Documenting security patrols: how to provide customers with the evidence they are looking for
Field Service

Documenting security patrols: how to provide customers with the evidence they are looking for

May 19, 2026 · 14 min

It is 9.14 am on a Tuesday morning in March. You’re in your operations office in Sesto San Giovanni; you’ve just finished allocating the week’s shifts, and the direct number of the facility manager for one of your most important clients appears on your phone – a business complex in Milan’s Bicocca district where your security guards have been carrying out three night patrols every night for the past fourteen months. You answer, expecting a routine operational request. The voice on the other end is friendly but matter-of-fact: “Listen, we had a board meeting last night; a discussion arose about the cost of security, and the chairman has asked me to provide objective evidence that your staff are actually carrying out all the checkpoints specified in the contract. The invoice isn’t enough; the signed log isn’t enough. We need data. When can you send me a report for the last week?”

You put the phone down, look at the screen, and realise that report doesn’t exist. You’ve got the duty rosters, you’ve got the USB stick containing the paper log that the guard fills in at the guardhouse, you’ve got the signatures from each shift. But objective evidence, checkpoint by checkpoint, with verifiable times and geolocation? No. Your security guards are good; you know Salvatore and Marco personally – they’ve been covering that site for months – and you know they really do carry out their patrols, but you also know that the facility manager isn’t asking for your word alone. He’s asking for data he can pass on to his board. And at that moment you realise two things: the first is that somewhere, they’re probably considering another agency that does provide that data. The second is that the €84,000-a-year contract might not be renewed in September.

This is the scenario currently playing out in hundreds of Italian private security firms right now. It’s no longer the small client asking for a discount. It is the medium-to-large client – banks, hospitals, business centres, logistics hubs, public buildings – who have stopped trusting paper logs and now demand a patrol documentation system that produces digital, exportable and tamper-proof evidence. Those who fail to adapt lose out on tenders. Those who do adapt – and do so effectively – shift the focus of the discussion from price to positioning. The point of this article is precisely this: what does it mean, today, to document a security patrol in such a way that it stands up to scrutiny by a client, an insurance surveyor and, in the worst-case scenario, a magistrate?

If the client from the banking sector asks for digital logs and you only have a paper log, two weeks’ delay shifts the conversation away from price.

No credit card required; up and running in 2 minutes.

Take a look at the sector

Why a paper log is no longer enough for the client

For decades, security guards’ patrols were documented using a notebook in the guardhouse, a signature at the start and end of a shift, and possibly a stamp at key points along the perimeter. That system worked as long as the client trusted it out of habit: the invoice arrived, there was no theft, and the contractual relationship continued. Today, that arrangement has broken down. The boards of asset management companies, the risk managers at banks, and the management committees of healthcare facilities are demanding evidence. They do so because the insurance company in turn demands it of them, because the certifying body demands it, and because, when an incident occurs, the first document the deputy public prosecutor asks for is the ‘log of patrols during the twelve hours preceding the incident’. If that log is a single page from a notebook with a signature at the bottom, the problem becomes yours even before it becomes the client’s.

There is also a second factor that many organisations underestimate. Tenders for public contracts – from the Ministry of the Interior, AdR for airports, local health authorities (ASLs) and large local councils – have, over the last five years, incorporated increasingly stringent clauses regarding the traceability of patrols. Typically, these refer to an “electronic checkpoint detection system with verifiable time-stamping, geolocation of detections and the generation of exportable daily reports”, often with reference to data security standards. If you are not equipped to meet these requirements, your score will plummet during the technical evaluation phase, even if you offer the best price. And in the high-end private sector, the situation is the same: the facility manager at the Milan Bicocca business centre has incorporated that same logic into his requirements, even without specifying it in the tender documents.

The cost of not having a structured documentation system is not just losing the tender. It creates a knock-on effect: fewer contracts won means lower volumes; lower volumes mean less bargaining power over suppliers; less bargaining power means eroded profit margins; and eroded profit margins mean you can no longer invest in the tools that would have enabled you to win those contracts again. The security firms currently experiencing double-digit growth are those that closed this loop three or four years ago. Those that are closing branches and losing contracts share one common trait: they continue to document patrols in the same way as they did in 2010.

What is really needed for patrol documentation to stand up to scrutiny

When the facility manager says ‘I want proof’, they aren’t asking for a generic PDF. They are looking for a chain of evidence that begins with the security guard starting their shift and ends with the report that they can pass on to their board. The first link in the chain is the physical checkpoints around the site’s perimeter: weather-resistant NFC tags or QR codes, positioned at the contractually agreed points, such as entrances, emergency staircases, plant rooms, the outer perimeter and data centre rooms. When the security guard passes by, they tap the tag with their company smartphone, and at that moment four pieces of data are recorded simultaneously: the checkpoint ID, the exact time recorded by the time server, the GPS coordinates of the security guard’s smartphone, and the device identifier. Four pieces of data, a single action, which cannot be altered after the event.

The second layer is photographic evidence where required. At some sites, the client requests that the guard take a photo at the critical checkpoint – the data centre door, the main electrical switchboard, or the yard gate – to certify that everything was in order. The photo is taken from within the app, with timestamp and geolocation metadata embedded and visible on the image itself. This is not about monitoring the guard: it is about documenting that at 03:14 that door was locked and that the guard checked it in person. If, on that same night, someone forces the door open at 04:20, the photo taken at 03:14 becomes the evidence that protects both you and the security guard when faced with the inevitable question: ‘Why didn’t you spot it earlier?’.

The third link is managing the incident as it happens, not at the end of the shift. If, whilst on patrol, the security guard finds a ground-floor window ajar, a misaligned CCTV camera or a suspicious vehicle in the car park, they must be able to submit a report directly via the app, including a photo, description, geolocation and the time. That report goes straight into the queue for the operations centre operator and reaches the client within a few minutes, not in a service report emailed the following day. This radically changes the perception of the service: the client stops viewing security as a passive cost and begins to see it as an active risk management system.

The fourth element – and the most important one for finalising the contract – is the exportable report. At the end of the day or the weekend – depending on how the contract is structured – the system automatically generates a PDF document branded with your organisation’s logo: a list of patrols, the time of each checkpoint, a map showing the routes, attached photos, any reports of anomalies, the signature of the shift manager, and a cryptographic verification reference. That PDF is what you send to the facility manager on Tuesday morning at 9.30 am. It is not a Word document with a makeshift table: it is a document that looks like a bank statement, and which the facility manager can pass on exactly as it is to their board.

Try GeoTapp free for 14 days

No credit card required. Get started in 2 minutes.

Start free trial

The regulatory framework and Article 4 of the Workers’ Statute

The Italian legal framework is clear regarding the lawfulness of tracking private security guards. Article 4 of the Workers’ Statute, as amended by the Jobs Act, provides that geolocation and the recording of working hours are permitted when they meet organisational requirements, ensure worker safety or protect company assets; all three of these purposes coincide exactly with the documentation of patrols. The National Collective Labour Agreement for Private Security, and in particular the sections dedicated to sworn private security guards and concierge services, incorporate this framework and set out procedures for informing workers. The Data Protection Authority, through specific measures relating to the security sector, has reiterated that GPS tracking is lawful provided it is transparent, proportionate and the data is retained for consistent purposes – exactly what a platform designed for the sector does.

From the client’s perspective, structured patrol documentation has become a standard contractual clause in public tenders and is almost standard in high-end private tenders. Banks, healthcare facilities, transport hubs, public administration buildings: the phrase ‘production of an electronic log of patrol activities, which can be exported and archived by the client for the period stipulated by the applicable legislation’ is now included in most tender specifications. Failing to provide this means either being unable to bid for the contract, or submitting a declaration that, upon verification, backfires.

What happens when an incident actually occurs

Three o’clock in the morning on a Saturday in November. At the industrial site your agency is guarding with two security guards on alternating patrols, someone forces open a side gate, enters a warehouse and makes off with equipment worth €45,000. The client’s insurance company opens a claim. The first thing the loss adjuster asks for is the sequence of patrols during the six hours leading up to the incident. If you have a structured system, you send them the log within an hour: checkpoints, times, photos, and any reports. The claims adjuster reconstructs the timeline, identifies that the point of entry was not within the contracted perimeter, and the insurance company pays out without disputing your third-party liability cover. If, on the other hand, you only have a paper log, a dispute begins that can last for months, during which every detail is contested, and you risk having your cover reduced due to ‘insufficient documentation of the service’.

The same applies in court. When the public prosecutor opens a case regarding the theft, the first thing they want to see is objective evidence that the security guards were present at the times and locations specified in the contract. A chain of NFC readings with server timestamps, geolocation and cryptographic verification is exactly that kind of evidence. A hand-signed paper log is not.


The future that awaits you if you don’t change anything

You will continue to lose public tenders by two or three technical points to your competitors, even when your price is competitive. High-end private clients will start not renewing their contracts – first the smallest one, then the one worth €84,000 a year, and finally the strategic one that kept two dedicated patrol cars on the road. When an incident occurs – and in the security sector, sooner or later it always does – the insurance claim drags on for months and any payout is only partial, because the documentation doesn’t stand up to the loss adjuster’s scrutiny. Your most experienced security guards – the ones who really know their trade – grow tired of being the sole point of support in a system that fails to protect them: some move to companies that provide them with more professional tools, whilst others move directly into the in-house security departments of banks and large corporations. Margins are eroded. Growth comes to a standstill. And when you try to discuss a rate adjustment with the client, you’re told, ‘Well then, we’ll go with the other agency – at least they send us digital reports’.

The future that awaits you if, instead, you document every patrol

The facility manager’s phone calls take on a different tone. When he calls you on Tuesday morning asking, “How are the patrols going?”, you open the dashboard, export the PDF for the past week, and email it to him whilst you’re still on the phone. He opens it and sees, checkpoint by checkpoint, that every night the three contracted patrols were carried out on time, complete with route maps and photos of critical points. The conversation shifts from “I want proof” to “excellent, I’ll pass this on to the board”. When it comes to contract renewals, you stop feeling the pressure on price, because the client realises that the value lies not just in the man in uniform but in the documentation system that supports him. In public tenders, you gain the two or three technical points that were holding you back from winning. Security guards in the field feel part of a professional system, not just individual operatives under pressure: staff turnover falls, quality rises, and well-managed incidents become sales case studies. When that Saturday night claim in November comes in, the case is settled within three weeks without any reduction in cover. And in new tenders, especially those where the client is sophisticated, your positioning becomes premium by definition: you’re the organisation that documents everything in a verifiable way, not the one that just hopes nothing goes wrong.

The tool that gets you there

You need a tool that does all this work in place of security guards on the ground and managers at the operations centre: NFC and QR tags at checkpoints, timestamped and GPS-tracked detection, photos embedded in metadata, instant incident reporting, branded PDF reports with a cryptographic audit trail, exportable for clients, surveyors, insurers and authorities. A tool that doesn’t require the security guard to turn into a form-filler during a night patrol at -2 degrees, but which does the work for them with a single tap at each checkpoint. And a tool that produces documents that look exactly what they are: objective proof of a professional service, not a Word document with a crooked logo.

GeoTapp was built precisely to meet this need, following discussions with private security firms for whom a call from the facility manager was like a weekly alarm bell. NFC and QR checkpoints, tamper-proof geo-timestamped tracking, photographs with integrated metadata, real-time incident management, and PDF reports that can be exported and verified offline by clients and surveyors. See how it works and try to imagine the next phone call from the facility manager at Milano Bicocca, with this system already installed at your site.

And what about you? How many times have you found yourself being asked by the facility manager or the client’s security manager for documentary evidence of patrols, only to realise that the paper log wasn’t enough? Share your experiences in the comments – it’s a discussion every Italian security firm is having right now, and exchanging views with colleagues helps everyone understand where the market is heading.

Just imagine the next phone call from the facility manager at Milano Bicocca, with all the patrols already documented on the portal.

See the security sector with tamper-proof records. Fourteen days, paper-free.

No credit card required; up and running in 2 minutes.

See the sector

Get articles like this in your inbox

Practical insights on GPS tracking, field operations and GDPR. No spam, just useful content.

Comments

No comments yet. Be the first.

Leave a comment

Related articles

Read also

Try GeoTapp free for 14 days

No credit card required. Get started in 2 minutes.

Start now

© 2026 GeoTapp — original content. You may quote it and reuse parts with a link to this page. Full republication or commercial use only with our permission.