It’s 3:14 on a Sunday morning in February. You’re the operations manager of a small security firm covering five sites across Leeds and Wakefield: a distribution warehouse, two construction compounds for a utilities contractor, a shopping centre on lockdown overnight, and a retail bank. Thirty-two SIA-licensed guards on your roster, 24/7 rotation, mobile patrols, static guarding, alarm response. The duty phone buzzes. It’s Carter, posted at the Rezzato logistics yard since 22:00. “Mate, I’ve got a stabbing pain in my side, I think I need A&E, you’ve got cover until 06:00, who can I hand over to?” You open the master Excel rota on your laptop, scan the standby column, start dialling. First number: voicemail. Second: he came off shift at 02:00, daily rest break still in force under the Working Time Regs, can’t legally come back. Third: doesn’t pick up. Fourth: already deployed elsewhere. Fifth: lives forty miles away, won’t make it in time. Sixth, finally, agrees, but you already know you owe him a call-out fee, the travel, double-time night-rate overtime, and you’ll have to redraw half of next week’s rota to give him the rest hours he’s now due.
By 04:30, while the replacement is driving down the M62, you’re updating the Excel sheet, scribbling a note about the absence reason for payroll, messaging the contracts manager to explain the seventy-six minute coverage gap that the warehouse client will spot on the morning report. You know that on Monday the construction client wants the weekend incident log, you know Friday is the deadline for the next monthly rota to all thirty-two guards, and you know the bookkeeper has already chased you twice because January’s overtime hours don’t reconcile with the BSIA-compliant pay codes you submitted. And you know that, ultimately, the real problem isn’t Carter’s appendix. It’s that your entire operational system runs on Excel sheets, late-night phone calls and your personal memory of who can work when, on which site, at what cost. A system already creaking at thirty-two guards, which will simply collapse when the firm wins the next big contract and the headcount jumps to fifty.
This is the daily operational reality of hundreds of small and mid-sized UK security companies: firms with SIA Approved Contractor Scheme status, BSIA or NSI/SSAIB membership, staff vetted to BS 7858, competing for tenders against the big national names with planning tools designed for completely different industries. The Excel rota isn’t the problem in itself: it’s the symptom of a sector that’s digitised its invoicing but never its operations. And the bill is paid by the duty manager every Sunday night.
If the SIA ACS and BS 7858 reality is eating your weekends, the security sector page is the first sane step.
No credit card, up and running in 2 minutes.
See sectorWhy generic rota apps don’t work for the UK security industry
Guarding has specifics that almost every generic shift planning tool ignores entirely. You’re not scheduling waiters in a restaurant chain or shop assistants on a high street. You’re managing SIA-licensed personnel, front-line door supervisors, security officers, CCTV operators, vehicle immobilisers, close protection, each with a licence number, an expiry date and a sector entitlement. You’re operating 24 hours a day, 365 days a year, under the Working Time Regulations 1998 with the security sector’s specific carve-outs around night work, rest breaks and the 48-hour weekly average. Get an assignment wrong and you’re not just inconveniencing the client: you’re potentially in breach of statutory rest requirements, or placing an officer without the right SIA entitlement on a site that demands it.
On top of that, your client, the bank, the retail chain, the infrastructure contractor, the broadcaster, doesn’t just want “a guarding service”. They want objective proof the service was delivered in line with the SLA in the contract: actual presence on site, patrol checkpoints hit on time, incident reports logged, the identity of the officer actually on duty at any given hour, any handover or replacement traceable and authorised. An Excel rota produces none of that. At best it produces a plan that by Monday morning already diverges from what was actually executed over the weekend. And when the client queries that seventy-six minute coverage gap on Saturday night, you find yourself reconstructing it from paper occurrence books and the contracts manager’s WhatsApp history.
There’s a third layer that’s frequently underrated: the legal exposure on the officer themselves. A guard who worked 22:00 to 06:00 the previous night cannot legally, under the Working Time Regs and your own duty-of-care obligations, return to a static post within a certain rest window. If in the urgency of 3am you, the exhausted dispatcher, ring him and accept his “yeah alright I’ll come in”, and on the drive back there’s an RTA, or on shift he misjudges a hostile-customer incident, the liability on the firm is significant. A planning system that ignores rest constraints isn’t merely awkward: it’s an insurance, contractual and HSE risk.
What proper shift management software for security firms must actually do
The first feature, the one everything else is measured against, is 24/7 rotation handling with automatic compliance constraints. You need to load the roster by SIA licence category (security guarding, door supervision, CCTV, close protection), by licence expiry date, by BS 7858 vetting status, by site-specific training (PSIA, ACT, conflict management). When you assign a guard to a site, the system should already know whether that guard holds the right entitlement, whether they meet the rest-break window from their last shift end, whether their weekly hours are inside the 48-hour average, whether the running total of nights and bank holidays is blowing the budgeted labour cost. You should see at a glance who’s available in an emergency, not scroll a 100-row spreadsheet.
The second is a structured workflow for shift swaps and replacements. When Carter rings at 03:14, you shouldn’t be making six blind phone calls. The app on your phone should already show the list of standby officers in the area, sorted by drive time to site, with each one flagged “rest-compliant: yes/no”, “SIA category match: yes/no”, “estimated call-out cost”. The officer accepts inside the app, the replacement is logged, the rota updates itself, the contracts manager gets the notification, payroll inherits the right pay codes for next month without anyone re-keying anything. One event, one source of truth.
The third is GPS verification of arrival at the post. This isn’t punitive surveillance of the workforce, the ICO has been clear for years that geolocation for the purpose of operational delivery and lone-worker safety is lawful under UK GDPR, provided it’s transparent to the employee and proportionate. We’re talking about a clock-in event that certifies to the client that Officer X arrived at Site Y at 21:58, opened the first patrol round at 22:30, logged the “rear loading bay checked” checkpoint at 23:15, signed off at 06:02. When the bank’s facilities manager asks for the weekend log on Monday, you generate it in five seconds. Not in two hours of reconstruction from an A4 notebook.







