CCJS 345 – Introduction to Security Management

 Instructions for Completing the Risk Assessment/Security and Safety Planning Instrument


Don't use plagiarized sources. Get Your Custom Essay on
CCJS 345 – Introduction to Security Management
Just from $13/Page
Order Essay

The course requirements for CCJS 345, Introduction to Security Management, include the completion of a “Risk Assessment/Security and Safety Plan” as the final project, which places students into a specific role of a security practitioner in a “real world” security application that provides them with the opportunity to demonstrate the security and leadership competencies they acquired and/or enhanced during the course by discerning the weekly reading assignments, incorporating into the required writing assignments substantive information regarding security operations and management principles based on diligent and thorough research, and fully participating in all the class security and safety discussion forums.  Moreover, in this final project, our students/security practitioners have the occasion to establish their academic credentials and skill for assessing and managing risk, which is considered by many security professionals as their single most important function in protecting assets. 

To fully succeed in the final project, our security practitioners must demonstrate their ability to apply risk assessment and management principles and other security planning and operating concepts, policies, and ideas studied in class, particularly those associated with ASIS International’s “General Security Risk Assessment Guideline,” “Security Management Standard: Physical Asset Protection,” Silva Consultants “Concentric Circles of Protection,” Foresight Security Risk Management’s “Risk Analysis and the Security Survey,” and other security and safety source documents presented during the eight week session.  

To this end, after receiving a site selection authorization from their company’s “faux supervisor,” the security practitioners will initiate actions to conduct a risk assessment that includes thorough research of the designated organization and its operation; conducting actual site visits to make observations about current security operations, possible risks to assets, and physical and procedural vulnerabilities; and interviews with ranking security or site leadership personnel, if possible.  The primary document students will use to collect the information required to write the “Risk Assessment/Security and Safety Plan” is the “Risk Assessment/Security and Safety Planning Instrument” assembled specifically for this course project.  The practitioners, or in this case, the security consultants, will record their site observations and take notes as they would in an actual workplace, similar to auditor and investigator “work papers” that often must be produced in regulatory and administrative procedures or other organizational examinations and inquiries to support findings discussed in the issued report.  This procedure provides the consultants an opportunity to familiarize themselves with one of many different types of assessment tools used by industry officials in a real world setting.  The instrument, similar to the workplace, will become a part of the consultant’s official project file and must be submitted as a separate document to the Assignments Folder by the project due date.  While this document will not receive an individual grade, it will be assessed for the depth in which it is completed in an element of the final project-grading rubric.  It will also be used to support the findings of the prepared report should that become necessary.  

The “Risk Assessment/Security and Safety Planning Instrument” is a significant document that supports a consultant’s pursuit to ascertain the information necessary to write a comprehensive report.  A completed instrument must be submitted along with the report to receive a grade for the final project.   

Guide to Completing the “Risk Assessment/Security and Safety Planning Instrument.”

This security and safety instrument contains a number of questions to which consultants must provide a written response regarding their site security and safety observations and the results of any research conducted in areas for which there were no opportunities to make observations or ascertain information from an organization representative responsive to the particular question.  The instrument is not unlike many other security survey checklists used by professionals to record the information they need to write a report.  See the reference page for many different examples.  The instrument for this project has been enhanced in certain sections to assist consultants with specific references to the course reading assignments relating to risk assessment, mitigation, and management.  It also provides consultants with teaching points and examples to facilitate and enhance their learning while completing the project.  The instrument is organized in a sequential manner beginning with consultant information and proceeding with the various functional security and safety areas that must be addressed in most risk assessments.  There are numerous areas for consultants to write their site observation and independent research notes to be used later when writing the final report.

This instrument is designed to provide consultants the direction necessary to ascertain information required to write a comprehensive report for this course.  Consultants will find other commercial and government risk assessment security survey checklists used by professionals contain many more detailed questions, many of a proprietary nature, which would be “off limits” for our consultants.  In fact, consultants will likely be unable to respond to some of the questions listed this Risk Assessment/Security and Safety Planning Instrument for the same reasons unless they are fortunate enough to identify organization officials willing to provide security information during successfully arranged interviews.  Some questions are very sensitive, but are listed to provide consultants examples of the depth and complexity of inquiry required when conducting an authentic security survey for an organization under a contractual agreement and assuming the responsibility for providing accurate results and recommendations.   

For this project, consultants will complete the Risk Assessment/ Security and Safety Planning Instrument by writing the information requested on the form, beginning with the sections on consultant, general survey, law enforcement, and risk asset evaluation information.  Beginning with Section V. Exterior – Site Perimeter, consultants must review and respond to each question by “writing ” Y (yes) N (no) U (unknown) in the specified underlined area just after the number after making their site observations or determining the information as a result of independent research.  There are a number of areas consultants must also “briefly describe” the site and facility characteristics, security physical and procedural controls and features, vulnerabilities, and safety issues and ramifications.

As mentioned above, consultants likely will be unable to respond to certain questions and will write U in the specified area.  Some questions relate to very important risk mitigation practices and policies and must be addressed, but because it is sensitive and private, the information is not made available to the public.  In these situations, where information is unknown, consultants will explain as a note how an organization’s security apparatus can be enhanced in that particular line of inquiry within the framework of the risk management principles learned in class.  This information should also be discussed in the final report.  For example, organizations may not want to publicize all the areas that are alarmed in the building under review, if any.  Alarms are a significant security control that must be addressed, so consultants need to note in the instrument and write in the report, based on their assessment, what they believe should be alarmed in the building given the probability and criticality of the risks identified, as well as the feasibility and cost considerations.  Any questions about this should be directed to the consultant’s faux supervisor. 




  1. Name: _________Jerrod Martin__________________________________
  2. CCJS 345 Section: __7980_______________________________
  3. Final Project Site Selection: 
  1. Name of Organization/Facility – __Martin Corporate__________________
  2. Complete Site Address – __8029 Corporate Drive Baltimore, MD 21236________________________ 
  3. Instructor Site Selection Approval Date – _____________ 

(Attach Email Approval Document)

  1. Survey Dates and Times: 
  1. Daylight Observations – ___________________
  2. Night Observations      – ___________________

Additional Comments: 


  1. Describe the building and surrounding area of the site under review. Include a statement about the nature an/or mission of the business, company, or organization and the purpose of the building:   
General Information: Brick building with glass doors, well light parking lot and security on the premises with secure doors and key fobs for employees. 

  1. List the normal operating hours:
M-F8 am to 10 pm 
Sat8 am to 11 pm
Sun8 am to 10 pm 
HolidaysVaries- closed Christmas 
  1. Actual or Estimate: (Circle)
  1. Number of employees – __75-100_________
  2. Number of visitors/vendors – __150 + daily_____
  1.  Site Contact/Assistance Provided By (As Applicable): 
  1. Name – __________________________
  2. Title –  ___________________________
  3. Interview Date – ___________________
  4. Phone Number –  ___________________
  1. Employing the ASIS International’s “General Security Risk Assessment Guideline,” identify additional information about the site that will assist you to more thoroughly understand the organization, its various assets, its property, and its operations.  These notes will assist you when drafting the Final Project.  (See ASIS Practice Advisory #1.)
Understanding the Organization: The biggest threat to Martin corpotate 


1. Relevant Police Department:  

  1. Name – ____John Johnson_________________
  2. Address – __5419 Ebenezer Road Baltimore MD 21162_________________
  3. Phone Number – ____410 335-5112__________
  4. Emergency Response Time to Site – ____Varies____________
  5. Crime Prevention Programs Availability – ______n/a_____ 

2. Relevant Fire/Medical Emergency Responders

  1. Name – ______________________
  2. Address – __2325 Putty Hill Ave Parkville, MD 21234__________________
  3. Phone Number – _410 887-5360_____________
  4. Emergency Response Time to Site – ___Varies_____________
  5. Fire/Medical Safety Training Program Availability – ___


1. Crime Risk Evaluation: Using crime data obtained from the relevant police department or from other independent research (Uniform Crime Reports published by the U.S. Department of Justice, etc.) and personal interviews, including information provided by the organization under review, identify the incidence of crime and the calls for service at the site and in the immediate vicinity over the past two years.  Analyze the crime data in conjunction with demographic/social condition data, economic conditions in the area, population densities, transience of the population, unemployment, etc. These notes will assist the consultant when drafting the Final Project.  (See ASIS Practice Advisory #2.)

Crime Risk Evaluation:The biggest threat is an employee stealing our data information and providing it to the public as well as an visitor breaking into the facility and stealing property and possibly hacking our information. 

2.  Non-Criminal Risk Evaluation: Identify the various types of non-criminal risk events that COULD occur at the site based historical records of past incidents; risks common to the type of business; risks based on geographic locations; risks common to similarly situated sites; and risks based on recent developments and trends.  These notes will assist you when drafting the Final Project.  (See ASIS Practice Advisory #2.)

Non-Criminal Risk Evaluation:
Injury at the corporation falling due to inclement weather ice wet floors, trees falling in parking lot.


1. _Y___(Y/N/U) Perimeter of the facility grounds is clearly defined by a fence, wall, bollards, planters, vehicle gate controls, or other types of physical barriers.  Briefly describe below the type of barrier, height, distance from building, cleared areas, barbed-wire top, roof or wall areas close to the fence, and its condition (damaged, etc.).  Use the area below to draw any diagrams required to fully appreciate the building in relation to the property perimeter and other surrounding commercial, residential, or other buildings and properties. 

2.__Y__(Y/N/U) Barriers limit or control vehicle or pedestrian access to the facility. 

3.__Y__ (Y/N/U) Perimeter barriers are considered to be a security safeguard.    

4.__Y__ (Y/N/U) All entrance points to perimeter barriers are guarded or secured.

5.__Y__ (Y/N/U) Perimeter barriers are under surveillance at all times. 

6._Y___ (Y/N/U) Site building forms a part of the perimeter barrier.

7.__U__ (Y/N/U) Site building forms a part of the perimeter barrier and presents a 


9.__Y__ (Y/N/U) Security officers patrol the perimeter. If unknown, 

             should this be the policy? Explain below.

10. _Y___(Y/N/U) Landscaping obstruct view of security officers or surveillance 

               cameras or interfere with lighting or intrusion device systems.

11.__Y__ (Y/N/U) Intrusion alarm devices protect the perimeter. If unknown, 

               should intrusion alarms be installed? Explain below.

Perimeter Notes:
Perimeter will be under surveillance 24/7 and security officers will patrol the premises throughout the entire day. 

12._Y___ (Y/N/U) Perimeter and building are protected by lighting.

13._Y___ (Y/N/U) Lighting provides a means of continuing during the hours of darkness   

               the same degree of protection available during daylight hours.

14.__Y__ (Y/N/U) Lighting is positioned to overlap to provide coverage when a bulb 

               burns out.

15.__Y__ (Y/N/U) Additional lighting is provided at active gates, building doors, and 

               other points (define the points) of possible intrusion. 

16.__Y__ (Y/N/U) There are provisions for emergency lighting.  If unknown, 

               should emergency lighting be installed? Explain below.

17._Y___ (Y/N/U) Lights are mounted to provide a strip of light both inside and outside 

               the perimeter.

18.__Y__ (Y/N/U) Lights operate in manner that increases the likelihood of detecting and 

              deterring criminal acts on the property and enhances the capability of security 

              cameras to record images that can effectively reconstruct an incident and 

              identify individuals.    

 19._Y___ (Y/N/U) There is 360-degree lighting coverage around the exterior of the 


  21._Y___ (Y/N/U) All lights are working.  If not, identify location?

  22.__Y__ (Y/N/U) Lighting has an auxiliary source of power. If unknown, 

                 should auxiliary power be installed? Explain below.

Perimeter Lighting Notes:Lighting lining perimeter, all lights in the parking lot working; well lit, lighting around outside perimeter of building  

     23. Describe below the vulnerabilities of the employee and visitor parking lots and the 

     security features currently in place, if any.  Any other notes about the site perimeter 

     can be listed below.  

Other Perimeter Notes:



       1. Describe below the vulnerabilities of the employee and visitor parking lots and the 

       security features currently in place, if any.  Any other notes about the site perimeter 

       can be listed below.  

Vulnerabilities, et. al. : 


       2. Describe the building design and composition (brick, block, concrete, metal panels, glass exterior, etc.).     

       Include comments about the number of stories (floors) above and below ground; total number of     

       entrances/exits and construction (solid core, hinges, hinge pins, etc.); ground floor windows and height      

       and construction; other windows and how they are secured; and roof construction and openings.  Also      

       comment on adjacent occupancies and if there are any security issues with those organizations that might 

       impact the site under review in this project.  Identify the distance in yards from the building to the 

       nearest public street. 

Comprehensive Building Description:
Brick building ground floor glass three floors 2 entrances one for employees and visitors  and several windows .

       3._Y___ (Y/N/U) Public parks, plazas, or other public areas are immediately adjacent to the building. 

       4._Y___ (Y/N/U) Public transit systems are near the building.

       5. _Y___(Y/N/U) Entrances/exits are supervised/controlled. 

       6. __Y__ (Y/N/U) Interior lighting is appropriate for surveillance by night security 

            guards, local law enforcement, and closed circuit television coverage.

7. _Y___ (Y/N/U) Emergency lighting is available for power outages.  If unknown, should auxiliary 

              power be installed? Explain below. 

Building Notes:
The entrance and exit have alarms equipped with warning alarms will sound if opened controlled by keys code locks on office doors 

8. Describe the types of entrance/exit door key and combination locks in use at the facility.

Door Key and Combination Lock Notes:
Automatic entrance doors with key locks on them, all exits have alarms equipped with warning alarms that will sound if opened controlled by keys; code locks on office doors. 

9._Y___ (Y/N/U) A key control official has been assigned and is responsible for 

                         issuance, replacement, and control of locks and keys.  If unknown, should 

                          there be?  Explain below.

10.___Y_ (Y/N/U) Keys are secured when not in use. If unknown, should they be 

                          be secured? Explain below.

11. _U___ (Y/N/U) There is a master key system with ___ master keys issued. If 

                           unknown, should there be a system?  Explain below.

12. _U__ (Y/N/U) Key inventories are routinely conducted.  If unknown, should there  

                           be?  Explain below.

13. __U__ (Y/N/U) Employees authorized to receive keys sign for them.  If unknown, 

                           should signatures be obtained for accountability?  Explain below.

14. __Y__ (Y/N/U) Removal of keys from the premises is prohibited. If unknown, 

                           should this be the policy? Explain below.

15. __Y__ (Y/N/U) Records are maintained of those who have access to codes for 

                           combination locks. If unknown, should such records be maintained? Explain 


16. __Y__ (Y/N/U) Combination lock codes are changed routinely and a record of 

                           those changes is maintained. If unknown, should this be the policy? 

                           Explain below.

17. __Y__ (Y/N/U) Combinations codes are changed when a user no longer requires 

                           access. If unknown, should this be the policy? Explain below.

18. _Y___ (Y/N/U) There is a card key reader or similar system that records employee 

                  and/or visitor or entries/exits.  If unknown, should this be a security control 

                  employed by the organization? Explain below.

Key and Combination Lock Notes:
Keys; with the exception of managers cannot leave the premises; records of who has access codes maintained combination locks changed routinely

19. __Y__ (Y/N/U) The facility has an intrusion alarm system with 24/7 monitoring 

                    capability. If unknown, should this be a security control employed by the 

                    organization? Explain below.

   20. __Y__ (Y/N/U) There is a written policy and procedure for activating and 

                    deactivating this system. If unknown, should this be the policy? Explain 


  21. _Y___(Y/N/U) The alarm system is centrally managed. If unknown, should this be 

                     the policy? Explain below.

  22. _Y___ (Y/N/U) The alarm system is linked and managed by an outside private service 

                     vendor/police force. I f unknown, should this be the procedure? Explain below.

   23. __Y__ (Y/N/U) The alarm system for active areas of the facility are disengaged 

                    during operational hours. If unknown, should this be the policy? Explain 


   24. _Y___ (Y/N/U) All external doors, ground windows, loading dock areas, and  

                    internal doors are covered by the alarms. If unknown, should this be the 

                    policy? Explain below.

   25. __Y__ (Y/N/U) The alarms are linked to CCTV.  If unknown, should the alarms be 

                     linked?  Explain below.

   26. __Y__ (Y/N/U) There is an emergency power source for all alarms.  If unknown, 

                    should an emergency source of power be available?  Explain below.

Alarm Notes:

Phone call to store if alarm goes off linked with law enforcement; all doors covered by alarms; linked to CCTV

   27. Describe below the other areas in the facility that are alarmed (data system 

     location, safes, high value asset storage areas, executive suite offices, duress 

     signals, etc.).  Also, describe the procedures for taking action when alarms are 

     activated.  If unknown, are there other areas at the facility that should be alarmed 

     and should there be a response plan and what might it include? Explain below.

Other Alarmed Areas and Response to Alarms:The break rooms require a code to get in and out, and lockers have locks. The store itself and exit doors have alarm; the storage/ warehouse in the back requires a combination code for entrance. 

  28. __Y__ (Y/N/U) The facility employs CCTV cameras externally. Relevant 

                 notification signs are displayed. (Note:  A brief discussion and diagram  

                 showing the location of the cameras would enhance the final project 


 29. __U__ (Y/N/U) The facility employs CCTV cameras internally.  (Note:  A brief 

                 discussion and diagram showing the location of  the cameras would enhance 

                 the final project presentation.)

   30. __Y__ (Y/N/U) Recordings are continuous rather than event activated. If unknown, 

                should recordings be continuous or event activated? Explain below.

 31. _Y___ (Y/N/U) The camera feed is monitored in real time on site.  If unknown, 

                should the cameras be monitored in real time onsite or elsewhere?  Explain 


CCTV Notes: 

Cameras real time; located in parking lot on light post, entrance of the surrounding stores throughout the entire store, by cash registers 


1. Describe the significant procedural controls employed by the organization to protect assets, particularly from risks associated with internal theft schemes.  Include comments related to security controls for handling cash and negotiable instruments; inventory and audit control processes; shipping and receiving standards; separation of duties and responsibilities among employees, particularly for those with authorities related to the organization’s financial matters.  For instance, would it be prudent for a cashier also be responsible for record keeping?  As another example, might it be wise for an organization to prohibit the same employee would it be wise to have the same employee select, authorize, order, and receive merchandise for the organization?  What about access to personnel records? 

Should an organization allow the same person responsible for stocking merchandise or ordering company equipment to conduct periodic inventories?  How might the organization’s mailroom be a security challenge?  

If information is unknown based on your observations and interviews as appropriate, briefly describe (after conducting the appropriate research) what procedural controls in the specific areas mentioned above would enhance the protection of any organization’s assets, particularly one similar in mission and purpose to the site of your assessment.

Selected Procedural Controls:
Employees have to keep identification on them at all times as well as keys to be able to access doors and understand the corporate policy. 


1.__Y__ (Y/N/U) The organization employs a guard force at the facility. If unknown, 

              should a guard force be employed, proprietary or contractual?  Explain below

  2.__Y__ (Y/N/U) Written instructions are provided to the security guards regarding their 

               responsibilities.  If unknown, should such instructions be provided and what 

               information might be included?  Explain below.

   3. _N___ (Y/N/U) Security Guards are armed. If unknown, should security officers at 

                this site be armed?  Explain below.

   4. _Y___ (Y/N/U) The security guards on site are licensed in compliance with state or 

           other jurisdictional requirements.  If unknown, should security officers at this 

           site be licensed?  Describe the state or jurisdictional licensing and registration requirements for 

           private security officers.  Explain below.

   5. ___N_ (Y/N/U) Security guards have a distinctive uniform. If unknown, should 

           security officers have such uniforms?  Explain below. 

   6. _Y___ (Y/N/U) Security guards check employee and visitor identifications.  If 

          unknown, should security officers have such duties? Explain below.

   7. _N___ (Y/N/U) Security guards conduct entry and exit searches of personnel and/or 

         vehicles. If unknown, should security officers have such duties? Explain below.

   8. __N__  (Y/N/U) Security guards protect the entrance reception area of the facility.  If 

           unknown, should security officers have such duties? Explain below.

   9. ___Y_  (Y/N/U) Security guards have a plan to react to intruders. If unknown, should 

           security officers react to intruders and what might those actions include? 

           Explain below.

Guard Force Notes:

There will be security personnel dressed in uniform for deterrence. 


   1. __Y__ (Y/N/U) The organization issues employee and visitor identification.  If 

           unknown, should the organization issue such identification documents? 

           Explain below.

         2.  _N___ (Y/N/U) Visitors are prevented from moving around unescorted.  If unknown, 

                       should visitors be prevented from moving around the facility unescorted? 

                       Explain below.

         3. _Y___ (Y/N/U) Employees display badges.  

         4. _Y___ (Y/N/U) There is visible distinction between employees and visitors.

Access Controls Notes:

5. Describe other features of the access control system at the facility, i.e., electric card 

   readers for employees, escorts for limited access areas such as the data center and   

   other sensitive areas, security post control points, visitors/vendors/shoppers enter 

   the facility from a different entrance/exit door then employees, vehicle 

   identification/parking control, etc.

Other Access Control Features: 

Visitors cannot enter from the back doors only front. Employees may enter from back doors. 


        1. __Y__ (Y/N/U) Employees are subject to background checks.  If unknown, 

                      should employees have a background investigation completed prior to 

                      employment and if so, what should it include? Explain below.

        2. _Y___ (Y/N/U) Additional checks are conducted for personnel handling cash or    

                      holding more sensitive and/supervisory positions.  If unknown, 

                      should these employees have a more extensive background investigation 

                      completed prior to employment, and if so, what should it include? Explain 


        3. _Y___ (Y/N/U) Ongoing (periodic) background checks are conducted for all 

                      employees.  If unknown, should employees have periodic checks conducted? 

                      Explain below.

        4. _Y___ (Y/N/U) New employees are provided with security orientation and ongoing 

                     security awareness training.  What other training is provided? If unknown, should 

                     new employees be given such an induction and training, and if so, what should it 

                     include? Explain below.

Personnel Security and Training Notes:
Background checks for all employees drug test management; training on how to handle security threats as well as protecting the assets. 


1. Describe how utility and HVAC systems are protected so access is limited to only those     

          authorized.  Include a discussion of the electrical and telephone closets, mechanical areas, 

          roof access, etc.  Also note how any fuel stored in or around the facility is protected and 

          how the water supply is protected, if known.   

Utilities Notes:Utility and HVAC systems are in a locked area not viewable to visitors and employees, the electric closets are located in authorized personnel only. And secured by doors that require combination codes. Roof access are in authorized personnel arears only.  

2. Describe the proactive fire protection systems in place at the facility, including whether or not the entire building is equipped with sprinkler systems; locations where there are no such systems; whether the fire alarms are local, proprietary, or central station, if known; location of fire extinguishers and fire hose valves, if known.  Describe any fire escapes or stairwells at the facility; whether or not the fire department have ladder trucks that can reach the top floors and the roof of the building; number of available fire hydrants within a city block any direction; combustibles such as paint, oil, gas, etc. stored on site; whether evacuation training exercises are routinely conducted, etc. Fire Department response time? 

Fire Protection Notes:
Sprinkler systems no sprinklers in dressing room, local fire alarms, fire extinguishers in each department, the fire department does have ladder trucks that can reach the top of the building 5 hydrates in corporate office parking lot. Stairwells can utilized as well for evacuation and evacuation training will be conducted response time from fore department varies.   


  1. List the dangerous items and substances stored at the facility (weapons, ammunition, chemicals, pathogens, radioactive material, other, etc.) and state how and where they are secured.  Also discuss the accountability procedures for these items.
Dangerous Items: 

  1. Given the type of organization, facility, or business you are reviewing, identify the potential OSHA standards applicable to the site and note whether or not compliance is being maintained. 
OSHA Standards and Compliance:

3. _Y___ (Y/N/U) The facility has an Occupant Emergency Plan (OEP).  If unknown, 

                    should the organization have such a plan and, generally, what information 

                    should be included?  Explain below. 

      4. _Y___ (Y/N/U) The facility has a Continuity of Operations Plan (COOP.  If unknown, 

                    should the organization have such a plan and, generally, what information 

                   should be included based on your study of the provisions of the ASIS International’s “Business  

                   Continuity Guideline: A Practical Approach for Emergency Preparedness, Crisis 

                   Management, and Disaster Recovery?  Explain below. 

      5. _U___ (Y/N/U) The facility has trained OEP designees with specific assignments 

                   during emergencies. If unknown, should the organization have such designees?            

                   Explain below. 

OEP and COOP Notes:

      6. _Y___ (Y/N/U) There is a “Shelter in Place Plan” for the facility.  If unknown,    

           should the organization have such a plan? Explain below.

      7.  __Y__ (Y/N/U) There is a facility public address system. If unknown, should 

              the organization have such a system? Explain below. 


      1. __Y__ (Y/N/U) The organization has an approved information security policy that has 

             been disseminated to all employees and contractors. If unknown, should the 

             organization have such a plan? Explain below. 

      2._Y___ (Y/N/U) All employees and contractors have acknowledged they understand the 

             policy and agree to comply with it.  If unknown, should there be a record of 

             employees and contractors agreeing to policy compliance?  Explain below. 

      3.__Y__ (Y/N/U) The organization’s IT resources and data (e.g., computer and 

                     network equipment, storage media, wiring closets) are physically secured  

                     from unauthorized access, tampering, damage, and/or theft.  If unknown,   

                   should these resources be protected from loss or harm? Explain below. 

 4._Y___ (Y/N/U) The organization maintains a business continuity plan for its         

               information and data support system that includes system backups, off-site 

               data backup storage, emergency notification, replacement IT and office 

               resources, alternate facilities, and detailed recovery procedures.  If     

             unknown, should such a plan be implemented and maintained?  Explain below. 

Information Security Notes: 

5. Describe other features of the organization’s information security policy and program. Include comments regarding data protection techniques; password controls; organization policy for emails; ongoing employee training regarding information security awareness; prohibitions of loading sensitive data on personal computers; and procedures for employees to report suspected violations, etc.  

If this information is unknown after conducting observations and interviews as applicable, after conducting your own independent research, note how the organization’s information security program can be enhanced in each of the areas described above and any other areas you deem appropriate.    

Information Security Notes Continued: 

Internal emails intranet ongoing training for employees conducted quarterly. Human resources will take reports from employees and there is an anonyomous hotline they can contact as well


 1. Based on the results of the risk assessment, including site observations, interviews conducted with officials from the organization (as appropriate), and extensive research about the organization, describe the physical and procedural controls you believe need to be enhanced to strengthen the organization’s current security operation to protect assets.  Also, identify and discuss the ways the organization can more effectively prevent losses and harm from accidents, emergencies, and natural disasters, and when such risk events do occur, initiate a proficient response to mitigate damage to the organization’s property and resources. 

When considering the possible security and safety control options to mitigate risks (See ASIS Practice Advisory #5), be sure to consider the feasibility of implementing the options (See ASIS Practice Advisory #6) along with a basic cost/benefit evaluation (See ASIS Practice Advisory #7).  Also, you should identify the priority of the recommendations with supporting justifications. 

Prioritized Recommendations:

I noticed employees haven’t been wearing their identifications cards and been assessing the back door which has made security think there is a possible threat from an outsider. 



This CCJS 345 Risk Assessment/Security and Safety Planning Instrument was developed using the following sources:

Halkyn Consulting Ltd. (2010). Physical Security Assessment Form. Flintshire, UK. Retrieved August 1, 2017 at:

ISACA. (No Date). Physical Security Survey Checklist. Rolling Hills, IL. Retrieved August 1, 2017 at:

University of Illinois at Urbana. (2006). Risk Management Audit Checklist. Urbana, IL.  Retrieved August 1, 2017 at:

U.S. Department of Agriculture. (No Date). USDA Physical Security Inspection Checklist. Washington, D.C. Retrieved August 1, 2017 at:

U.S. Fish and Wildlife Service. (2016). Physical Security Survey – Level 3. Washington, D.C.  Retrieved August 1, 2017 at:

U.S. Geological Survey. 2005. Physical Security Survey Checklist. Washington, D.C. Retrieved August 1, 2017 at:

Consultants can enhance their study, understanding, and application of risk assessment and management processes by reviewing the following sources: 

American Bankers Association. (2003). Physical Security Checklist and Inventory. Washington, D.C. 

Retrieved August 1, 2017 at:

American Red Cross. (2012 ). Multi-Building Physical Security Checklist. Retrieved August 1, 2017 at:

ASIS Foundation. (2007). ASIS.SIA Risk Assessment Survey: Results and Analysis. Alexandria, VA. Retrieved August 1, 2017 at:

Australian Hotels Association (South Australian Branch). (2013). AHAISA Hotel Security Assessment Checklist. Retrieved August 1, 2017 at:

Broomfield Police Department (No Date). Construction Site Security Survey Checklist. Broomfield, CO. Retrieved August 1, 2017 at:

Department of the Army. (2010). Physical Security. Washington, D.C. Retrieved August 1, 2017 at:

Department of Homeland Security. (No Date). Risk Assessment. Washington, D.C. Retrieved August 1, 2017 at:

Federal Emergency Management Agency. (No Date). Building Vulnerability Assessment Checklist. Washington, D.C. Retrieved August 1, 2017 at:

Foresight Security Risk Management. (2013).  Risk Analysis and the Security Survey. Retrieved August 1, 2017 at:

Gardner, Robert A. and Wolf Aviation. (2002). Rural & Small Town Airport 

Security Manual and Checklist. Las Vegas, NV. Retrieved August 1, 2017 at:

HELPNET SECURITY. (No Date). Information Security Checklist. Retrieved August 1, 2017 at:

Kabay, M.E.. (2012). Facilities and Security Audit Checklist. Northfield, VT. Retrieved August 1, 2017 at:

Missouri Department of Health and Senior Services. (2011). Sample Threat/Risk Assessment Checklist.

Retrieved August 1, 2017 at:

National Clearinghouse for Educational Facilities. (No Date).  NCEF Safe School Facilities Checklist. Washington, D.C.  Retrieved August 1, 2017 at:

Richardson Police Department. (No Date). Home Security Assessment Checklist. Richardson, TX. Retrieved August 1, 2017 at:

Rowe, Tina Lewis. (2009). How to Assess the Safety and Security of Your Place of Worship. Denver, CO. Retrieved August 1, 2017 at:

Sans Technology Institute. (2015). Physical Security. Retrieved August 1, 2017 at:

Siva Consultants. (2017). Physical Security Assessments. Covington, Washington. Retrieved August 1, 2017 at: com/physical-security-assessments-by-silva-consultants.html”>

U.S. Department of Agriculture. (No Date). Risk Based Methodology for Physical Security Assessments. Washington, D.C.  Retrieved August 1, 2017 at:

West Virginia Department of Health and Human Services. (No Date). Risk Assessment – Information Security Policy. State of Wet Virginia.  Retrieved August 1, 2017 at:

SRMC. (2013). Pima Community College Security Assessment Report and Recommendations. Columbus, Ohio. Retrieved August 1, 2017 at:

Tech Republic Academy. (2010). Perform a Physical Security gap Analysis.

Vanguard Surveillance and Security. (No Date). 7 Step Security Survey. Retrieved August 1, 2017 at:

Revised: November 7, 2017

Place your order
(550 words)

Approximate price: $22

Calculate the price of your order

550 words
We'll send you the first draft for approval by September 11, 2018 at 10:52 AM
Total price:
The price is based on these factors:
Academic level
Number of pages
Basic features
  • Free title page and bibliography
  • Unlimited revisions
  • Plagiarism-free guarantee
  • Money-back guarantee
  • 24/7 support
On-demand options
  • Writer’s samples
  • Part-by-part delivery
  • Overnight delivery
  • Copies of used sources
  • Expert Proofreading
Paper format
  • 275 words per page
  • 12 pt Arial/Times New Roman
  • Double line spacing
  • Any citation style (APA, MLA, Chicago/Turabian, Harvard)

Our guarantees

Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.

Money-back guarantee

You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.

Read more

Zero-plagiarism guarantee

Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.

Read more

Free-revision policy

Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.

Read more

Privacy policy

Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.

Read more

Fair-cooperation guarantee

By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.

Read more
Live Chat+1(978) 822-0999EmailWhatsApp

Order your essay today and save 20% with the discount code LEMONADE