Bookreview: Developing a master security plan
Written by Glen Kitteringham February 23, 2009
Security master planning is a process that can generate winces of pain from some due to the potentially large amount of work it requires to be done properly and eye rolling and snickers from others as it conjures up plans for world domination.
In the case of this book, How to Develop and Implement a Security Master Plan, the author defines ”˜a security master plan as
a document that delineates the organization’s philosophies, strategies,
goals, programs, and processes. It is used to guide the organization’s
development and direction in these areas in a manner that is consistent
with the company’s overall business plan. It also provides a detailed
outline of the risks and mitigation plans for them in a way that
creates a five-year business plan’. While Giles states that this book
is primarily geared towards the security consultants who would be
invited to develop such a plan on behalf of an organization, he also
indicates that it would be applicable for the use of the in-house
security representative.
This book is more of what I consider an ”˜opinion’ book as opposed to a ”˜factual’ book. Don’t get me wrong, there are lots of facts and figures in this book but the author leads off with ”˜I think’ or ”˜ I believe’ a tremendous number of times. There are also very few references.
The layout of the book is basically in two parts, the first being an in-depth introduction to the various elements of a comprehensive security management plan and how to assess them. He provides details on a number of themes including guard force operations, physical security, documenting standard operating procedures, emergency response plans, departmental structure, security administration, electronic systems, and information protection. The second part of the book focuses on layout of the security master plan process, constructing the master document and utilizing the plan during day to day operations. The chapters are easy to read, with plenty of checklists, explanations and details fleshing them out. Giles' writing style allows the reader to quickly digest the information
Giles delivers what he promises for the most part, not without some errors along with way. I was disappointed with the interchangeability of the terms ”˜threat’ and ”˜risk’. Quite frankly, for someone of his background, knowledge and training, he should know better. It is distracting as every time I read the terms, I ended up spending too much time trying to figure out what he meant. This may be a minor issue to some and you can call me a stickler for detail, but the terms are not synonymous. The General Security Risk Assessment Guideline published by ASIS International defines ”˜risk’ as the possibility of loss resulting from a threat, security incident, or event.
On page 32 there is a prime example of this error as the following sentence can be found: ”˜there are two primary approaches to placing a value on the impact of an identified risk or risks’. It is not the impact of an identified risk but the impact of an identified threat. What also seems to be missing is any overview of the threat/risk process itself in assisting the reader in developing their own list of threats based on probability and criticality. The other error that delivers a blow to the credibility of the author is his statement that ”˜in my opinion, workplace violence is basically a U.S. phenomenon’. He could not be further from the truth as workplace violence is pretty much a world-wide issue. The book also suffers from a few technical faults such as on page 52 where the security triangle of ”˜delay’, ”˜detect’ and ”˜respond’ are highlighted. What are missing are the two other sides, those being ”˜deter’ and ”˜deny’. Despite this and other minor errors, Giles’ work is a solid introduction to many security management concepts. It just seems to be missing some fundamentals.
The book benefits from several appendices as various attachments and drafts are provided including workplace violence and security assessment guidelines, a sample RFP for contract security services, and emergency planning checklist as well as others. For anyone using these many samples, checklists and outlines, they will benefit from them and from the author’s many years of experience and training. He obviously has much to offer the reader in the way of advice, personal experiences and anecdotal episodes from his more than 30 years in the industry.
Overall this is a solid effort but I would suggest it should be used on conjunction with other security texts in order to give a more rounded and comprehensive overview of the security master planning process.
How to Develop
and Implement a
Security Master Plan
By Timothy D. Giles
Published by CRC Press in 2009, $79.95 U.S.
Glen Kitteringham, M.Sc., CPP, F.Syl. is Director of Security and Life Safety with Brookfield Properties in Calgary, Alta.
Last modified on February 26, 2009
This book is more of what I consider an ”˜opinion’ book as opposed to a ”˜factual’ book. Don’t get me wrong, there are lots of facts and figures in this book but the author leads off with ”˜I think’ or ”˜ I believe’ a tremendous number of times. There are also very few references.
The layout of the book is basically in two parts, the first being an in-depth introduction to the various elements of a comprehensive security management plan and how to assess them. He provides details on a number of themes including guard force operations, physical security, documenting standard operating procedures, emergency response plans, departmental structure, security administration, electronic systems, and information protection. The second part of the book focuses on layout of the security master plan process, constructing the master document and utilizing the plan during day to day operations. The chapters are easy to read, with plenty of checklists, explanations and details fleshing them out. Giles' writing style allows the reader to quickly digest the information
Giles delivers what he promises for the most part, not without some errors along with way. I was disappointed with the interchangeability of the terms ”˜threat’ and ”˜risk’. Quite frankly, for someone of his background, knowledge and training, he should know better. It is distracting as every time I read the terms, I ended up spending too much time trying to figure out what he meant. This may be a minor issue to some and you can call me a stickler for detail, but the terms are not synonymous. The General Security Risk Assessment Guideline published by ASIS International defines ”˜risk’ as the possibility of loss resulting from a threat, security incident, or event.
On page 32 there is a prime example of this error as the following sentence can be found: ”˜there are two primary approaches to placing a value on the impact of an identified risk or risks’. It is not the impact of an identified risk but the impact of an identified threat. What also seems to be missing is any overview of the threat/risk process itself in assisting the reader in developing their own list of threats based on probability and criticality. The other error that delivers a blow to the credibility of the author is his statement that ”˜in my opinion, workplace violence is basically a U.S. phenomenon’. He could not be further from the truth as workplace violence is pretty much a world-wide issue. The book also suffers from a few technical faults such as on page 52 where the security triangle of ”˜delay’, ”˜detect’ and ”˜respond’ are highlighted. What are missing are the two other sides, those being ”˜deter’ and ”˜deny’. Despite this and other minor errors, Giles’ work is a solid introduction to many security management concepts. It just seems to be missing some fundamentals.
The book benefits from several appendices as various attachments and drafts are provided including workplace violence and security assessment guidelines, a sample RFP for contract security services, and emergency planning checklist as well as others. For anyone using these many samples, checklists and outlines, they will benefit from them and from the author’s many years of experience and training. He obviously has much to offer the reader in the way of advice, personal experiences and anecdotal episodes from his more than 30 years in the industry.
Overall this is a solid effort but I would suggest it should be used on conjunction with other security texts in order to give a more rounded and comprehensive overview of the security master planning process.
How to Develop
and Implement a
Security Master Plan
By Timothy D. Giles
Published by CRC Press in 2009, $79.95 U.S.
Glen Kitteringham, M.Sc., CPP, F.Syl. is Director of Security and Life Safety with Brookfield Properties in Calgary, Alta.
Published in
News
-
Nominations now open for 2012 Security Director of the Year
We are now accepting nominations for the 2012 Security Director of the Year. Do you know someone who fits that…
Latest Videos
-
Thomas Gerstenecker was unable to accept the Canadian Security Director of the Year award in person but was able to… -
-
-
