Training Needs Analysis

Senior Regional Advisor & Regional/Country Security Advisor

This Estate Security & Networks Directorate Foreign, Commonwealth and Development Office (FCDO)

Contents

Useful References 

This document should be read in conjunction with the following: 

  • FCDO Risk Appetite Statement 
  • Government Physical Security Curriculum and Brochure, April 2022 
  • Government Personnel Security Curriculum, February 2022 
  • Government Technical Security Learning Pathways and Curriculum Brochure, May 2022 
  • Government Security Leadership Learning Pathways, March 2022 
  • Projects Task Force- (Regional) Overseas Security Managers Review, April 2024 

Abbreviations

Regulated Qualifications Framework (RQF) Levels Qualification Example
ASIS
American Society for Industrial Security
BCM
Business Continuity Management
BTEC
Business & Technology Education Council
CIPD
Chartered Institute for Professional Development
CIISec
Chartered Institute of Information Security
CNI
Critical National Infrastructure
DfT
Department for Transport
NCSC
National Cyber Security Centre
NPSA
National Protective Security Authority
Regulated Qualifications Framework (RQF) Levels Qualification Example
QAA
Quality Assurance Agency for Higher Education
RQF
Regulated Qualifications Framework
R/CSA
Regional/Country Security Advisor (Formerly OSM)
SRSA
Senior Regional Security Advisor
SQEP
Suitably Qualified & Experienced Personnel
VCDR
Vienna Convention on Diplomatic Relations
VCCR
Vienna Convention on Consular Relations
Regulated Qualifications Framework (RQF) Levels Qualification Example
ASIS
American Society for Industrial Security
BCM
Business Continuity Management
BTEC
Business & Technology Education Council
CIPD
Chartered Institute for Professional Development
CIISec
Chartered Institute of Information Security
CNI
Critical National Infrastructure
DfT
Department for Transport
NCSC
National Cyber Security Centre
NPSA
National Protective Security Authority
QAA
Quality Assurance Agency for Higher Education
RQF
Regulated Qualifications Framework
R/CSA
Regional/Country Security Advisor (Formerly OSM)
SQEP
Suitably Qualified & Experienced Personnel
SRSA
Senior Regional Security Advisor
VCDR
Vienna Convention on Diplomatic Relations
VCCR
Vienna Convention on Consular Relations

Introduction

This document was prepared by Optimal Risk Group on behalf of the Foreign & Commonwealth Development Office (FCDO), Estates Security & Network Directorate (ESND).  ESND’s intention is to build the capacity and capability of security professionals deployed in British Embassies worldwide. The Training Needs Analysis covers Protective security (Physical, Personnel & Technical Security) as well as Leadership and Management.

With an aim to: 

  • Attract and recruit the best talent into the Regional/Country Security Advisor and Senior Regional Security Advisor cohort 
  • Retain a responsive, highly skilled and motivated workforce 
  • Develop a clear learning offer with external accreditation and interchange within the Government Security Profession as part of the One HMG initiative 
  • Support and align career pathways across the profession and wider Government Security Profession 
  • Increase the capability to influence through effective communication, leadership and management 

This document is based closely on the Government Security Profession Career Framework and the Civil Service Success Profiles and behavioursBoth documents should be used as a point of reference when: 

  • Identifying the required skills and qualifications that enhance employee capability or rectify a knowledge gap relevant to the Embassy’s threats and vulnerabilities. 
  • When employees are considering a role move 
  • During regular performance reviews.
  • When drafting a personal development plan 
  • ESND may use this document to recruit diverse talent and line manage / retain existing talent 

Government Security Skills Framework

ESND Security Professionals fall under the Government Skills Framework. This describes the range of competencies expected of globally deployed Security professionals in the effective performance of their roles.  It has been developed with reference to the Government Security Profession Career Framework[1], which groups skills into the following specialisms: Physical Security, Personnel Security, Cyber Security and Corporate Enablers. 

This Training Needs Analysis seeks to define the skills and capability expected of the SRSA & R/SCA in practical application and not just an assessment of the knowledge.  Not all roles require detailed experience in all competency areas.  Once identified, a range of qualifications, training and CPD will be recommended for all to consider, to enhance their career development plan.

[1] Cyber Security and the government’s Technical Security Specialisms are excluded from the Protective Security Skills Framework.

What Are Skills

Skills refer to the expertise or aptitude in a capability that is needed to do somethingThe security skills are used to indicate the typical knowledge and experience required for each of the SRSA & R/CSA roles in the career framework. 

What are they for?

The security skills are for Senior Regional Security Advisors and Country Security Advisors working in a deployed role anywhere in the world, or anyone who wants to find out what is required for different Government Security Profession roles. 

How do I use the skills framework?

It is important to link the skills to your development and use them to inform career and development discussions with your line managerThis will help you to agree which development areas to focus on. 

Remember the following:

Useful References 

  • The skill profiles are for guidance only and should not be used as an exact measure for a particular role 
  • Achieving the skill profile for a role at a different grade level does not entitle someone to that grade, but it may enhance their chances when applying for that role 
  • You do not need to achieve all aspects of the skill profile for a role before you can apply for it – we often learn best by stretching ourselves to take on new responsibilities 
  • Skill levels are cumulative – for example, to hold a ‘practitioner’ level in any skill, you must meet the requirements of ‘working’ level as well 
  • Examples of training courses in this document are for illustrative purposes only and are not endorsed by the ESND or wider FCDO. 

What are Suitably Qualified and Experienced Personnel?

Suitably Qualified and Experienced Personnel (SQEP) are integral to maintaining high standards within any Career Framework, ensuring that individuals possess the requisite skills, qualifications, and experience for their roles. This framework establishes clear criteria for identifying SQEP by aligning qualifications, certifications, and professional experience with specific competency levels and job requirements. This approach promotes consistency, enabling organisations to match personnel effectively to responsibilities and foster confidence in their capabilities. Additionally, SQEP designation highlights pathways for growth, encouraging individuals to build on their existing expertise through ongoing professional development and advanced training opportunities.

While technical qualifications and experience are essential, the framework also emphasises the importance of soft skills, such as communication, teamwork, and adaptability, fostering a well-rounded workforce capable of thriving in dynamic environments. Ultimately, SQEP contributes to a robust and dynamic career framework that values both current proficiency and future potential. 

Security Specialisms

The Government Security Profession career framework has four security specialisms, plus Corporate Enablers:

  • Physical
  • Personnel
  • Technical
  • Cyber

 

Physical security protects assets, including people, services, infrastructure, systems, places, equipment and networks. Effective physical security is achieved by multilayering different measures, which is commonly referred to as defence in depth. The concept is based on the principle that the security of an asset is not significantly reduced with the loss of any single layer. 

Role Family Role Family Definition
Advisory
Advisory Responsible for providing physical security advice and assurance within the organisation and externally within the civil nuclear sector.
Operations
Responsible for the efficient and effective management of all aspects of physical security operations, including outsourced capability (e.g. services and people) of physical and personal security from the places where people work and the people themselves, to the locations of systems, services and networks.
Research, Development & Design
Responsible for research and knowledge development of physical security countermeasures and associated guidance.

Personnel security is a system of policies and procedures that seeks to identify, understand and mitigate the risk of workers (insiders) exploiting their legitimate access to an asset for unauthorised purposes. 

Role Family Role Family Definition
Advisory
Responsible for providing personnel security advice and assurance within the organisation and externally within the civil nuclear sector.
Operations
Possible for conducting and facilitating people screening, implementing, reviewing and assessing security monitoring policies and investigating breaches or incidents of concern.
Research, Development & Design
Responsible for research and knowledge development of personnel security countermeasures and associated guidance.

Cyber security protects information systems (hardware, software and associated infrastructure), the data on them, and the services they provide, from unauthorised access, harm or misuse. This includes harm caused intentionally by the operator of the system, or accidentally, or as a result of failing to follow security procedures.  For further details on cyber security roles and skills, please refer to the Chartered Institute of Information Security. 

Role Family Role Family Definition
Advisory
Responsible for advising and enabling teams to make security decisions. This includes providing advice and guidance about technical matters and the identification of cyber related risks, and how to mitigate and manage risks.
Operations
Responsible for monitoring, responding to and proactively managing threats facing the organisation, including by monitoring event data, collecting and disseminating actionable intelligence, and managing identified vulnerabilities across the organisation.
Research, Development & Design
Responsible for ensuring development and design of applications is done with sensitivity to threats facing the organisation, and building security in the development process. This includes, for example, conducting penetration tests and social engineering tests.

Counter espionage refers to the activities and measures taken by a government, organisation, or individual to prevent, detect, and thwart espionage operations conducted by foreign or hostile entities. Espionage involves gathering classified or sensitive information through covert means, often for intelligence or military purposes. Counter espionage aims to identify and neutralise spies, uncover espionage networks, safeguard critical information, and protect national security interests. This includes actions like surveillance, security protocols, and investigating potential security breaches to stop or expose espionage efforts.

Role Family Role Family Definition
Advisory
Responsible for identifying and mitigating security risks relating to nuclear materials, including ensuring the appropriate implementation of effective countermeasures, while ensuring that mitigations are aligned to the expectations of nuclear industry regulators and legislative requirements.
Operations
Responsible for delivering the protection of nuclear materials and associated technology from close access acquisition or sabotage by hostile actors.
Research, Development & Design
Responsible for research and knowledge development of nuclear security countermeasures and associated guidance.

The career framework also has Corporate Enablers. Corporate Enablers span the specialisms and are pivotal to the growth, development and success of the Government security profession. Individuals working in a corporate enabler role may belong to more than one Government function or profession. The corporate enablers included in the career framework are leadership, business continuity, education and awareness, training, capability development, policy, process, support, and risk management. 

Role Family Role Family Definition
Advisory
Responsible for identifying and mitigating security risks relating to nuclear materials, including ensuring the appropriate implementation of effective countermeasures, while ensuring that mitigations are aligned to the expectations of nuclear industry regulators and legislative requirements.
Operations
Responsible for delivering the protection of nuclear materials and associated technology from close access acquisition or sabotage by hostile actors.
Research, Development & Design
Responsible for research and knowledge development of nuclear security countermeasures and associated guidance.

Skill Level Definitions

It is accepted that the SRSA and R/CSA roles will differ across the regions and countries. A variety of threats and risks (Terrorism, Organised Crime and Espionage) will dictate the appropriate skills and knowledge required to mitigate those threats and risks. Therefore, the GSF skill levels are used to assess appropriate capabilities necessary to fulfil a role in a variety of missions.

E.G The R/CSA in one European post must be a practitioner in countering Espionage, have working level skills in countering terrorism and a working knowledge of crime reduction relevant to the threats identified. They will require an awareness of travel risk management because they are rarely required to conduct travel risk assessment in that post. This will be the opposite for a R/CSA counterpart in South Africa. The GSF definitions of the four skill levels are listed below.

Role Profiles are outlined in detail at Appendix 1.

  • Awareness *
  • Working **
  • Practitioner ***
  • Expert ****

Applies knowledge and experience of the skill, including tools and techniques, adopting the most appropriate for the environment

Applies knowledge and experience of the skill with others, including tools and techniques, adopting the most appropriate for the environment

 

Shares knowledge and experience of the skill with others, including tools and techniques, defining those most appropriate for the environment

Has knowledge and experience in the application of this skill. Is a recognised specialist and adviser in this skill including user needs, generation of ideas, methods, tools and leading or guiding others in best practice use

ESND Security Role Profiles in the Government Security Framework

The ESND Security role of Regional/ Country Security Advisor is specifically referred to in the GSF in the ‘Operational Management’ role family. The Senior Regional Security Advisor is a new role and therefore not yet allocated to any role family. It could be argued that the title of adviser places the SRSAs in the Advisory role family with Overseas Security Advisers.  

Senior Regional Security Adviser could also be assumed to fit in the operational management role family based on the criteria.

R/CSA is listed in the GSF in Operations Management as Lead role in the delivery of security management in country. As the line manager to the lead role, the SRSA could fit the title of Principal in the Operations Management role Family. The Overseas Security Adviser department already employ this with one Principal and multiple Lead positions in the Advisory role family.

As the role level increases, the expectation on the individual increases, along with the number and complexity of skills associated with the role.  In addition, the senior roles are required to support the development of junior roles and their departments through coaching, management and strategic planning.

There is an argument that a third and fourth level could be introduced to:

  1. Encourage Generalists to consider a career in security at the entry level, and
  2. Security Professionals in other Government departments to consider transferring internally as an associate level to the ESND to progress in their GSP career.
  • Entry Level *
  • Associate **
  • Lead ***
  • Principal ****

Entry level focuses on building a foundation of knowledge and skills aligned with a role. It is focused on increasing awareness of best practice, acknowledging the tools and techniques required to progress. This is also the primary entry point for apprentices and graduates.

The Associate level focuses on developing knowledge and skills aligned with the role that were built at the entry level, including being able to utilise technical tools and techniques. It’s also focused on increasing confidence and independence in the role, and supporting and working with others.

The Lead level begins to take the experiences at Associate level and shares this knowledge with others. Individuals at a Lead level will be expected to utilise the appropriate techniques and make decisions on project and programme levels.

Principal level individuals are considered experts in their field. They have a wealth of knowledge and experience in their security role and are often expected to advise on the strategic decisions that involve their role within the department.

Training & Qualifications 

The wide variety of qualifications and suppliers is difficult to navigate. Training providers are often deliberately vague when explaining the level of their courses, allowing buyers to make assumptions that are very often wrong. The aim of this section is to explain the types of qualification which are available to those within the ESND security roles, drawing a distinction between regulated and non-regulated qualifications. 

Regulated Qualifications Framework

The Regulated Qualifications Framework (RQF) is a system that provides a way to understand and compare the level and size of different qualifications. Each qualification level [2] represents a progression in skills, knowledge, and understanding. The RQF allows learners, employers, and educational institutions to understand where a qualification sits in relation to other qualifications and gives a clear overview of progression pathways. 

[2] What qualification levels mean

Regulated Qualifications Framework (RQF) Levels Qualification Example
RQF Level 8
DOCTORATE
RQF Level 7
MASTER’S DEGREE
RQF Level 6
UNDERGRADUATE DEGREE
RQF Level 5
HIGHER NATIONAL DIPLOMA
RQF Level 4
HIGHER NATIONAL CERTIFICATE
RQF Level 3
A LEVEL
RQF Level 2
GCSE – GRADE 4 TO 9
RQF Level 1
GCSE – GRADE 1, 2, 3

Non-Regulated Qualifications

A non-regulated qualification is a course that is not benchmarked against the Regulated Qualifications Framework (RQF) and has not been validated by either Ofqual or the Quality Assurance Agency for Higher Education (QAA).  These courses can be used for professional and personal development, but universities do not recognise them for admissions.  That said, the merits of the training can still be compelling and of great value, but individuals should complete their own due diligence on the value of the learning content and credibility of the supplier. 

Legacy Qualifications

Legacy qualifications will be integrated into the career framework to recognise the value of previous achievements and ensure equitable career progression. By mapping legacy qualifications to current competency standards, individuals can demonstrate how their prior certifications align with the framework's requirements. This approach provides clarity for transitioning professionals, validating their skills and knowledge without requiring requalification. Additionally, legacy qualifications can serve as foundational milestones within the framework, paving pathways for further development and advancement. Emphasizing inclusivity, the career framework will honour these qualifications while supporting lifelong learning and skill enhancement.

Training Needs Analysis

Training Needs Analysis (TNA) is a systematic approach to identifying and addressing the learning and development needs within an organisation. The aim of this TNA is to ensure that SRSA and R/CSA training initiatives align with the overall mission and objectives of ESND in protecting the wider FCDO, enabling its mission. The knowledge, skills and behaviours must be tailored to meet the specific needs of the individuals in these roles to improve their chance of success. The process involves several key steps, each designed to provide a clear understanding of what skills and knowledge and behaviours are required, how to deliver the training, and how to measure its effectiveness. 

The first step in the TNA process was to review the organisation’s strategic goals and objectives. It was clearly expressed by the leadership that the protection of people, assets and information was the purpose of the cadre, the lack of a formalised strategic security plan will have an impact on the overall culture of the security function.

Whilst not in the specified terms of reference, it is recommended that the Strategic Security Plan be considered as a priority. It will enable the desired culture of security and define the purpose for all security staff to align their efforts beyond the post they occupy now.

Clearly defined objectives will allow key results to be measured in performance appraisals, improving productivity, enhancing service delivery and promoting respect and recognition from the staff that you wish to influence.

Role Family Role Family Definition
Advisory
Advisory Responsible for providing physical security advice and assurance within the organisation and externally within the civil nuclear sector.
Operations
Responsible for the efficient and effective management of all aspects of physical security operations, including outsourced capability (e.g. services and people) of physical and personal security from the places where people work and the people themselves, to the locations of systems, services and networks.
Research, Development & Design
Responsible for research and knowledge development of physical security countermeasures and associated guidance.

Interviews were conducted in person at ESND with the Head of Security & Resilience, Overseas Security Advisers and the Overseas Security Team (in London). Senior Regional Security Advisers, Regional/ Country Security Advisers and Post Security Officers were visited in a variety of posts (Brussels, Abu Dhabi & Tunis) with differing priorities relating to threats and risks.

A focus group with all Middle East R/CSAs was hosted online which reinforced the facts attained in face-to-face interviews. An anonymous competence/attitude survey was distributed via OST to all R/CSAs to understand the existing skills, knowledge, and competencies within the cadre, following which, secondary interviews were conducted online with volunteers that participated in the survey. Six of the 21 respondents were interviewed, (Freetown, Dhaka, Caracas, Warsaw, Brasilia and Suva) to ensure parity and to gather a wider picture of current appetites for learning and development. It is apparent that some of the survey respondents are proactively finding professional development whilst others wait to be directed or do not complete any CPD.

Many of R/CSAs are educated to Post Graduate Certificate or Diploma level certification in Security Management but others feel that their experience is sufficient. It is clear, that a competent Country Security Advisor must have contemporary Security Risk Management knowledge, line management skills as well as strong communication skills to enable the delivery of the Security knowledge.

Senior Regional Security Advisers must be able to do everything the R/CSA is capable of but with enhanced Leadership development and a foundation built on the Civil Service Behaviours and success plans that will enable the Security community to deliver its strategic security plan.

Skills gaps are diverse, and no single thread of inadequacy was identified. There is no documented minimum qualification level for employment in either role. Roles and competencies required to effectively deliver the ESND security mission are two-fold. Security Skills and Leadership/ management skills. Skills required relate to the threats presented, which differ in each post. Training in Counter Espionage, Counter Terrorism and Countering Organised Crime should be considered at an individual level for each post. Beyond these three threat categories, regional specific learning relating to environmental crisis management, diplomatic staff personal safety training and language skills training must not be neglected.

It is clear, that both Security skills and leadership skills are required to deliver effective security operations management that will influence and enhance security at the platform level. Interviews with security staff and the Post Security Officers identified that the most successful Security Managers were those that had mastered both. “We want diplomats that deliver security, not ex- military personnel that are bolted onto our diplomatic mission” stated one PSO.  

The training priorities for these roles have been considered against what defines competence in Security Operations Management. This is the Role family that R/CSA are allocated to in the Government Security Framework. (ROSM is specifically mentioned as a footnote in this role family on page 41 – Security Operations Manager (Lead). See below.

The SRSA role is new and therefore unlisted in the Government Security Framework, but it is recommended that the role be considered against the Operations Management (Principal), the line manager to the Lead role above. Each expectation listed below is an oversight of the Lead role above.

This alignment with the Government Security Framework suggests that the Regional /Country Security Adviser and Senior Regional Security Adviser naming is not appropriate. The Advisory role family is different to the Operational Management role family in terms of expected skills, training and success profiles.

As demonstrated below the advisory role family is focussed on expertise as an advisor and not line management whilst Operational Management is focussed on people, resource and finance management.

To enable stakeholder understanding of these employees’ objectives and key results, it is recommended that the naming of all roles focus on Management not Advising. Regional/ Country Security Manager and Senior Regional Security Manager job titles would align with the rest of the Government Security Profession.

It is recognised that investing in professional capability can be expensive and time consuming. This has identified that any successful implementation of a training regime, must be sensitive to competing priorities of work and home life to ensure a balance is maintained. Therefore, a range of professional development opportunities is recommended. The training priorities should consider a sliding scale of time and financial burden, encouraging staff to participate with as much as they feel capable of completing.

It is recommended that voluntary participation is reinforced with a compulsory scheme of Continuing Professional Development. CPD accredited by the Security Institute recognises a myriad of activities that accrue points per hour of activity/ learning. A minimum of thirty-six points equates to 72 hours of learning in 12 months. The submission of the CPD record to the Security Institute results in annual certification and could be included as part of the appraisal process.

A sliding scale of learning activity will be listed in the Appendices to this report. It will include:

  1. Zero cost and minimal effort (hours) in CPD opportunities.
  2. Minimal cost (£10s- £100s) and less than 2 weeks to complete or part-time commitment.
  3. Significant cost (£1000s) to complete OFQUAL regulated qualifications or degrees over months or years.
  • Induction Training
  • Pre deployment Training
  • Common Body of Knowledge
  • Continuing Professional Development

All interviewees expressed their experiences of the induction process was poor. The induction should include security skills, diplomatic skills and leadership skills relevant to the role. Training to prepare employees for life abroad, understanding the diplomatic mission and how their role supports that mission reinforces the need for a Security Strategy and mission statement specific to the security function.  

Postings often require staff to retrain their understanding of threats and risks because different missions have different priorities to consider. Broadly speaking, threats are one of three categories:

  1. Crime related (including protest and activism)
  2. Espionage related
  3. Terrorism related

A posting from a crime focussed post to an espionage focussed post requires a new set of skills or at least a revision of those skills with contemporary refreshments that fit the evolved threat. The postings invariably occur over the summer months and could offer an opportunity to develop a regime of online distance learning followed by refresher training in technical self-help skills and threat updates and qualifications relevant to the threats that enable the security manager to arrive at their new post prepared for the task.

A common body of knowledge will be required to underpin the continuing professional development. It is recommended that a basic appropriate standard of skills and knowledge be established alongside the Civil Service behaviours when recruiting or promoting within the cadre.  

The SFJ awards Level 4 Protective Security Advisor qualification has been developed by the Home Office in collaboration with the National Technical Authorities (NTA) and civilian sector. It is a converged approach to protective security. The course was released on 14 May 25 and would be an appropriate foundation Alongside this, it is recommended that all Security staff complete the National Protective Security Authority (NPSA) online foundation course which is available for free on the NPSA extranet. The foundation course is updated as new threats and advice is developed. Therefore, it would be prudent to complete the course in every pre deployment period

Security Staff that have security qualifications higher than a level 4 qualification may be exempt from attaining the L4 PSA but are encouraged to complete the NPSA foundation course if it has not been completed in the past 24 months.

Funding has been invested in Counter Terrorism Security Coordinator (CTSecCO) courses for most of the Cadre. In many posts this is only applied for the Kings Birthday Party reception and even then, the resources are rarely available. This considerable financial investment could be re allocated to more relevant courses on a needs basis.

The continuous professional development of the cadre is where improvements should be focussed.  

Different posts have different threats, and a training regime would support the development of the cadre by helping them to adapt to the change in threat when they arrive in a new post.

It is recommended that CPD be mandatory and monitored. Learning opportunities are essential and all personnel must have options that are free of cost and have minimal impact on time. Building on this, a higher tier of training that is between CPD and formal qualifications will be provided. Courses that teach skills for small financial cost and only days to complete. The qualifications will follow as per the RQF explained on page 11.  Training must focus on Security Skills in line with the role-based expectations in the GSF document (see page 6) and Civil Service behaviours with leadership and management to enable successful delivery. 

When foundation training and a regime of CPD is accepted by the cadre because it is directed and promoted through line management, every R/CSA and the SRSA will be more competent as a Security Professional. Competence is achieved through a combination of training, skills, experience and knowledge.  

Everyone will deliver the security programs, campaigns and culture more effectively. A visible improvement in capability will increase respect and recognition from the diplomatic community for their role and value to the Platform.  

Respect and recognition are transformational, increases pride in the role and the desire to perform even better. It is hoped that many in the cadre will be inspired to further their academic qualifications and that is why qualifications and degrees will be included in the appendices.  

Induction and pre deployment training will allow the OST to monitor and improve capability in a routine manner. 

Foundation – Common body of knowledge 

The baseline foundation of skills and qualifications is recommended for inclusion in recruitment to CSA in the first instance. OFQUAL regulated Skills for Justice (SFJ) have accredited a level 4 Protective Security Adviser qualification which was developed with input from all Government Security Technical Authorities, led by the Home Office. The course is established as a converged approach to Security. It will provide a comprehensive baseline understanding of security which should be enhanced with the online NPSA foundation course available via the Extranet, which all ESND Security personnel have access to.  The NPSA foundation course must be completed by any Security professional applying to attend any further NPSA courses. These two courses together provide assurance that knowledge is contemporary and multi disciplinary 

A hierarchy of professional development options from an hour of understanding to degree level will be provided, with multiple options in all security disciplines which will allow a learner to identify their skills gaps and select an option that will address the shortfall. This will align with the GSF personal development planning tools.  

New starter Induction training and staff pre deployment training (specific to post) will ensure employees are equipped with appropriate skills to appreciate the threats to the post and how to identify and manage the vulnerabilities as soon as possible. This training should be a mix of self-directed online learning, online briefs, completed with face to face training in London, utilising partner organisations that they will encounter on platform. This plan could be rolled out as postings are identified.  

The next phase involves rolling out the training program. During this phase, it’s essential to monitor the progress and gather feedback to ensure that the training is effective and meeting the needs of employees.

  • Recruiting and Induction training
  • Implementation and line management (Objectives and Key Results - OKRs)
  • Pre deployment updates

The Project Task Force Review (pg. 19) recognised that recruitment should consider civil service behaviours. Communicating and influencing, making effective decisions and working together, listed as the top three priorities. The last line on that page states “recruitment that encourages a more diverse range of candidates”. At para 56 (pg. 20) it recommends broadening the outreach to include other professional organisations. At para 58 (pg20) it recommends implementing a structured list of expectations that help a broader range of generalists with strong career anchors in government or private sector to match their skillsets to the R/CSA role.

Recruiting from the Generalist cadre may encourage graduates to consider a career pathway in security. Generalists have a diverse range of qualifications and their experience with other civil service roles, could bring a different perspective that will complement the ex- Military and Police cohort. There is an opportunity to introduce 8 generalists into the cadre as mentees. The SRSA role has raised some issues with the Post Security Officers. One PSO has calculated that their Platform will only receive 20% of their Regional Security Advisor time, because 80% is expected to be allocated as SRSA line management of multiple other R/CSAs. If a generalist is recruited into a CSA role at the post where the SRSA is based, it could present an opportunity for a dedicated mentoring relationship. The Platform will retain a dedicated resource, whilst the Generalist CSA has daily access to the SRSA because they will work in the same office. After 2 years as a mentee, it is expected that the Generalist will be a viable CSA for future postings. This may diversify the cadre in many aspects. If the Generalist CSA decides to pursue their original Diplomatic career, at least they will have a better understanding of security when they eventually become a PSO or HMA.

Recruiting from other departments within the Government Security Profession could introduce skills and experience that enhance the influence and recognition of security leaders in the FCDO cadre. It is not unusual for security professionals in the GSP to move between departments and promote into higher grade roles. Many will enjoy a role abroad. Encouraging a more integrated perspective could increase capability and enhance recruitment and retention within the Government Security Profession.

Induction into the FCDO Security cadre should be reviewed and prioritised as the foundation for future pre deployment training. In the interviews conducted, every interviewee stated that some aspects were essential but other aspects were irrelevant. Key themes were identified.

Pre induction administration would have reduced time spent completing forms at KCS. It was suggested that specific online training such as the NPSA foundation course would be beneficial in understanding security priorities. It is recommended that 5 days at Hanslope Park, being taught fault finding and the basics of integrated systems by STSO specialists will reduce downtime at platforms where an STSO is not immediately available. The second week should be focussed on providing a balance of civil service behaviours, Diplomatic briefings on the Vienna Convention on Diplomatic Relations (VCDR), 1961, Vienna Convention on Consular Relations (VCCR), 1963 and how they relate to the security advice they may be required to provide. Visits to the specific country desk to form a relationship prior to deployment would help in any future communications.

Once the Strategic Security Plan is promulgated, it is recommended that the SRSAs are engaged to identify their objectives. This will be predominantly line management and mentoring their R/CSAs as well as managing security at their own platform. The key results that satisfy their objectives will be important in subsequently identifying the R/CSA objectives and key results. Altogether, the OKRs should satisfy the SSP. Within the OKRs, Security Institute CPD scheme completion and submission will be a key result in the “continuous learning/competence” objective. When OST completes the SRSA appraisals or the SRSA completes the R/CSA appraisals, training and CPD will be measurable.

Periodic updates are vital to the development of skills and knowledge. It is suggested that the months and weeks prior to a new posting would be most beneficial to complete refresher training that will be specific to the new post. As mentioned in para 21 &22, different posts must prioritise different threats. The implementation and monitoring of a pre deployment package is a balance of OST oversight with input from the incumbent CSA and their successor. Briefings and introductions to key collaborators in London could be introduced by the incumbent and coordinated by OST. Likewise, a list of Technical Security challenges provided by the incumbent will allow their successor to gain specific training updates that are relevant to the systems deployed on platform.  

The effectiveness of the training should be evaluated. This can include assessing improvements in performance, employee feedback, or changes in operational results. 360 feedback should include a wide range of diplomatic staff, desk officers and anyone that engages with the cadre. Based on the evaluation, adjustments should be made to improve future training initiatives.

Key Documents

Government Security Framework

The Government Security Framework is an open source document on GOV.UK, designed to offer career guidance to Security Professionals in the Government Security Profession, irrespective of department, region or trade set. It should be used in conjunction with this document. Of the 350 pages and 46 security roles listed, only a small number (30 pages) relate the SRSA & R/CSA cadre at the FCDO. The following sections are recommended to understand skill levels, security disciplines and career development planning.  

  • Career Pathways for Physical Security are explained from Page 6 – 9  
  • Role Families for Physical Security are Explained at page 345 
  • Success profiles are explained on Page 348 
  • R/CSA career pathway resides in the Operations Management role family (Physical Security Operations Manager Lead) explained on page 44 
  • SRSA Career pathway resides in the operations Management role family (Physical Security Operations Manager Principal) explained on page 42 
  • The differences in skills required between the two roles is tabulated on page 44 
  • Personal development planning is outlined on pages 328 -340 
  • Further resources can be found on pages 341-349 

Success Profiles: Civil Service Behaviours

Behaviours are the actions and activities that people do which result in effective performance in a job. The Civil Service has defined a set of behaviours that, when demonstrated, are associated with job success. Civil Service Behaviours are specific to the grade level of the job role. The definitions of behaviours identified are: 

  • Seeing the Big Picture Understand how your role fits with and supports organisational objectives. Recognise the wider Civil Service priorities and ensure work is in the national interest.  
  • Changing and Improving Seek out opportunities to create effective change and suggest innovative ideas for improvement. Review ways of working, including seeking and providing feedback.  
  • Making Effective Decisions Use evidence and knowledge to support accurate, expert decisions and advice. Carefully consider alternative options, implications and risks of decisions.  
  • Leadership Show pride and passion for public service. Create and engage others in delivering a shared vision. Value difference, diversity and inclusion, ensuring fairness and opportunity for all.  
  • Communicating and Influencing Communicate purpose and direction with clarity, integrity and enthusiasm. Respect the needs, responses and opinions of others. 
  • Working Together Form effective partnerships and relationships with people both internally and externally, from a range of diverse backgrounds, sharing information, resources and support.  
  • Developing Self and Others Focus on continuous learning and development for self, others and the organisation.
  • Managing a Quality Service Deliver service objectives with professional excellence, expertise and efficiency, taking account of diverse customer needs.  
  • Delivering at Pace Take responsibility for delivering timely and quality results with focus and drive. 

Summary

The implementation of the training enhancements can only be achieved if the Strategic plan is defined and the organisation’s purpose is determined and issued in a statement. Objectives and key results that are measurable and achievable will be the indicator of success.

The job roles do not fit the title allocated. Consideration should be given to the role family that is relevant within the Government Security Profession framework document. The Operational Management role family is recommended with the R/CSA being renames Country Security Manager. The Senior Regional Security Adviser should also be a Manager. This would align the cadre with the wider Government Security Profession.

Induction training with a foundation “common body of knowledge” that includes Security, Leadership and Management skills, knowledge and experience will ensure that the cadre is well resourced and capable from the beginning. Recruiting young professionals into a security role as well as established security professionals from other Government departments will increase diversity in culture, thinking and problem solving. 

Pre deployment training, completed prior to leaving the current post will ensure knowledge gaps are addressed prior to arrival at the next post. PDT should be created by the incumbent R/CSA with advice from their SRSA to ensure the successful handover to the new R/CSA. Training should commence with online training and briefings followed by a curated week in the UK attending training at Hanslope Park and meeting key facilitators that will be key to success in the new post.

Continuing Professional Development should be mandated and assessed as a key result in the objective related to professional competence. As such CPD, accredited courses, qualifications and higher educational degrees should be encouraged and applauded when completed.

An annual review of the training catalogue at Appendix 1 should be conducted so that expired courses are removed and new recommendations added.

Appendices

Appendix 1: Catalogue of Training
Appendix 2: Recommendation Summary
Appendix 3: Security Managers Survey
The Line Management Standards - Core interactive PowerPoint

Security Training & Development

  • National Protective Security Authority
  • UK Resilience Academy
  • Business Continuity Institute
  • The Security Institute
  • American Society for Industrial Security
  • Association of Security Consultants
  • International Security Management Institute
  • Register of Chartered Security Professionals
  • DISA - formerly The Defence Industry Security Association
  • The City Security & Resilience Network (CSARN)
  • Frontier Risk Group
  • The Trip Group
  • Skills for Justice Awards
  • QN (UK) Security Courses
  • Royal United Services Institute
  • Civil Service College
  • Hera Learn

National Protective Security Authority

NPSA offers a variety of training programmes aimed at enhancing physical and personnel protective security: 

  • Digital Learning for Extranet Users: Foundation Course in Protective Security; Document Verification; Introduction to STaMP; Recognising IEDs; Insider Risk Management; Search & Screening; Security Culture; See Check & Notify (SCaN); Hostile Vehicle Mitigation 
  • In Person Learning: NPSA Foundation Course; Hostile Vehicle Mitigation; Counter Uncrewed Aerial Systems 

UK Resilience Academy

Note that until April 2025, the UK Resilience Academy was known as the “Emergency Planning College”

UK RA offers a wide range of resilience training courses designed to support individuals, teams, and organisations in preparing for and managing emergencies and crises. Some of their notable courses include:

  • Writing Contingency Plans
  • Debriefing Emergencies and Exercise
  • Preparing Emergency Plans for COMAH
  • Introduction to Crowd Safety Management
  • Exercising Crisis and Business Continuity Plans
  • Risk Management in Civil Protection

Business Continuity Institute 

The Business Continuity Institute (BCI) provides a comprehensive range of training and development programs aimed at enhancing business continuity and resilience. Some of their key offerings include: 

  • Certificate of the Business Continuity Institute (CBCI) 
  • Introduction to Operational Resilience 
  • Stakeholder Engagement Training 
  • Emergency & Crisis Communications 

BCI also offers various webinars, reports, and thought leadership content to support ongoing professional development. 

The Security Institute 

The Security Institute offers a variety of training and development opportunities aimed at enhancing the skills and knowledge of security professionals. Some of their key offerings include: 

  • Continuing Professional Development (CPD) Scheme: This scheme encourages members to engage in ongoing learning and development activities to maintain and enhance their professional competence 
  • External Courses and Qualifications: The Security Institute collaborates with various universities and educational providers to offer a range of vocational and academic courses. For example, they work with Buckinghamshire New University and the University of Portsmouth to provide courses in risk and security management 
  • Mentoring Scheme: This program pairs less experienced members with seasoned professionals to provide guidance, support, and knowledge sharing. 
  • Networking Events and Conferences: The Institute organizes events that allow members to network, share knowledge, and stay updated on industry trends and best practices 
  • Webinars and Workshops: These sessions cover a wide range of topics relevant to the security industry, providing members with opportunities to learn from experts and engage in discussions 
  • Validation of Experience: The Institute offers a robust validation process for its members, ensuring that their experience and qualifications are recognized and valued within the industry. 

These opportunities are designed to support the professional and personal development of security professionals at all stages of their careers. 

American Society for Industrial Security 

ASIS International offers a wide range of training and development opportunities for security professionals. Here are some of their key offerings: 

  • Certification Preparation: ASIS provides comprehensive resources to help professionals prepare for their certification exams, including online review courses, flash cards, virtual study groups, and practice tests 
  • Certificate Courses: These courses focus on specific topics within the security field, helping both newcomers and experienced professionals build competencies in areas such as physical security, risk management, and information security. 
  • Webinars: ASIS hosts live and on-demand webinars covering a variety of topics relevant to security professionals, such as enterprise security risk management (ESRM), physical and operational security, and the integration of physical and cyber security. 
  • Career HQ: This platform offers career resources, mentorship programs, and job opportunities to help security professionals expand their career horizons and improve their skills. 
  • Professional Development Programs: ASIS provides access to a range of professional development sessions from their Global Security Exchange (GSX) event, covering topics like leadership, career planning, and mental health and wellbeing. 

These opportunities are designed to support the continuous professional development of security professionals, helping them stay current with industry trends and best practices.

Association of Security Consultants

The ASC offers Professional development that focusses on a wide range of technical security applications within the physical security domain. They have reciprocal benefits with the Professional Security and Safety Alliance in UAE https://pssa.global/ and the International Association of Professional Security Consultants https://iapsc.org/ both of which offer regional events and online professional development.

ASC Webinars feature all aspects of protective security, hosted and freely available on https://www.youtube.com/channel/UCO1jML3lmR8vNvmGJQjdjtw

International Security Management Institute 

ISMI offer a Certified Security Management Professional (CSMP®) Level 6 Accredited DiplomaThis programme is designed for security management professionals and covers advanced concepts in corporate security management. 

Register of Chartered Security Professionals 

Becoming a Chartered Security Professional (CSyP) involves a rigorous process to ensure you meet high standards of competence and commitment in the field of security. Here are the key steps: 

  • Educational Qualifications: You need a university degree in a security-related discipline or an equivalent qualification recognized by the Chartered Security Professionals Registration Authority. 
  • Operational Experience: You must have at least five years of operational security experience, with at least two years at the Chartered competence level. 
  • Application Process: Submit an application to the Register of Chartered Security Professionals, which includes demonstrating your competencies in security knowledge, practical application, communication, leadership, and personal commitment. 
  • Assessment: Your application will be reviewed by independent assessors who verify your strategic impact and competencies. 
  • Interview and Presentation: You will need to pass an interview and presentation to further demonstrate your skills and knowledge. 
  • Continuous Professional Development (CPD): Once certified, you must comply with a Code of Professional Conduct and complete CPD each year to maintain your status. 

DISA

DISA acts as a collective representative body interacting with HM government and agencies within the UK defence/security arena. DISA offers an extensive training program prepared and delivered by experts who are members of the organisation, including: 

  • Security Vetting & Personnel Security 
  • Facility Security Controller 
  • IT and Cyber Security 

The City Security & Resilience Network (CSARN)

CSARN Board certified, Accredited and Qualifications. Various Security and leadership short courses delivered online.

Frontier Risk Group

Security Risk Management Consultant Level 6

The Trip Group

The world of risk is changing faster than ever before. Our mission is to bring together those responsible for travel safety and security, in order that they can share and gain experience, knowledge and expertise.

Skills for Justice Awards

Numerous accredited Courses and Qualifications in Security related topics. Includes the ISMI CSMP.

QN (UK) Security Courses

Numerous accredited Courses and Qualifications in Security related topics

Royal United Services Institute

The Royal United Services Institute (RUSI) is an independent think tank engaged in cutting-edge research on defence, security and international affairs.

Civil Service College

Civil Service College offers innovative training courses across subjects, from accountability and governance to leadership training, finance management, project management and personal development.

Hera Learn

Leadership and Development courses aligned to the Civil Service Behaviours

  • National Protective Security Authority
  • UK Resilience Academy
  • Business Continuity Institute
  • The Security Institute
  • American Society for Industrial Security
  • Association of Security Consultants
  • International Security Management Institute
  • Register of Chartered Security Professionals
  • DISA - formerly The Defence Industry Security Association
  • The City Security & Resilience Network (CSARN)
  • Frontier Risk Group
  • The Trip Group
  • Skills for Justice Awards
  • QN (UK) Security Courses
  • Royal United Services Institute
  • Civil Service College
  • Hera Learn

National Protective Security Authority

NPSA offers a variety of training programmes aimed at enhancing physical and personnel protective security: 

  • Digital Learning for Extranet Users: Foundation Course in Protective Security; Document Verification; Introduction to STaMP; Recognising IEDs; Insider Risk Management; Search & Screening; Security Culture; See Check & Notify (SCaN); Hostile Vehicle Mitigation 
  • In Person Learning: NPSA Foundation Course; Hostile Vehicle Mitigation; Counter Uncrewed Aerial Systems 

UK Resilience Academy

Note that until April 2025, the UK Resilience Academy was known as the “Emergency Planning College”

UK RA offers a wide range of resilience training courses designed to support individuals, teams, and organisations in preparing for and managing emergencies and crises. Some of their notable courses include:

  • Writing Contingency Plans
  • Debriefing Emergencies and Exercise
  • Preparing Emergency Plans for COMAH
  • Introduction to Crowd Safety Management
  • Exercising Crisis and Business Continuity Plans
  • Risk Management in Civil Protection

Business Continuity Institute 

The Business Continuity Institute (BCI) provides a comprehensive range of training and development programs aimed at enhancing business continuity and resilience. Some of their key offerings include: 

  • Certificate of the Business Continuity Institute (CBCI) 
  • Introduction to Operational Resilience 
  • Stakeholder Engagement Training 
  • Emergency & Crisis Communications 

BCI also offers various webinars, reports, and thought leadership content to support ongoing professional development. 

The Security Institute 

The Security Institute offers a variety of training and development opportunities aimed at enhancing the skills and knowledge of security professionals. Some of their key offerings include: 

  • Continuing Professional Development (CPD) Scheme: This scheme encourages members to engage in ongoing learning and development activities to maintain and enhance their professional competence 
  • External Courses and Qualifications: The Security Institute collaborates with various universities and educational providers to offer a range of vocational and academic courses. For example, they work with Buckinghamshire New University and the University of Portsmouth to provide courses in risk and security management 
  • Mentoring Scheme: This program pairs less experienced members with seasoned professionals to provide guidance, support, and knowledge sharing. 
  • Networking Events and Conferences: The Institute organizes events that allow members to network, share knowledge, and stay updated on industry trends and best practices 
  • Webinars and Workshops: These sessions cover a wide range of topics relevant to the security industry, providing members with opportunities to learn from experts and engage in discussions 
  • Validation of Experience: The Institute offers a robust validation process for its members, ensuring that their experience and qualifications are recognized and valued within the industry. 

These opportunities are designed to support the professional and personal development of security professionals at all stages of their careers. 

American Society for Industrial Security 

ASIS International offers a wide range of training and development opportunities for security professionals. Here are some of their key offerings: 

  • Certification Preparation: ASIS provides comprehensive resources to help professionals prepare for their certification exams, including online review courses, flash cards, virtual study groups, and practice tests 
  • Certificate Courses: These courses focus on specific topics within the security field, helping both newcomers and experienced professionals build competencies in areas such as physical security, risk management, and information security. 
  • Webinars: ASIS hosts live and on-demand webinars covering a variety of topics relevant to security professionals, such as enterprise security risk management (ESRM), physical and operational security, and the integration of physical and cyber security. 
  • Career HQ: This platform offers career resources, mentorship programs, and job opportunities to help security professionals expand their career horizons and improve their skills. 
  • Professional Development Programs: ASIS provides access to a range of professional development sessions from their Global Security Exchange (GSX) event, covering topics like leadership, career planning, and mental health and wellbeing. 

These opportunities are designed to support the continuous professional development of security professionals, helping them stay current with industry trends and best practices.

Association of Security Consultants

The ASC offers Professional development that focusses on a wide range of technical security applications within the physical security domain. They have reciprocal benefits with the Professional Security and Safety Alliance in UAE https://pssa.global/ and the International Association of Professional Security Consultants https://iapsc.org/ both of which offer regional events and online professional development.

ASC Webinars feature all aspects of protective security, hosted and freely available on https://www.youtube.com/channel/UCO1jML3lmR8vNvmGJQjdjtw

International Security Management Institute 

ISMI offer a Certified Security Management Professional (CSMP®) Level 6 Accredited DiplomaThis programme is designed for security management professionals and covers advanced concepts in corporate security management. 

Register of Chartered Security Professionals 

Becoming a Chartered Security Professional (CSyP) involves a rigorous process to ensure you meet high standards of competence and commitment in the field of security. Here are the key steps: 

  • Educational Qualifications: You need a university degree in a security-related discipline or an equivalent qualification recognized by the Chartered Security Professionals Registration Authority. 
  • Operational Experience: You must have at least five years of operational security experience, with at least two years at the Chartered competence level. 
  • Application Process: Submit an application to the Register of Chartered Security Professionals, which includes demonstrating your competencies in security knowledge, practical application, communication, leadership, and personal commitment. 
  • Assessment: Your application will be reviewed by independent assessors who verify your strategic impact and competencies. 
  • Interview and Presentation: You will need to pass an interview and presentation to further demonstrate your skills and knowledge. 
  • Continuous Professional Development (CPD): Once certified, you must comply with a Code of Professional Conduct and complete CPD each year to maintain your status. 

DISA

DISA acts as a collective representative body interacting with HM government and agencies within the UK defence/security arena. DISA offers an extensive training program prepared and delivered by experts who are members of the organisation, including: 

  • Security Vetting & Personnel Security 
  • Facility Security Controller 
  • IT and Cyber Security 

The City Security & Resilience Network (CSARN)

CSARN Board certified, Accredited and Qualifications. Various Security and leadership short courses delivered online.

Frontier Risk Group

Security Risk Management Consultant Level 6

The Trip Group

The world of risk is changing faster than ever before. Our mission is to bring together those responsible for travel safety and security, in order that they can share and gain experience, knowledge and expertise.

Skills for Justice Awards

Numerous accredited Courses and Qualifications in Security related topics. Includes the ISMI CSMP.

QN (UK) Security Courses

Numerous accredited Courses and Qualifications in Security related topics

Royal United Services Institute

The Royal United Services Institute (RUSI) is an independent think tank engaged in cutting-edge research on defence, security and international affairs.

Civil Service College

Civil Service College offers innovative training courses across subjects, from accountability and governance to leadership training, finance management, project management and personal development.

Hera Learn

Leadership and Development courses aligned to the Civil Service Behaviours