The Importance of Project Benchmarking in Security Programs

The Importance of Project Benchmarking in Security Programs

Benchmarking is an important element of a security program that helps demonstrate the value of future state needs and recommendations. It is a process used to compile, interpret and present data that will help customers plan, select and deliver projects that best meet their specific needs.

Part 1: What and Why

In part one of this two-part series, we discuss what benchmarking is and why it is important. 

project benchmarking plan

Benchmarking ABCs

Project benchmarking is focused on measuring specific indicators against the market and industry trends. Maintaining this data to create an organized database is part of taking a strategic approach to make decisions that are best for an organization.  

Benchmarking can be key to project success with respect to efficiency, cost-effectiveness, being highly customer-centric, and more. In general terms, it embraces the value of data collection and comparison against a standard rather than isolated decision-making.  

Without benchmarking, organizations are making somewhat uniform decisions that may or may not be supported by best practices and market trends. When benchmarking is used, decisions can be made based on comfort, safety, and credibility, with justification in place for desired elements. 

Successes resulting from the use of benchmarking may include:  

  • An upgrade project being approved after an initial rejection—once benchmarking data was presented
  • A video upgrade being approved after benchmarking combined with metrics provided the necessary justification
  • The creation of a security steering committee after benchmarking successfully justified it

In addition, benchmarking can prompt important internal discussions and provide the foundation for a specifically requested item in a master plan.  

To get started, it is necessary to determine end users’ expectations with respect to presentation and information and then select the most appropriate benchmarking data that is available.  

End User Expectations

End users are often most interested in where they stand versus their peers as they enter the decision-making process. Typically, their expectations for benchmarking fall into two buckets: presentation and information.  

project benchmarking data

Presentations must reflect the outcome of the benchmark, rather than the data, and they must be: 

  • Concise and direct
  • Intuitive and easy to use
  • Illustrative and impactful

This means utilizing visual elements like bar graphs and pie charts rather than clunky charts that are difficult to understand. 

The information provided via benchmarking must: 

  • Be relevant to the organization’s environment, size or other characteristics that make the measurements meaningful
  • Demonstrate the organization’s relative position within the information presented
  • Lead to a proposed outcome
  • Be clearly supported by quality data

It is critical to ensure comparisons are apples to apples, i.e., organizations with similar footprints and challenges, and consider that a ‘win’ can occur even by validating the organization’s current state.   

Available Benchmarking Data

Anonymous client data can and should be used for benchmarking unless all participants approve. Information that has been consolidated into a single, filtered master database. Data points available may include: 

  • Type of end users and physical portfolio
  • Technology systems and peripherals
  • Policies and procedures
  • Governance and staffing

Types of end user benchmarks fall into two classifications: type of benchmark and data within the benchmark. What is important to remember is that one end user may fall into multiple types of benchmarks. Depending on the characteristics of the organization several of the following may apply:   : 

  • Financial and Government
  • Campus and High Rise
  • Suburban and Urban
  • Multi-tenant and Sole Occupant
  • Enterprise and Single Building

In addition, if that client converted from one benchmark (Suburban/Campus) to another (Urban/High Rise), it creates another type of benchmark reflecting its transformational story. 

project benchmarking data

Creative thinking is required to come up with appropriate benchmarks. This may include identifying multiple data sources, looking at the total environment of the end-user, and determining what data points can create the right insights. It’s also important to address the six basic concepts that will inform a benchmarking effort: audience, needs, risks, executive order, comparison, and sources.  

We’ll get deeper into this in the second part of this blog post, when we focus on data interpretation and data presentation and also present conclusions/takeaways regarding the project benchmarking process. 

Part 2: Data Interpretation and Presentation

project benchmarking metrics

Data Interpretation

The best way to explain a solid approach to data interpretation is to showcase how we did it for a client. We have chosen a university whose project had a variety of program elements: 

Security Systems

  • Access Control
  • Video Management
  • Visitor Management
  • Key Management

Communication Systems 

  • Mass Notification
  • Emergency Phones
  • Global Security Operations Center (GSOC)
  • Network Infrastructure

Policy Controls

  • Security Policies & Standards
  • Credential Issuance
  • Organizational Analysis
  • Visitor Management

For each of those elements, we drilled down to identify specific needs. For instance, under Emergency Phones, we cited uniform platform, standardized location and infrastructure, technology profile for each station, and integration with mass notification. 

Focusing on the six basic concepts informing our benchmarking effort, we came to these conclusions: 

  • Audience: University Police
  • Needs: Gap Analysis, Best Practices
  • Risks: Legacy Systems, Standalone
  • Executive Order: Steering Committee
  • Comparison: Universities
  • Sources: Universities, Enterprise

Thus, the program implementation roadmap looked like this: 

Current State—> Assessment—> Best Practices—> Gap Analysis—> Risk Profile—>Tactical Roadmap—> Future State 

project benchmarking importance

Benchmarking came into play for the middle segment: best practices, gap analysis, and risk profile. We created a matrix that included the university’s concerns as well as those of our comparison group, universities. Then we moved on to one of our differentiators. 

To answer the question of whether a benchmark would justify the program, we did more than simply look at survey results, which are not informed data. We took one question and turned it into nine specific questions that would result in the informed data we needed for this client. For example, instead of merely asking about the current staffing level, we added questions about whether the physical security organization was consolidated under one entity, if there is an alarm monitoring center if private security officers are used, and more. 

Finally, we looked at whether the comparisons were relevant in areas such as access control and video. We focused on legacy, contemporary, non-enterprise, and enterprise for both areas, and added IP, analog, and hybrid for the latter.  

The result of all this work was a significant amount of data that we needed to present to the client in a succinct and understandable way. 

Data Presentation

If we had chosen to merely share the data repositories we created with the client, they would not have benefited from our analysis and insights. Instead, we chose to use tools such as graphs and charts, percentages, and comparisons that are in keeping with the following dos and don’ts: 

  • Don’t inundate with data
  • Do be concise
  • Do illustrate and visualize
  • Do identify the market and industry
  • Do be able to explain

Our final issuance was a series of bar charts that simply reflected all the data we had collected, making it easy for our client to digest. We were available to answer questions and provide additional details as necessary to explain what they were seeing. 

The Takeaways

After many years of benchmarking experience, these four keys to success have become evident: 

  • One size does not fit all.
  • Data repository is for collection and internal use only, not presentation.
  • Identify the right benchmarking metrics before going to the data.
  • Leverage the diverse nature of data sources and end user points.

And perhaps most importantly, it is critical to remember that the audience has never seen this data before, so it is necessary to explain and elaborate to ensure they understand its significance to their decision-making.  

Our expert team at Atriade has used benchmarking to help countless organizations make decisions about their security system needs. Contact us if you would like to discuss your situation.  

About Atriade

Atriade is a trusted security consulting firm with decades of experience delivering tailored security solutions. We specialize in security system design for access control, perimeter protection, video surveillance, visitor management, and other advanced physical security technologies.

Our expertise also extends beyond system design to include security master planning, program development, risk assessments, professional services, and end-to-end project management.

For more than 20 years, we have partnered with Fortune 50 companies, Ivy League universities, and leading technology firms in Silicon Valley to help them navigate complex security challenges with a strategic, forward-thinking approach.

Visit us online at Atriade.com

Connect with us on LinkedIn

Subscribe to our LinkedIn Newsletter Take A Risk

Frequently Asked Questions

Benchmarking can provide the justification needed when an upgrade project has been rejected or lacks internal support. It helps show where an organization stands relative to peers, supports recommendations with quality data, and can validate future state needs, current conditions, or governance changes such as forming a security steering committee.

Useful benchmarking data may include end user type and physical portfolio, technology systems and peripherals, policies and procedures, and governance and staffing. The comparison set must be relevant to the organization’s environment, size, footprint, and challenges so the results are meaningful and support a proposed outcome.

Benchmarking results should be concise, intuitive, and visually clear. The presentation should focus on the outcome rather than overwhelming decision-makers with raw data repositories. Graphs, charts, percentages, and direct comparisons are more effective when they identify the market context, explain the findings, and make the operational significance easy to understand.

A credible benchmarking effort starts by identifying the right metrics before collecting data and ensuring comparisons are truly like for like. It should reflect the audience, needs, risks, executive order, comparison group, and sources. The outcome is most useful when it supports best practices, gap analysis, risk profiling, and a practical roadmap to a future state.