Introduction
The course requirements for CCJS 345, Introduction to Security Management, include the completion of a “Risk Assessment/Security and Safety Plan” as the final project, which places students into a specific role of a security practitioner in a “real world” security application that provides them with the opportunity to demonstrate the security and leadership competencies they acquired and/or enhanced during the course by discerning the weekly reading assignments, incorporating into the required writing assignments substantive information regarding security operations and management principles based on diligent and thorough research, and fully participating in all the class security and safety discussion forums. Moreover, in this final project, our students/security practitioners have the occasion to establish their academic credentials and skill for assessing and managing risk, which is considered by many security professionals as their single most important function in protecting assets.
To fully succeed in the final project, our security practitioners must demonstrate their ability to apply risk assessment and management principles and other security planning and operating concepts, policies, and ideas studied in class, particularly those associated with ASIS International’s “General Security Risk Assessment Guideline,” “Security Management Standard: Physical Asset Protection,” Silva Consultants “Concentric Circles of Protection,” Foresight Security Risk Management’s “Risk Analysis and the Security Survey,” and other security and safety source documents presented during the eight week session.
To this end, after receiving a site selection authorization from their company’s “faux supervisor,” the security practitioners will initiate actions to conduct a risk assessment that includes thorough research of the designated organization and its operation; conducting actual site visits to make observations about current security operations, possible risks to assets, and physical and procedural vulnerabilities; and interviews with ranking security or site leadership personnel, if possible. The primary document students will use to collect the information required to write the “Risk Assessment/Security and Safety Plan” is the “Risk Assessment/Security and Safety Planning Instrument” assembled specifically for this course project. The practitioners, or in this case, the security consultants, will record their site observations and take notes as they would in an actual workplace, similar to auditor and investigator “work papers” that often must be produced in regulatory and administrative procedures or other organizational examinations and inquiries to support findings discussed in the issued report. This procedure provides the consultants an opportunity to familiarize themselves with one of many different types of assessment tools used by industry officials in a real world setting. The instrument, similar to the workplace, will become a part of the consultant’s official project file and must be submitted as a separate document to the Assignments Folder by the project due date. While this document will not receive an individual grade, it will be assessed for the depth in which it is completed in an element of the final project-grading rubric. It will also be used to support the findings of the prepared report should that become necessary.
The “Risk Assessment/Security and Safety Planning Instrument” is a significant document that supports a consultant’s pursuit to ascertain the information necessary to write a comprehensive report. A completed instrument must be submitted along with the report to receive a grade for the final project.
Guide to Completing the “Risk Assessment/Security and Safety Planning Instrument.”
This security and safety instrument contains a number of questions to which consultants must provide a written response regarding their site security and safety observations and the results of any research conducted in areas for which there were no opportunities to make observations or ascertain information from an organization representative responsive to the particular question. The instrument is not unlike many other security survey checklists used by professionals to record the information they need to write a report. See the reference page for many different examples. The instrument for this project has been enhanced in certain sections to assist consultants with specific references to the course reading assignments relating to risk assessment, mitigation, and management. It also provides consultants with teaching points and examples to facilitate and enhance their learning while completing the project. The instrument is organized in a sequential manner beginning with consultant information and proceeding with the various functional security and safety areas that must be addressed in most risk assessments. There are numerous areas for consultants to write their site observation and independent research notes to be used later when writing the final report.
This instrument is designed to provide consultants the direction necessary to ascertain information required to write a comprehensive report for this course. Consultants will find other commercial and government risk assessment security survey checklists used by professionals contain many more detailed questions, many of a proprietary nature, which would be “off limits” for our consultants. In fact, consultants will likely be unable to respond to some of the questions listed this Risk Assessment/Security and Safety Planning Instrument for the same reasons unless they are fortunate enough to identify organization officials willing to provide security information during successfully arranged interviews. Some questions are very sensitive, but are listed to provide consultants examples of the depth and complexity of inquiry required when conducting an authentic security survey for an organization under a contractual agreement and assuming the responsibility for providing accurate results and recommendations.
For this project, consultants will complete the Risk Assessment/ Security and Safety Planning Instrument by writing the information requested on the form, beginning with the sections on consultant, general survey, law enforcement, and risk asset evaluation information. Beginning with Section V. Exterior – Site Perimeter, consultants must review and respond to each question by “writing ” Y (yes) N (no) U (unknown) in the specified underlined area just after the number after making their site observations or determining the information as a result of independent research. There are a number of areas consultants must also “briefly describe” the site and facility characteristics, security physical and procedural controls and features, vulnerabilities, and safety issues and ramifications.
As mentioned above, consultants likely will be unable to respond to certain questions and will write U in the specified area. Some questions relate to very important risk mitigation practices and policies and must be addressed, but because it is sensitive and private, the information is not made available to the public. In these situations, where information is unknown, consultants will explain as a note how an organization’s security apparatus can be enhanced in that particular line of inquiry within the framework of the risk management principles learned in class. This information should also be discussed in the final report. For example, organizations may not want to publicize all the areas that are alarmed in the building under review, if any. Alarms are a significant security control that must be addressed, so consultants need to note in the instrument and write in the report, based on their assessment, what they believe should be alarmed in the building given the probability and criticality of the risks identified, as well as the feasibility and cost considerations. Any questions about this should be directed to the consultant’s faux supervisor.
UMUC CCJS 345
RISK ASSESSMENT/ SECURITY AND SAFETY PLANNING INSTRUMENT
I. CONSULTANT INFORMATION
(Attach Email Approval Document)
Additional Comments:
II. GENERAL SURVEY INFORMATION
| General Information: Brick building with glass doors, well light parking lot and security on the premises with secure doors and key fobs for employees. |
| Hours | |
| M-F | 8 am to 10 pm |
| Sat | 8 am to 11 pm |
| Sun | 8 am to 10 pm |
| Holidays | Varies- closed Christmas |
| Understanding the Organization: The biggest threat to Martin corpotate |
III. LAW ENFORCEMENT AND OTHER FIRST RESPONDER ASSISTANCE
1. Relevant Police Department:
2. Relevant Fire/Medical Emergency Responders
IV. RISKS TO ASSETS
1. Crime Risk Evaluation: Using crime data obtained from the relevant police department or from other independent research (Uniform Crime Reports published by the U.S. Department of Justice, etc.) and personal interviews, including information provided by the organization under review, identify the incidence of crime and the calls for service at the site and in the immediate vicinity over the past two years. Analyze the crime data in conjunction with demographic/social condition data, economic conditions in the area, population densities, transience of the population, unemployment, etc. These notes will assist the consultant when drafting the Final Project. (See ASIS Practice Advisory #2.)
| Crime Risk Evaluation:The biggest threat is an employee stealing our data information and providing it to the public as well as an visitor breaking into the facility and stealing property and possibly hacking our information. |
2. Non-Criminal Risk Evaluation: Identify the various types of non-criminal risk events that COULD occur at the site based historical records of past incidents; risks common to the type of business; risks based on geographic locations; risks common to similarly situated sites; and risks based on recent developments and trends. These notes will assist you when drafting the Final Project. (See ASIS Practice Advisory #2.)
| Non-Criminal Risk Evaluation: Injury at the corporation falling due to inclement weather ice wet floors, trees falling in parking lot. |
V. EXTERIOR – SITE PERIMETER
1. _Y___(Y/N/U) Perimeter of the facility grounds is clearly defined by a fence, wall, bollards, planters, vehicle gate controls, or other types of physical barriers. Briefly describe below the type of barrier, height, distance from building, cleared areas, barbed-wire top, roof or wall areas close to the fence, and its condition (damaged, etc.). Use the area below to draw any diagrams required to fully appreciate the building in relation to the property perimeter and other surrounding commercial, residential, or other buildings and properties.
2.__Y__(Y/N/U) Barriers limit or control vehicle or pedestrian access to the facility.
3.__Y__ (Y/N/U) Perimeter barriers are considered to be a security safeguard.
4.__Y__ (Y/N/U) All entrance points to perimeter barriers are guarded or secured.
5.__Y__ (Y/N/U) Perimeter barriers are under surveillance at all times.
6._Y___ (Y/N/U) Site building forms a part of the perimeter barrier.
7.__U__ (Y/N/U) Site building forms a part of the perimeter barrier and presents a
hazard.
9.__Y__ (Y/N/U) Security officers patrol the perimeter. If unknown,
should this be the policy? Explain below.
10. _Y___(Y/N/U) Landscaping obstruct view of security officers or surveillance
cameras or interfere with lighting or intrusion device systems.
11.__Y__ (Y/N/U) Intrusion alarm devices protect the perimeter. If unknown,
should intrusion alarms be installed? Explain below.
| Perimeter Notes: Perimeter will be under surveillance 24/7 and security officers will patrol the premises throughout the entire day. |
12._Y___ (Y/N/U) Perimeter and building are protected by lighting.
13._Y___ (Y/N/U) Lighting provides a means of continuing during the hours of darkness
the same degree of protection available during daylight hours.
14.__Y__ (Y/N/U) Lighting is positioned to overlap to provide coverage when a bulb
burns out.
15.__Y__ (Y/N/U) Additional lighting is provided at active gates, building doors, and
other points (define the points) of possible intrusion.
16.__Y__ (Y/N/U) There are provisions for emergency lighting. If unknown,
should emergency lighting be installed? Explain below.
17._Y___ (Y/N/U) Lights are mounted to provide a strip of light both inside and outside
the perimeter.
18.__Y__ (Y/N/U) Lights operate in manner that increases the likelihood of detecting and
deterring criminal acts on the property and enhances the capability of security
cameras to record images that can effectively reconstruct an incident and
identify individuals.
19._Y___ (Y/N/U) There is 360-degree lighting coverage around the exterior of the
facility.
21._Y___ (Y/N/U) All lights are working. If not, identify location?
22.__Y__ (Y/N/U) Lighting has an auxiliary source of power. If unknown,
should auxiliary power be installed? Explain below.
| Perimeter Lighting Notes:Lighting lining perimeter, all lights in the parking lot working; well lit, lighting around outside perimeter of building |
23. Describe below the vulnerabilities of the employee and visitor parking lots and the
security features currently in place, if any. Any other notes about the site perimeter
can be listed below.
| Other Perimeter Notes: N/A |
VI. BUILDING, INTERIOR LIGHTS, LOCKS AND SURVEILLANCE
SYSTEMS/ALARMS
1. Describe below the vulnerabilities of the employee and visitor parking lots and the
security features currently in place, if any. Any other notes about the site perimeter
can be listed below.
| Vulnerabilities, et. al. : N/A |
2. Describe the building design and composition (brick, block, concrete, metal panels, glass exterior, etc.).
Include comments about the number of stories (floors) above and below ground; total number of
entrances/exits and construction (solid core, hinges, hinge pins, etc.); ground floor windows and height
and construction; other windows and how they are secured; and roof construction and openings. Also
comment on adjacent occupancies and if there are any security issues with those organizations that might
impact the site under review in this project. Identify the distance in yards from the building to the
nearest public street.
| Comprehensive Building Description: Brick building ground floor glass three floors 2 entrances one for employees and visitors and several windows . |
3._Y___ (Y/N/U) Public parks, plazas, or other public areas are immediately adjacent to the building.
4._Y___ (Y/N/U) Public transit systems are near the building.
5. _Y___(Y/N/U) Entrances/exits are supervised/controlled.
6. __Y__ (Y/N/U) Interior lighting is appropriate for surveillance by night security
guards, local law enforcement, and closed circuit television coverage.
7. _Y___ (Y/N/U) Emergency lighting is available for power outages. If unknown, should auxiliary
power be installed? Explain below.
| Building Notes: The entrance and exit have alarms equipped with warning alarms will sound if opened controlled by keys code locks on office doors |
8. Describe the types of entrance/exit door key and combination locks in use at the facility.
| Door Key and Combination Lock Notes: Automatic entrance doors with key locks on them, all exits have alarms equipped with warning alarms that will sound if opened controlled by keys; code locks on office doors. |
9._Y___ (Y/N/U) A key control official has been assigned and is responsible for
issuance, replacement, and control of locks and keys. If unknown, should
there be? Explain below.
10.___Y_ (Y/N/U) Keys are secured when not in use. If unknown, should they be
be secured? Explain below.
11. _U___ (Y/N/U) There is a master key system with ___ master keys issued. If
unknown, should there be a system? Explain below.
12. _U__ (Y/N/U) Key inventories are routinely conducted. If unknown, should there
be? Explain below.
13. __U__ (Y/N/U) Employees authorized to receive keys sign for them. If unknown,
should signatures be obtained for accountability? Explain below.
14. __Y__ (Y/N/U) Removal of keys from the premises is prohibited. If unknown,
should this be the policy? Explain below.
15. __Y__ (Y/N/U) Records are maintained of those who have access to codes for
combination locks. If unknown, should such records be maintained? Explain
below.
16. __Y__ (Y/N/U) Combination lock codes are changed routinely and a record of
those changes is maintained. If unknown, should this be the policy?
Explain below.
17. __Y__ (Y/N/U) Combinations codes are changed when a user no longer requires
access. If unknown, should this be the policy? Explain below.
18. _Y___ (Y/N/U) There is a card key reader or similar system that records employee
and/or visitor or entries/exits. If unknown, should this be a security control
employed by the organization? Explain below.
| Key and Combination Lock Notes: Keys; with the exception of managers cannot leave the premises; records of who has access codes maintained combination locks changed routinely |
19. __Y__ (Y/N/U) The facility has an intrusion alarm system with 24/7 monitoring
capability. If unknown, should this be a security control employed by the
organization? Explain below.
20. __Y__ (Y/N/U) There is a written policy and procedure for activating and
deactivating this system. If unknown, should this be the policy? Explain
below.
21. _Y___(Y/N/U) The alarm system is centrally managed. If unknown, should this be
the policy? Explain below.
22. _Y___ (Y/N/U) The alarm system is linked and managed by an outside private service
vendor/police force. I f unknown, should this be the procedure? Explain below.
23. __Y__ (Y/N/U) The alarm system for active areas of the facility are disengaged
during operational hours. If unknown, should this be the policy? Explain
below.
24. _Y___ (Y/N/U) All external doors, ground windows, loading dock areas, and
internal doors are covered by the alarms. If unknown, should this be the
policy? Explain below.
25. __Y__ (Y/N/U) The alarms are linked to CCTV. If unknown, should the alarms be
linked? Explain below.
26. __Y__ (Y/N/U) There is an emergency power source for all alarms. If unknown,
should an emergency source of power be available? Explain below.
| Alarm Notes: Phone call to store if alarm goes off linked with law enforcement; all doors covered by alarms; linked to CCTV |
27. Describe below the other areas in the facility that are alarmed (data system
location, safes, high value asset storage areas, executive suite offices, duress
signals, etc.). Also, describe the procedures for taking action when alarms are
activated. If unknown, are there other areas at the facility that should be alarmed
and should there be a response plan and what might it include? Explain below.
| Other Alarmed Areas and Response to Alarms:The break rooms require a code to get in and out, and lockers have locks. The store itself and exit doors have alarm; the storage/ warehouse in the back requires a combination code for entrance. |
28. __Y__ (Y/N/U) The facility employs CCTV cameras externally. Relevant
notification signs are displayed. (Note: A brief discussion and diagram
showing the location of the cameras would enhance the final project
presentation.)
29. __U__ (Y/N/U) The facility employs CCTV cameras internally. (Note: A brief
discussion and diagram showing the location of the cameras would enhance
the final project presentation.)
30. __Y__ (Y/N/U) Recordings are continuous rather than event activated. If unknown,
should recordings be continuous or event activated? Explain below.
31. _Y___ (Y/N/U) The camera feed is monitored in real time on site. If unknown,
should the cameras be monitored in real time onsite or elsewhere? Explain
below.
| CCTV Notes: Cameras real time; located in parking lot on light post, entrance of the surrounding stores throughout the entire store, by cash registers |
VII. SELECTED PROCEDURAL CONTROLS
1. Describe the significant procedural controls employed by the organization to protect assets, particularly from risks associated with internal theft schemes. Include comments related to security controls for handling cash and negotiable instruments; inventory and audit control processes; shipping and receiving standards; separation of duties and responsibilities among employees, particularly for those with authorities related to the organization’s financial matters. For instance, would it be prudent for a cashier also be responsible for record keeping? As another example, might it be wise for an organization to prohibit the same employee would it be wise to have the same employee select, authorize, order, and receive merchandise for the organization? What about access to personnel records?
Should an organization allow the same person responsible for stocking merchandise or ordering company equipment to conduct periodic inventories? How might the organization’s mailroom be a security challenge?
If information is unknown based on your observations and interviews as appropriate, briefly describe (after conducting the appropriate research) what procedural controls in the specific areas mentioned above would enhance the protection of any organization’s assets, particularly one similar in mission and purpose to the site of your assessment.
| Selected Procedural Controls: Employees have to keep identification on them at all times as well as keys to be able to access doors and understand the corporate policy. |
VIII. GUARD FORCE
1.__Y__ (Y/N/U) The organization employs a guard force at the facility. If unknown,
should a guard force be employed, proprietary or contractual? Explain below
2.__Y__ (Y/N/U) Written instructions are provided to the security guards regarding their
responsibilities. If unknown, should such instructions be provided and what
information might be included? Explain below.
3. _N___ (Y/N/U) Security Guards are armed. If unknown, should security officers at
this site be armed? Explain below.
4. _Y___ (Y/N/U) The security guards on site are licensed in compliance with state or
other jurisdictional requirements. If unknown, should security officers at this
site be licensed? Describe the state or jurisdictional licensing and registration requirements for
private security officers. Explain below.
5. ___N_ (Y/N/U) Security guards have a distinctive uniform. If unknown, should
security officers have such uniforms? Explain below.
6. _Y___ (Y/N/U) Security guards check employee and visitor identifications. If
unknown, should security officers have such duties? Explain below.
7. _N___ (Y/N/U) Security guards conduct entry and exit searches of personnel and/or
vehicles. If unknown, should security officers have such duties? Explain below.
8. __N__ (Y/N/U) Security guards protect the entrance reception area of the facility. If
unknown, should security officers have such duties? Explain below.
9. ___Y_ (Y/N/U) Security guards have a plan to react to intruders. If unknown, should
security officers react to intruders and what might those actions include?
Explain below.
| Guard Force Notes: There will be security personnel dressed in uniform for deterrence. |
IX. INTERIOR – ACCESS CONTROLS
1. __Y__ (Y/N/U) The organization issues employee and visitor identification. If
unknown, should the organization issue such identification documents?
Explain below.
2. _N___ (Y/N/U) Visitors are prevented from moving around unescorted. If unknown,
should visitors be prevented from moving around the facility unescorted?
Explain below.
3. _Y___ (Y/N/U) Employees display badges.
4. _Y___ (Y/N/U) There is visible distinction between employees and visitors.
| Access Controls Notes: |
5. Describe other features of the access control system at the facility, i.e., electric card
readers for employees, escorts for limited access areas such as the data center and
other sensitive areas, security post control points, visitors/vendors/shoppers enter
the facility from a different entrance/exit door then employees, vehicle
identification/parking control, etc.
| Other Access Control Features: Visitors cannot enter from the back doors only front. Employees may enter from back doors. |
X. PERSONNL SECURITY AND TRAINING
1. __Y__ (Y/N/U) Employees are subject to background checks. If unknown,
should employees have a background investigation completed prior to
employment and if so, what should it include? Explain below.
2. _Y___ (Y/N/U) Additional checks are conducted for personnel handling cash or
holding more sensitive and/supervisory positions. If unknown,
should these employees have a more extensive background investigation
completed prior to employment, and if so, what should it include? Explain
below.
3. _Y___ (Y/N/U) Ongoing (periodic) background checks are conducted for all
employees. If unknown, should employees have periodic checks conducted?
Explain below.
4. _Y___ (Y/N/U) New employees are provided with security orientation and ongoing
security awareness training. What other training is provided? If unknown, should
new employees be given such an induction and training, and if so, what should it
include? Explain below.
| Personnel Security and Training Notes: Background checks for all employees drug test management; training on how to handle security threats as well as protecting the assets. |
XI. UTILITY CONTROL POINTS AND FIRE PROTECTION
1. Describe how utility and HVAC systems are protected so access is limited to only those
authorized. Include a discussion of the electrical and telephone closets, mechanical areas,
roof access, etc. Also note how any fuel stored in or around the facility is protected and
how the water supply is protected, if known.
| Utilities Notes:Utility and HVAC systems are in a locked area not viewable to visitors and employees, the electric closets are located in authorized personnel only. And secured by doors that require combination codes. Roof access are in authorized personnel arears only. |
2. Describe the proactive fire protection systems in place at the facility, including whether or not the entire building is equipped with sprinkler systems; locations where there are no such systems; whether the fire alarms are local, proprietary, or central station, if known; location of fire extinguishers and fire hose valves, if known. Describe any fire escapes or stairwells at the facility; whether or not the fire department have ladder trucks that can reach the top floors and the roof of the building; number of available fire hydrants within a city block any direction; combustibles such as paint, oil, gas, etc. stored on site; whether evacuation training exercises are routinely conducted, etc. Fire Department response time?
| Fire Protection Notes: Sprinkler systems no sprinklers in dressing room, local fire alarms, fire extinguishers in each department, the fire department does have ladder trucks that can reach the top of the building 5 hydrates in corporate office parking lot. Stairwells can utilized as well for evacuation and evacuation training will be conducted response time from fore department varies. |
XII. SAFETY AND OTHER LOSS CONTROLS
| Dangerous Items: N/A |
| OSHA Standards and Compliance: |
3. _Y___ (Y/N/U) The facility has an Occupant Emergency Plan (OEP). If unknown,
should the organization have such a plan and, generally, what information
should be included? Explain below.
4. _Y___ (Y/N/U) The facility has a Continuity of Operations Plan (COOP. If unknown,
should the organization have such a plan and, generally, what information
should be included based on your study of the provisions of the ASIS International’s “Business
Continuity Guideline: A Practical Approach for Emergency Preparedness, Crisis
Management, and Disaster Recovery? Explain below.
5. _U___ (Y/N/U) The facility has trained OEP designees with specific assignments
during emergencies. If unknown, should the organization have such designees?
Explain below.
| OEP and COOP Notes: |
6. _Y___ (Y/N/U) There is a “Shelter in Place Plan” for the facility. If unknown,
should the organization have such a plan? Explain below.
7. __Y__ (Y/N/U) There is a facility public address system. If unknown, should
the organization have such a system? Explain below.
XIII. INFORMATION SECURITY
1. __Y__ (Y/N/U) The organization has an approved information security policy that has
been disseminated to all employees and contractors. If unknown, should the
organization have such a plan? Explain below.
2._Y___ (Y/N/U) All employees and contractors have acknowledged they understand the
policy and agree to comply with it. If unknown, should there be a record of
employees and contractors agreeing to policy compliance? Explain below.
3.__Y__ (Y/N/U) The organization’s IT resources and data (e.g., computer and
network equipment, storage media, wiring closets) are physically secured
from unauthorized access, tampering, damage, and/or theft. If unknown,
should these resources be protected from loss or harm? Explain below.
4._Y___ (Y/N/U) The organization maintains a business continuity plan for its
information and data support system that includes system backups, off-site
data backup storage, emergency notification, replacement IT and office
resources, alternate facilities, and detailed recovery procedures. If
unknown, should such a plan be implemented and maintained? Explain below.
| Information Security Notes: |
5. Describe other features of the organization’s information security policy and program. Include comments regarding data protection techniques; password controls; organization policy for emails; ongoing employee training regarding information security awareness; prohibitions of loading sensitive data on personal computers; and procedures for employees to report suspected violations, etc.
If this information is unknown after conducting observations and interviews as applicable, after conducting your own independent research, note how the organization’s information security program can be enhanced in each of the areas described above and any other areas you deem appropriate.
| Information Security Notes Continued: Internal emails intranet ongoing training for employees conducted quarterly. Human resources will take reports from employees and there is an anonyomous hotline they can contact as well |
XIV. RECOMMENDATION NOTES FOR SITE SECURITY IMPROVEMENTS
1. Based on the results of the risk assessment, including site observations, interviews conducted with officials from the organization (as appropriate), and extensive research about the organization, describe the physical and procedural controls you believe need to be enhanced to strengthen the organization’s current security operation to protect assets. Also, identify and discuss the ways the organization can more effectively prevent losses and harm from accidents, emergencies, and natural disasters, and when such risk events do occur, initiate a proficient response to mitigate damage to the organization’s property and resources.
When considering the possible security and safety control options to mitigate risks (See ASIS Practice Advisory #5), be sure to consider the feasibility of implementing the options (See ASIS Practice Advisory #6) along with a basic cost/benefit evaluation (See ASIS Practice Advisory #7). Also, you should identify the priority of the recommendations with supporting justifications.
| Prioritized Recommendations: I noticed employees haven’t been wearing their identifications cards and been assessing the back door which has made security think there is a possible threat from an outsider. |
XV. CONSULTANT RESEARCH AND OTHER SUPPORTING PROJECT NOTES
REFERENCES
This CCJS 345 Risk Assessment/Security and Safety Planning Instrument was developed using the following sources:
Halkyn Consulting Ltd. (2010). Physical Security Assessment Form. Flintshire, UK. Retrieved August 1, 2017 at: http://www.halkynconsulting.co.uk/security-resources/downloads/physical_security_assessment_form.pdf
ISACA. (No Date). Physical Security Survey Checklist. Rolling Hills, IL. Retrieved August 1, 2017 at: http://www.isaca.org/Groups/Professional-English/physical-security/GroupDocuments/physicalsecurity.pdf
University of Illinois at Urbana. (2006). Risk Management Audit Checklist. Urbana, IL. Retrieved August 1, 2017 at: http://citebm.business.illinois.edu/TWC%20Class/Project_reports_Spring2006/Business%20Risk%20Management/Manzoor/Audit%20Checkilist.pdf
U.S. Department of Agriculture. (No Date). USDA Physical Security Inspection Checklist. Washington, D.C. Retrieved August 1, 2017 at: https://www.dm.usda.gov/physicalsecurity/physicalcheck.pdf
U.S. Fish and Wildlife Service. (2016). Physical Security Survey – Level 3. Washington, D.C. Retrieved August 1, 2017 at: https://www.fws.gov/forms/3-2419.pdf
U.S. Geological Survey. 2005. Physical Security Survey Checklist. Washington, D.C. Retrieved August 1, 2017 at: https://www2.usgs.gov/usgs-manual/handbook/hb/440-2-h/440-2-h-appc.pdf
Consultants can enhance their study, understanding, and application of risk assessment and management processes by reviewing the following sources:
American Bankers Association. (2003). Physical Security Checklist and Inventory. Washington, D.C.
Retrieved August 1, 2017 at: https://www.aba.com/aba/toolbox/brd/1tool.pdf
American Red Cross. (2012 ). Multi-Building Physical Security Checklist. Retrieved August 1, 2017 at: http://www.readyrating.org/Portals/1/PropertyAgent/2255/Files/26/Ready%20Rating%20-%20SAMPLE%20Building%20Security%20Checklist.docx
ASIS Foundation. (2007). ASIS.SIA Risk Assessment Survey: Results and Analysis. Alexandria, VA. Retrieved August 1, 2017 at: https://foundation.asisonline.org/FoundationResearch/Publications/Documents/asis-siaRickAssessment.pdf
Australian Hotels Association (South Australian Branch). (2013). AHAISA Hotel Security Assessment Checklist. Retrieved August 1, 2017 at: http://www.ahasa.com.au/__files/f/4010/AHA_Security_Assessment_Checklist.pdf
Broomfield Police Department (No Date). Construction Site Security Survey Checklist. Broomfield, CO. Retrieved August 1, 2017 at: https://www.broomfield.org/DocumentCenter/View/3380
Department of the Army. (2010). Physical Security. Washington, D.C. Retrieved August 1, 2017 at: https://fas.org/irp/doddir/army/attp3-39-32.pdf
Department of Homeland Security. (No Date). Risk Assessment. Washington, D.C. Retrieved August 1, 2017 at: https://www.ready.gov/risk-assessment
Federal Emergency Management Agency. (No Date). Building Vulnerability Assessment Checklist. Washington, D.C. Retrieved August 1, 2017 at: https://www.fema.gov/media-library-data/20130726-1524-20490-4937/fema452_a.pdf
Foresight Security Risk Management. (2013). Risk Analysis and the Security Survey. Retrieved August 1, 2017 at: https://foresightsecurityriskmanagement.wordpress.com/about/
Gardner, Robert A. and Wolf Aviation. (2002). Rural & Small Town Airport
Security Manual and Checklist. Las Vegas, NV. Retrieved August 1, 2017 at: http://www.crimewise.com/airport/manual.pdf
HELPNET SECURITY. (No Date). Information Security Checklist. Retrieved August 1, 2017 at: https://www.helpnetsecurity.com/2003/09/08/information-security-checklist/
Kabay, M.E.. (2012). Facilities and Security Audit Checklist. Northfield, VT. Retrieved August 1, 2017 at:
http://www.mekabay.com/infosecmgmt/facilities_checklist.pdf
Missouri Department of Health and Senior Services. (2011). Sample Threat/Risk Assessment Checklist.
Retrieved August 1, 2017 at: http://health.mo.gov/emergencies/pediatrictoolkit/SchoolResources/SampleRisk-ThreatAssessmentChecklist.pdf
National Clearinghouse for Educational Facilities. (No Date). NCEF Safe School Facilities Checklist. Washington, D.C. Retrieved August 1, 2017 at: http://www.ct.gov/demhs/lib/demhs/school_security/school_safety_checklist.pdf
Richardson Police Department. (No Date). Home Security Assessment Checklist. Richardson, TX. Retrieved August 1, 2017 at: https://www.cor.net/modules/showdocument.aspx?documentid=298
Rowe, Tina Lewis. (2009). How to Assess the Safety and Security of Your Place of Worship. Denver, CO. Retrieved August 1, 2017 at: https://www.santarosa.fl.gov/coad/documents/SafetyinChurch.pdf
Sans Technology Institute. (2015). Physical Security. Retrieved August 1, 2017 at:
Siva Consultants. (2017). Physical Security Assessments. Covington, Washington. Retrieved August 1, 2017 at: http://silvaconsultants.com/physical-security-assessments-by-silva-consultants.html
U.S. Department of Agriculture. (No Date). Risk Based Methodology for Physical Security Assessments. Washington, D.C. Retrieved August 1, 2017 at: https://www.dm.usda.gov/physicalsecurity/riskmanagementapproachpresentation.pdf
West Virginia Department of Health and Human Services. (No Date). Risk Assessment – Information Security Policy. State of Wet Virginia. Retrieved August 1, 2017 at: https://www.wvdhhr.org/han/security/Riskchecklist.pdf
SRMC. (2013). Pima Community College Security Assessment Report and Recommendations. Columbus, Ohio. Retrieved August 1, 2017 at: https://www.pima.edu/administrative-services/college-police/docs/security-risk-report.pdf
Tech Republic Academy. (2010). Perform a Physical Security gap Analysis. http://www.techrepublic.com/blog/it-security/perform-a-physical-security-gap-analysis/
Vanguard Surveillance and Security. (No Date). 7 Step Security Survey. Retrieved August 1, 2017 at: http://www.vanguardsas.co.uk/contents/en-uk/d26.html
Revised: November 7, 2017
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.
Read moreEach paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.
Read moreThanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.
Read moreYour email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.
Read moreBy sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.
Read more