Introduction Risk assessment and physical security survey of any building is critical in order minimize to the venerability of being put to risk due to failure to install or put the necessary mechanism to curb such potential. There is a need for thorough analysis on the risk assessment and physical survey on implementation of practices, principles and procedures in installation security measures. Definition a) Risk The term risk refers to the possible happening of undesirable event. ) Security It’s the implementation of set of acceptable practices, procedures and principles that, when taken as a whole, have the effect of altering the ratio of undesirable events to total events. c) Security survey This is the critical onsite examination to ascertain the present security status, identify deficiencies or excesses, determine protection needed and make recommendation to improve the overall security of the operation. Charles A.
Sennewald a security consultant and author says that the primary vehicles used in a security assessment is survey, which is the process whereby one gathers data that reflects the who, what, how, where, when and why of the clients existing operation. It’s the fact finding process. It’s a comprehensive physical examination of a premise and thorough inspection of all security and proceeding. Its an effective tool for helping corporate security professionals to reduce crime at their facilities. According to Robert J. Fischer and Gion Green, they said the objective of ecurity survey is the analysis of a facility to determine the existing state of security, to locate weakness of its defense, to determine the degree of protection needed and to lead to recommendations for establishing a total security programme. Security survey areas I. Surveillance In order to improve and enhance quick ways in criminal detection, apprehension and deterrence, the perimeter should have frequency patrols done by in-house proprietary guards, surveillance devices, crossed circuit television (CCTV) and picture motion cameras.
This will aid in twenty four hours security surveillance of the perimeter. CCTV should be monitored continuously in order to ensure every move or activities within the building perimeter are well captured. Surveillance may be covert or overt. Counter surveillance may be used which is the practice of avoiding surveillance. Its helps on how to delete a file on computer to avoid it becoming the target of direct advertising agencies. On the other hand, inverse surveillance which attempts to subvert the panoptic gaze of surveillance recording widely available may be employed.
II. Paper shredding and recycling Information on paper can be in wrong hand and used as used as threat against us. Financial reports, marketing plans, sale reports, customer list and future plans must be kept secrets. Proper handling of such documents is vital. All should be shredded to curb any possibilities of them being falling in wrong hands if someone gets them and recycle them. III. Security lighting Security lights helps in detection of intruders, deter intruder. They should be designed carefully as poor arranged lighting create glare which obstruct vision.
Security lamps are subject to vandalism hence should be mounted high or protected by wire mesh, others may be recessed from view and access with the light directed out through a light pipe or reflected from a stainless steel mirror. Some consideration should be put in place to when carrying out installation; – They should reduce and prevent glare – Multiple lamps provide even illumination reducing pool shadow and provide redundancy if one lamps blow out. – Prevent malicious tampering of circuit, wire to the lamps and protected electrical meter box locked. Control and power lines buried well underground or at height of 8 meters.
Other lights may be activated by sensors such as passive infrared (PIRS) turning on only when a person or mammal approaches. They increase both deterrent effect and detection effect. IV. Door security Security test by consumer report magazine 1990s found that many doors delaminate when force is applied to them its also revealed that door frames often splits with little force applied and lower quality dead bolts simply fail when force applied to the door. Its in this regard that the door security be given first priority in survey bearing in mind that the intruder aims to enter any building through the door access.
The following question should always be asked about the security of the door. – Do they have alarms? – Have door strike reinforcement? – Dead bolt reinforcement? – Is there a door chain? – Is there door viewers? – Visibility? – How strong is hinge screw? – How is strong the sliding door locks? V. Files, safes and vaults All valuables documents papers, records, plans or formulas of any kind should be kept secure to minimize espionage by unauthorized person. These valuables contain valuables information of the firm and they are not secure they might fall to wrong hands sabotage security operation of the pharmaceutical.
It must be noted that the choice of security files depend on the value and vulnerability of the item to be protected. Burglary resistance files suitable for non-negotiable papers e. g. Titles, designs and formula can be used against any surreptitious attacks. Also files can be secured against fire by fire resistance file incase of fire outbreak and fitted with a combination lock suitable for all uses. Safes and vaults should be well secured in the interior layers of defense which should be provided with alarm to detect against any intrusion from un authorized person. Question to be asked about safes; Burglar resistance? – Fire resistance? – Environmental resistance e. g. dusts? – Type of lock e. g. electronic? VI. Computers access Computer should be well secured and access denied to all unauthorized persons. Password should be provided and only given to those persons who have been authorized. Computer technology has become a major concern in security knowing that all activities are being controlling by them. The security electronic gadgets systems linked with and all work involving computer should be protected from intruder. The following questions should be asked about; Who accesses which computer? – Which computer will cost organization loss or profit if it were compromised? – How protected are the computers from the power circuit, hackers or virus? – Which services will be jeopardized by the failure of which computer? – Is there any organization file back up? VII. Motor access control All vehicles must be categorized. An integrated card access control system which is automatically responsive to fire security and CCTV system can easily manage employee execution and vender traffic. Key personnel can be tracked through facility on arrival.
An access control will monitor the progress as they move from one point to another. Loading areas close control CCTV and audio to monitor the drivers’ activities. VIII. Key management Key is a device used to open locks providing inexpensive method of identification for access to properties. Physical keys management involves system for managing possession, location and use of physical keys within a building. Appropriate and successful key management is critical to the secure of every crypto without exception. All keys should secured in locked enclosure and each key assigned a physical or logical location.
Each key or bundle of key should be assigned to individuals whose security credentials permit the user of that key during that time period. All returned keys should be logged electronically or in writing providing management with a report of when and whom the keys were issued and whether keys are available or remain out. This will ensure smart key management to avoid incidences of keys being duplicated. Restricted keys can be used because the manufacture sets restricted levels of sales and distribution hence preventing duplication. IX. Identification of assets
All tangible and intangible assets should be identified with an estimate of there value and financial impact if they wake to be stolen, lost or destroyed. This assist in spelling out the kind of security to be given by the institution. Some assets are of great value and if lost or destroyed by any means they may lead to the closure or continuity. X. Item control vs. access control Access control is the ability to deny or permit the use of a particular resource by a particular entity or the term used to restrict entrance to a property or building to authorized person.
Its can accessed through human, mechanical or technological means. Access control determine who is allowed to enter or exit, where are they allowed to exit or enter and when are they allowed to enter or exit. Today technology provides means of identifying who is getting into a building or who is accessing our information technology and how who is in possession of our items and keys. Smart keys management is essentially an access control system for asset. Electronic access control is staple tool available to security area to increase and manage security requirement within area of responsibility.
Some question to be asked – Is it difficult to open? – Can intruder gain access easily? – Can employee do the same, what are the criteria? – Criteria used to screen those entering the building? XI. Site assessment The purpose is to decide whether or not a site posses actual or potential risk to human health or environment. First the assessment is hazard identification where potential receptors, contaminants sources are pathways are identified. Whatever the form of risk assessment there is no real shortcut in effectively conducting it. Thomas Edison said that genius is 1% inspiration and 99% perspiration.
It may not take a genius to conduct risk assessment, although technical expertise and experience are importance aspect of process, but there is no doubt that to thoroughly analyze the security or fire life safe of a facility. Systematic way to view a building, according to the protection of assets manual Interior spaces should have; Public access which includes entrance, main elevator and access routes. Assigned occupancies restricted to identified and authorized person. Maintenance space which will have communication and utilizes access point. XII. Access badge
Access badge are the credentials used to gain entry to an area such as door, parking areas etc. They are stored in access control list and control system unlocks the controlled access point and the transaction is stored in the system for later retrieval to reveal who entered what controlled access point at what time. This will help to deter and in detection of any intruder. The access also should be given to visitor to specifying the hours or the day the visitor will be working in such organization detailing the nature of work he or she will be doing. They make surveillance and identification of criminals easier.
XIII. Layer of defense It’s also known as protection in depth or security in depth for protection against potential against any attack. The objective of layers is to create a succeeding number of security layers more difficult to penetrate, provide additional warning and response time and allow building occupant to move into defensive position or designated safe haven protection. The classical approach to physical security views a property in terms of rings. The property is the first ring, building is the second and the specific interior spaces are the third. XIV. Security policy
Security policy addresses constraints on behavior of members and as well as constraints imposed on adversaries by mechanism such as doors keys and walls. Its addresses constraints on access by external system and adversaries including programs and access to data by people. It’s meaningless to claim an entity is secure without knowing what secure means and its foolish to make any significant effort to address security without tracing the effort to a security policy. If it’s important to be secure, then it’s important to be sure all the security policy is enforced by mechanisms that are strong enough.
There should be an organized methodology risk assessment strategies to assure completeness of security and policies and assure that they are completely enforced. Security checklist. This is a vital document used to facilitate the gathering of pertinent information. Its provide a logical recording of information and ensure that no important question goes unasked. It’s a backbone of security survey, its serves to systematically guide team through areas that must be examined. a) Policy and programme – Top management established a security policy? – Policy published? Part of managers’ responsibility? – Designated individual to establish and supervise security? Top manager accessible to security supervisor? Any regulation published? Disciplinary action published? – In writing? – Specify offences and penalties – Incident recorded? – Review by management? Any policy on criminal prosecution? – Number of prosecution attempted during past five years? – Number of conviction? b) Organization Security supervisor full time? – If part time what percentage of time spent on security? – Describe chain of command from the security supervisor to plant manager?
Number of full time security person? Number of personnel performing security duties each shift? – Do they perform non security duties concurrently? – Do the security duties have the first priority? How many security personnel received training? Are written reports made of incidents? Background of security personnel? c) Guards – Number? – Proprietary or contractual? – If contractual service, does plant security supervisor interview and select? – Is there written contract for guard? – Written guard order? – Weapon carried? – Have guard received any formal training? d) Procedures Have security procedures been published? – Distributed to all affected? – Revised when condition change? Does security supervisor maintain contact with local law enforcement agencies to keep abreast of criminal activities and potential disorder in the community? e) Keys – All keys returned from terminating employees? – Locks changed immediately upon theft or loss of keys? – Padlocks changed or rotated around? – Locks of inactive doors checked frequently for any tampering? – Perimeter doors – locks installed with keyway in outside knob? f) Safes – Lighted at right? Covered by proximity/detection alarm? – Rated for burglary resistance? – Rated for fire resistance? g) Fire alarms – Monitored continuously? – Tested regularly and test recorded? – Heat/smoke sensing? – Intrusion alarms protect all plant pharmaceutical? – Intrusion alarms protect high value storage are and types of sensors? h) CCTV – Used for surveillance only? – Used for access control? – Monitored continuously? – Separate communication for security and emergency use? – If radio is shared with other users, can security override? – Is there a mean of conducting guard on patrol immediately and how? Procedure for conducting local police and fire departments? – Means of alerting employees to emergency, how? i) Property control – Covered by written procedure? – All transaction monitored at exit? – All exits controlled? – Spots checks for the trucks and other vehicles? – All losses reported? – Signal authorization required? – All company tools marked with permanent company identification? j) Emergency planning – Plans for reaction to eminent or actual fire, explosion, bombs threats, disorder? – Responsibilities has been spelled out? – Responsible individuals designated? Organization completely staffed? – Include plans for post disorder recovery? – Identify resources available and required? Parking areas monitored? Loading and receiving of areas checked regularly? Building and building perimeters? Vehicular movement monitored? Video surveillance system working? Access control system working? Conclusion Comprehensive risk assessment can be used to mitigate the effects of potential terrorist attacks in any building. . If it’s important to be secure, then it’s important to be sure all the security policy is enforced by mechanisms that are strong enough.
All area within any perimeter should always be put in consideration in carrying out risk assessment and survey to ensure that all questions are answered. A well organized methodology of risk assessment strategies assure completeness of security assure that complete measure are enforced. REFERENCES 1. Geoff Graighead, (2009). High-Rise security & fire life property (2nd ed). USA publishers. 2. Lawrence, J. Fennelly. Effective physical security. (2004). 3. James F. Brada. Risk analysis and Security survey. (3rd ed) USA publisher. 4. Karim, H. Vellan. Strategic security management: a risk analysis assessment guide for decision makers (2007).