Beruflich Dokumente
Kultur Dokumente
and Operations
Course
Introduction
Security Principles and Operations is Book One in this PACE series on Security
Basics. It was designed to cover basic concepts and principles that address the
security-related and environmental issues requiring security systems.
Security
Principles and
Operations Learning Objective
Assets Protection
In the past "security" was fairly straight-forward. Images of bank guards
or fences topped with barbed wire accurately represented the extent of
security solutions in most instances. That was yesterday.
Defining Assets
In general, a company's assets may be broken into three (3)
main areas. These include:
People
It is often said that people are a company's most important
asset. A company's employees, after all, are responsible for
coming up with the ideas for goods or services which bring
success to an enterprise. Employees design, engineer and
manufacture the product. They manage these operations,
track costs and revenues, and provide a sense of overall
direction for the business. All of these individuals are valuable
assets to a company.
protesters/demonstrators
thieves
a disgruntled employee damaging property or interrupting
operations
Assets Protection
Materials
Consider all the materials typically used by a company. The
raw material used in a company's processes must be
protected from theft, damage, or any other problems which
would interfere with manufacturing. Finished products are also
part of the company's material assets and should be a major
security concern. In addition, any materials which may be
created as by-products of the manufacturing process are also
of concern. Some of these materials (e.g., chemicals, gases,
lubricants and fuels) may be classified as hazardous materials
and present a special security concern.
Assets Protection
Property
Traditional approaches to security have always focused
on property, but today property includes much more than
just physical items, and this, of course, impacts corporate
security concerns. Physical property is clearly an asset;
therefore, it requires a plan to protect it. However, there is
a whole range of other types of property, generally
described as intellectual property. This can include:
research
computer programs created by the company
operational procedures
marketing and sales data
certain company policies
Potential Disruptions
Managers of an effective Assets Protection Program
(APP) must be concerned about all potential disruptions
to a company's operations. Such disruptions can come
from either the inside or the outside. Internal sources of
disruptions include:
disgruntled employees; or
former employees
disgruntled customers
vendors
contractors; or
persons who may have no prior links to the company.
major accidents
interruption of water and power services (either
accidental or intentional); or
fires.
floods,
tornadoes; and
earthquakes.
Assets Protection
tardiness
substance abuse
domestic violence; and
psychological problems.
There are two (2) requirements for an APP. Both grow out
of the need for a comprehensive "systems approach" to
security. These requirements are:
Program Implementation
By now, the value of a comprehensive systems approach
to security should be clear. Such an approach is built on
three (3) essential elements:
a vulnerability analysis
selection and implementation of countermeasures
based on the vulnerability analysis
a thorough, on-going testing program for validating the
security plan
Vulnerability Analysis
A Vulnerability Analysis asses a company's risk for
various kinds of disruptions. Vulnerability is based on
three (3) variables:
Event Profiles
Event profiles list potential threats to a company. The task
of the security planners is to identify and asses the
threats to people, materials, and property. Threats must
be based on reasonable expectation of potential impact.
(While it is possible for a meteor to fail on a company's
home office, the wisdom of a security plan to respond to
such an event is questionable.) Threats, reasonably
expected to occur, must meet clear criteria. The event
must present a risk to the security of the company which
can be measured in a formal way. Finally, the
measurement of the risk must be based on valid criteria;
in other words, it cannot simply be speculation or
supposition on someone's part.
Assets Protection
Event Criticality
Probability is not the only factor to consider in
implementing an Asset Protection Program. Event
criticality is also important. Criticality assess the impact
an event occurrence may have on a company's
operations. An event may have a much greater impact on
operations event though its probability may be lower than
another. For example, the probability of theft of materials
may be greater than the theft of a company-private
software design, but the theft of the software design could
have a far greater impact on the company's operations.
Assets Protection
employee morale
community relations
potential impacts on revenues
downtime
competitive position in the marketplace
Operational Testing
The third and final element of an effective APP is a
regular, on-going testing program. This is essential
because such a testing program:
identifies any risks which may still exist within the
company's operations
isolates any deficiencies within the existing system
(changes in a company's culture and operations may
require a similar change in the company's security
system)
identifies where changes are required in order for the
security system to grow with the company; and
provide a means of ensuring that security program
policies and procedures adequately meet the company's
needs
Security Resources
Security Resources
As in other areas, security benefits from advances in
technology. Multiplexed, integrated security systems are
now universally accepted as the standard technology for
security. These multiplexed systems define a baseline for
all security programs, and offer the following advantages:
Standard
Title
No.
294 Access Control Systems
Company Profile
Company Operations
BC currently employs 17,000 people in four major
facilities in Massachusetts and Rhode Island. Corporate
Headquarters is located in a 10-story office building which
the company owns in the financial district in downtown
Boston. Their main manufacturing laboratory in
Providence, Rhode Island recently became a union work
force. BC's Research and Engineering Facility is located
in Roxbury, Massachusetts, which is a neighborhood of
the City of Boston. Their Production Warehouse, which
also houses the MIS Group, is located in East Boston
adjacent to Logan International Airport to take advantage
of 24-hour air freight shipping. The company has also
done research in areas requiring animal testing, which is
widely opposed in the communities where they are
located.
Security History
The biotechnology field, especially genetic research, is a
highly competitive business, where information must be
properly safeguarded to ensure success. BC has
experienced several security breaches in the past six
months, and its new management team has decided it
must implement a thorough security plan. The company
culture has been an open campus environment with most
employees working flexible schedules. Its philosophy has
been to allow employees to go anywhere in the company
unabated, with uncontrolled access permitted even in the
research laboratories.
Burbank Cryogenics - A Case Study
HQ Requirements
BC's corporate Headquarters located in the financial
district of Boston is a very safe environment, with
incidents of crime almost non-existent. However,
management wants to safeguard against workplace
violence, due to the stress of this highly competitive
business. The employees are exclusively middle and
senior managers, with appropriate
administrative/secretarial support personnel also
assigned to this location. All major corporate functions are
in this facility: Finance, Controller, Procurement, Human
Resources, Legal, Patents, Strategic Planning, Public
Relations, Customer and Community Relations, Company
Officers.
Facility/Materials Needs
This facility houses state-of-the-art laboratories and
equipment. It has been broken into on several occasions
with major equipment losses and destruction of research
projects that have been extremely costly to replicate. This
has caused major delays in the release of new products,
which has hurt BC's position as a market leader in
artificial tissue alternatives.
Burbank Cryogenics - A Case Study
Warehouse Background
Security Requirements
The BC facility is located in a general
warehouse/transportation hub. While there are no
immediate neighborhoods adjacent to the facility, car
break-ins and car thefts occur daily.
Additional Changes
The company will hire a security director for the first time
in their history, and it will require this individual to develop
an assets protection program as his first priority.
Objective
You are the new Security Director for Burbank
Cryogenics and as your first priority, you must develop an
asset protection program that includes BC's four major
facilities and incorporates their main protection
requirements. The questions below will help you begin
formation of the APP.