Download - PSP 1 Phoenix 3-27-08
-
7/31/2019 PSP 1 Phoenix 3-27-08
1/32
8/4/2012 1
PSP Review CourseSession 1
-
7/31/2019 PSP 1 Phoenix 3-27-08
2/32
8/4/2012 2
Purpose of PSP/CPP Review Class
This is a Review Course not a trainingprogram.
It offers a good foundation for the body
of knowledge expected to prepare forthe Physical Security Professional(PSP) exam.
It should help to identify areas within therequired knowledge and skills in whichyou may be weak.
-
7/31/2019 PSP 1 Phoenix 3-27-08
3/32
8/4/2012 3
PSP Certification Development
Job Analysis Study Development of Domains, Tasks, Knowledge statements and
test specifications.
Three Domains/Subject Areas identified by Physical SecurityPractitioners as major areas involved in Physical Security.
The subjects and approximate percentage of test questions are:
Physical Security Assessment (41%)
Selection of Physical Security Measures (24%)
Implementation of Physical Security Measures (35%)
Reference Material Selected Test questions developed
-
7/31/2019 PSP 1 Phoenix 3-27-08
4/32
8/4/2012 4
PSP Examination
Multiple Choice questions, no True/False, fill in theblank or others.
Four possible answers,None of the Above and All
of the Above are NOT used.
Incorrect answers are NOT subtracted from correctanswers, only correct answers are counted. No
penalty for guessing.
125 questions
-
7/31/2019 PSP 1 Phoenix 3-27-08
5/32
8/4/2012 5
Physical Security Assessment
Identifying Assets
Identifying and Assessing Threats
Physical Security Surveys
Risk Analysis
41%
-
7/31/2019 PSP 1 Phoenix 3-27-08
6/32
8/4/2012 6
Physical Security Assessment
Understanding the Security Process
To manage risk, and be cost effective and responsive to yourcustomers actual needs, security planning should follow astructured reasoning or logic process.
This includes proper identification and assessment of assets,threats, and vulnerabilities, which subsequently leads to plans oroptions to mitigate risk.
No security plan or program can be effective unless it is basedupon a clear understanding of the actual risks it is designed tocontrol.
-
7/31/2019 PSP 1 Phoenix 3-27-08
7/32
8/4/2012 7
Physical Security Assessment
What is Risk ?Potential Areas of Loss
Asset
Threat
Vulnerability
Security programs or Processes
Risk Management
-
7/31/2019 PSP 1 Phoenix 3-27-08
8/32
8/4/2012 8
Physical Security Assessment
Risk Management Principals
Assess
Vulnerability
Assess
Threats
Assess
Assets
Analyze RisksMitigation
Countermeasures
Risk
Management
-
7/31/2019 PSP 1 Phoenix 3-27-08
9/32
8/4/2012 9
Physical Security Assessment
Asset Identification begins with aneeds assessment
Nature and Types of Assets
Determining Asset Value
Tangible and Intangible Assets
One-of-a-kind or Critical Assets Core Facility Functions
-
7/31/2019 PSP 1 Phoenix 3-27-08
10/32
8/4/2012 10
Physical Security Assessment
Asset Identification
What needs to be protected?
Why does the asset need protection (liability, loss/value,continuation of business etc)
What is the risk of loss, damage or compromise?
The process of quantitative and qualitative Risk Analysis beginshere.
-
7/31/2019 PSP 1 Phoenix 3-27-08
11/32
8/4/2012 11
Physical Security Assessment
Nature and types of Assets
Tangible - People, Property, Bldgs,Equipment, Value$
IntangibleProcesses,Information/Data, Reputation
-
7/31/2019 PSP 1 Phoenix 3-27-08
12/32
8/4/2012 12
Physical Security Assessment
Valuing types of Assets
Owned
Leased
Facility Losses
Tangible Intangible
-
7/31/2019 PSP 1 Phoenix 3-27-08
13/32
8/4/2012 13
Physical Security Assessment
Identifying Threats
Types of threats
Factors threats are based upon Demographics
Identity
Geographical Potential Aggressor(s) - Needs
-
7/31/2019 PSP 1 Phoenix 3-27-08
14/32
8/4/2012 14
Physical Security Assessment
Assessing the Nature of Threats
Before any planning can be considered, it is necessary to make athrough assessment of identifiable risk exposure. To accomplish this, itis essential to identify the risk or threats that can affect the assets
involved.
The first step in the process is to determine what can happen to each
asset identified.What is the Risk?
Damage or destruction Loss theft
Compromise
Liabilities
-
7/31/2019 PSP 1 Phoenix 3-27-08
15/32
8/4/2012 15
Physical Security Assessment
Assessing the Nature of Threats
Threat are generally identified in two categories:
Natural
Hurricane, tornado, seismic, flood, fire, otherenvironmental
Man-Made
Criminal activity, civil disturbance, industrialaccidents, labor violence, workplace violence,international or domestic terrorism.
-
7/31/2019 PSP 1 Phoenix 3-27-08
16/32
8/4/2012 16
Physical Security Assessment
Natural ThreatsWhat can the Security Practitioner do?
Prevention
Most cases, nothing!
Planning
Protection of assets Contingency plans
Recovery Plans
-
7/31/2019 PSP 1 Phoenix 3-27-08
17/32
-
7/31/2019 PSP 1 Phoenix 3-27-08
18/32
8/4/2012 18
Physical Security Assessment
The Nature of Threats
As noted previously the process of Threat Identification begins withthe what can happen? assessment for the items identified as
Assets. The business or enterprise, people, things, processesetc. that may be threatened or impacted by events which wouldresult in a negative event.
Man-made or human threats are generally identified in twocategories:
Internal
External
-
7/31/2019 PSP 1 Phoenix 3-27-08
19/32
8/4/2012 19
Physical Security Assessment
Identifying Threats
Other items with may drive threat identification include,but are not limited to:
Demographics
Identity
Geographical
Potential Aggressor(s) Needs
Political, religious, ethnic, etc.
External Organizations
-
7/31/2019 PSP 1 Phoenix 3-27-08
20/32
8/4/2012 20
Physical Security Assessment
Physical Security Survey
The primary vehicle used in a security assessment is thesurvey. The survey is the process whereby one gathers data
that reflects the who, what, how, where, when and why of thecustomers existing operation. The survey is the fact-findingprocess. *
Purpose of the survey: To identify critical factors affecting thesecurity of the premises or operation. To analyzevulnerabilities and recommend cost effective solutions.
(*) Charles A. Sennewald, CPP, Security Consulting 2nd ed.
Reprinted quote: James F. Broder, Risk Analysis and the Security Survey 2nd ed.
-
7/31/2019 PSP 1 Phoenix 3-27-08
21/32
8/4/2012 21
Physical Security Assessment
Physical Security Survey
Security Survey Techniques:
Audits vs. AssessmentsChecklists
Outside In
Protection in Depth
Concentric Layers or Circles of Protection
Inside Out
Solving the Crime Before it happens
-
7/31/2019 PSP 1 Phoenix 3-27-08
22/32
8/4/2012 22
Physical Security Assessment
Physical Security Survey
Security Survey Techniques:
The methodologies for conducting surveys are basically the samefor all facilities. There are most likely no hard and fast rules.Generally problems commonly encountered may include:
Multiple facilities/structures
Geographic locations
Multiple tenants Some areas may have physical security requirements while others
have no requirements or standards
Facility Infrastructure concerns.
-
7/31/2019 PSP 1 Phoenix 3-27-08
23/32
8/4/2012 23
Physical Security Assessment
Physical Security Survey
Collecting and Interpreting Data
Site or Building Plans/Floor Plans
Schematics
Infrastructure /Utilities
Interfacing Operations
Organization/Structure
Prior Surveys
Procedures
-
7/31/2019 PSP 1 Phoenix 3-27-08
24/32
8/4/2012 24
Physical Security Assessment
Physical Security Survey
Understanding Security Measures or Applications
Guard or Response force capabilities and procedures
Security technologies
Equipment applications
Personnel Security (controls)
Other types of Security Programs and Processes
Prior Surveys
Supporting Infrastructure
-
7/31/2019 PSP 1 Phoenix 3-27-08
25/32
8/4/2012 25
Physical Security Assessment
Physical Security Survey
Understanding Security Measures or Applications
Systems Integration
Integration of people, procedures and measures
Deterrence
Delay
DetectionAssessment
Response
-
7/31/2019 PSP 1 Phoenix 3-27-08
26/32
8/4/2012 26
Physical Security Assessment
Physical Security Survey
Elements to be considered during the Site Survey
Requirements What are regulations or requirements?
Needs Determine the safeguards needed based onthreat.
What exists Now Identify existing physical securitymeasures or safeguards and determine deficiencies.
-
7/31/2019 PSP 1 Phoenix 3-27-08
27/32
8/4/2012 27
Physical Security Assessment
Physical Security Survey
Elements to be considered during the Site Survey
What needs to be fixed Recommendation to
mitigate deficiencies.
What will make it better Recommendation toenhance the overall
security posture
-
7/31/2019 PSP 1 Phoenix 3-27-08
28/32
8/4/2012 28
Physical Security Assessment
Physical Security Survey
Analysis of relevant data:
Observing
Questioning
Analyzing
Verifying
Investigating Evaluating
-
7/31/2019 PSP 1 Phoenix 3-27-08
29/32
-
7/31/2019 PSP 1 Phoenix 3-27-08
30/32
8/4/2012 30
Physical Security Assessment
Physical Security Survey
Survey Documentation: Key Elements
Purpose of Survey or Inspection
Scope or perimeters of the survey
Findings - Observations
Recommendations
Conclusions
-
7/31/2019 PSP 1 Phoenix 3-27-08
31/32
8/4/2012 31
Physical Security Assessment
Physical Security Survey
Survey Documentation: Criteria for Good Reporting
Accuracy
Clarity
Conciseness
Timeliness
Slant or Pitch
-
7/31/2019 PSP 1 Phoenix 3-27-08
32/32
8/4/2012 32
Physical Security Assessment
Questions?