Security

profilekevnsc
wk_3_dir.doc

WEEK THREE

Resource: Risk and Threat Assessment from Week One

Write a 2,500 word paper in which you establish a critical incident and emergency management response plan for your organization, to include preparedness, prevention, response, and recovery to catastrophic events or significant security incidents. Include external relations and communications necessary to execute your plan. Provide the rationale and a preliminary budget for your recommendations.

Format your paper consistent with APA guidelines.

Week 1 – Risk Assessment Content Checklist

GENERAL INFORMATION

1. Nature of Business/agency

2. Facility Name

3. Address

4. Survey Date

5. Hours of operation

6. Facility Contact Person

7. Phone Number

8. Fax number

9. Email

10. Environment

11. Survey conducted by

12. Surveyor's address

13. Surveyor's phone

14. Surveyor's email

COUNTRY (where the facility is located)

1. Political conditions

2. Crime rates

3. Personnel safety

4. Availability of labor

5. Economic conditions

6. Medical treatment availability

7. Public fire fighting availability

8. Public utilities

9. Public transportation

10. Earthquake susceptibility

11. Fire susceptibility

12. Tornado susceptibility

13. Severe weather susceptibility

COMMUNITY (neighborhood)

1. Crime rates

2. Aesthetic qualities

3. Public police protection

4. Fire protection

5. Emergency medical services

6. History of civil unrest

7. Graffiti/vandalism

PHYSICAL SECURITY

Facility Perimeter

1. Fencing

2. Landscaping

3. Parking

4. Employee parking are illumination

5. Visitor parking illumination

6. Employee parking area monitoring

7. Visitor parking area monitoring

8. Lighting

9. Vehicular traffic pattern

10. Trash removal

11. Protection from adjacent occupancies

12. Proper signage

Building

1. Description of building

2. Common walls with adjacent occupancies

3. Exterior door construction

4. Exterior door locks

5. Door lock operation

6. Exterior window construction

7. Window height above ground

8. Window security

9. Roof access restriction

10. Building exterior lighting

11. Shipping/receiving area monitoring

12. Emergency exit

13. Emergency exits unobstructed

14. Interior door construction

15. Interior wall construction

16. Antitheft systems/mechanisms

Access Control

1. Intrusion detection

2. Building entrances minimized

3. Employee entrance monitoring

4. Visitor/guest entrance monitoring

5. Interior door locks

6. Key control system

7. Key sign-out/assignment system

8. Keys accounted for

9. Key safeguards

10. Employee distinguishableness

11. Visitor/Guest supervision

12. Restricted access to sensitive/vulnerable areas

13. Computer/data storage restrictions

14. Key storage area restrictions

15. Mechanical/utility room restrictions

16. Telecommunications room restrictions

17. Mailroom restrictions

18. Executive office suite restrictions

19. Vendor access

20. Vault/safe security

21. Controlled substance security

22. Hazardous Material security

23. Cash/liquid asset protection

24. Proper signage to direct visitors

Alarm and Surveillance Systems

Describe the system and components

Fire Protection

1. Fire alarm system

2. Sprinkler system

3. Fire extinguishers

4. Fire suppression

5. Fire alarm system testing

6. Gas line protection

7. Electric power cord protection

8. Fire doors functional

9. Flammable material storage

10. Fire notification plan

11. Fire evacuation plan

12. Fire exits unobstructed

13. Fire exits secured from outside

14. In house fire brigade

15. Fire safety policy/procedures

16. Address prominently displayed

PERSONNEL SECURITY

1. Employee background investigations

2. Previous employer verification

3. Personnel records security

4. Exit interviews that employee termination

5. Organization property retrieval at termination

6. Employee/visitor safeguards against

7. Accidents

8. Theft

9. Assault

10. Workplace violence

INFORMATION SECURITY

1. Critical information identification

2. Critical information security

3. Information hardcopy destruction

4. Employee nondisclosure agreement in place

5. Intellectual property identification

6. Intellectual property security

7. Client and customer list protection

8. Access to computers restricted

9. Access to computer transmissions restricted

10. Laptop and personal computer security

11. E-mail access restrictions

12. Internet connection security

13. Electronic document destruction procedures

14. Software licensing

15. Prohibition against installation of outside software

16. Terminated employees immediately denied access

17. Disaster recovery plan

18. Duplicate data files maintained at remote location

19. Password security

20. Information security indoctrination and training

21. Cellular phone communication protection

INVESTIGATIONS, INTELLIGENCE, AND SECURITY

Background Investigations

1. Employees (new)

2. Employees (existing)

3. Vendors/contractors

4. Partnerships with other organizations

5. Security clearances

Incident Investigations

1. Investigation of any loss

2. Accidents

3. Safety hazards

4. Crime

5. Natural disasters

Intelligence

1. Competition counterintelligence

2. Criminal intelligence

3. Foreign travel intelligence

Reporting Procedures

1. Background investigations documentation

2. Background investigation confidentiality

3. Security activity log maintenance

4. Recording of incidents

5. Incident reported to proper manager and/or authority

6. Adherence to reporting procedures

OPERATIONS

1. Audit procedures

2. Employee locker/workstation inspections

3. Accounting function separation

4. Package control system

5. Opening time ambush controls

6. Closing time ambush controls

7. Receiving area security

8. Shipping area security

9. Delivery driver controls

10. Shipping/ receiving area separation

11. Equipment inventory

12. Contractor/vendor audits

13. Customer/guest/visitor service

POLICIES AND PROCEDURES

1. Mission statement

2. Vision statement

3. Organizational goals

4. Organizational values

5. Quality improvement initiatives

6. Employee code of conduct

7. Employee misconduct policies

8. Disciplinary procedures

9. Termination procedures

10. Search/inspection policies

11. Removal of organization property

12. Bomb threat procedures

13. Evacuation procedures

14. Severe weather procedures

15. Natural disaster procedures

16. Contraband detection

17. Chemical abuse policy

18. Drug testing policy

SECURITY INDOCTRINATION/TRAINING

1. Indoctrination for new employees

2. Training for existing employees

3. Executive protection

4. Foreign travel training

LIAISON ACTIVITIES

1. Contact with local police maintained

2. Contact the sheriff maintained

3. Contact with state police and/or highway patrol maintained

4. Contact with fire department maintained

5. Contact with appropriate federal agencies maintained

6. Articulation and/or collaboration with other security organizations

SEC480 Week 1

Risk Assessment Items

Created: 05-04-09