Organizational Security Plan - Assignment Example

Organizational Security Plan Organizational Security Plan Introduction The protection of an organization’s resources such as human resource, capital resources and assets should be a paramount endeavor in all organizations. According to Briggs, Edwards & Pickard (2006), security adherence is necessitated by the fact that any threat facing the organization hinders the potential of achieving its objectives. In addition, it hampers the profitability of the company and further tarnishes its public image. Even though it is a serious challenge that is hard to eradicate, security concerns should be dealt with and reduced to negligible levels. Such measures minimize the impact of a threat. Safety may be achieved by incorporating workable security plans and strategies. The proliferation of industrial espionage as well as the growth of terrorism networks across the globe coupled by upsurge of cyber-crime attacks and malpractices among employees necessitated the adoption of security policies by firms. The security procedures undertaken by an organization should be practical and address the firms security concerns. They should also cover all risks and threats by providing and avenue to tackle the same. These programs should be integrated to form a complex and stable security system that is cost friendly, hard to breach and easily implemented by the organization. Action Plan A security plan is made up of procedures, strategies, policies, controls and protocols that an organization uses to prevent security risks. The security plan is used to reduce the level of risk facing an organization as well as the impact of the said risks. The plan does so by improving an organization’s capabilities to prevent, avoid and handle eminent. In a security plan, an organization is required to state its missions, visions and objectives. Once the aforementioned have been documented, the organization is then supposed to analyze the factors and threats that may deter it from achieving its goals (Sennewald, 2003). Developing Security Plan Developing a security plan should start with the establishing of an organization’s security position. The prevailing security threats and techniques used by the firm in combating the threats are useful in determining the organization’s security position. Illustration An organization can integrate the major concepts of physical security when creating its security plan. These concepts include physical security controls, perimeter fence protection, external building safety and the use of access control and protective systems. The physical security is comprised of the use of basic physical security controls to protect an organization’s assets such as data and information, physical assets (computers, buildings, money, motor vehicles and inventories) as well as the personal security of employees. Physical control procedures and protocols prevent unauthorized access to a firm’s buildings, the loss of data and information and harmful interaction of strangers with employees. The basic physical control measures that an organization can adopt include hiring well trained security personnel and station them in the entrance and exit areas of the building. Security guards can be either roaming or positioned in stationary spots. These guards are in charge of the physically screening of persons entering and leaving the premises. Hand-held metal detectors should be used by the guards to perfom physical checks of individuals and items being introduced into the building. These controls ensure that only authorized people have access to the firm’s resources, and no harmful physical materials are ferried into the building. Swipe cards can be used in restricting entry and exit of personnel. With the swipe cards, the human traffic accessing a premises is not only controlled, but also monitered. The computer system registers personal information of individual accessing the building as well as records the time and event logs. Closed circuit television systems (CCTVs) should be installed at strategic points such as entrance lobbies, corridors and gates to monitor and record traffic. In case of a breach of protocols, alarms should alert authorities. Keys to doors should only be given to authorized persons while combinations and passwords should often be changed. Perimeter protection involves the putting up of strong security fence that forms a physical barricade to deter casual intruders into the facility. There is no standard height of the wall to be constructed but the higher the perimeter fence, the higher the level of security. High walls fitted with electric wires and barbed gauges at the top makes it even harder for intruders to get into the building forcefully. Coupled with other security checks, proper manning and lighting at night provides a high degree level of security ("Security Fencing Guidelines," n.d.). An organizations building is not in isolation as it is surrounded by an external environment that needs to to be secure. The external building security includes the main gates, car parks, lighting facilities, fences and walls separating the business and the outside environment. Car parks should be should be lit and safely accessible to employees of the company as well as customers but should have different sections for the two parties. Lighting combined with the installation of surveillance systems should be fitted in strategic areas. Roving guards should also secure the external environment to identify suspicious-looking persons. A risk evaluation should be condiucted frequently to assess the level of risk exposure (Philpott & Einstein, 2006). The internal building security entails the structural design of the building which enables it protects its assets. Rooms that house vital information, personnel, and assets should be given top priority in the design stages of the building. Offices should have bulletproof hard glass partitions and fitted with sturdy doors that can be easily broken into. Different doors to important rooms in the premises should have various levels of lock security according to the required degree of safety. Sophisticated security locks such as combination locks, cipher locks, and magnetic badge readers offer the increased levels of lock security. An organizational should also have a control room used in monitoring the activities taking place within the premises. For the safety of relevant documents and sensitive assets such as cash, secure rooms should be built to house the documents and other valuables. A limited number of authorized persons should be allowed to access the same. Access controls and protective systems include a broad range of components such as electronic locks, electric and magnetic card readers that recognize personal data encoded on an employees’ cards. Access to buildings, rooms, or safes is granted upon insertion or swiping the cards. Trusted and vetted companies should be contracted to make the access cards and security systems of an organization. A contract or agreement should be written to deter any breach and further facilitate compensation incase of any breach by the company providing the security systems. Organizations can install a biometric access control system that is based on voiceprints, retinal identification and fingerprints used in the verification of identity. Estimated Cost Budget For The Implementation of A Security Plan Event Description Time Duration Cost Estimation Risk evaluation The risk assessment department and the security department conduct a safety analysis of the organization Three months Done by the risk assessment department hence the pay is pegged on salaries Drafting security plan After coming up with the different risks facing the company, the security plan is drafted for implementation. Two months Done by the risk assessment department hence the pay is pegged on salaries Plan implementation Basic physical security controls Staff training and communication Perimeter protection Construction of a 90 ft. perimeter fence Barbed gauge fitting External building security Fitting and installation Lighting Car park surveillance cameras Internal building security CCTVs fitting and installation Bulletproof glass partitions, Locks and door system installation Access control and protective systems 2weeks, 2hrs per day 1 week 1 week 1 week 2 weeks $ 200 per man hour $1500 per 3ft. x 8ft. of concrete wall constructed $ 7 per square foot of barbed wire used $ 1,000 $ 1,500 $ 3,000 $5,000 $ 20,000 with the whole security system installation with testing evaluation The implemented plan is evaluated against the blueprint to ensure unsuitable deviations are corrected Continuous process Pegged on employees (internal auditors and system administrators) pay Monitoring, and control Monitoring of the systems put in place and controlling them to achieve the desired results of the security plan Continuous process Pegged on (internal auditors and system administrators) employees pay TOTALS $ 59,500 Recommendations 1. To save on costs, functions such as monitoring and control, evaluation of the security plan and plan drafting, risk analysis should be done by internal workers/employees of the company. 2. Only trusted and accredited organizations should be contracted to do the constructions and fitting of the security systems and surveillance cameras 3. A continuous audit should be undertaken to ensure adherence to the laid down produces and controls. Conclusion The majority of successful organizations have active policies and strategies which protect them from external aggressions. A keen analysis on the benefits accrued from the implementation of a security plan need to be done to ensure the success of the process. An organization should only implement a security program which addresses its security needs. The cost of the plan should also be assessed to ensure that it is friendly to the financials of the firm. Monitoring of the entire security plan, systems and surveillance is required to achieve the security objectives of the organization. . References Briggs, R., Edwards, C., & Pickard, J. (2006). The business of resilience: Corporate security for the 21st century. London, England: Demos. Philpott, D., & Einstein, S. (2006). The integrated physical security handbook. Arlington, VA: Homeland Defense Journal. Security Fencing Guidelines. (n.d.). Retrieved from http://www.chainlinkinfo.org/security-fencing-guidelines/ Sennewald, C. A. (2003). Effective security management. Amsterdam: Butterworth-Heinemann. Read More