Professional Documents
Culture Documents
Lesson 2 Risks Analysis and Security Hazards
Lesson 2 Risks Analysis and Security Hazards
Lesson 2 Risks Analysis and Security Hazards
RATIONALE
Document and information in whatever form plays a significant role in the daily operations
and activities of an installation. Once the contents of a company's document and
information are divulged and reached the hands of an adversary, the business operational
stability is at stake. It may cause huge losses on the Company's assets that could lead to
its total closure. In this particular lesson, document and information security are discussed
in the light of security management for private industrial establishments. In this particular
lesson, document and information Security are discussed in the light of security
management for Private industrial establishments.
BASIS OF DOCUMENT AND INFORMATION SECURITY
On the part of the government, “Security of documents and information is based
on the premise that the government has the right and duty to protect official paper from
Unwarranted and indiscriminate disclosure. On the other hand, private individuals and
private business establishments stand on the constitutional provisions on the "right of
privacy" where it is stated that "the right of a person to be free from unwarranted publicity,
or disclosure and the as the right to live without unwarranted interference by the public in
matters with which the public is not necessarily Concerned.
In addition, business enterprises have the right over their intellectual rights of their
company properties including operations and production operations.
1 Deter and impede potential spy or prevent espionage
2. Assist in security investigations by keeping accurate records of the moments of
classified materials; and
3. Enforce the use of "Need to Know principle.
DOCUMENT SECURITY SYSTEMS
This is the aspect of security which involves the application of security measures
for the proper protection and safeguarding of classified information. In Document and
Information Security, a matter includes everything, regardless of its physical character, or
in which Information is recorded or embodied. Documents, equipment, Projects, books,
reports, articles, notes, letters, drawings, Drawings, sketches, plans, photographs,
recordings, machinery, Models, apparatus, devices, and all other products or substances
Fall within the general term “matter”. Information, which is transmitted orally, is considered
“matter” for purposes of Security.
TYPES OF BUSINESS RECORDS
In some business establishments, documents and records are classified to determine the
degree of security needed. The classifications are:
1. Class I (Vital Records) - These include records that are liable records of which
reproduction does not have the same value as the original, records needed to recover
cash to replace buildings, equipment, raw materials, finished products and records
needed to avoid delay in restoration of production, sales and services.
2. Class II (Useful Records) these include records which Loss might cause inconvenience
but could be readily replace and which would not in the meantime present an
insurmountable obstacle to the prompt restoration of the business.
3. Class III (Important Records) - These include records of the reproduction of which will
involve considerable expense and labor, or considerable delay. Operating and statistical
records belong to this class as well as those to maintain check on efficiencies, operating
costs, etc. Also included are contracts, customer's credit files, sales records, designs in
process development, records of experiments in progress, etc.
4. Class IV (Non-Essential Records)- These are the daily files, routine in nature so that
even if lost or destroyed, will not affect operation or administration.
SECURITY CLEARANCE
Security Clearance is the certification by a responsible Authority that the person
described is cleared for access to Classified matter the appropriate level, or Security
Clearance Refers to the administrative determination that an Individual is eligible for
access to classified matter. Need-to-know is the principle whereby access to classified
matter May only be only given to those persons to whom it is necessary for the fulfillment
of their duties. Persons are not entitled to have access to classified matter solely by virtue
of their status or office. It is a requirement that the dissemination of classified matters be
limited strictly to Persons whose official duty requires knowledge or possession thereof.
CERTIFICATE OF DESTRUCTION
This is the Certification by a witnessing officer that the classified Matters describe
therein has been disposed of in his Presence in an approved destruction methods.
OTHER TERMINOLOGIES
The following are other Terminologies relative to document and information
Security:
1. Classified refers to assign information by one of the four classification categories.
2. Compromise means loss of security, Which Results from an authorized persons
obtaining Knowledge of classified matter.
3. Compartmentation is the grant of access Classified matter only to properly
cleaved persons in the performance of their official duties.
4. Declassify is the removal of Classification from classified matter.
5. Reclassify /Re-grading is the act of changing the Assigned classification of
matter.
6. Upgrading is the act of assigning to a matter of higher classification to a classified
7. Dissemination Dissemination of classified matter shall be restricted to properly
cleared persons whose official duties required knowledge or possession thereof.
Responsibility determination of "need-to-know" rests upon both each individual, who has
possession, knowledge or command control of the information involve, and the recipient.
8. Purging is the process of destroying a document which is no longer significant in
the organization.
LESSON 3
SECURITY SURVEY, SECURITY INSPECTION AND SECURITY INVESTIGATION
Overview
The methods of conducting security survey and security inspection as well as security
investigation will be highlighted in this module. It will also include discussions on survey
and inspection reports preparation.
SECURITY SURVEY
A. RATIONALE- The information pertaining to one of the most important security services
offered to a head of office is the Conduct of security surveys and security inspections.
Security surveys and security inspections are conducted for the establishment of an
effective Security System.
Since there are many security countermeasures to be considered, heads of offices should
utilized specially trained personnel, if the efforts of espionage and sabotage agents and
other criminal elements are to be negated. Security is an extremely complex program and
the objective analysis of an office head's security program by security survey and
inspection personnel can be of great assistance in determining the efficiency of any
established security program.
B. SECURITY SYSTEM -This is the set of policies, procedures and rules and regulations
designed to reduce to an absolute Minimum the possibility of espionage, sabotage and
compromise of classified information of an office or a whole establishment.
C. SECURITY SURVEY – This is also known as security audit which is actually a fact-
finding probe to determine a plant’s Adequacy and deficiency in all aspects of security,
with the Corresponding recommendations.
It is also referring to an estimate of the security standards of a unit, and is conducted to
enable the responsible officer to Recognize and evaluate security hazards and determine
protective Measures necessary to the prevention of sabotage, espionage, Subversive
activities and other criminal acts inimical towards the Interest and/or mission of the unit
and/or command.
In the field of police and military intelligence, Security Survey is defined as a
counterintelligence service to assist heads Of office in determining the security measures
required to protect Key installations from possible sabotage, espionage, subversion, And
unauthorized disclosures of, or access to, classified Information or material contained
therein.
D. RELATED TERMINOLOGIES - For better comprehension, the following terminologies
are hereby defined:
1. Survey- the term applied to the first detailed "look see* conducted by a team.
2. Security Inspections or Follow-up Surveys -This is the term referring to the succeeding
surveys after the initial surveys.
3. Supplements Surveys -It is conducted when there is business reorganization with
corresponding changes in object and physical by-outs of the complex.
4. Special Surveys - This is directed by management, if the initial survey appears to have
left certain portions or aspects involving security due to change in policy or operation that
will greatly affect the total security picture.
5. Entrance Conference- A conference or dialogue between the survey team and
management officials of a plant before security survey is conducted.
6. Exit Conference- A conference similar to entrance conference done after the
completion of the security Survey.
SECURITY SURVEY PROCEDURE- Security surveys are conducted by considering the
following steps:
1. Preliminary Planning - To assure as much as possible the successful completion of
security survey, a chronological plan of action is developed. The first action taken by the
security survey agent is to prepare for and Conduct those preliminary courses of action
that precede the actual conduct of the survey.
A very important consideration during the preliminary Planning stage is the use of a
checklist. This is a list of general considerations or specific points that must be covered
during the survey. Checklists may be either the general type or the specific or detailed
type.
2. Initial Briefing (Entrance Conference) - After completion of the preliminary stage, the
specialist is prepared to visit the office. It is to be recalled as mentioned previously that
contact is made with the security officer of the office for the purpose of establishing a time
and date for the initial briefing of the office head. It would be ideal to have at this
conference not only the office head but his entire staff and other key personnel of the
office.
3. Escort Personnel- It is often desirable for both the specialist and the office that an
escort accompany the specialist during the survey. Preferably, this escort should be the
security office of the office or his representative. In any event he should be a person
conversant with the security practice and procedures employed as the office.
4. Preliminary Exterior and Interior Check - As soon as possible after the initial briefing,
the specialist conducts a tour of the area surrounding the office. The purpose of such an
inspection is to gain a general knowledge of those elements outside the office which do
or could conceivably have either a direct or indirect influence upon the security of the
office.
It is often in the areas adjacent to the office that you find many of the office personnel
congregating for relaxation or entertainment, often under circumstances conductive to
loose talk. The agent also checks geographical features: terrain, road and railroad
networks, bridges and natural or man-made hazards near the office.
History of the unit to be surveyed - When the survey Specialist completes his check of
the surrounding area of the installation end preliminary survey of the interior of the
Installation, he is ready to commence the analysis of the office’s security program.
The specialist first determines the history of the organization to be surveyed and or the
office on which it is located. There may be some information contained in the history of
the organization or office which may directly affect the security situation as it exists during
the current survey.
5. Analyzing Existing Security - Having completed the preliminaries and determined the
level of required security, the specialist must now ascertain the existing level of security
of the installation. This portion of the survey is a minute examination of all factors
regarding the physical security, security of personnel and the security of information. It
includes the collection of all factual data that affects the security of the office. This data
will include all preventive measures as well as hazards and deficiencies any of the
security measures the specialist examine are not based upon existing requirements. The
specialist makes his own conclusions which are reflected in his recommendations.
6. Final briefing (Exit conference) - The final conference is an oral to the chief wherein the
specialist determines whether or not his tentative recommendations can be realistically
implemented. The specialist discusses the recommendations with the command since
information may exist which may negate or change the recommendations. In many
instance the chief may have unsuccessfully attempted to implement Corrective measures
or the recommendations are not feasible for some reason unknown to the agent. If the
chief has unsuccessfully attempted to correct its certain security weakness, a report of
these attempts is included in the specialist's final report.
SECURITY INSPRCTION
A. RATIONALE- Established security measures soon become outdated and ineffective
because of the new demands of the organization or business establishment. Or after
prolonged application of the security measures, the establishment becomes susceptible
to security risks. Therefore, follow-up surveys and inspections are conducted to make the
security system applicable to the present and future
B. SECURITY INSPECTION this is a check of how well existing security measures and
regulations are being carried out within a detachment or establishment. A security
inspection may also include an investigation of alleged or suspected security violations.
Physical security is concerned with forces, entrances and exits, guards, traffic control,
lighting, fire control, and with Such other physical measures, which, if properly established
and maintained, will deny access to unauthorized persons.
In the field of police and military intelligence, security inspection is defined as a
counterintelligence service performed to determine compliance with established security
policies and procedures.
C. CHARACTERISTICS OF SECURITY INSPECTION- The security inspection, although
akin to the security survey, is much more restricted in scope. As observed, the security
survey considers everything pertaining to an office’s security, but the security inspection
is limited to determination of the degree of compliance by unit personnel with established
policies and procedures.
D. SECURNTY INSPECTION PROCEDURES - The preliminary and investigative
procedures involved in the conduct of a security inspection are essentially the same as
those required for a security survey; this is the selection of inspection personnel, the
necessary file checks and other preparation, the duties of the in- charge, the use of
checklists and the coordination with the Security Officer. The actual inspection will closely
parallel the same procedures ‘fallowed during the conduct of a security Survey.
Prior to the actual conduct of the inspection, the agent conducts a preliminary check of
the office or offices to be inspected to determine what security regulations are enforced
at the unit.
E. TYPES OF SECURITY INSPECTIONS – There are three Specific types of security
inspections are:
1. Continuous Inspection
To keep pace with the constant changes in the Organization, changes in our
security terms of Attitudes, life-style and moral values, and the rapid Advancement
of technological modifications are all around us, the inspection must be an on-
going and never ending activity.
2. Formal or Informal
For the company which has just upgraded the Security function, hired a new
security administrator, or initiated a security department and program. The Formal
approach to inspection is most desirable, primary because it tells the company how
senior Management feels about protection, and thus Establishes the desirable
climate.
Informal Inspection is usually the result of a long and firmly entrenched inspection
program, understood by all and accepted as part of the organizational life. The
inspection has been stripped of all external Functional Trappings of importance,
but their Importance has not been lessen in any manner. They are seriously and
quietly executed in a spirit of Understanding and cooperation.
3. Structured or Unstructured Inspection
Structured Inspection is one that moves systematically from one area to the next
and so on there is a format or logical sequence to the process. For instance, the
audit may start with the first line of defense, then the second line, then the third
line, etc.