CJ Assignment Security Objective Components

Read the article on p. 109 and review pp. 113–115 of the text.

Address the following points in a 700- to 1,050-word response:

What component of the overall security objective deserves the most attention in the environments mentioned in the article? What components would be less pertinent for these particular environments during a vulnerability assessment? Why?

· Relative to the primary component you chose above, what are some countermeasures or possible solutions for the shootings, incidences of arson, and bombing?

· What components of the overall security objective would be more pertinent had these events occurred at a mall? Would these components present alternative countermeasures or solutions to those you have already listed? Explain your answers.

Cite two sources other than the text.

Format your paper
consistent with APA guidelines.

4
A Prevention System

Overview:
Defining the Overall
Security Objective

CHAPTER OUTLINE

102

C H A P T E R

Revisiting Risk
Risk Management Options
The Security Objective
The Overall Security Objective: A Seam-
less, Integrated Security Design

Conclusion
Review Questions
Discussion Questions

CHAPTER HIGHLIGHTS
Prevention system:

Overview:
1. Physical security
2. Personnel security
3. Information security
4. Liability
5. Interdepartmental dependencies

Risk management:

Options outlined:
1. Eliminate the risk.
2. Mitigate the risk.
3. Transfer the risk.
4. Spread the risk.
5. Accept the risk.

KEY WORDS

Assuming risk
Eliminating risk
Mitigating risk
Overall security objective
Personnel security
Physical security

Risk management
Seamless, integrated security design
Security objective
Spreading risk
Transferring risk

IS
B

N
:
0
-5

3
6
-9

1
2
7
1
-8

A PREVENTION SYSTEM OVERVIEW 103

To begin the process of making an environment secure, one must establish
a theoretical ideal of what it means to have security within a given target envi-
ronment. Without a doubt, this security ideal will vary, depending on who is
creating it and what their objectives are for the system. Once the theoretical
realities have been considered, it is important to shift the focus to the various
practical realities that exist within the target environment. The process of mak-
ing a system secure, then, can be discussed as a process involving ongoing ex-
changes between the identified theoretical ideals and the practical realities
within a target environment.

Both the theoretical ideal and the practical implementation realities within
the target environment must be fully considered to determine whether or not
the security plan is as effective as it can be. Consideration of these essential el-
ements is ongoing and constantly interactive.

It might help to think of the field of security in two parts, almost as two
separate things. Consider Figure 4–1. On the one hand you learn about various
security-related issues that, in theory, might be appropriate for addressing
your security-related concerns. On the other hand, you must identify the prac-
tical realities within your target environment that will impact the ability to im-
plement the established security priorities. Say, for example, as a retail store
owner you read in a security magazine about a loss prevention system that is
identified as the most effective means for reducing shoplifting losses. You
know that your unexplained losses are increasing, and you decide to make this
a priority for your target environment (your retail shop). After you establish

Ideal
Security

Objectives

Target
Environment

Implementation
Realities

Es
tab

lishe
d Security Priorities

Revised Security Prior
ities

Additional
Practical
Expertise

FIGURE 4–1 The Security Planning and Implementation Process

Identifying and Exploring Security Essentials, by Mary Clifford. Published by Prentice-Hall. Copyright © 2004 by Pearson Education, Inc.
IS
B
N
:
0
-5
3
6
-9
1
2
7
1
-8

104 CHAPTER 4

(Source: Reprinted with special permission of North America Syndicate.)

this as a priority, you move toward looking at the loss prevention system from
a different perspective. Now you must consider the practical realities within
your target environment and determine if the loss prevention system still
looks like a good idea. Is the system too expensive for you to afford? Will the
losses you prevent pay for the system? Is the product you sell easily tagged?
Is it possible for your clerks to bypass the system and remove product unde-
tected before tagging the merchandise and placing it on the shelf? Are the tags
easily damaged and made ineffective? How much does it cost to replace dam-
aged tags?

When security enhancements are discussed as a theoretical ideal, the prac-
tical realities are sometimes overlooked. If, as you assume, the threat is from
shoplifters, perhaps this system is great. If, however, the threat is from your
employees and the system makes the employees responsible for tagging items
and they have unrestricted access to the product before it gets tagged, the
practical realities in your target environment will eventually bear that out. The
system is likely to have little effect on the problem.

On the other hand, if the practical concerns from the target environment
take priority, then some theoretically viable possibilities are lost. In the ex-
ample just presented, a retail professional learns quickly that the most likely
threat to the bottom line is employees. In theory, the most common ex-
planation for retail losses is the employees. Again, considering what the se-
curity body of knowledge has to teach us, we find some theoretical possibili-

Identifying and Exploring Security Essentials, by Mary Clifford. Published by Prentice-Hall. Copyright © 2004 by Pearson Education, Inc.
IS
B
N
:
0
-5
3
6
-9
1
2
7
1
-8

A PREVENTION SYSTEM OVERVIEW 105

ties that might warrant consideration in our target setting. Looking at this
theory and seeing how it applies to the retail setting mentioned previously
might help explain that the losses are due to an employee who is stealing
from the store, rather than shoplifters. This practical reality might dictate the
need to explore an entirely new set of theoretical options for catching the
employee in the act of stealing. The security planning and implementation
process continues.

This interactive process is the point at which you can begin to identify and
modify your security objectives. A security objective is defined as a focused
effort to seek out or establish stability and predictability within a target setting.
In short, a basic security system can be outlined as issues related to (1) phys-
ical security, (2) personnel security, (3) information security, (4) liability is-
sues, and (5) interdepartmental dependencies. But again, be clear. The seem-
ingly independent aspects of a security system are not so independent. These
simplified elements of a target environment must work together to ensure a
seamless, integrated security design. For this reason, I suggest that the overall
security objective will be a seamless, integrated security design including
and accounting for all elements of the prevention system.

In this chapter, we will revisit the concept of risk. To provide readers with
an opportunity to become comfortable with the critical risk-related terms, we
will look not only at risk but at risk management. Five strategies for managing
risk are introduced. Finally, more specific information is presented about secu-
rity objectives.

REVISITING RISK

Although Chapter 2 introduced basic security concepts, it should be clear that
a more concise understanding of security-related issues can be developed by
listening to how individuals working in different security-related areas use the
terms. The quest for an exact, concise definition of security-related terms may
be valuable mostly as an academic pursuit. In other words, it might be most
valuable in a theoretical context. Having all terms precisely defined and used in
the same way by all people who discuss security is an idealized objective. For
someone who is interested in developing a security plan, such intellectual pur-
suits may be of little use.

With this in mind, I offer a simplistic breakdown of risk and risk-related
terms. As noted in Chapter 2, the use of the word risk can vary dramatically
among security professionals. As used in this book, risk refers to (1) probabil-
ity and (2) criticality. A risk assessment is done every time a threat has been
identified and the security professional wants to assign it an appropriate level
of risk. A risk assessment has two components: (1) a probability assessment
and (2) a criticality assessment.

Identifying and Exploring Security Essentials, by Mary Clifford. Published by Prentice-Hall. Copyright © 2004 by Pearson Education, Inc.
IS
B
N
:
0
-5
3
6
-9
1
2
7
1
-8

106 CHAPTER 4

RISK MANAGEMENT OPTIONS

Any preliminary discussions about security, security planning, and security en-
vironments initiated in Chapter 3 will most likely be structured primarily
around a relatively simple objective: identifying threats and assigning appropri-
ate risk levels to those threats. Many security professionals would agree that an
important part of the job, perhaps one of the most labor-intensive and time-
consuming parts, is the process of identifying risk levels and from there imple-
menting countermeasures to reduce or eliminate their impact on the target en-
vironment. This fact alone makes it necessary to take a few minutes to examine
risk more closely. The higher the risk, the more likely a threat will turn into a
loss event.

The presence of a threat is not always bad. In some cases, the risk associ-
ated with that threat is extremely low. In other cases, accepting or assuming
risk is actually a valid practice. In the case where an item is not worth the
money or time it will take to protect it from a threat, it is better to accept the
consequences of not protecting it. An example might be an old used car worth
only $500. The cost of a car alarm or full collision insurance coverage on the ve-
hicle might easily exceed the value of the vehicle. Little incentive exists to ex-
pend money for increasing the security of this car. If the car is damaged, the
loss is not great. But a person with a brand-new car worth $20,000 may be
more willing to insure the car against damage or theft. Paying for full insurance
coverage makes sense, because if there is an accident, the car can be fixed and
the loss (damage to the car) is transferred to the insurance company.

This process of identifying and responding to risk is called risk manage-
ment. Risk management plans provide a means by which security profession-
als can address threats and risks to meet the satisfaction of the company,
agency, or organization. Security professionals have, in general, five ways to re-
spond to risk: (1) eliminate the risk, (2) mitigate the risk, (3) transfer the risk,
(4) spread the risk, and (5) accept the risk (Figure 4–2).

As suggested previously, when a threat is identified, evasive actions may be
taken in the interest of eliminating risk associated with the threat being eval-
uated. This idea is most effective in the early stages of planning. Consider how
much money a company would stand to lose if the planners decided to build a
new factory, only to have the area impacted by a flood two years later. Part of
the job of the security division could be to identify and eliminate potential risks
to the sites being considered for the placement of this new factory. Their find-
ings could reveal information documenting a huge flood in the area 10 years
ago. Could a disastrous flood happen again? No one knows. The company now
has more information, however, for determining whether it is still interested in
building the new facility in this area. The risk associated with a flood could be
reduced significantly if the company decided to locate the new factory on

Identifying and Exploring Security Essentials, by Mary Clifford. Published by Prentice-Hall. Copyright © 2004 by Pearson Education, Inc.
IS
B
N
:
0
-5
3
6
-9
1
2
7
1
-8

A PREVENTION SYSTEM OVERVIEW 107

Accept
risk

Transfer
risk

(insure)

Eliminate
risk

(remove)

Mitigate
risk

(reduce)

Spread
risk

FIGURE 4–2 Five Risk Management Responses
(Source: Charles T. Thibodeau, M. Ed., CPP, CSS, CPO.)

higher ground. Careful site selection, in this example, would reduce the risk of
a flood.

Security managers interested in mitigating risk are fully aware that the
threat they seek to address cannot be completely eliminated. When mitigating
a risk, the efforts shift to reducing the impact of the threat. The one risk every
company wishes it could eliminate completely is the hiring of troubled or dan-
gerous employees. Employee alcohol or drug use can prove to be problematic
for a company in the long term. When drug and alcohol problems find their way
into the work environment, other risks to companies increase. Low worker pro-
ductivity, sick leave requests, and accidents on the job have all been related to
employee drug use For some jobs, drug screening has become a routine part of
the hiring process. Screening will identify a significant number of potential
drug-related problems but certainly not all of them. Research suggests that 80
to 90 percent of the people who use drugs or alcohol inappropriately can be
screened out.1 Drug screening does not eliminate the problems associated with
employee drug use, but it can be used to reduce the problem to an acceptable
level.

Remember, corporate officials typically determine policies for the company.
This can mean the company will have a policy about what an “acceptable level”
of drug use will be. Something one company may determine to be acceptable
may not be suitable for another company. In the case of drugs in the workplace,

Identifying and Exploring Security Essentials, by Mary Clifford. Published by Prentice-Hall. Copyright © 2004 by Pearson Education, Inc.
IS
B
N
:
0
-5
3
6
-9
1
2
7
1
-8

108 CHAPTER 4

even if a zero tolerance policy were implemented, it is likely that a company
might eventually be confronted with an employee believed to be using drugs.
Zero tolerance policies do not necessarily produce zero risk, and how a com-
pany handles an employee suspected of using drugs has critically important li-
ability implications for the company. The effort to reduce risks associated with
people who have a substance abuse problem is an example of mitigating a risk.

Transferring risk simply amounts to outlining a backup strategy. Respon-
sible security plans assume the eventual failure of the primary security objec-
tive. An easy way to understand transferring risk is to think about an insurance
policy. Business continuity is essential for a company’s survival. What would
happen to a company if, in spite of its fire prevention plans, it experienced a
catastrophic fire? The fire insurance would pick up the pieces and cover the
cost of the building, its machinery, and lost assets as well as lost business in-
come. The company covers the risk by transferring the responsibility for the
risk to an insurance company. Everyone who drives a car carries insurance for
the same reason. It costs us a relatively small amount of money in the short
term, but if an accident happens we are protected. The transferral of risk does
not reduce or eliminate risks; it simply provides a means for protecting against
devastating losses. Common examples include health insurance, life insurance,
and homeowner insurance. All of these insurance policies have one thing in
common: They transfer the liability of a loss by transferring a large portion of
the cost from the insured to the insurance company.

Spreading risk means spreading the company assets over multiple build-
ings, multiple locations, or, in some cases, multiple businesses. Companies di-
versify into many other businesses to protect against the possibility that a fi-
nancial loss in one business will undermine the success of the larger corporate
structure. While one business within the corporate structure may show losses,
the overall outlook of the corporation remains good. Suppose a company’s man-
ufacturing processes were located in a single 10-story building that was seri-
ously damaged as the result of a tornado. That company would be shut down
for a significant time. Suppose losses from the storm are minimal, because the
company had insurance. Even though the structural losses are covered, the
loss of productivity (because of the amount of time it will take to rebuild) could
be devastating.

A security management team that incorporated the risk of tornadoes into
the original structural plans might have decided to construct the same square
footage of floor space in five two-story buildings. It is easy to see why the im-
pact of a tornado would probably be significantly reduced. Even if one building
were completely destroyed, it is unlikely that all the buildings would be de-
stroyed. Although business operations would be reduced in the aftermath of
the storm and it might take time to repair the damage, relatively normal busi-
ness operations would be maintained in the other buildings. The losses to the

Identifying and Exploring Security Essentials, by Mary Clifford. Published by Prentice-Hall. Copyright © 2004 by Pearson Education, Inc.
IS
B
N
:
0
-5
3
6
-9
1
2
7
1
-8

A PREVENTION SYSTEM OVERVIEW 109

company could be absorbed more easily because the risk was spread out rather
than concentrated.

In the preceding example of the old car, I talked about assuming risk.
While assuming, or simply accepting, risk is a legitimate response to risk, it is
not free from problems. It can be acceptable to assume some risk, but as a gen-
eral rule no one should risk more than he or she can afford to lose. A person
might leave a wallet in an unlocked car if the wallet holds only $10 and no
credit cards, feeling willing to assume the risk. But if the wallet contains $200
and credit cards, chances are the person would not leave the wallet in the car.

As mentioned previously, five general methods are outlined here for ad-
dressing and managing risk: Eliminate the risk, mitigate the risk, transfer the
risk, spread the risk, and assume the risk. Threats are real issues that impact
the company, sometimes with devastating consequences. Successfully manag-
ing these threats and their related risk levels is a big part of the overall secu-
rity objective.

The Sanctuary Has Been Broken—and Burned

In a world where the number of violent acts is constantly increasing, one has to
wonder where a person can go in order to feel safe. One of the first places that comes
to mind is church. One would think that a place that is a symbol of high moral
standards would be safe form most vicious acts. Sadly, recent years have been witness
to incidents at churches, many with horrible outcomes.

Gun violence has become a major concern in the nation, and churches are not
immune. In March 1999, a man burst through the doors of a Louisiana church and
fired two shots into the ceiling. After ordering everyone to the floor, he walked down
the aisle, shooting between the benches. There were approximately 50 to 75
worshippers in the church at the time the firing started. The man’s wife and two-year-
old son were among the attendees. Three people were killed (including the gunman’s
wife and child), and four others were wounded, two of whom were in critical
condition. The gunman fired off two clips from his semiautomatic pistol. As he left, the
man was heard mumbling to himself, “That’ll show you.” This comment was
seemingly directed toward his wife, with whom he had a rocky relationship. The
tragedy was summed up best by the police chief: “The safest place in the world I
always thought was a church, and now that sanctuary has been broken.”1

In March 2000, during a small service of about 20 Hispanic individuals in
Pasadena, Texas, a man walked into a church and shot four people, then turned the
gun on himself—all because a woman in the church did not have amorous feelings for
him, as he did for her. Only one of the four people was seriously wounded, and the
lone fatality was the gunman.2

In September 1999, at a teen youth rally at a Baptist church in Fort Worth, Texas,
a gunman walked in, pulled a gun, and started shooting. There were 150 teenagers in
attendance. The man interrupted the gathering and challenged the group’s religious
beliefs. After the man started shooting, the group was overcome with panic. A pipe
bomb also exploded in the church. When the man had finished firing, he sat in a back
pew, put the gun to his head, and shot himself. In the end, eight people were
confirmed dead and seven others were injured, at least two of them critically.3

(continued )

Identifying and Exploring Security Essentials, by Mary Clifford. Published by Prentice-Hall. Copyright © 2004 by Pearson Education, Inc.
IS
B
N
:
0
-5
3
6
-9
1
2
7
1
-8

THE SECURITY OBJECTIVE

People who are interested in identifying and exploring security-related con-
cerns in a target environment must have the flexibility to outline their own ob-
jectives for the security plan. As discussed earlier, individuals and corporate
executives react differently to potential security threats. Some people find
themselves working as “security coordinators” for retail companies with no
clear security guidelines. The information and resources the security profes-
sionals bring to the job will be useful, but the attitude of the company managers
is often more important for determining how existing security guidelines will be
administered and how proposed guidelines will be implemented.

110 CHAPTER 4

Shootings are not the only form of violence found in churches. Arson has also
become a problem. In July 2000, a self-proclaimed “missionary of Lucifer” pleaded
guilty to torching 26 churches over a five-year period. Fires were set in Alabama,
California, Indiana, Kentucky, Missouri, Ohio, South Carolina, and Tennessee.
Fortunately, most of these fires were started late at night or early in the morning, and
no one was physically harmed. The emotional harm, however, was unavoidable. The
arsonist had frequently expressed his hostility toward Christianity and tried to get
people he met to sign a contract with the devil. He saw this as his mission.4

In Mobile, Alabama, in October 1997, three white individuals were convicted of
burning a church. This was seen as racially motivated because the membership of the
congregation was primarily African American and one of the three individuals had
been seen at a Ku Klux Klan rally two days earlier.5

In May 1998, a church was bombed in Danville, Illinois. A pipe bomb was
placed outside the church between a wall and an air-conditioning unit. It exploded
just as the pastor was concluding his offering prayer. The blast blew open the church
wall, injuring 33 worshippers. No threats were received prior to the incident.6

The need for security sometimes extends into unexpected settings. Different
motivating factors, such as love, anger, distaste for a set of beliefs or an organization,
and racial discrimination, can be associated with the examples of violence directed
toward religious gatherings, affiliations, or institutions. Security practitioners must not
allow assumptions or preconceived ideas about safety and security in sacred places to
impact their role in providing security.

References

1. G. Coates, “Gunman Opens Fire in Church,” http://abcnews.go.com/sections/us/
DailyNews/churchshooting9990311.htm. March 11, 1999.

2. M. K. Stack, “4 Hurt in Church Shooting,” http://more.abcnews.go.com/sections/
us/dailynews/churchshooting000323.htm. March 23, 2000.

3. “Shooting at Teen Service,” http://more.abcnews.go.com/sections/us/dailynews/
churchshooting_texas990915.html. September 15, 1999.

4. “Church Arsonist Pleads Guilty,” http://more.abcnews.go.com/sections/us/dailynews/
luciferarsonist000711.html. July 11, 2000.

5. “Convicted of Conspiracy,” http://more.abcnews.go.com/sections/us/church1103/
index.html. October 3, 1997.

6. “Feds Probe Church Blast,” http://more.abcnews.go.com/sections/us/dailynews/
bomb980526.html. May 26, 1998.

Identifying and Exploring Security Essentials, by Mary Clifford. Published by Prentice-Hall. Copyright © 2004 by Pearson Education, Inc.
IS
B
N
:
0
-5
3
6
-9
1
2
7
1
-8

A PREVENTION SYSTEM OVERVIEW 111

Various environmental factors will affect a security professional’s ability to
develop a useful security plan, even if the security professional knows the char-
acteristics and parameters of the target environment. When thinking about the
security issues in the target environment, security professionals should think in
terms of security objectives. Thinking in terms of objectives, the security pro-
fessional will be better prepared to focus on what he or she wants the security
plan to do. For purposes of discussion, a security objective can be any concern
or problem within a target environment, for which efforts are undertaken to es-
tablish and maintain a stable and predictable environment.

Any limitations present in a target environment must be taken into account
when developing a security plan. Restrictions or limitations might include a
lack of allocated funding for security equipment or limited resources for ongo-
ing security-related training. Various elements of the environment must be
clearly understood for a security professional to best utilize the security tools
and resources. By identifying a security objective, the security professional is
forced to outline all of the things that can be used in developing and maintain-
ing a stable, predictable set of conditions in a target environment.

Any good intention to develop or enhance an overall security plan is de-
pendent on many factors, including finances, resources, personnel, business
objectives, and other site-specific conditions. The likelihood that the predeter-
mined security objective will be obtained will depend on those site-specific con-
ditions. Be clear. A comprehensive understanding of security essentials re-
quires an emphasis on the process of determining how to best achieve stability
and predictability in a designated environment. If a company is looking to en-
hance safety and security in the parking ramps, for example, the question to
answer is, How can we attain this security objective? In other words, How can
we develop a stable, predictable environment in the parking ramps? Security
professionals are responsible for developing the most comprehensive under-
standing of the conditions in which they intend to build (or enhance) the se-
curity plan. They can define and then outline ways to make sure the security
objective can be maintained.

Instead of identifying a definition of security and attempting to create a se-
cure environment by this definition, a security professional should actively in-
volve him- or herself in deciding what security objectives make sense in the en-
vironment. It is not enough for security professionals to look at existing trends
within the security industry and say “OK, if my business implements this secu-
rity device, my business will be secure.” The rather generic term security ob-
jective simply provides an identifiable goal for the specified aspects of that se-
curity plan.

The intricacies involved in addressing security-related concerns in a com-
plex global economy are staggering. Very specialized operations require secu-
rity plans that are tailored to meet those specialized needs. The ideas in this

Identifying and Exploring Security Essentials, by Mary Clifford. Published by Prentice-Hall. Copyright © 2004 by Pearson Education, Inc.
IS
B
N
:
0
-5
3
6
-9
1
2
7
1
-8

112 CHAPTER 4

book are not intended to provide a security system to protect classified gov-
ernment information about biological warfare, for example. I believe, however,
that even a highly sensitive security plan will adhere, in large part, to many of
the essential security concepts discussed throughout this text. By developing a
comprehensive understanding of these essential security tools, a security pro-
fessional can enhance any target environment in a cost-effective manner. The
end result is a stable, predictable, secure, environment.

One of the themes mentioned throughout this book is the need for regular
communication between security professionals and business (or human re-
source) managers. The security-related themes mentioned here are certainly
appropriate for use by a business professional who has decided to hire security
professionals. Whether the business is retail sales or cement manufacturing, se-
curity concerns are part of the business manager’s responsibilities, but the job
is bigger than maintaining a secure work environment. To understand how se-
curity professionals fit into the overall security plan, the business manager can
learn how security professionals assess and manage security concerns. As re-
sponsible consumers, business managers hiring security professionals are wise
to get to know some of the fundamental security ideas being advanced by pro-
fessionals in the security industry.

It is important to see the security objective as a balance between a stable,
relatively predictable environment and a free flow of activity, information, and
services. Initially, terms such as threat, risk, probability, and criticality may
be confusing. Their role in the security objective, however, cannot be underes-
timated. If we can reduce the likelihood of a threat by assessing the likelihood
of that threat (probability) and the critical impact or damage likely to result
from that threat (criticality) and taking appropriate preventative actions, we
will be reasonably assured that a stable and predictable environment can be
maintained. This balancing act requires security management teams to set their
sights on developing the perfect security protocol, while knowing all the while
this “perfect” level of security can never be achieved. The assessment tools
available to security professionals can be complicated, but the results can be
extremely useful for developing or enhancing existing security protocols.

In spite of deliberate preparation and planning, a person may still become
involved in a car accident. Perhaps the car was hit by a drunk driver’s car, or
unexpected mechanical problems caused the car to stall, then be hit by another
car. How do people prepare for such unforeseen events? In short, sometimes
they do not. Sometimes they cannot. A company can have a state-of-the-art se-
curity system, with all kinds of redundant backup systems and contingency
plans, but the security management team may discover that a breach of the se-
curity system has occurred. This is not impossible to imagine. What if an earth-
quake occurred in a place where an earthquake had never been known to oc-
cur before? Even the best security management team is not likely to be fully

Identifying and Exploring Security Essentials, by Mary Clifford. Published by Prentice-Hall. Copyright © 2004 by Pearson Education, Inc.
IS
B
N
:
0
-5
3
6
-9
1
2
7
1
-8

A PREVENTION SYSTEM OVERVIEW 113

Personnel
security

Interdepartmental
dependencies

Information
security

Physical
security

Legal liability issues

FIGURE 4–3 Seamless, Integrated Security Design
(Source: Charles T. Thibodeau, M. Ed., CPP, CSS, CPO.)

prepared for such an unprecedented event. Identifying threats and assessing
risk are at the heart of the overall se

curity objective.

THE OVERALL SECURITY OBJECTIVE: A SEAMLESS,
INTEGRATED SECURITY DESIGN

Maintaining the integrity of a secure system requires a vigilant group of trained
professionals with an aptitude for technological innovation and development,
an interest in monitoring and assessing crime trends, an investment of financial
resources to fund efforts to meet the security objective, and a little bit of luck.

This prevailing scheme for security strategies emphasizes the need to cre-
ate what is called a seamless, integrated security design. The objective in
establishing a seamless, integrated security system is to be able to address the
security objective from multiple angles (Figure 4–3, a pyramid as seen from
above). All sides of the pyramid fit together and support each other. Legal lia-
bility issues are so critical to the overall security objective that they form the
pyramid’s base. Notice also that the four sides are built on a foundation. The
seamless, integrated security design is the most effective and the most widely
accepted security design in use today.

A seamless, integrated security system allows security professionals to
make use of a wide variety of security concepts and accessories present in an
environment. Physical security components include security hardware:
alarms, closed-captioned television (CCTV), locks, and lighting. Security offi-
cers, and policy and procedure manuals for the entire security program, are
also considered part of the physical security component within a comprehen-
sive security plan. Locks and alarms are used to protect the majority of corpo-
rate assets—including people and property. CCTV is used to provide “eyes” to

114 CHAPTER 4

the system, and two-way intercoms prove useful as the “ears” of the system.
Policy and procedure manuals outline the authority granted to the security pro-
fessionals so they have the proper direction to perform the necessary security
functions adequately.

While physical security proves to be a critical resource to the security man-
agement team, personnel security and information security are two equally im-
portant areas of an integrated security system. Personnel security involves
the hiring (and firing) of employees and the control of employee movements
and activities. A superior physical security system proves not very useful if the
people working within the system pose the greatest security threat. Hiring
highly skilled, reliable people (personnel security) helps protect the environ-
ment from inside threats, and physical security measures help protect the com-
pany from the outside threats.

Information security involves the essential policies and procedures for pro-
tecting important documents integral to maintaining the safety and security of
the environment. Combinations to safes, alarm system codes, patented infor-
mation, computer security, corporate secrets and data, and anything related to
the integrity of the environment can be maintained under the heading of “in-
formation security.”

A final interdependent element used to establish and maintain stability and
predictability in a given environment comes in the form of interdepartmental
dependency. Directors of security are integrally connected to the managers of
specific corporate departments, for example. Different divisions within a pro-
tected environment must work together to ensure the security objective is met
and maintained effectively. Information important to the overall functioning of
the company, for example, will be found in a variety of departments. The result,
therefore, is the use of a variety of physical security features by each of these
departments, involving a number of personnel who identify and process infor-
mation that needs to be protected. Secure systems that have worked well
within specific areas of a company, for example, can be replicated and main-
tained at a relatively minor increase in cost. Involving carefully selected em-
ployees to assist with the task of attaining the security objective makes sense.
Realize too, however, that it also brings risk.

It is easy to see that areas within the field of security that may have ap-
peared only peripherally related can, in fact, be used together to create an ex-
tremely formidable security presence. The potential impact of a security design
that does not work well must be made exceptionally clear. When accidents or
injuries occur within a specific environment, the company (and, by implication,
the security professionals) is sometimes held responsible for those incidents.
Various measures within the corporate security strategy can be used to reduce
the liability to the company. For now, it is important to understand the respon-
sibilities associated with outlining and achieving a security objective that works

A PREVENTION SYSTEM OVERVIEW 115

well for the environment. It is not unusual for a company to be sued six months
or even two years after an alleged incident, so the process should be thorough
and retrievable.

Utilizing the ideas presented here can assist in developing a workable se-
curity objective for an individual, a company, or a security management team.
People feel safer in a group of people with common objectives. People need to
feel secure within their chosen environment. Identifying and controlling for se-
curity threats helps to produce a stable and predictable environment. Estab-
lishing an understanding of essential elements of the security objective within
affected groups creates an interdependency between groups for maintaining
that security. Remember, these aspects of the overall security objective all work
together to ensure that persons who visit or work within a specific environment
may pursue their ends without “disruptions or harm, and without fear of such
disturbance or injury.”2 Trained professionals working with adequate resources
can combine their efforts with personnel involved to ensure that a given envi-
ronment remains secure. The quest for identifying and maintaining the best
possible security objective for a target environment will provide an ongoing
challenge.

The security objective must include attention to physical security, person-
nel security, information security, and, where possible, interdepartmental de-
pendencies. These four elements are linked by the important legal and ethical
problems that result when the elements are not accurately identified or inte-
grated. In short, the security objective is simple: to develop a seamless, inte-
grated security program that includes all persons involved and results in a sta-
ble and predictable environment. Security directors, security consultants,
private investigators, security officers, security administrators, company offi-
cials, and individual employees all play a part in outlining the overall security
objectives and making sure those objectives are maintained.

CONCLUSION

This chapter has been focused on introducing some final security essentials.
The word risk and terms related to risk are explored more thoroughly. The
terms security objective and overall security objective are introduced in an
effort to assist the reader in understanding that security issues have multiple
levels. One may envision the need to begin with the overall security objective
to create a seamless, integrated security design, but typically specific (usually
more concrete) security objectives become the focal point for specifically tar-
geted security practices, such as a vulnerability assessment. In the end, a basic
security design should include five areas: (1) physical security, (2) personnel
security, (3) information security, (4) interdepartmental dependencies, and
(5) liability issues. Once these aspects are addressed and integrated, security

116 CHAPTER 4

practitioners can more easily respond to critical issues as they arise within the
target setting.

REVIEW QUESTIONS
1. Outline briefly the five risk management options discussed in the chapter.
2. Identify the five basic elements of a security system.
3. How does legal liability differ from the other four parts of an integrated se-

curity system design?
4. Outline the differences between one security objective and the overall se-

curity objective.

DISCUSSION QUESTIONS
1. What role does the target setting play in the five aspects of a security sys-

tem?
2. What is the role of managers in ensuring that various elements of a security

system are incorporated into a seamless, integrated security design?
3. Consider the following scenarios:

• threat of computer virus
• threat of bad weather
• threat of drug-related violence
• threat of drive-by shooting
• threat of crime in a church
Which of the five risk management options makes the most sense for each
of these threats and settings? Please justify your response.

4. Do you see any difficulty using the model of integrated security system de-
sign outside of traditional corporate or business settings?

SUGGESTED READINGS
Brislin, R. F., and E. C. Lewis. 1994. The Effective Security Supervision Man-

ual. Woburn, MA: Butterworth-Heinemann.
Burstein, H. 1995. Security: A Management Perspective. Englewood Cliffs,

NJ: Prentice Hall.
Dalton, D. R. 1997. The Art of Successful Security Management. Woburn,

MA: Butterworth-Heinemann.
Fay, J. 1993. Encyclopedia of Security Management: Techniques and Tech-

nology. Woburn, MA: Butterworth-Heinemann.

A PREVENTION SYSTEM OVERVIEW 117

Robinson, R. 1999. Issues in Security Management. Woburn, MA: Butterworth-
Heinemann.

Schreider, T. 1998. Encyclopedia of Disaster Recovery, Security, and Risk
Management. Duluth, GA: Crucible Publishing Works.

Sennewald, C. A. 1998. Effective Security Management. Woburn, MA:
Butterworth-Heinemann.

REFERENCES
1. Green, G., and R. C. Farber, Introduction to Security: Principles & Prac-

tices (Security World Publishing Company, 1978), 3.
2. R. Fisher and G. Green, Introduction to Private Security, 6th ed. (Boston:

Butterworth-Heinemann, 1998)

Turn in your highest-quality paper
Get a qualified writer to help you with

“ CJ Assignment Security Objective Components ”

Get high-quality paper

NEW! AI matching with writer

Still stressed with your coursework?

Get quality coursework help from an expert!

Order now