Personnel Security

advertisement
Personnel Security
Mike Mason, CPP, CFE, CPS
Security Manager
Lyondell/Equistar Chemical
Companies
Three Components of Security
Personnel
Security
Physical
Security
 Personnel
Information
Security
Security
 Physical Security
 Information Security
Personnel Security
Involves those measures taken to
safeguard a company’s employees and
those coming to a place of business either
for business reasons or as a guests.
 Can further include access control
systems that control access in and out of
specific premises.

Personnel Security
 Various
identification card systems,
passes, and permits used by companies are considered personnel
control.
 Probably the most recent concerns
classified under personnel security
are executive protection and background investigations.
Interaction of Security
Components
Alarms &
Hardware
Security
Personnel
Protective
(Security)
Components
Security
Policy &
Procedures
Employee
Support
Important Points for Success
A Security program must become an
integral part of both the operations and
management systems of an organization.
 Unlike most other components of an
organization, security directly affects every
other component and thus must be
extraordinarily concern with the
comprehensive quality of the programs it
offers.

The Human Factor
 FBI
statistics indicate that 72% of all
thefts, fraud, sabotage, and accidents
are caused by a company’s own
employees.
FOR MORE INFO REFER TO CURRENT FBI STATISICS
 Another
15 to 20% comes from
contractors and consultants.
 Only about 5%to 8% is external people.
Personnel
 Customers
 Visitors
 Employees
 Executives
 Contractors
& Consultants
 Unauthorized persons
Customers and Visitors
 “Due
diligence” is the rule of thumb
when it comes to protecting people
who come to your premises.
 History of security incidents where
people have been the target.
 Efforts to provide adequate security
can prevent or reduce liability.
 Workplace violence prevention plan.
Employees
 Human
factors, probably the greatest
single source of risk, including both
human error and failure.
 An organization’s employees are now
considered a corporate resource and
asset, requiring constant care and
management.
Employee Liability Issues
A
co. can be held liable for ignoring
their prescribed duties when injury or
loss could result.
 A co. can suffer liability for damages
resulting from its negligence in not
providing enough security.
 A co. is subject to liability for negligent
hiring and failure to train personnel.
Employee Liability Issues (cont.)
A
co. is liable for negligent actions of
their employees.
 A co. can be held vicariously liable for
criminal acts of employees.
 Discharged employees are entitled to
view reports of investigation that
caused termination.
 Interrogation is not a coercive action.
Employee Liability Issues (cont.)
 An
employee can be terminated for
refusing to cooperate in polygraph test
 Results of a polygraph exam are
admissible if both parties agree.
 Employees have an obligation to assist
in investigation and report loss.
 Employees obligated to comply with
policies as condition of employment.
Importance Personnel Practices
A
company’s existence could depend
on the integrity of its employees.
 Without security processes in place, an
organization’s reputation could be
destroyed.
 The new employee’s ethical outlook is
unknown to the company.
Importance Personnel Practices
 New
employees may have access to
extremely sensitive and confidential
information.
 Unauthorized release of sensitive
information could destroy the
corporation’s reputation or damage it
financially.
Importance Personnel Practices
 An
employee, who has just accepted a
position with a major competitor, may
have access to trade secrets that are
the foundation of the corporation’s
success.
Hiring Practices
 Corporations
must take special care
during the interview to determine each
candidate’s level of personal and
professional integrity.
 The sensitive nature and value of the
assets that employees will be handing
require an in-depth screening process.
Hiring Practices (Cont.)
 At
a minimum, the screening process
should include a series of comprehensive interviews that emphasize integrity
as well as technical qualifications.
 References from former employers
should be examined and verified.
 This includes former teachers, friends,
co-workers, & supervisors.
Hiring Practices (Cont.)
 Former
employers are usually in the
best position to rate the applicant
accurately, providing a candid assessment of strengths and weaknesses,
personal ethics, past earnings, etc.
 Unfortunately many employers have
become increasing cautious about
releasing necessitating release forms.
Hiring Practices (Cont.)
 Use
of a reference authorization and
hold-harmless agreement oftentimes
provides the necessary information.
 Be sure reference authorizations have:
signature of applicant, releases former
& prospective employers, and clearly
specifies the type of information that
may be divulged.
Hiring Practices (Cont.)
What to Look For? A Straw person
Perhaps?
Education
Training
Experience
Stable Work History
Professional Certifications
Clear Criminal Record
Fiscal Responsibility
Background Continuity
Physical Fitness
Sample Security Officer Checklist
 Responsibility,
honesty, conscientiousness: being morally, legally, & mentally
accountable; being fair, objective &
straightforward; being scrupulous &
professional in the performance of his/
her job; concern for being to work on
time, being of such moral character as
to avoid involvement in theft, graft,
bribery, or other dishonest activities.
Sample Security Officer Checklist
Concern for protecting confidential
information; personal concern about
avoiding absenteeism; concern for the
safety of others; concern for reporting
whole truth, and only the truth, about
any incident involving employees;
respect for the rights of others; and
concern for appearance, demeanor and
personal hygiene.
Sample Security Officer Checklist
 Reading
& Writing Communicative
Skills: Ability to write a clear and
concise incident report; communicate
in a clear and concise manner; reading
ability at a 12th grade level.
 Leadership Skills - exercising responsible authority over people & property:
ability & willingness to discharge duty
without getting too close to employee;
Sample Security Officer Checklist
(i.e. without getting emotionally or personally involved to the point of becoming ineffective; ability to take action
decisively when necessary in emergencies, and making correct decisions;
ability to recognize the development of
a potentially dangerous or emergent
situation; possession of alert mind…..
Screening Techniques
 Application
or resume verification.
 Honesty or integrity testing.
 Physical and physical agility tests.
 Personality testing.
 Background checks.
 Polygraph examination (when
authorized)
Security Awareness Programs
 Initial
orientation training for everyone
when initially employed.
 Annual security awareness training.
 Training Documentation Requirements:
Curriculum
Attendance roll
Evaluation of comprehension
Instructor(s) qualifications
Personnel Disciplinary Action
 Only
for clearly defined and properly
documented incidents.
 Must follow the company’s disciplinary
policy - dependent on severity:
Verbal warning
Written warning
Decision-making leave
Termination
Personnel Disciplinary Action
 When
an employee leaves, even if on
excellent terms, certain precautions
regarding employment terms in effect:
Return all documents, records, and
other information regardless of media.
During exit interview, terms of original
employment agreement reviewed (i.e.
non-compete, wrongful disclosure, etc.
Executive Protection
The threat to executives comes from
terrorists who perpetrate hostagekidnapping incidents these reasons:
 Worldwide recognition & publicity.
 Emphasize organization’s vulnerability.
 Value powerful psychological impact.
 Obtain benefit for cause (i.e. funds,
release of fellow terrorists, etc.).
Company’s Duty To Protect
 Manage
situations through preparation.
 Employees provided with the best risk
information about various overseas
environments where they are assigned.
 Employees should be advised on how
to protect his/herself through planning
and preparation.
 Develops a plan to quickly respond to
an incident and effectively operate to
recover a kidnapped person.
Executive Protection Management
Program
 Implement
a county specific, proactive plan that identifies detailed
activities to be accomplished.
 Threat situation procedures in place.
 Employees training to prevent or to
survive being kidnapped.
 Viable, ongoing risk assessment
activities.
Specific Activities in Plan
 Crisis
management team formation.
 Arrangements for logistical support.
 Command & control decisions (i.e.
who will participate/manage the effort.
 Make decisions regarding ransoms.
 Conduct risk assessment to
determine need for kidnap insurance.
 Send response team to be with family.
Specific Activities in Plan
 Address
publicity issues.
 Establish government relations (U.S.
State Dept. & country of occurrence).
 Determine who will negotiate.
 Formulate victim recovery process.
 Make arrangements for victim post
event handling.
Vulnerability Assessment
WHEN SELECTING A TARGET, TERRORISTS
EVALUATE FOR SUCCESS:
 Accessibility – take steps to harden target.
 Prestige – respect & influence target enjoys.
 Visibility – widely publicized target at risk.
 Financial – company ability to pay motivates
 Family – reputation for closeness attracts.
 Medical Condition – healthy target is at risk.
Due Diligence is Key
EVERY COMPANY SHOULD TAKE
PRECAUTIONS TO PROTECT PERSONNEL
& PROPERTY FROM THREATS:
 Assassination
 Ambush
 Kidnapping
 Extortion
 Harassment
 Bombings
Company Policy Should Address:
Establishment of a Crisis Management Plan.
 Formulation of a Crisis Management Team.
 Conduct of a threat analysis with updates.
 Procurement of Negotiating Team Support.
 Establishment of an Executive Protection
Committee.
 Establishment of an Onsite Command Post
Team.
 Development of an Evacuation Plan.

Download