Security is protection from, or resilience
The agent should act in the best interest of
against, potential harm (or other
unwanted coercion).
PRIVATE SECURITY AGENCY LAW (RA 5487 as
Amended)
1. The agency manager is automatically the
Security Director who shall be responsible for
the entire operation and
administration/management of the security.
Security Agency shall appoint a staff officer as -
2. Security Training Officer
~ who shall be rsponsible for the training of the
Agency’s security personnel in accordance with
the requirements of RA 5487 and the IRR
3. Staff Director for Operations
~ is the staff assistant of the security manager
for the efficient operation of the agency
4. Staff Director for Administration
~ is the staff assistant of the agency manager
for the effective and efficient administration
and management of the agency.
5. Detachment Commander
~ Is the field or area commander of the agency
6. Chief Inspector
~ shall be responsible for inspecting the entire
area covered by the detachment
7. Security Inspector
~ Is responsible for the area assign by the Chief
Inspector of the Detachment Commander
8. Post-in-Charge
~ Is responsible for the entire detailed security
office within a certain establishment
9. Shift-in-Charge
~ Is responsible for the security officer who are
scheduled in a certain shift for a particular
period
10. Security Guard
~ Is the one actually posted as watchman and
or guard
THE PRINCIPLE OF AGENCY LAW
1. an agent can act on behalf of a principal to
create legal relations with a third party
2.
the principal and not have a conflict of interest
3. The principal can authorize the agent to
perform various or specific functions
4. Agency law is an area of commercial law that
deals with contractual, quasi-contractual
and non-contractual fiduciary relationships
CODE OF ETHICS OF SECURITY GUARDS
1. As a security agent, his fundamental duty is
to serve the interest or mission of his agency in
compliance with the contract entered into with
the clients of the agency he is supposed to
serve.
2. He shall be honest in thoughts and deeds
both in his personal and official actuations,
obeying the law of the land and the regulations
prescribed by his agency and those established
by the company he is supposed to protect.
3. He shall not reveal any confidential matter
that is confided to him as security guard and
such other matters imposed upon him by law.
4. He shall act at all times with decorum and
shall not permit personal feelings, prejudices
and undue friendship to influence his actuation
in the performance of his official functions.
5. He shall not compromise with criminals and
other lawless elements to the prejudice of the
customer or his client but assist the government
in its relentless drive against lawlessness and
other forms of criminality.
6. He must carry his assigned duties as security
guard or watchman as required by law to the
best of his ability and safeguard life and
property to the establishment he is assigned.
7. He shall wear his uniform, badge, patches
and insignia properly as a symbol of public trust
and confidence as an honest and trustworthy
security guard, watchman and private detective.
8. He must keep his allegiance first to the
government, to the agency he is in, and to the
establishment he is assigned to serve with
loyalty and dedicated service.
9. He shall diligently and progressively
familiarize himself with the rules and
regulations laid down by his agency and that of
the customer or clients.
10. He shall at all times be courteous,
respectful and salute to his superior officers,
government officials and officials of the
establishment where he is assigned and the
company he is supposed to serve.
11. He shall report to perform his duties always
in proper uniform and neat in his appearance.
12. He shall learn at heart or memorize and
strictly observe the laws and regulations
governing the use of firearms.
CODE OF CONDUCT FOR SECURITY GUARDS
1. He shall carry with him at all times during his
tour of duty his, license and identification card
and duty detail order with an authority to carry
firearms
2. He shall not use his licenses and other
privileges, if any to the prejudice of the public,
the client, the customer or his agency
3. He shall not engage in any unnecessary
conversation with anybody except in discharge
of his duties;or sit down unless required by
nature of his work, and shall at times keep
himself alert during his tour of duty
4. He shall refrain from reading newspapers,
magazine, books etc. While actually performing
his duties
5. He shall not drink any intoxicating liquor
immediately before and during his tour of duty
6. He shall know how to operate any fire
extinguisher at his post
7. He shall know the location of fire alarm bow
near his post and sound the alarm in case of fire
or disorders.
8. He shall know the location of the telephone
and/or telephone numbers of the police
precincts as well as the telephone numbers of
the fire stations in locality
9. He shall immediately notify the police in case
of any sign of disorder, strike, and riot or any
serious violation of the law
10. He or his group of guards shall not
participate or integrate with any disorder,
strike, riot or any serious violations of the law
11. He shall assist the police in the preservation
and maintenance of peace and order and in the
protection of life and property, having in mind
that the nature of his responsibilities is similar
to that of the latter.
12. He shall familiarize himself by heart with the
Private Security Agency Law (RA 5487 as
amended )
13. When issued a firearm, he should not lend
his firearm to anybody.
14. He shall always be in proper uniform and
shall always carry with him his basic
requirements and equipment such as writing
notebook, ballpen, night stick(baton) and/ or
radio.
15. He shall endeavor at all times, to merit and
be worthy of the trust and confidence of the
agency he represent and the client he serves
ELEVEN GENERAL ORDERS
1. To take charge of this post and all company
properties in view and to protect/preserve
the same with utmost diligence.
2. To walk in an alert manner during my tour of
duty, keeping always on the alert and observing
everything that takes place within sight or
hearing.
3. To report all violations of orders I am
instructed to enforce.
4. To relay all calls from posts more distant
from the guard house than my own.
5. To quit my post only when properly relieved.
6. To receive, obey, and pass on to the
relieving me all orders from company officers
or officials, supervisors, post-in-charge or shift
leaders.
7. To talk to no one except in line of duty.
8. To give the alarm in the case of fire or
disorder.
9. To call the superior officer in any case not
covered by instructions.
10. To salute all company officials, superiors in
the agency, ranking public officials and officers
of the Philippine National Police.
11. To be especially watchful at night and
during the time for challenging, to challenge all
persons on or near my post, and to allow no one
to pass or loiter without proper authority.
THREE MAJOR AREA OF SECURITY
1. Physical Security
~ pertains to all physical barriers employed
orinstalled to secure assets
2. Personnel Security
~ refers to the procedure followed inquiries
conducted, and criteria applied to determine
the work suitability of a particular applicant of
the retention of a particular employee
3. Document and Information Security
~ refers to policies, regulation, doctrines,
andpractices enforced to safeguard the
contents and integrity of any classified
information or document from compromise or
loss
Political Security
~ Is another category that relate to social
relationships involving governments or entities
that hold authority or power.
PHYSICAL SECURITY (TYPES OF BARRIERS)
1. Natural Barrier
~ It includes bodies of water, mountains,
marshes, ravines, deserts or other terrain that
are difficult to traverse.
2. Structural Barrier
~ These are features constructed by man
regardless pf their original intent that tends to
delay the intruder.
3. Human Barrier
~ Persons being used in providing a guarding
system or by the nature of their employment
and location, fulfill security functions.
4. Animal Barrier
~ Animals are used in partially providing a
guarding system Dogs are usually trained and
utilized to serve as guard dogs. German
Shepherd are the best suited for security
functions. Goose and Turkeys could also be
included
5. Energy Barrier
~ It is the employment of mechanical, electrical,
electronic energy imposes a deterrent to entry
by the potential intruder or to provide warning
to guard personnel. These are proctive lighting,
alarm system and any electric devices as barriers
Information Security programs are build
around 3 objectives, commonly known as CIA –
Confidentiality, Integrity, Availability.
Confidentiality – means information is not
disclosed to unauthorized individuals, entities
and process. For example if we say I have a
password for my Gmail account but someone
saw while I was doing a login into Gmail
account. In that case my password has been
compromised and Confidentiality has been
breached.
Integrity – means maintaining accuracy and
completeness of data. This means data cannot
be edited in an unauthorized way. For example
if an employee leaves an organisation then in
that case data for that employee in all
departments like accounts, should be updated
to reflect status to JOB LEFT so that data is
complete and accurate and in addition to this
only authorized person should be allowed to
edit employee data.
Availability – means information must be
available when needed. For example if one
needs to access information of a particular
employee to check whether employee has
outstanded the number of leaves, in that case it
requires collaboration from different
organizational teams like network operations,
development operations, incident response and
policy/change management.
Denial of service attack is one of the factor that
can hamper the availability of information.
Apart from this there is one more principle
that governs information security programs.
This is Non repudiation.
 Non repudiation – means one party cannot
deny receiving a message or a transaction
nor can the other party deny sending a
message or a transaction. For example in
cryptography it is sufficient to show that
message matches the digital signature
signed with sender’s private key and that
sender could have a sent a message and
nobody else could have altered it in transit.
Data Integrity and Authenticity are pre-
requisites for Non repudiation.
 Authenticity – means verifying that users
are who they say they are and that each
input arriving at destination is from a
trusted source.This principle if followed
guarantees the valid and genuine message
received from a trusted source through a
valid transmission. For example if take
above example sender sends the message
along with digital signature which was
generated using the hash value of message
and private key. Now at the receiver side
this digital signature is decrypted using the
public key generating a hash value and
message is again hashed to generate the
hash value. If the 2 value matches then it is
known as valid transmission with the
authentic or we say genuine message
received at the recipient side
 Accountability – means that it should be
possible to trace actions of an entity
uniquely to that entity. For example as we
discussed in Integrity section Not every
employee should be allowed to do changes
in other employees data. For this there is a
separate department in an organization that
is responsible for making such changes and
when they receive request for a change
then that letter must be signed by higher
authority for example Director of college
and person that is allotted that change will
be able to do change after verifying his bio
metrics, thus timestamp with the user(doing
changes) details get recorded. Thus we can
say if a change goes like this then it will be
possible to trace the actions uniquely to an
entity.
advantages to implementing an information
classification system in an organization’s
information security program:
1. Improved security: By identifying and
classifying sensitive information,
organizations can better protect their most
critical assets from unauthorized access or
disclosure.
2. Compliance: Many regulatory and industry
standards, such as HIPAA and PCI-DSS,
require organizations to implement
information classification and data
protection measures.
3. Improved efficiency: By clearly identifying
and labeling information, employees can
quickly and easily determine the
appropriate handling and access
requirements for different types of data.
4. Better risk management: By understanding
the potential impact of a data breach or
unauthorized disclosure, organizations can
prioritize resources and develop more
effective incident response plans.
5. Cost savings: By implementing appropriate
security controls for different types of
information, organizations can avoid
unnecessary spending on security measures
that may not be needed for less sensitive
data.
6. Improved incident response: By having a
clear understanding of the criticality of
specific data, organizations can respond to
security incidents in a more effective and
efficient manner.
There are some potential disadvantages to
implementing an information classification
system in an organization’s information
security program:
1. Complexity: Developing and maintaining an
information classification system can be
complex and time-consuming, especially for
large organizations with a diverse range of
data types.
2. Cost: Implementing and maintaining an
information classification system can be
costly, especially if it requires new hardware
or software.
3. Resistance to change: Some employees may
resist the implementation of an information
classification system, especially if it requires
them to change their usual work habits.
4. Inaccurate classification: Information
classification is often done by human, so it
is possible that some information may be
misclassified, which can lead to inadequate
protection or unnecessary restrictions on
access.
5. Lack of flexibility: Information classification
systems can be rigid and inflexible, making
it difficult to adapt to changing business
needs or new types of data.
6. False sense of security: Implementing an
information classification system may give
organizations a false sense of security,
leading them to overlook other important
security controls and best practices.
7. Maintenance: Information classification
should be reviewed and updated frequently,
if not it can become outdated and
ineffective.
Uses of Information Security :
Information security has many uses, including:
1. Confidentiality: Keeping sensitive
information confidential and protected
from unauthorized access.
2. Integrity: Maintaining the accuracy and
consistency of data, even in the presence of
malicious attacks.
3. Availability: Ensuring that authorized users
have access to the information they need,
when they need it.
4. Compliance: Meeting regulatory and legal
requirements, such as those related to data
privacy and protection.
5. Risk management: Identifying and
mitigating potential security threats to
prevent harm to the organization.
6. Disaster recovery: Developing and
implementing a plan to quickly recover from
data loss or system failures.
7. Authentication: Verifying the identity of
users accessing information systems.
8. Encryption: Protecting sensitive information
from unauthorized access by encoding it
into a secure format.
9. Network security: Protecting computer
networks from unauthorized access, theft,
and other types of attacks.
10. Physical security: Protecting information
systems and the information they store
from theft, damage, or destruction by
securing the physical facilities that house
these systems.
Issues of Information Security :
Information security faces many challenges
and issues, including:
1. Cyber threats: The increasing sophistication
of cyber attacks, including malware,
phishing, and ransomware, makes it difficult
to protect information systems and the
information they store.
2. Human error: People can inadvertently put
information at risk through actions such as
losing laptops or smartphones, clicking on
malicious links, or using weak passwords.
3. Insider threats: Employees with access to
sensitive information can pose a risk if they
intentionally or unintentionally cause harm
to the organization.
4. Legacy systems: Older information systems
may not have the security features of newer
systems, making them more vulnerable to
attack.
5. Complexity: The increasing complexity of
information systems and the information
they store makes it difficult to secure them
effectively.
6. Mobile and IoT devices: The growing
number of mobile devices and internet of
things (IoT) devices creates new security
challenges as they can be easily lost or
stolen, and may have weak security
controls.
7. Integration with third-party
systems: Integrating information systems
with third-party systems can introduce new
security risks, as the third-party systems
may have security vulnerabilities.
8. Data privacy: Protecting personal and
sensitive information from unauthorized
access, use, or disclosure is becoming
increasingly important as data privacy
regulations become more strict.
9. Globalization: The increasing globalization
of business makes it more difficult to secure
information, as data may be stored,
processed, and transmitted across multiple
countries with different security
requirements.
Two major scopes of personnel security
1. Personnel security investigation
2. Security Education Key Functions of
Personnel Security
1. It serves as a screening device in hiring
suitable employees
2. It provides background investigation services
of both potential and present employees for
possible assignment to sensitive position.
3. It handles investigation of employees
suspected of wrongdoing.
4. It develops security awareness among
employees.
5. It attempts to ensure the protection of
employees from discriminatory hiring or
terminating procedures as well as unfounded
allegations of illegal or unethical activities and
conduct. Personnel Security Investigation: It is
an inquiry into the character, reputation,
discretion, integrity, morals and loyalty of an
individual in order to determine a person’s
suitability for appointment.
Personnel security investigation has general
techniques:
criminal prosecution or for recovery of asset
losses.
Background Investigation is expensive but
necessary in personnel security.
It serves to:
1. to verify information of the application form.
2. to ascertain past employment experiences
and
3. to obtain other information pertinent to the
decision to employ.
Types of Local Agency Check (LAC)
1. Barangay clearance
2. City or municipal clearance
3. Local Police clearance
4. Court clearance
Types of National Agency Check (NAC)
1. National Bureau of Investigation (NBI)
Clearance

1. Background Investigation: 2. PNP Directorate for Intelligence (DI)

A check made on a individual usually seeking Clearance
employment through subject’s records in the
police files, educational institutions, place of 3. Intelligence Service, AFP (ISAFP) Clearance
residence and former employers.
Components of a Complete Background
2. Positive Vetting Investigation
It is the process of inspecting or examining with 1. Applicant’s Name
careful thoroughness. The essence of vetting is a 2. Date of Birth
personal interview that it based on information 3. Present Residence Address
given by the applicant. 4. LAC
3. Profiling 5.NAC
It is the process whereby a subject’s reaction in 6.Personal history
a future critical situation is predicted by 7. Marital history
observing his behavior or by interviewing him or 8. Residence history
analyzing his responses to a questionnaire such 9. Citizenship history
as honesty test. 10. Physical date
11. Educational history
4. Deception Detection Techniques – 12. Organizational membership
the process of using devices in detecting 13.Neighborhood investigation
deception during the interview stage. It includes 14. Character reference
the use of polygraph, psychological stress 15. Employment history
evaluator and voice analyzer. 16. Military history
17. Foreign travel and connection history
5. Financial and Lifestyle inquiry 18. Criminal record
– seeks to gather information on income and 19. Credit records
mode of living, sometimes referred to as 20. Applicant’s signature
earning-to-debt ratio. 21. Date of application

6. Uncover investigation Security Education – is conducted to develop

– the placement of an agent in a role in which security awareness among employees of the
the agent’s true identity and role remains company. It should cover all employees,
unknown in order to obtain information for regardless of rank or position.
Security Awareness results in
Better understanding of the relationship
between security and successful operation. 
Knowledge of personal obligations under the
security program. 
Understanding of the relation between security
program objectives and measures. 
Familiarization with the sources in carrying out
personal and departmental responsibilities
under the security program. 
Compliance with statutory and regulatory
requirements as well as contract obligations.
Ways in conducting a Security Education:
1. initial interview – the first contact of the
prospective employee wherein the interviewer
determines the suitability of the applicant for
employment through given answer on the
different type of question being conducted.
2. training and orientation – this stage a new
employee receive detailed presentation of
personnel security policy.
3. refresher conferences – it is design to remind
employees about their responsibilities, review
the guidelines, policies and regulations is being
implemented.
4. security reminders – an indirect approach of
educating the employees such as posting
security posters and distributing fliers.
5. security promotion – the act of emphasizing
the importance and role of security achieving
the company goals and objectives.
Personnel Identification and Movement Control
The most practical and accepted system of
personnel identification is the use of
identification cards, badges or passes. This help
the security personnel to eliminate the risk of
allowing the access of unauthorized personnel
within the establishment.
Types of Personnel Identification
1. Personal recognition
2. Artificial recognition – identification cards,
passes. Password, etc.
Pass or Badge System
-- All personnel entering and leaving should be
identified and checked for their authorization.
Each personnel should be identified by badge
or pass, using of several systems:
1. Single Pass System Wherein the badge or
pass coded for authorization to enter specific
areas is issued to employees who keep it in his
possession until his authorization is charge or
he terminates.
2. Pass Exchange System Which he exchange
one color coded pass at the entrance to the
controlled area for another which carries a
different color specifying the limitations of his
authorization. Upon leaving, he surrenders his
controlled area badge in exchange for his basic
authorization identification.
3. Multiple Pass System Which provide an extra
measure of security by requiring that an
exchange take place at the entrance to each
restricted area within the controlled area.
Badge and Pass Control
1. The system should have a complete record of
all badges and identification cards issued,
return, mutilated or lost by serial number and
cross-indexed alphabetically.
2. The list should be checked by the supervisor
from time to time for its accuracy and
authenticity.
3. Passes and badges reported lost should be
invalidated and security guards at entrance be
informed through conspicuous posting.
Types of Controlled Areas
1. Controlled Areas – those areas access is
restricted as to entrance or movement by all
but authorized personnel and vehicles. It
should additionally marked by a fence or other
barrier, and access to it should be limited to a
few guest as possible.
2. Limited Areas – those within the controlled
area where a greater degree of security is
required.
3. Exclusion Areas - are used only for handling
and storage of high value cargo and classified
documents. The number of people authorized
to enter this area should be strictly limited, and
the area should be under surveillance at all
times.
Traffic Control System Controlling traffic in and 4. If a personnel/visitor loses the package tag,
out within a facility is essential to its security report immediately to the package counter for
program. Traffic controlling includes: the said problem.

1. Identification of employees Vehicle Movement Control

2. Visitor and directing or limiting their
movements
3. Control of all incoming and outgoing
packages
4. Control of trucks
5. Private vehicles
Personnel Identification
The most practical and general accepted
system is the use of badges and identification
cards. This system designate when and where
and how passes should be displayed and to
whom, what is to be done in case of lost, and a
system in cancellation and re issue of all passes.
To be effective:
1. Badges must be tampered, which means that
they should be printed or embossed on a
distinctive stock with a series of design difficult
to reproduce.
2. They should contain a clear and recent
picture of the bearer, preferably in color.
3. Should additionally contain vital statistics,
such as date of birth, height, weight, color of
hair and eyes, sex and thumbprints.
Visitor Movement Control
Security should establish the proper methods
of establishing the authority for admission of
visitor as well as the limitation thereat.
1. Visitor log book be filled up, with the name
of visitors, nature and duration of visit.
2. If the visitor has any camera, firearms or any
authorized things is prohibited and should be
left in the care of security with corresponding
receipt.
3. All visitors to any facility should be required
to identify themselves and give temporary
passes or ID’s by security.
Vehicular traffic within the boundaries of any
facility must be carefully controlled for safety
as well as to control the transporting of good
from the premises. Thus:
1. Private owned vehicles of personnel/visitor
should be registered and are subject to the
identification and admittance procedure.
2. Visitor card in vehicle should give the
duration of stay, person to be visited and other
information.
3. Pavement direction signs, marking in the
parking, street signs should made so that the
flow of traffic will be smooth and orderly
Arrest
~ is the act of apprehending and taking a
person into custody
Search
~ involves law enforcement officers going
through part or all of individual's property, and
looking for specific items that are related to a
crime that they have reason to believe has
been committed.
Seizures
~ happens if the officers take possession of
items during the search.

Package Movement Control

1. No package shall be authorized to be
brought inside the industrial installation, offices
and work area without proper authority.

2. Outgoing packages carried by a personnel

should closely inspected, those in vehicle
should also be checked
3. Any personnel/visitor with a package must
deposits said item and in return receives a
numbered tag.