LESSON 2

RISKS ANALYSIS AND SECURITY HAZARDS

Understanding the reasons for security and protection measures will be included in this
module. Further, topics on risk management and strategies, security hazards, and
identification and avoidance of pilferage will be the bulk of discussions.
RISKS MANAGEMENT ALTERNATIVES AND STRATEGIRS
A.DEFINITION OF TERMINOLOGIES
Security is all about reducing or eliminating the impact or effect of potential risks or
hazards. Security managers normally conduct security surveys and security inspections
to determine the needed security measures. The following terms are defined to guide
security managers in determining the appropriate security measures in response to
potential risks or hazards.
1. Hazards - exposure to the chance of loss or injury; synonymous to risk and or peril.
2. Security Hazards - Any act or condition which may result in the compromise of
information, loss of life, loss or destruction of property or disruption of the objective of the
installation. It can also be defined as an act or condition affecting the safe operation of
the facility caused by human action accidental or intentional.
3. Risk - It is the potential damage or loss of an asset. The level of risk is a combination
of two factors: The value placed on that asset by its owner and the consequence, impact
adverse effect of the loss or damage to that asset and; the likelihood that a specific
vulnerability will be exploited by a particular threat.
4. Risk Management- It is a process of selecting and implementing security
countermeasures to achieve an acceptable level of risk at an acceptable cost.
5. Risk Analysis - It is the analysis of risk which includes examinations of the vulnerability,
probability and criticality of potential threats and include natural and man-made risk.
6. Adversary - An individual, group, organization, or government that conducts activities
or has the intention and capability to conduct activities detrimental to the individual,
private or government entity.
7. Asset - Any information, facility, material, information, or activity which has a positive
value to its owner whether it is an individual, private or government entity.
8. Countermeasures - An action taken or a physical security used to reduce or eliminate
one or more vulnerabilities. The cost of possible countermeasures may be monetary, but
may also include non-monetary cost such as reduced operational efficiency, adverse
publicity unfavorable Working conditions, and political consequences.
9. Probability - It is the chance or likelihood that a loss will take place. Indicated by a
mathematical statement concerning the possibility of an event occurring.
10. Criticality - It is the impact of a loss as measured in financial terms. How important it
is in terms of the survival or existence of the organization.

B. RELATIVITY OF RISK AND SECURITY

The extent and degree of risks to security is dependent on the following:
1. Relative criticality of operation - This pertains to the importance of the firm with
reference to the natural economy and security. Example is gasoline depots,
communication transmission lines, and power plants.
2. Relative vulnerability - This is the susceptibility of the plant or establishment to damage,
loss or disruption of operation due to various hazards. A good example is the location of
the building; the machines; or presence of possible poisons. Security managers and
planners normally consider the above relativity in determining the degree of security
measures needed to reduce or eliminate the potential risks or hazards.
C. RISK MANAGEMENT ALTERNATTVES AND STRATEGIES
To lessen or eliminate the effect of risks or hazards, the following are the alternatives and
strategies that are commonly applied by industrial security managers:
1. Risk Avoidance - This is the eliminating or removing the risk totally from the business,
government, or industrial environment for which the risk manager has responsibility. A
good example of this is the proper disposal of inflammable substances.
2. Risk Reduction- This is the decreasing the risk by minimizing the probability of the
potential loss. The reduction of criminal opportunity is often accomplished by situational
crime prevention strategies to discourage, deter, or deny criminal incidents. A good
example is the construction of fences and similar physical barriers.
3. Risk Spreading - This is the spreading the risk through Compartmentation or
decentralization to limit the impact (criticality) of the potential loss. This could be done by
using numerous vaults or safes for the safekeeping of valuables such as documents and
paper bills.
4. Risk Transfer - This is the moving the financial impact of the potential loss-over to an
insurance company. This is done by availing of property and life insurances. Hiring
security agencies is also a good example of this.
5. Risk Self-assumption - This is a planned assumption and acceptance of the potential
risk by Making a deliberate managerial decision of doing nothing about the threat, or
setting aside resources for use in case of a specific loss incident.
SECURITY HAZARDS
A. HAZARDS IN GENERAL
As earlier defined, hazard could mean exposure to the chance of loss or injury: or the
Term is synonymous to risk and or peril. In the field of industrial security, any hazardous
situations or conditions are called security hazards. Normally, loss of life and damage to
properties are caused by human negligence in their failure to recognize the adverse effect
of a particular condition or event. Security interferes by removing or deterring the
identified hazards.
B. TYPES OF HAZARDS
There are various forms and causes of hazards. Generally however, they can be
classified into:
1. Natural Hazard- these are hazards which arise from natural phenomena. The following
are types of natural hazards or disasters:
a. Floods caused by typhoons
b. Earthquakes
C. Fire (not caused by human action)- such as those cause by lightning.
d. Storms (typhoons, cyclones, tornado and hurricane)
e. Lightning storms
f. Extreme temperature and humidity
2. Human-Man made Hazards - These are hazards which are the result of a state of mind,
attitude, weaknesses or character traits of one or more persons. They can be acts of
commission or omission, both overt and overt, which can disrupt operation of a plant or
installation. It includes but not limited to the following:
a. Sabotage - It can be described as the deliberate destruction the deliberate damaging
or destroying of property or equipment, for example by resistance fighters, enemy agents,
disgruntled workers; or action to hinder or an action taken to undermine or destroy
somebody's efforts or achievements.
b. Espionage - It is describes as the activity of spying or the use of spying or spies to
gather secret information. This is a hazard because people may come to know the
confidential processes or procedures of a certain organization or business establishment
(Microsoft, Encarta, 2001-2005).
c.Pilferage - the act of stealing small things or items of little value, especially habitually.
d. Theft and Robbery - Both acts involve the taking of another's property with intent to
gain without the owner’s consent. Theft is committed without violence against or
intimidation of persons nor force upon things while robbery involves intimidation of
persons or force upon things.
e.Disloyalty This is the act of unfaithfulness to one's organization. This is hazardous
because it may lead to unauthorized disclosure of information
f. Disaffections - This is manifested by losing satisfaction thereby causing the dissatisficed
person to commit acts that may cause peril to his own organization.
g. Subversive activities - These are activities designed to overthrow government or
intended or likely to undermine or overthrow a government or other institution. These are
hazards because they may cause disruption of the normal operations of an institution or
organization.
C. PERSON'S INTERNAL HAZARDS
Every employee of the company or business establishment including but not limited to
the assigned security personnel are all possible causes of security hazards. This is
because of the following that are innate to every human being:
1. Faith - In the sphere of security operations, faith can be a questionable virtue. Those
persons in which trust of their fellowmen is an abiding instinct, and who Consider
themselves a definite threat to effective Security, for the entire training an enemy is aimed
at deceiving this type of person.. He may do this through an infinite number of ways, but
it is often the most Common place and unexpected that prove most dangerous to the
company's and most often productive to him.
2. Conceit - It is the desire to satisfy the ego or impress someone, provides the enemy
agent with his best Source of information. An individual may unconsciously disclose
sensitive information to unauthorized persons because of conceit.
3. Enthusiasm and Pride - These are common causes of indiscretion. Anyone who is truly
interested in his job finds it difficult not to talk and write about it. The Foreign agent and/or
criminal elements by touching upon the individual's pride in his unit or mission can learn
much about the equipment, training operation, personnel and its strength
4. Ignorance - Many people compromise vital information simply because they do not
realize its value and do not know the methods by which intelligence agencies Operate
through security education and indoctrination, one can combat this.
PILFERAGES AND OTHER SRCURITY HAZARDS
A. PILFERAGE AS A SECURITY HAZARD
As earlier described, pilferage is the act of stealing small items or items of little value.
However, these little items when accumulated become a great loss to a business
establishment. In the field of business, pilferage is one of the most annoying and common
human hazards which security has to deal with. This activity if uncontrolled can become
financial drain if not a menace to smooth and orderly operation. Failure to detect shortage
and inaccurate inventories will cause inventory losses, which may be labeled as pilferage.
1. Types of Pilferers
a. Casual Pilferer is one who steals due to his inability to resist the unexpected opportunity
and has little fear of detection is no plan or premeditation and he is usually a "loner" on
the job. The temptation to pick up the article is basically due to poor security measure.
The implication of causal pilfering is the big cumulative cost if it remains unchecked.
b. Systematic Pilferer is one who preconceived plans and takes away any or all types of
items or supplies for economic gain. Pilferers of this kind can be employees or outsiders
of the establishment.
2. Factors considered in Pilferage
a. Location of items to be pilfered - the systematic pilferer surveys shopping and store
areas, or through contacts from the firms.
b. Access to the items - techniques can be from fake documents, bribing of guards,
outsmarting security, creating disturbance and other methods to divert attention while
pilferage goes on.
c. Removal of item - this can be done as wearing the stolen shoes or shorts, concealment
in body or vehicles, use of false documents, etc. Driver may conceal pilfered items in his
vehicle.
d. Disposal of items - there is a need for "fences" brokers" or "clearing houses" for these
"hot items.
3. Countermneasures for Casual Pilferage
a. "Spot": check on outgoing vehicles and persons.
b. An aggressive security education and indoctrination program with emphasis that "crime
does not pay.
c. Superiors should set example of integrity and desirable moral climate for employees in
the establishment.
d. All employees must be enjoined to report or any loss to security.
e. Inventory and control methods should be done especially to pilferable items.
f. Control of tools equipment and sets.
4. Countermeasures for Systematic Pilferage
a. Guards and electronic surveillance on all exits.
b. Package and material control system.
C. Parking area Outside Perimeter Fence Of establishment
d. Careful screening and background checks on applicants to weed out potential thieves.
e. Investigation of all losses quickly and efficiently to determine “modus operandi or obtain
clues.
f. Alert all patrols to check areas and buildings for possible concealment of stolen
properties.
g. Install mechanical, electrical, electronic detection and alarm devices where needed and
applicable.
h. Establish an effective lock and key control system.
i. Use of appropriate perimeter fencing and lighting for parking facilities and areas for
vehicles and persons.
j. Store bulk quantities of pilferable items in enclosed security areas and distribute them
to using section in limited quantities.
k. Establish accurate inventory and accounting methods for procurement, use and
disposal.
1. Establish close liaison with governmental law enforcement and intelligence agencies.
B. SABOTAGE AS A SECURITY HAZARD - As earlier defined sabotage is the deliberate
destruction or the deliberate damaging or destroying of property or equipment.
1. Description of a Saboteur:
a. He is the most dangerous foe that security will have to deal with while planning and
implementing security measures and techniques.
b. He is an ordinary looking as the guy next door but in his mind, he has the training in
deception, knowledgeable in incendiaries, explosives, chemistry, bacteriology,
mechanics and psychology.
c. He can work alone, in-groups, or simultaneously in several places.
2. As initial security measure, saboteurs target are any of the following:
a. Armed Forces Installations
b. Natural resources- mines, forests, farms and farm products
c. Industries like the buildings, power sources, machinery, fuel, etc.
d. Warehouses utilities, etc. depots, communications,
3. Countermeasures against Sabotage
a. Use of an efficient, alert and trained guard force.
b. Use of Physical security aids like barriers, personnel and vehicular control, intrusion
devices, communication systems, and electric aids.
C. Proper screening of personnel public
d. Identification and movement control system.
e. Searches on incoming vehicles.
f. Safeguarding of classified information.
g. Designation of restricted areas.
h. Investigation of breaches of security.
i.Security education and indoctrination.
j.Good housekeeping methods.
k. Effective and compatible emergency planning.
l.Regular audit.
m. Continuing background checks.
C. ESPIONAGE AS A SRCURITY HAZARD - As earlier stated, espionage is a hazard
because it may cause unauthorized as closures of company information, processes and
procedures.
1. Description of an Espionage Agent
a. He is very dangerous adversary and his skills in deception and his cunning should
never be under estimated.
b. He is usually a person of extensive training and will be highly effective in gaining the
confidence of people and of extracting information of value to be relayed to his employer
or handler.
c. Even how well-trained an espionage agent he might be, he is human like the saboteur
and he can be defeated in his own game if proper methods and techniques are
undertaken.
2. Some Methods Employed by Espionage Agent
a. Stealing or information from employees
b. Stealing information from records or other sources.
C. Using various methods of reproducing documents
Products, equipment or working models.
d. Using “front as Commercial concerns, travel agencies, associations, business groups
and other organizations to obtain confidential information or data.’
e. Using various form or threats to obtain information.
f. Using blackmail techniques by exposing intimate and personal details concerning an
individual or organization.
g. Picking or securing information in social and other gatherings
h. Penetration and operational tactics.
3. Countermeasures against Industrial Espionage
a. Careful and complete pre-employment measures designed to control threats of
industrial espionage.
b. Continuing personnel check on employees and particularly personnel on sensitive
positions even already employed.
C. Prevention of unauthorized entry to the plant or Industrial installation.
d. Restricting of movement of personnel in the premises of the plant.
e. Controlled disposal of waste papers including carbons in classified work.
f. Only properly cleared personnel should handle classified document.
D. SUBVERSIVE ACTIVITY AS A SECURITTY HAZARD -This is clearly a security
hazard because it disrupts normal operation within a certain organization or institution.
1. Threats of Subversive Activity
a. It can be local or national in nature and their mission is to undermine the authority
weaken the organization, 'and eventually take over. This can be in business or any
activity.
b. This can be in the form of rumor mongering, propaganda, undermining morale, and
injecting defeatist attitudes and other emotional approaches.
c. It is an activity not easy to detect.

2. Countermeasures to Subversive Activity

a. The spreading of rumors, written materials, slogans or any other devices to confuse
the work population should be and discredit the government
b. Labor and other company unions can be infiltrated so that strikes and "slow downs"
can be called to disrupt the normal operation of a plant or installation immediately
reported.
C. Security force should be alerted for person trying to recruit others in organizing
movements for peace, anti-colonials, anti-trade and anti-imperialism.
d. Employees or outside personnel seeking memberships in "paper organizations" should
report this activity to security.
e. Other methods of subversion like united fronts, mob action, terrorism and sabotage will
be done to gain the subversive ends.
MODULE 3

LESSON 1. PERSONNEL, DOCUMENT AND INFORMATION SECURITY

LESSON 2. RISK ANALYSIS AND SECURITY HAZARDS
LESSON 3. SECURITY SURVEY, SECURITY INSPECTION AND SECURITY
INVESTIGATION
PERSONNEL, DOCUMENT AND INFORMATION SECURITY
The various systems employed in securing company Securing Company Personnel,
documents, and information will be highlighted in this Module. It will also include the
different systems of classifying Documents and information. To facilitate easy
comprehension, the module is logically Divided and arranged into the following:
PERSONNEL SECURITY
1. Definition: Personnel Security includes all the security measures designed to prevent
unsuitable individuals or persons of doubtful loyalty to the government, from gaining
access to classified matter or to any security facility, and to prevent appointment, or
retention as employees of such individuals.
2. Scope and Purpose: Personnel security generally embraces such security measures
as personnel security investigation, security orientation and indoctrination and security
education as will ensure the prevention of unsuitable individuals or persons of doubtful
loyalty to the government, from gaining access to classified matter or being appointed,
employed or retained as employees.
3. Principle: Just any other control technique, security must start from a given foundation
or basis and this basis shall be referred to as the principles of security. Security principles
are normally disseminated by regulations or directives to insure uniformity of purpose,
logical and similar methods of operation and appropriate and continuous placement of
responsibility.
4. The Security "Chain": Personnel Security is the "weakest link" in the security "chain".
This weakness can best be minimized or eliminated by making the personnel security
conscious through good training program. Security depends upon the action of the
individuals. The superior must instruct his subordinates so that they will know exactly
what security measures to take in every instance, a safe will not lock itself. An individual
must be properly instructed and must do the locking.
CONTROL OF PERSONNEL
Access to “Restricted Areas” can be partially controlled by Fences, gates and other
physical means, but the individual working in the area is the key to the bringing out of
classified Matter to unauthorized personnel. Written information does not have the power
of speech. Only the individual has knowledge of this written information can pass it to an
unauthorized personnel if he unguardedly talks about information. It is the individual
responsibility to insure that he knows Security procedures and safeguards, and it is the
commander’s Responsibility to motivate each individual to insure that he complied with
this procedures and safeguards. Instructions on Security procedures, principles and
concepts are valueless unless one impresses upon each individual having access to
classified Information the necessity of practicing the “need-to-know Concept
“No person is entitled to knowledge or possession of classified information solely by his
rank, office, or position. Such Matter is entrusted only to individuals whose official duties
require knowledge or possession.” Responsibility for determining whether a person’s
official duties require access to item to classified information rests upon each individual
who has Knowledge, possession, or command control of the information Involved and not
upon the prospective recipient
OBJECTIVES OF PERSONNEL SECURITY
1. To provide the standards and procedures necessary to insure the appointment,
employment of retention of suitable and loyal individuals.
2. To develop the necessary and proper security discipline among the applicants and
employee as well as protect and Preserve the security interest of the organization.
3. Inculcate the desirable security attitudes and habits among the applicants and
employees.
BASIC POLICIES IN PERSONNEL SECURITY
1. No person is entitled solely by virtue of his grade or Position to knowledge or
possession of classified matter. Classified matter shall be entrusted only to those
individuals whose official duties require such knowledge or possession, and who
have been granted the proper clearance.
2. All personnel whose duties require access to classified Matter shall be subject to
a security investigation to Determine eligibility for the required security clearance.
3. All personnel shall undergo security orientation, indoctrination and security
education.
CONTROL OF PERSONNEL IN THE PHYSICAL FACILITY
In every installation, the use of protective barriers, security lighting,
Communication and electronic hardware provides physical safeguards but these are
insufficient to maximize the effort of the guard force. A control point must be established
for positive personnel identification and check system. This is to insure that only those
persons who have the right and authority will be given the necessary access to the area.
The most practical and generally accepted system of personnel identification is the use
of identification cards badges or passes. Generally speaking, this system designates
when and where and how identification cards should be displayed, and to whom. This
helps security personnel eliminate the risk of allowing the access of unauthorized
personnel within the establishments.
1. Two (2) Types of Personnel identification
a. Personal recognition familiarity of the person’s Characteristics.
b. Artificial recognition- identification cards, passes, Passwords, etc.
2. Use of Pass System
a. Single pass system- the badge or pass coded for Authorization to enter
specific areas is issued to an Employee who keeps it in his possession until
his Authorization is terminates.
b. Pass exchange system- an exchange takes place at the entrance of each
controlled area. Upon leaving the personnel surrenders his badge or passes
and retrieve back his basic identification.

C. Multiple pass system this provides an extra Measure of security by requiring

that an exchange take Place at the entrance of each restricted area.
3. Badge and Pass Control
a. The system should have a complete record of all Badges and identification
cards issued, return, mutilated or lost by serial number and cross-indexed
alphabetically.
b. The supervisor from time to time for its accuracy and authenticity should
check the lists.
C. Passes and badges reported lost should be validated and security at
entrance be informed through conspicuous Posting.
VISITORS MOVEMENT CONTROL
Security should establish proper methods of establishing the authority for
admission of visitors as well as the limitation. This security measure would depend on the
sensibility of the installation, but could include the following:
1. Visitor's logbook all visitors to any facility should be required to identify themselves and
should be given a visitor's ID by the security. Visitor's logbook should be filled up with the
named of visitors, nature and duration of visit.
2. Photograph-taking of photographs should also be considered. Extreme caution must
be exercised in areas where classified information is displayed to preclude unauthorized
taking of pictures of the installation. If a visitor has camera and it is prohibited to take
picture, said camera should be left in the care of security with corresponding receipt
3. Escort- If possible visitors should be escorted by the Security to monitor their activity
within the establishment and Guide them where to go.
4. Visitor entrances -separate access for visitors and employees of the establishment
should be provided.
5. Time-traveled If there is a long delay or time lapse between the departure and arrival,
the visitors may be required to show cause for the delay.
6. Access List-record of pre-determined visitors

PACKAGE MOVEMENT CONTROL

Every facility must establish a system for the control of Package entering or leaving the
premises. However, desirable it Might seem it is simply unrealistic to suppose that a
blanket rule Forbidding packages either in or out would be workable. Such a Rule would
be damaging to the employee morale and, in many Cases, would actually work against
the efficient operation in the Facility. Therefore, since the transporting of packages
through the Portals is a fact of life, they must be dealt with in order to prevent theft and
misappropriation of company properties. Thus;
1. No packages shall be authorized to be brought inside the industrial installation,
offices and work area without Proper authority. This basic precept help reduce if
not Eliminate pilferage, industrial espionage or sabotage.
2. Outgoing packages carried by personnel should be closely inspected and those in
vehicles should also be checked as many pilfered items are hidden in the surface
of the vehicles leaving the compound.
3. Any personnel/visitor entering the installation with Package should deposit the
same to the security and in Return receives a numbered tag, which he/she will use
Claiming his/her package upon departing.
CONTROL OF VEHICLE IN THE INSTALLATION
Vehicular traffic within the boundaries of any facility must be carefully controlled for safety
as well as to control the transporting of pilfered goods from the premises. Thus:
1. Privately owned vehicle of personnel/visitor should be registered and are subject to the
identification and admittance procedure.
2. Vehicles should be subjected for search at the entrance and exit of the installation.
3. All visitors with vehicle should provide the security as to the complete details of their
duration of stay, person to be visited, and other information.
4. All vehicles of visitors should be given a sign/sticker to be placed on the windshield.
5. Traffic warning signs should be installed in all entrances in order to guide the visitors
in their destination as well to provide them with the necessary safety precautions while
they are inside the installation.
6. Security personnel must constantly supervise parking areas and make frequent spots
searches of vehicles found there.
BUILDING ACCESS CONTROL
At any physical barrier, a security system must possess the Ability to distinguish among
authorized persons, unauthorized Visitors, and other unauthorized persons. This is to
assist the Security personnel protects sensitive are and information within the installation.
Appropriate warning signs should be posted at the building perimeter. Special restricted
entry facilities to public Access should be provided. This will be dependent on the degree
of security needed for the protection of property, activity and other processes within the
building. A clear-cut policy on the Access control should be disseminated to all personnel
of the Installation.
PERSONNEL SECURITY INVESTIGATION
It is an inquiry into the character, reputation, discretion and loyalty of individual in order
to determine a person's suitability to be given security clearance.
1. Types of Personnel Security Investigation (PSI)
a. National Agency Check (NAC).-This is an investigation of an individual made upon the
basis of Written information supplied by him in response to official inquiry, and by
reference to appropriate national agencies. It is simply a check of the files and record of
national agencies. The national agencies checked under this type of investigation are the
following:

1) National Intelligence Coordinating Agency (NICA)

2) National Bureau of Investigation (NBI)
3) ISAAFP or J2 Division, GHQ AFP
4) CIDG PNP Camp Crame., etc.
b. Local Agency Check (LAC)-This type of investigation consist of the first type plus
written inquiries sent to appropriate local government agencies, former employees,
references and schools listed by the person under investigation. The local agencies
normally check besides the past employment, schools and references are the following:
1) Place of the locality where the individual is a resident.
2) Mayor, Police, Fiscal, Judge of the locality where the individual is a resident.
BACKGROUND INVESTIGATION
This is more comprehensive investigation than the NAC and LAC. A thorough and
complete investigation of all or some of the circumstances or aspects of a person’s life is
conducted.
1. Types of BI – It may either be a complete (CB) or a Partial Background Investigation
(PBI).
a. Complete Background Investigation Consist of the investigation of the background of
a person, particularly all the circumstances of his personal life.
b. Partial Background Investigation Consist of the investigation of the background of an
individual but limited only to some of the circumstances of his personal life which are
deemed pertinent to the investigation. Normally, the request for the investigation will
indicate the specific personal circumstances to be covered. This type of BI is also used
to further develop questionable information contained in another investigation report.
2. Factors considered in Background Investigation.
a. Loyalty faithful allegiance to the country, Government and its duly constituted authority.
b. Integrity uprightness in character, soundness of moral principles, freedom from moral
delinquencies, ore more simply stated-honesty.
c. Discretion the ability of tendency to act or decide with prudence; the habit of wise
judgment or simply stated-good judgment
d. Moral distinctive identifying qualities which serve as an index to the essential or intrinsic
nature of a person; his outward manifestation, personal traits or moral habits.
e .Character- the sum of the traits that serves as an index of the essential intrinsic nature
of a person. It is the aggregate of distinctive mental and moral qualities that have been
impressed by nature, education and habit upon the individual.
f. Reputation opinion or estimation in which one is generally held. It is what one reported
to be, whereas character is what a person is.

DOCUMENT AND INFORMATION SECURITY

RATIONALE
Document and information in whatever form plays a significant role in the daily operations
and activities of an installation. Once the contents of a company's document and
information are divulged and reached the hands of an adversary, the business operational
stability is at stake. It may cause huge losses on the Company's assets that could lead to
its total closure. In this particular lesson, document and information security are discussed
in the light of security management for private industrial establishments. In this particular
lesson, document and information Security are discussed in the light of security
management for Private industrial establishments.
BASIS OF DOCUMENT AND INFORMATION SECURITY
On the part of the government, “Security of documents and information is based
on the premise that the government has the right and duty to protect official paper from
Unwarranted and indiscriminate disclosure. On the other hand, private individuals and
private business establishments stand on the constitutional provisions on the "right of
privacy" where it is stated that "the right of a person to be free from unwarranted publicity,
or disclosure and the as the right to live without unwarranted interference by the public in
matters with which the public is not necessarily Concerned.
In addition, business enterprises have the right over their intellectual rights of their
company properties including operations and production operations.
1 Deter and impede potential spy or prevent espionage
2. Assist in security investigations by keeping accurate records of the moments of
classified materials; and
3. Enforce the use of "Need to Know principle.
DOCUMENT SECURITY SYSTEMS
This is the aspect of security which involves the application of security measures
for the proper protection and safeguarding of classified information. In Document and
Information Security, a matter includes everything, regardless of its physical character, or
in which Information is recorded or embodied. Documents, equipment, Projects, books,
reports, articles, notes, letters, drawings, Drawings, sketches, plans, photographs,
recordings, machinery, Models, apparatus, devices, and all other products or substances
Fall within the general term “matter”. Information, which is transmitted orally, is considered
“matter” for purposes of Security.
TYPES OF BUSINESS RECORDS
In some business establishments, documents and records are classified to determine the
degree of security needed. The classifications are:
1. Class I (Vital Records) - These include records that are liable records of which
reproduction does not have the same value as the original, records needed to recover
cash to replace buildings, equipment, raw materials, finished products and records
needed to avoid delay in restoration of production, sales and services.
2. Class II (Useful Records) these include records which Loss might cause inconvenience
but could be readily replace and which would not in the meantime present an
insurmountable obstacle to the prompt restoration of the business.
3. Class III (Important Records) - These include records of the reproduction of which will
involve considerable expense and labor, or considerable delay. Operating and statistical
records belong to this class as well as those to maintain check on efficiencies, operating
costs, etc. Also included are contracts, customer's credit files, sales records, designs in
process development, records of experiments in progress, etc.
4. Class IV (Non-Essential Records)- These are the daily files, routine in nature so that
even if lost or destroyed, will not affect operation or administration.
SECURITY CLEARANCE
Security Clearance is the certification by a responsible Authority that the person
described is cleared for access to Classified matter the appropriate level, or Security
Clearance Refers to the administrative determination that an Individual is eligible for
access to classified matter. Need-to-know is the principle whereby access to classified
matter May only be only given to those persons to whom it is necessary for the fulfillment
of their duties. Persons are not entitled to have access to classified matter solely by virtue
of their status or office. It is a requirement that the dissemination of classified matters be
limited strictly to Persons whose official duty requires knowledge or possession thereof.
CERTIFICATE OF DESTRUCTION
This is the Certification by a witnessing officer that the classified Matters describe
therein has been disposed of in his Presence in an approved destruction methods.
OTHER TERMINOLOGIES
The following are other Terminologies relative to document and information
Security:
1. Classified refers to assign information by one of the four classification categories.
2. Compromise means loss of security, Which Results from an authorized persons
obtaining Knowledge of classified matter.
3. Compartmentation is the grant of access Classified matter only to properly
cleaved persons in the performance of their official duties.
4. Declassify is the removal of Classification from classified matter.
5. Reclassify /Re-grading is the act of changing the Assigned classification of
matter.
6. Upgrading is the act of assigning to a matter of higher classification to a classified
7. Dissemination Dissemination of classified matter shall be restricted to properly
cleared persons whose official duties required knowledge or possession thereof.
Responsibility determination of "need-to-know" rests upon both each individual, who has
possession, knowledge or command control of the information involve, and the recipient.
8. Purging is the process of destroying a document which is no longer significant in
the organization.
LESSON 3
SECURITY SURVEY, SECURITY INSPECTION AND SECURITY INVESTIGATION
Overview
The methods of conducting security survey and security inspection as well as security
investigation will be highlighted in this module. It will also include discussions on survey
and inspection reports preparation.
SECURITY SURVEY
A. RATIONALE- The information pertaining to one of the most important security services
offered to a head of office is the Conduct of security surveys and security inspections.
Security surveys and security inspections are conducted for the establishment of an
effective Security System.
Since there are many security countermeasures to be considered, heads of offices should
utilized specially trained personnel, if the efforts of espionage and sabotage agents and
other criminal elements are to be negated. Security is an extremely complex program and
the objective analysis of an office head's security program by security survey and
inspection personnel can be of great assistance in determining the efficiency of any
established security program.
B. SECURITY SYSTEM -This is the set of policies, procedures and rules and regulations
designed to reduce to an absolute Minimum the possibility of espionage, sabotage and
compromise of classified information of an office or a whole establishment.
C. SECURITY SURVEY – This is also known as security audit which is actually a fact-
finding probe to determine a plant’s Adequacy and deficiency in all aspects of security,
with the Corresponding recommendations.
It is also referring to an estimate of the security standards of a unit, and is conducted to
enable the responsible officer to Recognize and evaluate security hazards and determine
protective Measures necessary to the prevention of sabotage, espionage, Subversive
activities and other criminal acts inimical towards the Interest and/or mission of the unit
and/or command.
In the field of police and military intelligence, Security Survey is defined as a
counterintelligence service to assist heads Of office in determining the security measures
required to protect Key installations from possible sabotage, espionage, subversion, And
unauthorized disclosures of, or access to, classified Information or material contained
therein.
D. RELATED TERMINOLOGIES - For better comprehension, the following terminologies
are hereby defined:
1. Survey- the term applied to the first detailed "look see* conducted by a team.
2. Security Inspections or Follow-up Surveys -This is the term referring to the succeeding
surveys after the initial surveys.
3. Supplements Surveys -It is conducted when there is business reorganization with
corresponding changes in object and physical by-outs of the complex.
4. Special Surveys - This is directed by management, if the initial survey appears to have
left certain portions or aspects involving security due to change in policy or operation that
will greatly affect the total security picture.
5. Entrance Conference- A conference or dialogue between the survey team and
management officials of a plant before security survey is conducted.
6. Exit Conference- A conference similar to entrance conference done after the
completion of the security Survey.
SECURITY SURVEY PROCEDURE- Security surveys are conducted by considering the
following steps:
1. Preliminary Planning - To assure as much as possible the successful completion of
security survey, a chronological plan of action is developed. The first action taken by the
security survey agent is to prepare for and Conduct those preliminary courses of action
that precede the actual conduct of the survey.
A very important consideration during the preliminary Planning stage is the use of a
checklist. This is a list of general considerations or specific points that must be covered
during the survey. Checklists may be either the general type or the specific or detailed
type.
2. Initial Briefing (Entrance Conference) - After completion of the preliminary stage, the
specialist is prepared to visit the office. It is to be recalled as mentioned previously that
contact is made with the security officer of the office for the purpose of establishing a time
and date for the initial briefing of the office head. It would be ideal to have at this
conference not only the office head but his entire staff and other key personnel of the
office.
3. Escort Personnel- It is often desirable for both the specialist and the office that an
escort accompany the specialist during the survey. Preferably, this escort should be the
security office of the office or his representative. In any event he should be a person
conversant with the security practice and procedures employed as the office.
4. Preliminary Exterior and Interior Check - As soon as possible after the initial briefing,
the specialist conducts a tour of the area surrounding the office. The purpose of such an
inspection is to gain a general knowledge of those elements outside the office which do
or could conceivably have either a direct or indirect influence upon the security of the
office.
It is often in the areas adjacent to the office that you find many of the office personnel
congregating for relaxation or entertainment, often under circumstances conductive to
loose talk. The agent also checks geographical features: terrain, road and railroad
networks, bridges and natural or man-made hazards near the office.
History of the unit to be surveyed - When the survey Specialist completes his check of
the surrounding area of the installation end preliminary survey of the interior of the
Installation, he is ready to commence the analysis of the office’s security program.
The specialist first determines the history of the organization to be surveyed and or the
office on which it is located. There may be some information contained in the history of
the organization or office which may directly affect the security situation as it exists during
the current survey.
5. Analyzing Existing Security - Having completed the preliminaries and determined the
level of required security, the specialist must now ascertain the existing level of security
of the installation. This portion of the survey is a minute examination of all factors
regarding the physical security, security of personnel and the security of information. It
includes the collection of all factual data that affects the security of the office. This data
will include all preventive measures as well as hazards and deficiencies any of the
security measures the specialist examine are not based upon existing requirements. The
specialist makes his own conclusions which are reflected in his recommendations.
6. Final briefing (Exit conference) - The final conference is an oral to the chief wherein the
specialist determines whether or not his tentative recommendations can be realistically
implemented. The specialist discusses the recommendations with the command since
information may exist which may negate or change the recommendations. In many
instance the chief may have unsuccessfully attempted to implement Corrective measures
or the recommendations are not feasible for some reason unknown to the agent. If the
chief has unsuccessfully attempted to correct its certain security weakness, a report of
these attempts is included in the specialist's final report.
SECURITY INSPRCTION
A. RATIONALE- Established security measures soon become outdated and ineffective
because of the new demands of the organization or business establishment. Or after
prolonged application of the security measures, the establishment becomes susceptible
to security risks. Therefore, follow-up surveys and inspections are conducted to make the
security system applicable to the present and future
B. SECURITY INSPECTION this is a check of how well existing security measures and
regulations are being carried out within a detachment or establishment. A security
inspection may also include an investigation of alleged or suspected security violations.
Physical security is concerned with forces, entrances and exits, guards, traffic control,
lighting, fire control, and with Such other physical measures, which, if properly established
and maintained, will deny access to unauthorized persons.
In the field of police and military intelligence, security inspection is defined as a
counterintelligence service performed to determine compliance with established security
policies and procedures.
C. CHARACTERISTICS OF SECURITY INSPECTION- The security inspection, although
akin to the security survey, is much more restricted in scope. As observed, the security
survey considers everything pertaining to an office’s security, but the security inspection
is limited to determination of the degree of compliance by unit personnel with established
policies and procedures.
D. SECURNTY INSPECTION PROCEDURES - The preliminary and investigative
procedures involved in the conduct of a security inspection are essentially the same as
those required for a security survey; this is the selection of inspection personnel, the
necessary file checks and other preparation, the duties of the in- charge, the use of
checklists and the coordination with the Security Officer. The actual inspection will closely
parallel the same procedures ‘fallowed during the conduct of a security Survey.
Prior to the actual conduct of the inspection, the agent conducts a preliminary check of
the office or offices to be inspected to determine what security regulations are enforced
at the unit.
E. TYPES OF SECURITY INSPECTIONS – There are three Specific types of security
inspections are:
1. Continuous Inspection

To keep pace with the constant changes in the Organization, changes in our
security terms of Attitudes, life-style and moral values, and the rapid Advancement
of technological modifications are all around us, the inspection must be an on-
going and never ending activity.
2. Formal or Informal

For the company which has just upgraded the Security function, hired a new
security administrator, or initiated a security department and program. The Formal
approach to inspection is most desirable, primary because it tells the company how
senior Management feels about protection, and thus Establishes the desirable
climate.

Formal Inspection is one which some fanfare is attached. It is usually preceded by

an announcement, and the unit under inspection “prepares for events, including
some extra housekeeping activities that would not otherwise happen at that point
in time.

Informal Inspection is usually the result of a long and firmly entrenched inspection
program, understood by all and accepted as part of the organizational life. The
 inspection has been stripped of all external Functional Trappings of importance,
but their Importance has not been lessen in any manner. They are seriously and
quietly executed in a spirit of Understanding and cooperation.
3. Structured or Unstructured Inspection

Structured Inspection is one that moves systematically from one area to the next
and so on there is a format or logical sequence to the process. For instance, the
audit may start with the first line of defense, then the second line, then the third
line, etc.

Unstructured inspection is conducted in a random manner. There is no format or

logical sequencing. For example, the inspection may start with countermeasures
for proprietary information, then emergency plan, followed by investigation and so
forth.
SECURITY NVESTIGATION
A. RATIONALE - The functions of Investigation are many and multifaceted. From its latin
derivative, vestigare, investigation implies a tracking, a search, an assimilation, or
collection of information and facts, Today, many business firms and other organizations
employ investigators directly as part of their in- house security programs.
B.SECURITY INVESTIGATION this is a planned and organized determination of facts
concerning specific loss or damage of assets due to threats, hazards or unsecured
conditions.
E.TOOLS OF INVESTIGATION- There are four specific types of investigation which may
be applicable to security, these are:
1. Information- knowledge which the investigator gathers From other persons.
a. Acquired from regular sources- conscientious and Public-spirited citizens,
company files, school files or Records file of other agencies.
b. Acquired from cultivated sources-paid informants, Bartenders, cab drivers,
acquaintances, etc.
2. Interrogation- the skillful questioning of a person who is Reluctant to divulge
information concerning the offense under investigation.
3. Interview- the simple questioning of a witness who has no Personal reason to
withhold information.
4. Instrumentation- the application of instruments and Methods of physical sciences
to the detection of crimes. In As Other words, the sum total of the application of all
Otherwise known Sciences in crime detection Criminalistics