed the importance of security as a key component of the supply chain
Supply chain
A supply chain is a system of organizations, people, technology, activities, information and resources involved in moving a product or service from supplier to customer. Supply chain activities transform natural resources, raw materials and components into a finished product that is delivered to...
. An April 2004 report for the IBM Center for The Business of Government
IBM Center for The Business of Government
The IBM Center for The Business of Government, sponsored by IBM, connects public management research with practice by commissioning independent, third-party research reports with practical advice from subject matter experts...
noted, "Just as a chain is no stronger than its weakest link, a supply chain is only as secure as its weakest link, which includes the suppliers, manufacturers, wholesalers, retailers, carriers, terminals, and governmental institutions that plan, manage, facilitate, and monitor the global movement of goods. Additionally, the conclusions in a July 2006 Stanford Graduate School of Business
Stanford Graduate School of Business
The Stanford Graduate School of Business is one of the professional schools of Stanford University, in Stanford, California and is broadly regarded as one of the best business schools in the world.The Stanford GSB offers a general management Master of Business Administration degree, the Sloan...
report titled, “Supply Chain Security: Better Security Drives Business Value,” state that, “…when properly leveraged, investments in supply chain security may not only be offset to some extent by benefits…but, in fact,…can overall have a positive impact on a company’s bottom line.”
Relation to Total Quality Management
The TSM name borrows from the management concept Total Quality ManagementTotal Quality Management
Total quality management or TQM is an integrative philosophy of management for continuously improving the quality of products and processes....
(TQM), an approach made famous by the work of W. Edwards Deming
W. Edwards Deming
William Edwards Deming was an American statistician, professor, author, lecturer and consultant. He is perhaps best known for his work in Japan...
. The TQM concept revolutionized the manner in which quality was perceived in industry, encouraging it to be integrated into the core business processes of a firm.
In the Foreword to Securing Global Transportation Networks, Secretary Tom Ridge
Tom Ridge
Thomas Joseph "Tom" Ridge is an American politician who served as a member of the United States House of Representatives , the 43rd Governor of Pennsylvania , Assistant to the President for Homeland Security , and the first United States Secretary of Homeland Security...
writes: "The paradigm that now exists in transportation security is similar to the paradigm that existed when the now revered Dr. W. Edwards Deming tried to convince the business world in the 1960s that quality mattered. The now well-accepted theory of Total Quality Management was not initially met with open arms in the United States. I suspect that there are many professionals in the transportation industry today who may not endorse security management as a core business function that can create value. My hope is that readers will embrace the concepts of the TSM approach offered within Securing Global Transportation Networks and act upon them."
Companies employing TSM
A company using the TSM methodology is meant to be able to establish a framework of focus points, metrics and feedback loops in order to elevate risk managementRisk management
Risk management is the identification, assessment, and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities...
from a non-core objective to an essential business function. This process includes establishing and creating a compliance management plan, implementing operational processes, evaluating the effectiveness of those operational plans, making appropriate changes as necessary, sharing successful lessons learned with internal and external stakeholders, and pursuing continual, incremental improvement.
Securing Global Transportation Networks details case studies of many large companies that benefited from the implementation of aspects of the TSM approach, including FedEx
FedEx
FedEx Corporation , originally known as FDX Corporation, is a logistics services company, based in the United States with headquarters in Memphis, Tennessee...
, Home Depot, Hutchison Port Holdings
Hutchison Port Holdings
Hutchison Port Holdings is a private holding company incorporated in British Virgin Islands, it is the subsidiary of Hutchison Whampoa. In April 2006 Hutchison Whampoa sold 20% shares to PSA International, Hutchison Whampoa still owned 80%....
, Maersk, Procter & Gamble
Procter & Gamble
Procter & Gamble is a Fortune 500 American multinational corporation headquartered in downtown Cincinnati, Ohio and manufactures a wide range of consumer goods....
, and Target
Target Corporation
Target Corporation, doing business as Target, is an American retailing company headquartered in Minneapolis, Minnesota. It is the second-largest discount retailer in the United States, behind Walmart. The company is ranked at number 33 on the Fortune 500 and is a component of the Standard & Poor's...
, amongst others.
Criticism
Some suggest that the TSM approach, while containing merit, may be too complicated for companies to put into practice. “The difficulty of TSM is that it relies on a level of commitment and coordination that may be difficult to achieve…Reluctance to adopt TSM is not capitulation to mediocrity but rather an acceptance that the role that security plays within a company should not be any more than is needed. There are some useful ideas in the book, but the overall program may be too ambitious for many corporations to realistically consider,” writes Ross Johnson in a 2007 Security Management review.Other developments
On December 16, 2009, the U.S. Securities and Exchange Commission (SEC) approved Rule No. 33-9089, which went into effect on February 28, 2010. This rule requires companies to increase their reporting of risk management practices, including details about the manner in which risk oversight is administered. The ruling has generated increased interest in implementing the TSM approach to ensure compliance with the updated SEC guidelines. In January 2010, ISO 28000 (ISO/PAS 28000 – Specification for security management systems for the supply chain) was updated to include an explicit reference to the Plan-Do-Check-Act model of quality management popularized by Deming.See also
- ISO 28000
- Enterprise Risk ManagementEnterprise Risk ManagementEnterprise risk management in business includes the methods and processes used by organizations to manage risks and seize opportunities related to the achievement of their objectives...
- Process ManagementProcess managementProcess management is the ensemble of activities of planning and monitoring the performance of a process. The term usually refers to the management of business processes and manufacturing processes...
- Risk ManagementRisk managementRisk management is the identification, assessment, and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities...
- Security RiskSecurity riskSecurity Risk describes employing the concept of risk to the security risk management paradigm to make a particular determination of security orientated events.According to CNSS Instruction No...
- Supply Chain SecuritySupply chain securitySupply chain security refers to efforts to enhance the security of the supply chain: the transport and logistics system for the world's cargo. It combines traditional practices of supply chain management with the security requirements of the system, which are driven by threats such as terrorism,...
- Total Quality ManagementTotal Quality ManagementTotal quality management or TQM is an integrative philosophy of management for continuously improving the quality of products and processes....