Setting the Baseline for Security Planning in the Cannabis Industry

June 23, 2020
Security best practices are an essential element for establishing a cannabis operation

This article is the first in a series of four primer features that will discuss the operational issues that face both grow op and dispensary owners related to security compliance and risk mitigation. Sutton will be a featured expert in the upcoming SecuraCann Conference that will be held virtually on October 14-15. SecuraCann is sponsored in conjunction with SecurityInfoWatch.com and Security Technology Executive magazine and we invite you to participate in the industry’s only security exclusive event designed to inform commercial growers, dispensary retailers, investors and integrators of innovative technology and solutions to mitigate risk and secure their cannabis operations.

In order to legally operate a cannabis business, whether medical or recreational, a license or permit to operate must be obtained. Every state has its own regulations and application process in place. They all require security measures to provide for the safety and security of the operation, its associates, and the neighborhood within which it operates. Most states call this a “Security Plan” and require its details to be submitted with the application to operate, but what exactly is a “Security Plan?”

I have worked with many in the industry who think that a Security Plan is a floorplan drawing with security devices added (cameras, electronic access control, alarm, door intercoms, etc.) They have their security integrator provide this as a design-build, selling and installing the equipment as well.

Unfortunately, this is only a part of a Security Plan and leaves the organization short. A Security Plan includes a Security Management Plan, Security Operations Plan, and a Security Technology Plan. All three must be included in a complete Security Plan.

Security Master Planning is a process of gathering, developing, and assembling all aspects of the security program into the three parts of a complete security plan. Simple enough, anyone can do it, right?

Wrong! Although many organizations may have the ability to produce a security plan, it is usually best to work with a security consultant experienced in all aspects necessary for the development of the Security Plan.

Many security integrators (defined as security equipment companies, alarm companies, locksmiths, basically anyone selling and installing security equipment) hold themselves out as security consultants. Then, if they work within the cannabis industry and install a system in a cannabis facility, they hold themselves out as experienced cannabis security consultants. They traditionally do not hold any

experience, knowledge, or certifications demonstrating they are qualified as a security consultant, let alone qualified to produce any part of the Security Plan other than possibly the Security Technology Plan.

Integrators usually don’t have any experience or knowledge of the actual operations, flows, equipment, culture, and needs within a cannabis organization’s site so their plans require changes due to regulator inspections, or even due to equipment placement rendering the security equipment’s placement useless. Their plans usually are based upon any specific requirements of the law such as controlled access, minimum coverage, camera type and resolution, and video archive retention.

Security systems such as cameras, electronic access control, and alarms are tools. Tools are not solutions; they are tools. A strong security program based upon experience, best practices, and standards must be developed and implemented. A Security Management Plan, combined with the Security Technology Plan and its security systems as tools, and the Security Operations Plan with its Standard Operating Procedures (SOPs), will lead to a security solution.

A Security Master Plan is what ultimately ensures compliance and is needed for a permit or license to operate. Experiences in operations management should be taken into consideration in the development of information written into the Security Plan section of the application to operate.

Utilizing a strong security management program with state-of-the-art security systems will help an organization be a beneficial addition to the community and its immediate neighbors.

We will discuss the Security Management Plan, Security Operations Plan, and Security Technology Plan separately incoming articles dedicated to each. Stay tuned and stay safe, and always remember that it is everyone’s responsibility to become an active participant in the safety and security of themselves and others.

About the Author: Timothy Sutton has more than 30 years of security experience. His expertise includes operational security management and program development, loss prevention, physical security and risk assessments, and technical security systems design and implementation. He has worked with clients in diverse sectors including medicinal and adult-use cannabis, healthcare, retail, government, manufacturing, and multi-use properties.

Prior to joining Guidepost Solutions as a Senior Security Consultant, Sutton worked as a director of security for Greenhouse Group and its Grassroots and Herbology banners, responsible for enterprise security risk management in all markets. He authored Security, Emergency Action and Fleet Safety Plans along with security training and operations manuals. He also conducted new hire background investigations and security advances at dispensaries as part of Transportation Security Plans in multiple states. Prior to Greenhouse Group, he worked as the director of security for Revolution Enterprises where similarly he was responsible for everything security in all states of operation.

About the Author

Timothy Sutton, CPP, CHPA | Senior Security Consultant at Guidepost Solutions

Timothy Sutton has more than 30 years of security experience. His expertise includes operational security management and program development, loss prevention, physical security and risk assessments, and technical security systems design and implementation. He has worked with clients in diverse sectors including medicinal and adult-use cannabis, healthcare, retail, government, manufacturing, and multi-use properties.

Prior to joining Guidepost Solutions as a Senior Security Consultant, Sutton worked as a director of security for Greenhouse Group and its Grassroots and Herbology banners, responsible for enterprise security risk management in all markets. He authored Security, Emergency Action and Fleet Safety Plans along with security training and operations manuals. He also conducted new hire background investigations and security advances at dispensaries as part of Transportation Security Plans in multiple states. Prior to Greenhouse Group, he worked as the director of security for Revolution Enterprises where similarly he was responsible for everything security in all states of operation.