Issue link: http://securitytechnologyexecutive.epubxp.com/i/690996
May/June 2016 • SECURITY TECHNOLOGY EXECUTIVE 23 www.SecurityInfoWatch.com management staff fosters a sense of ownership and trust. "As the board gets more insight into the various risk areas at a higher level, it really has given our risk approach fuel and more vis- ibility throughout the organization," she says. "But we also enjoy a great partnership with our IT and IS departments, who maintain a global and collaborative perspective on technology in the organization as well as understanding our business needs." The company's IT staff will often accompa- ny the security team at conferences like ASIS. " They go to meet with our vendors so they can hear our business needs and to see what the technology vendors have to offer," Cowie explains. "It is a great business model that leads to a solid execution of technology." For Ellis, this is all part of being tuned into the organization's corporate culture and ensur- ing buy-in for department policy, procedure, and capital expenditures. Principal's security depart- ment created and administrates a Global Secu- rity Council, which includes participation from all the business units. " Together, we identify strategic risks and concerns and review them for consideration and direction," Ellis says. "Once we get the buy- in from senior leadership, we implement and Jerry Smith, Security Office Operations Lead, (left) listens intently as the security team at Principal discusses issues. Photo Courtesy of Principal communicate the strategies. Our Brand Cen- ter and Employee Communications to help us consider changes and communicate them out company-wide." Lowell added that one of the biggest tasks is to "sell" the security department's services to the operating business units in the corporation and to show them that his group is a "value- added resource." They continually stress that security can assist the business units in provid- ing solutions for their security problems; thus relieving their stress and enabling the business unit to focus on the task at hand. "We emphasize that we will handle security issues so that they can concentrate on making money for the company and that we truly want to partner with them in a collaborative effort to have an efficient, secure and safe operation," Lowell says. "This approach has not only served us well in our domestic locations, but we are in the process of rolling this out to our two inter- national divisions, Principal International (PI) and Principal Global Investors (PGI)." A Solid Foundation The complexities of protecting a global corpo- rate organization are immense, and Cowie and her management team certainly appreciate the gravity of their task. They agree that over the years the basics of running a cohesive depart- ment remain fairly consistent. "The foundation- al things have stayed constant, but things within them have changed," Cowie explains. "The focus and the priorities have evolved. I think that you have to occasionally take a step back and take your temperature to honestly assess where you are at and where you need to go so you can con- tinue to meet the needs of the organization." Still, telling her team's story continues to be important for Cowie. " You have to be able to relate your business case, your value proposi- tion, the importance of enterprise-wide risk management , along with being a pr udent financial steward," she concluded. " We are in the risk mitigation business, not the risk elimi- nation business, so have to make sure you are not only managing your organization's risk but their expectations." ■ About the Author: Steve Lasky is a 30-year veteran of the security industry and is the editorial director of SouthComm Security Media, which includes Security Technology Executive magazine and SecurityInfoWatch. com. He is also the conference director for Secured Cities, the only public/private partnership public safety conference in the country. www.securedcities.com.