24/7 Emergency Response — 01384 218829
SIA Licensed · Worcestershire & West Midlands
ServicesTechnologyWhy UsGuidesAboutGet a Quote
Buyer's Guide · From the Director

ACS Accreditation: What It Really Means
— and What It Doesn't

Let me be straight with you about something most of the industry won't be — including, eventually, us, because we're pursuing ACS accreditation ourselves for 2027. The SIA Approved Contractor Scheme is a useful mark. But in my honest opinion, after thirty years in this industry, it is not the guarantee of peace of mind that buyers are led to believe. A badge tells you a company passed a check on a given day. It doesn't tell you what happens on your site at 2am next March. Here's the honest version. — David Foster, Director & Co-Owner

What ACS was
meant to fix.

When the Approved Contractor Scheme arrived, it set off a race to be first to get accredited — and the intention behind it was genuinely good. It was meant to set a level playing field, to raise standards and give buyers a way to tell a serious company from a cowboy.

But here's the problem it never solved: buyers still wanted cheap. And while the good firms invested in accreditation, the worst operators carried on undercutting everyone — some by not properly accounting for VAT or PAYE, and by paying their officers peanuts. They could still go in cheapest. So the very firms ACS was meant to squeeze out are, in many cases, still thriving — and the level playing field never quite arrived. That's not a criticism of the people who built the scheme. It's just what happened.

What accreditation actually looks like
from the inside.

Here's something buyers are rarely told. Every year, an accredited security business pays an auditor to assess it against the SIA's ACS criteria. And in my experience, across the companies I've worked for and seen over three decades, the run-up to that annual audit is a mad scramble — even at the big firms.

There's a sudden panic to get everything "current": site risk assessments brought up to date, assignment instructions made current and signed by the client, training records squared away — and that's just the site-based criteria. I'll give you a genuinely useful tip as a buyer: if your provider suddenly asks you to sign off assignment instructions or paperwork you haven't seen in months, ask them whether they've got an audit coming up. Trust me — that timing is rarely a coincidence.

My honest view, formed from what I've witnessed, is that the annual audit too often becomes an expensive tick-box exercise rather than a true measure of day-to-day quality. A snapshot taken once a year can be prepared for. And that's my real concern: a check you can prepare for is a check that can, in principle, be passed by a company that isn't actually delivering the other 364 days. I've seen the scramble to make records "audit-ready" that didn't reflect what was happening on the ground. That's the structural weakness — not the people who designed the scheme, but the fact that an annual snapshot simply can't capture continuous reality.

To be completely fair: there are excellent, genuinely committed ACS-accredited companies out there, and the badge does mean a company has cleared a real bar. My point isn't that ACS is worthless. It's that a badge, on its own, can't tell you whether a company is good every day — only that it was ready on audit day.

Why a green flag isn't
the same as peace of mind.

Let's be honest about what security actually is. Our product is the provision of human beings. And human beings — however well-trained, well-led and well-intentioned — make mistakes. That's not a flaw you can accredit away. No badge, no audit, no tick-box prevents the ordinary human error that is inherent in any people-based service.

So if accreditation can't prevent mistakes, what actually gives you peace of mind? In my view, it's how those mistakes are handled. When something goes wrong — and over a long enough contract, something always will — what sets a company apart is transparency, a genuine drive to improve, and accountability that goes right to the top. That's ownership. That's leadership. And it's the one thing a once-a-year certificate cannot deliver, because it lives in the relationship, not on a wall.

Peace of mind for a buyer isn't a logo. It's knowing exactly who is accountable when it matters, and trusting how they'll respond.

So why are we
getting ACS at all?

Fair question, given everything I've just said. Two honest reasons.

First, the scheme is a recognised mark, and for some buyers — particularly in procurement and the public sector — it's a requirement or a strong preference. We respect that, and we'll meet it. Pursuing ACS for 2027 means we can serve clients who need that box ticked, without compromise.

Second — and this matters — we'll hold the badge, but we will never rely on it instead of real, continuous accountability. For us, accreditation will be a floor, not the ceiling. We're doing the genuine work behind it every day anyway; the certificate will simply confirm what we already evidence. The difference is we won't treat audit day as the day that matters. Every day matters.

So our position is balanced, not cynical: ACS is worth having, and we're getting it. But don't ever let a buyer mistake the badge for the substance behind it. Ask what's there when the auditor isn't.

Compliance that doesn't
wait for audit day.

This is exactly why we built DOB·Live. Instead of a once-a-year scramble to make records look right, every patrol, check, incident and report is logged in real time — timestamped, tamper-evident, and there to see whenever you want it. We don't prepare for an audit; we are audit-ready every minute of every day, 365 days a year. Audit us any time you like. There's no panic here, because every move we make builds evidence of compliance as it happens.

And it doesn't stop at compliance. Real-time evidence lets us continuously improve — to see what's actually happening and get better at it, rather than tidying the paperwork once a year. That's the difference between a badge and a way of working: one is a snapshot, the other is the whole film.

Read our full guide to ethical security procurement, learn the questions that expose a weak provider, or find out why clients choose us.

← Back to the Ethical Security Procurement Guide Questions to Ask → Why Contracts Go Bad → TUPE Explained →
Common Questions

ACS Accreditation — FAQ

Does ACS accreditation mean a security company is good?

It means the company met the SIA's criteria on its audit day — which is a real bar, and many excellent firms hold it. But in our honest view it isn't an automatic guarantee of day-to-day quality, because an annual assessment is a snapshot that can be prepared for. A badge tells you a company was ready on audit day; it can't tell you what happens on your site every other day. Look at how a company operates and how it's held accountable, not just the logo.

Is a non-ACS security company a worse choice?

Not necessarily. ACS is one signal, not the only one. The SIA's own guidance lists exactly what to verify when buying from a non-ACS provider — SIA licensing, BS7858 vetting, proper employment and pay, insurance, and audited practices. A non-accredited firm that meets all of those, with genuine leadership accountability and real-time evidence, can give you more confidence than a badge alone.

How can I tell if a provider's compliance is real or just audit-ready?

Ask to see live, day-to-day evidence — not a folder prepared for the auditor. Can they show you timestamped patrol and incident records on demand, at any time, not just at review meetings? And a buyer's tip: if a provider suddenly asks you to sign assignment instructions or paperwork you haven't seen in months, ask whether they have an audit coming up. Genuine, continuous compliance doesn't need a pre-audit scramble.

Why is Risk Secured pursuing ACS if you're critical of it?

Because it's a recognised mark some buyers require, and we'll meet that without compromise — accreditation is planned for 2027. But we treat it as a floor, not a ceiling. We won't rely on a badge instead of real, continuous accountability; we evidence our compliance every day through DOB·Live. The certificate will confirm what we already do, rather than being the only day that counts.

Want the Substance, Not Just the Badge?

Talk to the Director.
Not a sales team.

David Foster — Director & Co-Owner, Risk Secured Ltd
David Foster — Director & Co-Owner · Ex-RAF Police · 30 years across all security sectors

When you contact Risk Secured, you reach David Foster — Director and Co-Owner. Ex-RAF Police, three decades across every sector of the security industry. The person who'll actually run your security.

I know security can feel like a grudge spend — so my job is to make it work for you, not just bill you. We start with an honest conversation about your business and its risks, and I'll tell you straight where your money should go, including where you're paying for cover you don't need.

No call centres, no sales reps. Just expertise from someone whose name is on the door — and who stays close enough to the work that you'd think we were in-house.

Call 0121 751 9038