How to Develop and Implement a Security Master Plan

How to Develop and Implement a Security Master Plan

by Timothy Giles
     
 

Engage Stakeholders with a Long-Term Solution

The goal: Convince executive management to "buy in" to your security program, support it, and provide the largest possible amount of funding.

The solution: Develop a meticulously detailed long-term plan that sells decision-makers on the dire need for your program, and then

See more details below

Overview

Engage Stakeholders with a Long-Term Solution

The goal: Convince executive management to "buy in" to your security program, support it, and provide the largest possible amount of funding.

The solution: Develop a meticulously detailed long-term plan that sells decision-makers on the dire need for your program, and then maps out its direction and required budget.

Assess and Outline Security Risks to Map Out Mitigation Strategies
This practical guide details how to construct a customized, comprehensive five-year corporate security plan that synchronizes with the strategies of any business or institution. The author explains how to develop a plan and implementation strategy that aligns with an organization’s particular philosophies, strategies, goals, programs, and processes. Readers learn how to outline risks and then formulate appropriate mitigation strategies. This guide provides tested, real-world'solutions on how to:

  • Conduct an effective, efficient assessment of the site and security personnel, meticulously addressing the particular needs of many different environments
  • Make decisions about security philosophies, strategies, contract relationships, technology, and equipment replacement
  • Interview executive and security management to determine their concerns, educate them, and ensure that they buy in to your plan
  • Use all gathered data to construct and finalize the Security Master Plan and then implement it into the management of the business

Apply Insights from an Expert with Global Experience at the Highest Level
Author Tim Giles worked at IBM for 31 years serving as Director of Security for the company’s operations in the United States and Canada, as well as Latin America and Asia-Pacific. His immeasurable experience and insight provide readers with an extraordinarily comprehensive understanding that they can use to design and execute a highly effective, tailored security program.

Read More

Product Details

ISBN-13:
9781420086256
Publisher:
Taylor & Francis
Publication date:
12/16/2008
Edition description:
New Edition
Pages:
352
Sales rank:
830,530
Product dimensions:
6.40(w) x 9.30(h) x 1.00(d)

Table of Contents

The Business of Security

Why Should You Develop a Security Master Plan?

Engaging the Stakeholders

What Should Your Security Philosophies Be?

Contract Security Relationship

What Should Your Security Strategies Be?

Technology Migration Strategy

Equipment Replacement Schedules

Evaluate the Business’s Risks

Potential Risks to the Business

Defining What Your Risks Are

Information Gathering

The Workplace Violence Risk and Beyond

Domestic Violence in the Workplace

Other Risk Factors

Risks of Fraud and Corruption

Theft Risks

Overseas-Related Risks

Acts of Nature

Information Sources

Human Resources and the Security Plan

Reacting to a Defined Risk

Placing a Value on the Impact of Risk

Conducting a Site Security Assessment — Part 1

Assessing Aspects of Security Administration

Documenting Post Orders and Procedures

Security Personnel Selection and Staffing Considerations

Employee Selection and Staffing Considerations

Application Form

Security Manual Documentation

Security Education Awareness

Contract Management and Audit

Conducting a Site Security Assessment — Part 2

Assessing Aspects of Physical Security

Exterior Security Assessment — Vehicle Access Controls

Parking Lot Security

Proper Use of Signage

Security Processing Operations — Visitor and Contractor Controls

Proper Use of Lighting

Barriers, Doors, and Building Perimeters

Mechanical Locking Systems — Locks and Keys

Submaster System

Key Administration

Security Officer Patrols

Security Officer Review

Crime Prevention Through Environmental Design

Security Staffing

Monitoring and Administering Physical Protection Systems

Stationary and High-Visibility Posts

Emergency Response Capabilities

Training

Conducting a Site Security Assessment — Part 3

Assessing the Electronic systems

Event Driven

Fully Integrated

Closed Circuit Television

Access Control Systems

Access Control System Policy

Alarm Sensors and Reporting

Radio Systems

Technology Status — Current and Future

Conducting a Site Security Assessment — Part 4

Assessing Information Protection

Information Security Protection Programs

Computer and Network Security Ownership

Security and Computer Use Standards for Employees

Security Requirements

Implementing a Classification System

Investigation Requirements

Processing Departing Employees

Information Asset Security

System Misuse

Summary — Information Protection

Government Regulations

Conducting an Assessment of the Security Organization

Reporting Structure

The Security Organization’s Structure

Mixed Security Forces

Separation of Duties

Other Issues

Security Skills

Evaluating the Security Officers

Evaluating the Shift Supervisors

Evaluating the CSO or Director of Security

Evaluating the Other Security Positions

Staffing Levels

Armed versus Unarmed Officers

Determining What Prevention, Crisis Management, and Recovery Programs Exist

Prevention and Recovery Programs

Business Intelligence Information

Crisis Management Planning

Corporate Reputation Crisis Plan

Corporate Investigations: Fraud, Financial, Criminal, Computer, and Network

Due Diligence Processes

Emergency Response Planning and Testing

Business Continuity and Disaster Recovery

Executive Protection Program

Internal Audit and Business Controls, Monitoring Programs, and Fraud and

Pre-employment Screening and Drug Testing

Risk Assessment Process (Annually)

Security Systems and Procedures

Terrorism, Bioterrorism, and the DHS: Threat Advisory System Response

Workplace Violence Prevention Program

References

Interviewing Executive and Security Management

Interview Executive Management to Understand Their Concerns and Issues

The Approach

Interpreting the Interview Answers

The Importance of Listening

Where to Start the Process

Beginning the Interview

Educating the Executives and Ensuring Their Buy-In

Interview Security Management to Understand Their Concerns and Issues

Review and Evaluate All Security-Related Contracts and the Information Protection Program

Security Business Contracts

Contractual Right to Audit

Contract Bid Process

Auditing Security-Related Contracts

Reviewing the Information Protection Programs

After-Hours Checks

IT Information Protection

Disaster Recovery Program Review

Information Security Awareness Training

Investigation Requirements

Review of Exit Interview Process

Information Asset Security Review

Constructing the Security Master Plan Document

Compiling, Organizing, and Evaluating the Information Gathered

Developing Your Recommendations

Initial Draft Review with Security Management

Recommendation with Solutions

Developing and Refining Security Philosophies, Strategies, and Goals

Involving the Stakeholders

Documenting the Master Plan

Developing the Recommendations Presentation

Estimating Cost Impacts

Project Management Skills

Typical Contents of a Security Master Plan

Content Listing and Organization

Structural Focus

Budgeting Focus

Establishing an ROI

Finalizing the Security Master Plan Process

The Recommendations Presentation

Where to Begin

Setting Your Goals

Asking the Tough Questions

Submitting the Finalized Security Master Plan

Utilizing Your Plan in Managing Your Business

Utilizing Your Plan for Periodic Quality Checks

It Is All about Timing

Keeping the Plan in Sync with the Business

Testing Your Plan Against the Latest Technology

Benchmarking and Business Process (Matrix) Management

Best of Breed

Business Process (Matrix) Management

Appendices

Read More

Customer Reviews

Average Review:

Write a Review

and post it to your social network

     

Most Helpful Customer Reviews

See all customer reviews >