Facility Security Handbook 2nd Edition
Don’t Let Your Company Become a Casualty
| |
| Request Quantity Pricing |
| Request quantity discounts for training supplies or team distribution. |
|
Emergency preparedness including business continuity planning (BCP) prevents emergency incidents from becoming business disasters. The increasing number of Corporate Security Officers appearing high in corporate management structures shows the growing importance of facility security to a company’s continued health.
This handbook is available for single copy purchases in our online store. For quantity discounts, please fill out the form at the right.
Jane’s Facility Security Handbook covers the full spectrum of security issues providing response and recovery planning guidance. The Facility Security Handbook is an easy to use resource. It is organized following a standard five-phase methodology to facility security management. Key contents cover:
- risk assessment
- prevention and mitigation
- preparedness
- response
- recovery
With the Jane’s risk assessment methodology based on an all hazards approach, businesses have practical information at hand whether they are concerned with acts of terrorism, natural disasters, violent crime, work place violence, or activist assaults.
The comprehensive content in the Facility Security Handbook provides a solid foundation for seasoned security professionals, as well as those new to the field, making it a logical choice as a training text. The multiple copy pricing available for the Facility Security Handbook makes Jane’s a cost-effective training and reference resource.
The general principles and methodology overviews for asset identification, hazard and threat assessment, and vulnerability prioritization keeps the content of the Facility Security Handbook relevant no matter what industry you business covers. The prevention and mitigation strategies and preparedness planning guidance is applicable regardless of the size of your business.
The Facility Security Handbook authors recognize that being cost-effective is critical for the survival of emergency planning within a company. So, the Facility Security Handbook emphasizes prioritization and describes multiple training and implementation strategies such as the use of table tops when working through a variety of scenarios rather than multiple drills and exercises. Readers are encouraged to develop a planning program that fits their business and budget.
With the Facility Security Handbook, security professionals get a comprehensive training and reference resource covering facility security from asset identification to communicating with the external stakeholders during an emergency response to business recovery actions and an overview of the U.S. Department of Homeland Security's National Incident Management System (NIMS).
TABLE OF CONTENTS
Chapter 1: Introduction - Establishes depth and emergency planning focus of book
1.1 Facility Security Handbook Methodology - describes standard five-phase facility security management methodology
1.2 Business Continuity Overview - sets business continuity management (BCM) as discipline with implications throughout facility
1.2.1 BCM purpose - identifies two overarching scenarios as reasons for BCM
1.2.2 The business continuity management (BCM) cycle - breaks the BCM cycle into five primary tasks
1.2.3 Who has responsibility for BCM? - recommends approach for BCM program management
1.2.4 Plan development - identifies key personnel for planning and provides “What if” questions for establishing scope for BCM plan
1.2.5 Establishing a BCM culture - steps for implementing BC plan
1.2.6 BC plan maintenance - identifies actions needed to assure plan remains relevant
Chapter 2: Risk Analysis - establishes risk management as a process for setting action priorities
2.1 Team Approach to Organizational Risk - delineates reasons to use a team approach for risk management and identifies stakeholders
2.2 Introduction to Risk Management - defines risk management with respect to this book including potential assets, hazards, and threats
2.3 Asset Inventory & Valuation - suggestions for asset identification as first step in risk assessment
2.3.1 Where to start - how to review operations and business to identify assets
2.3.2 Prioritizing assets - business and operational considerations for asset prioritization
2.3.3 Asset inventory & valuation matrix - suggested methodology for prioritization decision making
2.4 Hazard & Threat Assessment - points to consider during threat assessment and hazard identification
2.4.1 Hazard identification and profiling - guidelines for identifying hazards
2.4.2 Where to start - how to determine threat intent and capability
2.4.3 Types of hazard and threat - discussion of incidents that may present significant risk
2.4.4 Terrorism, workplace violence, sabotage, and other malevolent behavior - approach for considering human-caused incidents
2.4.5 Attack options - most likely modus operandi of potential adversaries
2.4.6 CBR threats - considerations for evaluating chemical, biological, or radiological threat scenarios
2.4.7 Prioritizing hazards and threats - how to prioritize threats to address resource and operational constraints
2.4.8 Hazard/threat profile matrix - methodology for final hazard and threat prioritization
2.4.9 Potential consequence considerations - key points when assigning consequences to hazards and threats
2.5 Vulnerability Assessment - defines use of term vulnerability in this handbook
2.5.1 Where to start - overall approach for performing a vulnerability assessment
2.5.2 Identifying vulnerabilities - classification system for vulnerabilities
2.5.3 Enhanced security survey - steps to perform a vulnerability assessment methodology for all-hazard facility protection planning
2.5.4 Other analysis techniques: red teaming and CARVER - alternative vulnerability assessment approach using an adversary point of view
2.5.5 Vulnerability assessment: prioritization - how to prioritize vulnerabilities to identify greatest risk
2.5.6 Facility vulnerability matrix - suggested approach for ranking vulnerabilities
2.5.7 Asset vulnerability matrix - approach for analyzing assets to determine overall vulnerability
2.6 Analyzing Risk - provides approach to use asset, hazard, and vulnerability data in developing risk scenarios and making risk management decisions
2.6.1 Risk scenarios and modeling - discussion of deterministic risk analysis and probabilistic risk analysis
2.6.2 Risk analysis matrix - how to use a matrix for risk management decision making
Chapter 3: Prevention and Mitigation - discusses management considerations and actions based on asset value and vulnerability
3.1 Facility Security Planning - key principles for a multi-hazard risk management program
3.2 Multi-Hazard Risk Management Strategies - three basic options for risk management
3.3 Evaluating Facility Protection Options - considerations when evaluating countermeasures
3.3.1 Risk tolerance - factors to consider when determining the amount of risk to accept
3.3.2 Compliance with regulations, codes and standards - external requirements impacting risk mitigation actions
3.3.3 Cost - description of general concepts for cost-effective risk management
3.4 Facility Design and Operations - tools and techniques to manage common hazards and threats
3.4.1 Design considerations - how physical design features affect hazards and threats
3.4.2 Operational considerations - description of situational awareness and operational security (OPSEC)
3.4.3 Design-operational hybrid strategy: Crime Prevention Through Environmental Design (CPTED) - principles of CPTED to prevent an incident from occurring
Chapter 4: Preparedness - presents operations-focused facility security actions for risk management
4.1 Principles of Effective Preparedness -
4.1.1 Why have an incident response plan? - describes stages of preparedness
4.2 Access Control Overview - discusses access control triangle
4.2.1 The perimeter - discusses access control in context of multiple layers
4.2.2 Defense in depth - provides suggestions for use of multiple layers to increase protection
4.2.3 The four Ds - describes perimeter functions of define, deter, delay, detect
4.2.4 Types of perimeter structures - evaluates physical perimeter security options
4.2.5 Intrusion detection - considerations for successful intrusion detection
4.3 Protected Space - delineates good practices relating to protected space
4.3.1 Signage - role of signs in deterring unauthorized access
4.3.2 Surveillance - discussion of use of natural and formal surveillance
4.3.3 Landscaping - basic principles to assure that landscaping does not aid intruders
4.3.4 Lighting - how to use lighting to deter intruders
4.4 Building Shell - factors to assure security of building shell in defense in depth
4.4.1 Vehicular access - measures to prevent use of vehicle in attack on building shell
4.4.2 Doors and windows - considerations when assessing use of doors and windows for illegal entry
4.4.3 Miscellaneous features - identifies and describes building features with potential for use to penetrate building shell
4.5 Building Interior - provides additional defense in depth features for building interior
4.5.1 ID badges for staff and visitors - describes access control procedures
4.5.2 Access control systems - advantages and disadvantages of various access control technologies
4.6 Sensors, Intrusion Detection and Search Technologies - delineates perimeter, controlled space, and building shell and interior security technologies
4.6.1 Perimeter intrusion detection systems (PIDS) - considerations for selection and use of fixed sensor barriers
4.6.2 Closed circuit television (CCTV) - how to establish security goals for CCTV and design considerations
4.6.3 Search technologies - description of major technologies available for searching people and vehicles
4.6.4 Search techniques - recommended procedural steps to support search plan
4.6.5 Electric fencing - description, requirements, advantages, and disadvantages of the use of electric fencing
4.7 Protected Space Intrusion and Detection Technology - information to select appropriate technologies for intrusion and detection functions
4.7.1 Buried cable intrusion detection sensors - advantages and disadvantages of buried cable as a covert perimeter detection system
4.7.2 Active infra-red (IR) - keys for successful use of IR detection systems
4.7.3 Microwave detectors - key features of microwave detector systems to detect a moving mass
4.8 Building Shell and Interior Detectors and Sensors - provides key information to support technology selection for shell and interior systems
4.8.1 Vibration detectors - benefits and cautions when using vibration detectors
4.8.2 Break-glass detectors - advantages and disadvantages of using break-glass detectors
4.8.3 Passive infra-red detectors (PIR) - considerations when making selection decisions regarding PIR
4.8.4 Dual-technology sensor - benefits and limitations of using units with combined PIR and microwave movement sensing technology
4.8.5 Microwave detectors - description of how microwave detectors sense movement
4.9 Asset Protection - how to identify and protect vulnerable assets
4.9.1 Physical asset protection - considerations regarding physical protection
4.9.2 Asset marking - how to use visible and covert ID markings
4.10 Site Planning in a Hostile Environment - methods to provide increased levels of security when threat is increased
4.10.1 Site at increased threat - security planning considerations if an increased threat is identified
4.10.2 Locating a site in a hostile environment - additional vulnerability and risk assessment considerations if location of site is hostile
4.10.3 The perimeter - tactics to strengthen perimeter security under increased threat conditions
4.10.4 Protected space - tactics to strengthen protected space security under increased threat conditions
4.10.5 Buildings - planning considerations when facing increased threat
4.10.6 Guard force - best practice guard force use if threat is increased
Chapter 5: Response - how to execute an effective response as part of BCP
5.1 Principles of Effective Response - broad principles for guiding response activities
5.2 Response Organization - factors that influence site personnel actions during response
5.2.1 Responding agencies - external organizations site personnel may need to interact with during response
5.2.2 Command structure - likely events when external agencies arrive on scene
5.2.3 Incident command system (ICS) overview - description of emergency direction and control structure
5.2.4 Command direction and control nodes - description of emergency operations center (EOC)
5.2.5 Command structure evolution - describes how response activities change during the course of responding to an incident
5.3 Types of Response - offensive and defensive response described
5.4 Immediate Response Actions - role of procedures in emergency planning discussed
5.4.1 Incident detection and recognition - how incident identification affects initial response requirements
5.4.2 Situation assessment - identifies essential elements of information (EEIs) for situation assessment
5.4.3 Response priorities - response goals that determine incident manager actions
5.4.4 Initial coordination with public safety authorities - provides EEIs when coordinating with public safety authorities
5.5 Tactical Decision Making - description of how incident commanders make decisions
5.6 Safety and Security Considerations - describes key considerations of accountability, communications, personnel protection, and control zones
5.6.1 Terrorism: additional considerations - discusses concerns specific to a terrorism incident
5.6.2 Safety and security in the incident command structure - role of safety officer (SO) and safety plan in an emergency response
5.7 Follow-on Actions - discussion of actions IC responsible for
5.7.1 Identification of potential consequences - identifies multiple points where consequence assessments likely to occur during emergency response
5.7.2 Initial damage and impact EEIs - identifies EEIs to gather during response period
5.8 After-Action Review (AAR) - establishes need and importance of AAR
5.8.1 AAR process - execution steps for AAR
5.8.2 Format and content - how to document AAR
5.9 External Relations - how to effectively communicate critical messages during emergency response
5.9.1 General considerations - provides communications strategies to maintain trust and credibility
5.9.2 Identifying external audiences - suggests external stakeholders for consideration
5.9.3 Message content development - lists common EEIs for external audiences
5.9.4 Message delivery - tips for successful external relations
5.9.5 Feedback - why and how to monitor stakeholder response to communications
5.9.6 Communications - important factors regarding communication during an incident
Chapter 6: Recovery - identifies key actions, strategies, and planning requirements for successful recovery from emergency
6.1 Recovery Phase Overview - describes how recovery phase fits with emergency planning and BCP
6.2 Basic Principles for Effective Recovery - establishes scope of recovery and steps for effective recovery
6.3 Planning for Disaster Recovery - describes recovery planning for different industries
6.4 Disaster Recovery Plan Phases - describes recovery plan actions from incident first response through resumption of normal operations
6.4.1 Plan activation - identifies key early action components of a recovery plan
6.4.2 Recovery team organization - delineates plan requirements regarding the recovery team
6.4.3 Identification of the recovery team members by role - describes potential recovery team positions and roles
6.5 Implementing the Recovery Plan - goals and steps for implementing recovery
6.6 Restoration, Rehabilitation and Remediation - effective ways to involve organization’s personnel in recovery
6.7 Internal and External Communications - communication strategy for internal and external stakeholders
6.8 Learning the Lessons - describes approaches to capture lessons learned
Chapter 7: Appendices - emergency planning resources
7.1 Appendix A: Security Checklists - wide-ranging points for consideration to guide an initial assessment by the facility security team and personnel
7.1.1 Workplace security checklist - questions to aid in facility assessment regarding daily operations and facility structure
7.1.2 Vehicle control - questions to consider when assessing vehicle threat
7.1.3 Office security - checklist questions to aid in review of office policies and procedures
7.1.4 High security areas - questions to determine vulnerability of restricted areas
7.1.5 Building security - questions to aid in assessing strength of perimeter security
7.2 Appendix B: National Incident Management System (NIMS) Overview - description of NIMS as a planning resource
7.3 Appendix C: Anti-Corporate Activism: Threats, Tactics and Associated Response - establishes need to consider activist groups as potential threat
7.3.1 Activist-specific threats - background to aid in determining focus of potential activist group threats and responses
7.3.2 Mitigation resources - strategies to consider when planning for consequence mitigation
7.4 Appendix D: BCP Scenario - fictional case study to demonstrate BCP
7.4.1 Business continuity planning (BCP) – avian flu scenario - identifies potential consequences and benefits of BCP
7.4.2 Some business continuity issues - factors to assure that planning is comprehensive and complete
Chapter 8: Glossary and Index
Glossary of Security Terms and Acronyms