Can anybody here share the Security Risk Contol Measures employed at your respective sites.
Announcement
Collapse
No announcement yet.
Security Risk Control Measures
Collapse
X
-
Probably not without getting fired. After working more than 35 years ago for a government installation I still couldn't disclose security measures.Retail Security Consultant / Expert Witness
Co-Author - Effective Security Management 6th Edition
Contributor to Retail Crime, Security and Loss Prevention: An Encyclopedic Reference
-
Originally posted by Curtis Baillie View PostProbably not without getting fired. After working more than 35 years ago for a government installation I still couldn't disclose security measures.
Comment
-
I guess all will get fired if they disclose Security Risk Control Measures in a forum. Ok I will provide you guys with my two cents worth.
Basically Security Risk Control Measures can be categorized into Physical, Personnel and Information Security. I hav a problem tabulating. So I will break it up.
PHYSICAL SECURITY
Perimeter Fencing
CCTV Camera
Biometric Devices
Locks
Security Zoning
Lighting Equipment
Smart Cards
Intrusion Detectors
Tempered Glass
Fire Alarm System
Key Control Syatem
Communication System
PERSONNEL SECURITY
Visitor Pass
Contractor Pass
Employee ID
Pre-employment checks
Security Zoning
National Security Vetting - example crimnal records
Face to Face Interviews
Personalty Questionnaires
INFORMATION SECURITY
Data Backup
SOPs
Investment in Information Security Management System
Proactive Auditing and Monitoring
Training and Education
Emergency and Evacuation Procedure
Feel free to add to the above list.
Comment
-
Your question was, "Can anybody here share the Security Risk Contol Measures employed at your respective sites" - thus my response, "Probably not without getting fired."
So all you did is post areas that can be looked at as security control measures. So, are these measures you posted at your site?Retail Security Consultant / Expert Witness
Co-Author - Effective Security Management 6th Edition
Contributor to Retail Crime, Security and Loss Prevention: An Encyclopedic Reference
Comment
-
Originally posted by Curtis Baillie View PostYour question was, "Can anybody here share the Security Risk Contol Measures employed at your respective sites" - thus my response, "Probably not without getting fired."
So all you did is post areas that can be looked at as security control measures. So, are these measures you posted at your site?
Comment
-
A few items notably missing from your list:- Guards
- Intelligence and analysis
- "Blue light" call boxes
- 1-800 reporting number for employees (usually anonymous)
- Opsec measures (numerous)
- Professional networking/relationships (police, other security professionals)
- Executive protection
- Asset tracking (GPS, RFID, etc.)
- Asset marking/tagging
- Inventory control measures (numerous)
- Document security measures (numerous)
- Intrusion detection system (infosec)
- "Security culture"
Risk is also controlled/managed by means other than mitigation - transference, avoidance (also called "elimination"), dispersion, sharing and acceptance.
You mention problems tabulating. Use the tools circled below when posting if you want to create numbered, bulleted or indented lists (like the one above).Last edited by SecTrainer; 11-02-2011, 04:59 PM."Every betrayal begins with trust." - Brian Jacques
"I can't predict the future, but I know that it'll be very weird." - Anonymous
"There is nothing new under the sun." - Ecclesiastes 1:9
"History, with all its volumes vast, hath but one page." - Lord Byron
Comment
-
Originally posted by Curtis Baillie View PostProbably not without getting fired. After working more than 35 years ago for a government installation I still couldn't disclose security measures.Originally posted by 5423 View PostSpeaking for myself: absolutely not.
Comment
-
Originally posted by kelvin View PostFair enough. Tell us in general how you verify on the effectiveness and performance of the risk control measures employed at your sites.
To achieve accountability (verify effectiveness and performance of either measures or people), someone's gotta be looking.
The B-side of this system is that I've empowered certain members of my team to check up on me as well, in certain areas, which has paid off several times in the past. No one's perfect; I'd much prefer to give my team members kudos for catching me slipping up, than to have the CEO contact me with a "Have you done the _____________ lately?" query. And I believe in leading by example: if I'm expecting them to accept my checking and critiqueing their every little task, my humble acceptance and ready praise for their catching me in a sin of omission is a dandy motivator; cheap, easy and immediate, and it builds trust within the team.Last edited by 5423; 11-03-2011, 02:38 PM."I'll defend with my life your right to disagree with me" - anonymous
Comment
-
Originally posted by 5423 View PostIn general, which is as specific as I can get into, I check up... on everything: all measures, all assigned tasks, and all systems. In turn, my reporting point/boss (I leapfrog local management and report directly to the corporate CEO) checks up on my work.
To achieve accountability (verify effectiveness and performance of either measures or people), someone's gotta be looking.
The B-side of this system is that I've empowered certain members of my team to check up on me as well, in certain areas, which has paid off several times in the past. No one's perfect; I'd much prefer to give my team members kudos for catching me slipping up, than to have the CEO contact me with a "Have you done the _____________ lately?" query. And I believe in leading by example: if I'm expecting them to accept my checking and critiqueing their every little task, my humble acceptance and ready praise for their catching me in a sin of omission is a dandy motivator; cheap, easy and immediate, and it builds trust within the team.
Feedback forms can give some idea of the effectiveness and performance.
Getting a third party source to conduct a documented survey.
A suggestion box where people can write in and express their views.
Data on insurance claims is another source.
Number of Incident Reports is also a barometer.
Regular audit to check on deviations (as you mentioned).
Comment
300x250
Collapse
Channels
Collapse
Mid 300x250
Collapse
Leaderboard
Collapse
Comment