Maintain Contracts

Reported January 2009

A systems maintenance contract is important, Brian Kelly MD of Bold Communications reminds readers. If you are thinking of reducing outgoings by cancelling or running down maintenance contracts - do so at your peril!

Unless you are the Prime Minister and anxious to dispose of as many billions of pounds as quickly as possible, we all need to get the best possible value for every pound we spend. This means doing everything practical to obtain the best possible return on any capital investment in security management systems. The most effective way to do that is to engage in a robust and productiverelationship with your supplier to ensure that systems are properly maintained and developed at maximum efficiency and reliability. In the UK, we have a good understanding of this principle although it is one which some other countries, who tend to still look at security technology as a one-off transactional arrangement, have not yet fully adopted. As a result of this, they are constantly changing products and suppliers as they struggle to understand why their system has not worked out as well as it had originally promised. 

In project terms, people get most excited about planning and carrying through an important contract. The sense of a beginning, middle and an end satisfies our need for completion, and shows our capabilities. The excitement of choosing and buying a new car is inevitably greater than the grind of maintaining it and dealing with mechanical problems and other expenses as it ages. However, it is important that the thrill of seeing the gleaming new paintwork doesn’t obscure the purpose for acquiring the car.

In general, the purpose and justification for any capital investment is to provide clear and continuing benefits. While projects are usually pitched to clients on the basis of those benefits, it is a misunderstanding to believe that the project has come to an end when all the materials have been delivered and commissioned.

This is particularly true with regard to security systems management, where on-going support and maintenance is as essential as any other system component. For example, a diverse range of security products, communicating over several different methods, may be being handled within one management application. Communications may be provided by a single carrier or by a number of methods, some of which support polling and encryption. In many instances, the communications methods will be based on a public network. In some cases, as we are seeing with the impending British Telecom changeover to their new £10 billion 21CN Network, changes will be made without the impact on security communications being an especially high priority for the network provider. At least with 21CN, the network provider has been relatively open about the nature of the changes, and structures have been created to investigate the possible consequences.

But, network changes can also occur without notice or consultation, only being identified after every other possibility has been eliminated, a time-consuming and labour-intensive investigation. A comparable situation arises when a manufacturer makes what may appear to be a minor modification or improvement to a product which results in an unexpected change in functionality. That manufacturer may not consider it to be within the scope of their responsibility to report the change to all affected parties, beyond the general statement that specs are liable to change.

The question then arises – who is responsible for investigating and resolving these problems? Everyone involved has a responsibility to co-operate in getting to the bottom of it, but it is the solution provider who should have the expertise and resources, as system maintainer, to take care of the problem.

The more parties are involved, the more likely commercial interests are to cloud the issues. This can, to a large extent, be avoided by defining and agreeing the responsibilities for maintenance and support at the beginning of the project. These can include describing the level of service, in particular the speed and level of response. Ideally, service should be tailored according to the project’s requirements, for example, a standard service providing core support or a premium version where all elements within the project are maintained or periodically replaced regardless of their age.

Cost is an important factor in determining services levels and, as usual, there is a trade off between the ideal world and the reality of available budget. Where systems require significant IT resources for their administration and maintenance, contractor support costs should be compared to the alternative expense of in-house provision.

For some clients, compliance with regulatory standards is a consideration. For example, BS:5979 Category 2 requires that alarm receiving centres should devise and implement a support arrangement for all core systems. Even for those ARCs which do not aspire to the greatness of BS:5979, it makes sense in many ways for them to be mindful of the relevant standards. Many ARCs adopt this approach, seeing the advantage of having a "standards" roadmap for guidance.

Where a security service is being provided to a third party, the client also has to think about their contractual obligations and the risk of negligence. The question of how well a security management system was maintained is one which will always be asked in the aftermath of any kind of failure. Catastrophic failure, a description with very dramatic overtones, means, in less emotive language, that a system is broken and can’t easily be fixed. In these circumstances, the security operation must continue with an alternative system at a different location. Again, this is most easily achieved within an inclusive support and maintenance agreement. Another area where support arrangements can be helpful is in assisting the client to promote his services to his client, with advice or with formal consultancy. This can often extend beyond simply technical and operational advice to making investigations into the viability and useability of integrating new technology. In this way, the partnership between service provider and client is developed to their mutual benefit. 

Originally published online for Professionally Security, 06/01/2009