Magazine article Security Management

From Recommendations to Results: From Walk-Through to Implementation, a Well-Planned Security Assessment Can Ease the Way for a Successful Security Upgrade. (Risk Assessment)

Magazine article Security Management

From Recommendations to Results: From Walk-Through to Implementation, a Well-Planned Security Assessment Can Ease the Way for a Successful Security Upgrade. (Risk Assessment)

Article excerpt

Scotland's lauded poet Robert Burns wrote that the best laid plans often go awry. Despite Burns's discouraging thought, companies must develop careful protection plans. It is security's responsibility to ensure that plans do not go awry, and that nothing gets lost in the translation from project formulation to system operation.

RISK ASSESSMENT. The first step is the assessment. To be proactive, the security department should establish a periodic assessment schedule based on an overall analysis of the organization's risks. This risk analysis should produce a prioritized list of key facilities and operations, with more frequent risk assessments scheduled for higher risk facilities or operations.

Before any security assessment, it is important to first clearly communicate with the facility security point of contact (P00) to determine what the assessment objectives should be. In general, the objectives should include an assessment of threats to company assets, employee safety, vulnerabilities, and liability exposure. The assessment teams should also compare current operations with security guidelines and standards. The team should conclude by recommending appropriate countermeasures that reduce exposure to theft, violent crime, and liability and litigation associated with inadequate, malfunctioning, and nonexistent security.

Before beginning the assessment, all key building personnel should meet to discuss the objectives. Attendees should include the facility's POC, representatives from the facilities department, and technical staff who are familiar with the current security system.

Before the meeting, the security manager--not the analyst--should ask the POC to complete a pre-assessment checklist, as the facility POC is more apt to be responsive to the security manager and less so to security analysts. The checklist should request that the P00 provide key facility contacts and their phone numbers, as well as main facility and emergency telephone numbers; a summation of the general purpose of each facility and business unit and the range of their hours of use; and the number of people with access to each facility or facility section.

Also requested should be information on who performs facility maintenance and the schedule of that maintenance; the estimated dollar value of equipment and property in each facility; areas with the highest dollar-value equipment; areas containing sensitive or business-critical equipment; and the security problems that have previously been observed at the site. The security analyst should compare these answers with the last assessment report, making note of all previously identified vulnerabilities, observations, or recommendations and how they have been addressed.

The POC should also be asked to report any obvious security problems that have been noted since the last assessment and to provide recent drawings, sketches, plans, or schematics--preferably on AutoCAD--of the facility. These renditions should show the perimeter and physical boundaries of the property; perimeter barriers; neighboring facilities; existing card reader placement; ingress and egress points; facility and exterior roadways; storage locations; the locations of doors, windows, and similar openings; and cameras and fields of view.

At the meeting, any missing information on the pre-assessment checklist should be obtained. The group should also discuss any issues not already addressed in the checklist, such as trends and incidents, future building plans, the time frame for potential security projects, and the funding for any resulting security upgrades or projects.

The walk-through. The information gathered in the checklist and in the meeting provides a framework for beginning the assessment. The team should now walk the property. In the author's experience, it is helpful to take photos of problem areas as they are observed. These pictures can be attached to any written recommendations that will be sent to senior management. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.