E-Book, Englisch, 160 Seiten
Kingsley-Hefty Physical Security Strategy and Process Playbook
1. Auflage 2013
ISBN: 978-0-12-417237-1
Verlag: Elsevier Science & Techn.
Format: EPUB
Kopierschutz: 6 - ePub Watermark
E-Book, Englisch, 160 Seiten
ISBN: 978-0-12-417237-1
Verlag: Elsevier Science & Techn.
Format: EPUB
Kopierschutz: 6 - ePub Watermark
The Physical Security Strategy and Process Playbook is a concise yet comprehensive treatment of physical security management in the business context. It can be used as an educational tool, help a security manager define security requirements, and serve as a reference for future planning. This book is organized into six component parts around the central theme that physical security is part of sound business management. These components include an introduction to and explanation of basic physical security concepts; a description of the probable security risks for more than 40 functional areas in business; security performance guidelines along with a variety of supporting mitigation strategies; performance specifications for each of the recommended mitigation strategies; guidance on selecting, implementing, and evaluating a security system; and lists of available physical security resources. The Physical Security Strategy and Process Playbook is an essential resource for anyone who makes security-related decisions within an organization, and can be used as an instructional guide for corporate training or in the classroom. The Physical Security Strategy and Process Playbook is a part of Elsevier's Security Executive Council Risk Management Portfolio, a collection of real world solutions and 'how-to' guidelines that equip executives, practitioners, and educators with proven information for successful security and risk management programs. - Chapters are categorized by issues and cover the fundamental concepts of physical security up to high-level program procedures - Emphasizes performance guidelines (rather than standards) that describe the basic levels of performance to be achieved - Discusses the typical security risks that occur in more than 40 functional areas of an organization, along with security performance guidelines and specifications for each - Covers the selection, implementation, and evaluation of a robust security system
Autoren/Hrsg.
Weitere Infos & Material
Chapter 2 Functional Areas and Security Risks
In Chapter 2: Functional Areas and Security Risks, the author reviews the operations, sites, and functional areas of an organization and discusses the security risks that are typically present in each area. This review begins with a site analysis, which collects information about the site’s environment and is a joint effort between division management, facility management, and security. The site analysis is described in terms of allocation of space, compartmentalization, adjacency factors, and circulation between buildings and areas. The remainder of the chapter includes a detailed description of the potential risks associated with more than 40 functional areas. The areas include the building perimeter, chemical storage, elevators, entrances and exits, information security, parking areas, roof openings, shipping and receiving, warehouse, windows, and more. Keywords
Site analysis; allocation of space; compartmentalization; adjacency; circulation; risk analysis; functional areas 2.1 Introduction
This chapter reviews the operations, sites, and functional areas of your business and explores the most common security risks to each area. Every facet of your business has potential security risks—the risks span the spectrum from theft to legal liability to loss of the company’s reputation and way of life. The risks discussed in this chapter are based on your organization’s experience, the experience of related industries, and corporate priorities. Each of these risks can be addressed through the application of your organization’s security performance guidelines and options, which will be discussed in Chapter 3. This chapter is organized alphabetically by functional area, with the potential security risks for each area given. Use the lists to help you review your business operations. If you find risks that are applicable to your situation, and if you choose to take action to reduce or remove a risk, refer to Chapter 3 for assistance with the planning process for the specific areas that need improvement. 2.2 Assessment Review
As you assess the risks to each area of your business, you should start by looking at the items that, in one way or another, concern all the areas of your business. A security assessment is essential when new construction or major remodeling is being planned. It is also very useful to complete an assessment for an existing business in a facility that is not undergoing construction changes. The assessment will help identify security risks you may have overlooked and help you select options for meeting the performance guidelines. Every attempt should be made to understand and plan for the security-related issues described in the next five sections: 1. Site analysis 2. Allocation of space 3. Compartmentalization 4. Adjacency factors 5. Circulation between buildings and areas Once you understand the concepts contained in these sections, you’ll have a solid foundation for making decisions about security at a detailed level. 2.2.1 Site Analysis (Office or Facility)
A site analysis is a joint effort between division management, facility management, and security. The process can be applied to a small office environment, a department, or an entire facility. The goal of a site analysis is to collect pertinent information about the site’s environment because the environment has such a large effect on the type and cost of the site’s physical security systems. A site analysis can also be used to help select an environment that is suitable to the needs of your business operations. The following topics are covered in a site analysis: • Social and political factors: the degree to which the public is sensitive to the business’s product, operation, or process. • Criminal activities in the area: a crime analysis that provides uniform crime statistics. • Neighboring properties, demographics, and environmental impact: includes neighbors, demographics of the surrounding area, risk of natural disasters, and the impact your business will have on the environment. • Loss history: a summary of the history of loss suffered by the company currently operating at the site. • Physical factors: including location, proximity to freeways and to major urban areas, the size of the land parcel, site access, and vehicular and pedestrian circulation. 2.2.2 Allocation of Space
Each operational unit within the facility has specific security requirements, which must be considered during the initial planning stage. • Areas that interact with the public, such as purchasing, employment, and sales, should not be located inside highly secured areas of the facility. This creates unnecessary and non-secure circulation patterns for visitors and employees. • Whenever possible, concentrate on areas that interact with the public within one building, wing, or floor. Provide a separate entrance, restrooms, and conference rooms for these areas. You’ll be able to reduce the cost and inconvenience of the additional security controls required when public areas are intermingled with employee areas. 2.2.3 Compartmentalization
Although there is a trend toward more open work environments, be aware that there may be security risks associated with environments that are too open. These environments may still require compartmentalization. • Often it is not practical, from a security standpoint, to locate research and development labs close to sales and marketing if the volume of non-employee traffic is high. Even though it may help these groups of employees communicate with each other, it may be very difficult to maintain a proper level of security. • Consider the effects of having employee areas close to non-employee areas. You may find it difficult to protect sensitive information when non-employee areas are too close to employee areas. For example, if you bring customers to your site to provide training, create a training area that is separate from other areas that are difficult to protect. • Be aware that an open work environment has additional security risks that surface during non-business hours. For example, it is difficult to guard against unauthorized use of equipment, records, and/or information if access is not restricted during non-business hours. 2.2.4 Adjacency Factors
Adjacency factors are related to the overall structure of the work environment. It makes good security sense to keep some areas close to each other, or close to the public. On the other hand, some other areas need to be separated from each other, or removed from the public. • Human resources and purchasing functions should generally be near the visitor entrance because these areas tend to have high volumes of non-employee traffic. • Computer rooms should be isolated, since relatively few people need to be in these rooms. • Shipping and receiving areas should be separated from each other and from most employee and visitor traffic. In addition, they should have good access to roadways. • Meeting rooms and auditoriums for special or public events should be located in areas designed for public access control. 2.2.5 Circulation Between Buildings and Areas
Besides allocating space for the various business functions, you need to plan out how people will move within and between buildings and areas. Inadvertent security risks are often caused by traffic patterns that are not based on a business need to be in the area. For example, people sometimes walk through a department that is unrelated to their business need because the only path (or shortest path) leading to their destination takes them through the unrelated department. • Circulation patterns should separate the highly secured areas from nonsecured areas (i.e., restricted employee areas from visitor areas). The highly secured areas should also be separate from the traffic paths used most frequently by employees. • Plan out the circulation patterns between buildings so that people can move safely and efficiently from place to place without compromising security. Efficient circulation reduces the probability of exposing your business and your people to unnecessary risk. • Place departments that interact regularly next to each other, if possible, to reduce unnecessary traffic from employees and visitors. • Provide direct access to parking areas. Be certain that paths to parking areas do not pass through hazardous areas. 2.3 Risks by Area
This section is designed as a guide to help you identify the risks you might find in the different areas of your business. The areas listed in this section are functions, physical locations, and processes common to many organizations’ business operations. Based on our experience, we address the risks we have often found to be associated with each area, although the discussion is not all-inclusive. The degree of risk you find in each area of your business is highly dependent...