Company reorganizations are a fact of business that may have grown more frequent as our economy has changed in recent years. If your organization is going through one, or you believe there may be cause for changes in its governance and reporting structures, it is critical for you to think about the impact these changes may have on security’s influence.
Will there be any personnel changes at the senior management level? If previously supportive people leave, all of the ground you covered and trust you earned while gaining support for your program may be walking out the door. Hopefully, you already have a metrics program in place so you can show new senior management an objective view of your program goals and accomplishments. Remember: Brief and to-the-point presentations are crucial for this audience.
If you will be reporting to a new boss, there are several questions you should ask yourself. Have you taken steps to educate him or her about your program, the value it brings, and the results you have achieved? Are you able to effectively and quickly communicate the services the organization finds valuable, including the view from your boss’ peers? Can you clearly articulate who the primary customers are of each security service? Can you demonstrate how each area of the company (audit, sales, comptroller, marketing, R&D, etc.) utilizes security? Can you demonstrate the cost, head count and results of each program/service?
Get yourself to the place where you can answer “yes” to all of these questions. Then, after doing that, discuss with your new boss what he or she feels should be changed or modified. Consider reinventing or restructuring your security program in a manner that (re)appeals to senior management and (re)establishes it as a crucial partner within the organization.
How well have you been aligning your programs with corporate-level goals? Do you know how ready your organization is for your security programs? Do they look at them as reducing risk in well-defined areas (e.g., workplace violence or investigations)? Do they view security as a true business partner? Knowing how senior management views security will help you define your programs to meet their current expectations. You can’t expect your programs to be accepted (or continually accepted) because they may have worked in the past. You must keep up with the ongoing transformations of the business.
You must also take a hard look at where you are as a security leader. Have you settled into a “maintenance” stance? While it is clear many security departments are currently understaffed and are working with a meager budget, consider the next stage you want to achieve. Try to find a way to keep existing programs well maintained while you build up your capacity to identify and manage emerging issues. If your department is thought of as simply a cost center, when the inevitable business shifts loom, you will surely be in the line of fire.
When corporate restructuring is on the table, take the time to think through your situation and the organizational structure. Then, plan strategies that will eventually get you back to the position of a valued, revenue-enhancing partner of senior management. And look at this as an opportunity to improve your function, build its influence, align it with business goals, and better reduce risk.
If you have questions on how to realign after a structure change, or if you’d like to share your experiences and lessons learned, contact us at firstname.lastname@example.org.