SECURITY MANAGEMENT

                        Security Management is a broad field of management related to asset management, physical security and human resource safety functions. It entails the identification of an organization's information assets and the development, documentation and implementation of policies, standards, procedures and guidelines.

                        In network management it is the set of functions that protects telecommunications networks and systems from unauthorized access by persons, acts, or influences and that includes many sub functions, such as creating, deleting, and controlling security services and mechanisms; distributing security-relevant information; reporting security-relevant events; controlling the distribution of cryptographic keying material; and authorizing subscriber access, rights, and privileges.

                       Management tools such as information classification, risk assessment and risk analysis are used to identify threats, classify assets and to rate system vulnerabilities so that effective control can be implemented.

Loss Prevention:

                        Loss prevention focuses on what your critical assets are and how you are going to protect them. A key component to LP is assessing the potential threats to the successful achievement of the goal. This must include the potential opportunities that further the object (why take the risk unless there's and upside Balance probability and impact determine and implement measures to minimize or eliminate those threats.

Risk Types:

                                                                                                        

 External:

• Strategic- like competition and customer demand
• Operational-Regulation, suppliers, contracts
• Financial-FX, credit
• Hazard- Natural disaster, cyber, external criminal act

Internal:

• Strategic-R&D
• Operational- Systems and process (H&R, Payroll)
• Financial- Liquidity, Cash Flow
• Hazard- Safety & security, employee & equipment

Risk Options:

• Accept- Some risk is inherent in business
• Transfer- Insurance
• Reduce- Specific systems and processes
• Eliminate- Ideal, but not always realistic

Loss Prevention Strategy:

• Deter
• Detect
• Deny
• Delay
• Detain

 These tools are helpful in reducing and eliminating conflicts:-

• Armed Security
• Coordination with LE
• Personnel with communications capability                      
• Perimeter alarms
• Personnel
• Monitored alarms
• Biometrics
• Access control cards             
• Sophisticated locks
• Security lighting
• Barriers
• Local alarms
• Simple Locks

Physical security is the lifeblood of all security controls. If physical security is compromised, all other controls are irrelevant.

External physical threats:

• Flooding, lightning, earthquake, wind, tornado, hurricane, ice, fire, chemical

Internal physical threats:

• Fire, environmental failure, liquid leakage, electrical interruption

Human physical threats:

• Theft, vandalism, sabotage, espionage, errors

To prevent these threats from becoming reality, physical security controls should be implemented.  Some examples of effective physical security controls include:

Exterior physical security controls:

• Fences, Barriers

Entrance physical security controls:

• Doors and Gates with Locks

Administrative physical security controls:

• Badges and Escorts

Property physical security controls:

• Monitoring/Detection Systems, Lighting

Environmental physical security controls:

• HVAC System, Power Protection, Water and Fire Protection