Announcement

Collapse
No announcement yet.

Security Risk Control Measures

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Security Risk Control Measures

    Can anybody here share the Security Risk Contol Measures employed at your respective sites.

  • #2
    Probably not without getting fired. After working more than 35 years ago for a government installation I still couldn't disclose security measures.
    Retail Security Consultant / Expert Witness
    Co-Author - Effective Security Management 6th Edition

    Contributor to Retail Crime, Security and Loss Prevention: An Encyclopedic Reference

    Comment


    • #3
      Originally posted by Curtis Baillie View Post
      Probably not without getting fired. After working more than 35 years ago for a government installation I still couldn't disclose security measures.
      Ok fair enough. Lets hear if its ok for others to make a contibution here. Otherwise I will provide you with some general risk contol measures later and move on from there.

      Comment


      • #4
        I guess all will get fired if they disclose Security Risk Control Measures in a forum. Ok I will provide you guys with my two cents worth.

        Basically Security Risk Control Measures can be categorized into Physical, Personnel and Information Security. I hav a problem tabulating. So I will break it up.

        PHYSICAL SECURITY
        Perimeter Fencing
        CCTV Camera
        Biometric Devices
        Locks
        Security Zoning
        Lighting Equipment
        Smart Cards
        Intrusion Detectors
        Tempered Glass
        Fire Alarm System
        Key Control Syatem
        Communication System

        PERSONNEL SECURITY
        Visitor Pass
        Contractor Pass
        Employee ID
        Pre-employment checks
        Security Zoning
        National Security Vetting - example crimnal records
        Face to Face Interviews
        Personalty Questionnaires

        INFORMATION SECURITY
        Data Backup
        SOPs
        Investment in Information Security Management System
        Proactive Auditing and Monitoring
        Training and Education
        Emergency and Evacuation Procedure

        Feel free to add to the above list.

        Comment


        • #5
          Your question was, "Can anybody here share the Security Risk Contol Measures employed at your respective sites" - thus my response, "Probably not without getting fired."

          So all you did is post areas that can be looked at as security control measures. So, are these measures you posted at your site?
          Retail Security Consultant / Expert Witness
          Co-Author - Effective Security Management 6th Edition

          Contributor to Retail Crime, Security and Loss Prevention: An Encyclopedic Reference

          Comment


          • #6
            Originally posted by Curtis Baillie View Post
            Your question was, "Can anybody here share the Security Risk Contol Measures employed at your respective sites" - thus my response, "Probably not without getting fired."

            So all you did is post areas that can be looked at as security control measures. So, are these measures you posted at your site?
            These are generic and most of which are at my site and many other sites. I think the measures will vary according to the nature of the sites and if the budgets permit.

            Comment


            • #7
              A few items notably missing from your list:
              • Guards
              • Intelligence and analysis
              • "Blue light" call boxes
              • 1-800 reporting number for employees (usually anonymous)
              • Opsec measures (numerous)
              • Professional networking/relationships (police, other security professionals)
              • Executive protection
              • Asset tracking (GPS, RFID, etc.)
              • Asset marking/tagging
              • Inventory control measures (numerous)
              • Document security measures (numerous)
              • Intrusion detection system (infosec)
              • "Security culture"


              Risk is also controlled/managed by means other than mitigation - transference, avoidance (also called "elimination"), dispersion, sharing and acceptance.

              You mention problems tabulating. Use the tools circled below when posting if you want to create numbered, bulleted or indented lists (like the one above).
              Attached Files
              Last edited by SecTrainer; 11-02-2011, 04:59 PM.
              "Every betrayal begins with trust." - Brian Jacques

              "I can't predict the future, but I know that it'll be very weird." - Anonymous

              "There is nothing new under the sun." - Ecclesiastes 1:9

              "History, with all its volumes vast, hath but one page." - Lord Byron

              Comment


              • #8
                Originally posted by kelvin View Post
                Can anybody here share the Security Risk Contol Measures employed at your respective sites.
                Speaking for myself: absolutely not.
                "I'll defend with my life your right to disagree with me" - anonymous

                Comment


                • #9
                  Originally posted by Curtis Baillie View Post
                  Probably not without getting fired. After working more than 35 years ago for a government installation I still couldn't disclose security measures.
                  Originally posted by 5423 View Post
                  Speaking for myself: absolutely not.
                  Fair enough. Tell us in general how you verify on the effectiveness and performance of the risk control measures employed at your sites.

                  Comment


                  • #10
                    Originally posted by kelvin View Post
                    Fair enough. Tell us in general how you verify on the effectiveness and performance of the risk control measures employed at your sites.
                    In general, which is as specific as I can get into, I check up... on everything: all measures, all assigned tasks, and all systems. In turn, my reporting point/boss (I leapfrog local management and report directly to the corporate CEO) checks up on my work.

                    To achieve accountability (verify effectiveness and performance of either measures or people), someone's gotta be looking.

                    The B-side of this system is that I've empowered certain members of my team to check up on me as well, in certain areas, which has paid off several times in the past. No one's perfect; I'd much prefer to give my team members kudos for catching me slipping up, than to have the CEO contact me with a "Have you done the _____________ lately?" query. And I believe in leading by example: if I'm expecting them to accept my checking and critiqueing their every little task, my humble acceptance and ready praise for their catching me in a sin of omission is a dandy motivator; cheap, easy and immediate, and it builds trust within the team.
                    Last edited by 5423; 11-03-2011, 02:38 PM.
                    "I'll defend with my life your right to disagree with me" - anonymous

                    Comment


                    • #11
                      Originally posted by 5423 View Post
                      In general, which is as specific as I can get into, I check up... on everything: all measures, all assigned tasks, and all systems. In turn, my reporting point/boss (I leapfrog local management and report directly to the corporate CEO) checks up on my work.

                      To achieve accountability (verify effectiveness and performance of either measures or people), someone's gotta be looking.

                      The B-side of this system is that I've empowered certain members of my team to check up on me as well, in certain areas, which has paid off several times in the past. No one's perfect; I'd much prefer to give my team members kudos for catching me slipping up, than to have the CEO contact me with a "Have you done the _____________ lately?" query. And I believe in leading by example: if I'm expecting them to accept my checking and critiqueing their every little task, my humble acceptance and ready praise for their catching me in a sin of omission is a dandy motivator; cheap, easy and immediate, and it builds trust within the team.
                      I like to add a few more points:

                      Feedback forms can give some idea of the effectiveness and performance.
                      Getting a third party source to conduct a documented survey.
                      A suggestion box where people can write in and express their views.
                      Data on insurance claims is another source.
                      Number of Incident Reports is also a barometer.
                      Regular audit to check on deviations (as you mentioned).

                      Comment


                      • #12
                        Security Risk control Measures

                        Risk management is a process of thinking systematically about all possible risks, problems or disasters before they happen and setting up procedures that will avoid the risk, minimize its impact, or cope with its impact.

                        Comment

                        Leaderboard

                        Collapse
                        Working...
                        X