PricingBlogAbout Us

Report on Security and Risk Management: Strategies and Planning

Verified

Added on  2020/05/11

|7
|1619
|52
Report
AI Summary
This report delves into the critical elements of security and risk management, emphasizing the importance of physical security in safeguarding sensitive sites and equipment. It underscores the necessity of integrating physical security with other information security measures, such as cryptography and firewalls, and highlights the significance of a well-coordinated security plan. The report outlines the process of designing a physical security plan, including the need for a physical security assessment report, the involvement of a project design team, and the identification of key security zones such as public, reception, operation, security, and high-security zones. It explores access control systems, electronic security systems, and cost analysis. The report also discusses the advantages of outsourcing security guards, emphasizing cost savings and improved professionalism. Furthermore, it provides recommendations for dividing security zones and deploying security personnel to ensure comprehensive protection. Overall, the report offers a comprehensive overview of security and risk management strategies, providing valuable insights for organizations seeking to enhance their security posture.
Document Page
Running head: SECURITY AND RISK MANAGEMENT 1
SECURITY AND RISK MANAGEMENT
Name
Institution
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
SECURITY AND RISK MANAGEMENT 2
Security and Risk Management
Physical security is an overlooked element that is important to an organization. Physical
security prevents intruders from physically accessing sensitive sites (Draper, 2013). Other
information security elements like cryptography and firewall are essential but physical security
should be coordinated with the plan. Therefore, high availability of physical security
infrastructure system must function properly in an area for the safety of the equipment in that
area.
Physical security design is a critical process that offers protection to the facility of the
company. The security plan should address all the programs and services that are within the
framework of the company security sector.
When designing a physical security plan, the first requirement is to obtain a physical
security assessment report from the security experts (“Infrastructure,” n.d.). The PSAR will
contain all the provisions that are necessary such as the secure location and the methods of
control within the coverage area. The facilities that should be included are signage, security
alarms, security guards, and physical barriers.
Another aspect to consider is the project team members. The project design team it will
oversee everything that will monitor the progress of the project at the same facilitating the
implementation the plan. (“Infrastructure.” n.d.). Whereas the project team will consist of
outsourced and the local security personnel. The entire composition of the security experts will
demarcate the zones, identity key ingress and egress paths, and circulation routes within the
premises.
In the internal environment, the circulation routes are designed in a manner that enables
the free flow of facilities within the operation lines (“The Security Assessment: What, Why, and
Document Page
SECURITY AND RISK MANAGEMENT 3
When,” n.d.). The routes should conform to the security guidelines to ensure safety and security
needs are upheld.
The available security zones include but not limited to public zone, operation zones,
reception zones, security zones, and high-security zones (Kolltveit & Hvasshovd, 2008). Public
zones offer access to areas that are not too sensitive but within the building perimeter and
elevator lobby. In the reception area, scrutiny is done to everyone for identification after that
authenticating an individual to access the premise. This is the point where a person can be either
allowed or denied access based on the security threat he poses to the company facilities. It limits
the public from getting contact with company representatives.
The operations zone will enable the employees and authorized contractors to access the
company premise by using access card and company identification cards. Nobody can access the
operation zone without these document unless escorted by authorized staff.
Also, the security zone will allow authorized visitors to the organization premise only
when escorted by relevant company representatives. Besides, people within the organization are
supposed to be within the restricted perimeter. Especially where the area has a limited
information which is not supposed to be accessed by the public.
The high-security zone is where only authorized people are allowed to access. In this
case, the visitors screened and thoroughly checked to avoid access to confidential information of
the company (“Why Training and Awareness Are Important,” 2010). For example, the data
storage warehouse may contain company records and crucial information which is sensitive.
Since the premises will consist of a two-storey office building and a warehouse building,
as a fundamental security requirement the two facilities should be separated. In other words, each

This is a preview!

Do you want full access?

icon

Trusted by 1+ million students worldwide

Document Page
SECURITY AND RISK MANAGEMENT 4
department should operate independently on its floor suites. Thus, the action will limit
congestion and access to sensitive offices.
Access control unit should be consistent in all aspects as to the operating procedure and the
systems used within the operation area (Stallings, 2014). In this case, the electronic security
system will be deployed. This system should be integrated to meet the standards of security. To
design this electronic security system the company should adhere to the following:
1) Coordinating the databases from various departments to a central database for easy
management and retrieval is crucial
2) The company should avoid stand-alone system within the company since the company
comprises of several departments. This is meant to streamline the Information technology
infrastructure for easy management.
3) The security systems should be operational on a full-time basis especially in those areas
where high chances of risk as identified by the physical security assessment report.
4) The hardware security components must be durable and standardized to meet the security
standards. Besides, identify a specific area of duress alarms especially the locations
where employees work alone. This area might be isolated or prone to high risk.
The surveillance and alarm system cumulatively is USD 740, 800. On the other hand, the
installation, and monitoring system and cabling will require USD 445000. In total, the two
components amount to USD 1185800. The cost above the budget equals USD 385 800. Out this
there which was necessary but in use, they include two servers at USD 30000 each, The POE
switch one is not needed which costs USD 2000. Besides, the company will use Cat 5e cables
which costs USD 50000 each instead of fiber optic cables which cost USD 150000. Therefore,
the company will save USD 212000 after considering the cost cut. The extra cost that will be
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
SECURITY AND RISK MANAGEMENT 5
incurred will be USD (973800-800000) which equals to USD 173800. This is the amount to use
from the buffer.
The security zones will be divided into five distinct units. First, the at least two guards
will work with the supervisor at the main entrance. The second zone that is the production
zone should also contain at least guard. The guard should be based at the entry point and the
exit point of the production unit (Pattinson, n.d.). The third zone will require a security guard
at the entry and exit point in the finished goods zone. Most importantly, perimeter wall
patrolling unit should be deployed. This zone should contain at least three soldiers. Lastly,
the factory floor patrolling will require at least one guard per production building.
In my opinion, the company should use outsourced guards. Although outsourcing is
becoming prevalent, its benefits are many. It has been recognized as the appropriate approach
for streamlining the operation of the company. There are numerous benefits that accrue from
it among them being; acquisition of outsourced guards over proprietary are the wages that are
to be paid. A lot of money will be saved if we outsourced guard. Equally the unions are vital
such that members of the union have a coordinated agenda. In this case, Outsourcing guards
from Thailand will enable the company to save overhead costs which could otherwise be
incurred. Also, unions have a collective bargaining power hence the negotiation for their
compensation is cheaper as compared to proprietary guards.
Besides that, it is better to acquire the services of guards paid on hourly basis, unlike the
proprietary guards who are paid cumulatively at the end of the month. In other words,
proprietary guards being paid at the end of the month their salary is fixed whereas the
outsourced guards have to attain the required working hours for them to be paid.
Document Page
SECURITY AND RISK MANAGEMENT 6
Additionally, outsources guards are more motivated and exhibit a lot of professionalism.
As such, they help the company to cut down administrative cost, training cost, recruitment
cost, and other overhead costs. Therefore, this security conditions culminates a conducive
environment to boost efficiency and productivity.
On the proprietary guard, the compliance requirements are stringent unlike the
requirements of outsourcing the guards from Thailand. However, in proprietary, the guards
are reliable for any eventuality that may come as a result of their actions.
References

This is a preview!

Do you want full access?

icon

Trusted by 1+ million students worldwide

Document Page
SECURITY AND RISK MANAGEMENT 7
Draper, R. (2013). Standards, Regulations, and Guidelines Effective Physical Security, 283-291.
doi:10.1016/b978-0-12-415892-4.00016-x
Infrastructure. (n.d.). High Availability and Disaster Recovery, 233-286. doi:10.1007/3-540-
34582-5_9
Kolltveit, H., & Hvasshovd, S. (2008). Efficient High Availability Commit Processing. 2008
Third International Conference on Availability, Reliability and Security.
doi:10.1109/ares.2008.78
Officers: In-house or Outsource? (n.d.). Retrieved from
https://www.securitymagazine.com/articles/78403-officers-in-house-or-outsource-1
Pattinson, M. R. (n.d.). A Method of Assessing Information System Security
Controls. Information Security and Ethics. doi:10.4018/9781599049373.ch137
The Security Assessment: What, Why, and When. (n.d.). Strategies for Protecting National
Critical Infrastructure Assets, 47-54. doi:10.1002/9780470228371.ch3
Stallings, W. (2014). Physical Security Essentials. Cyber Security and IT Infrastructure
Protection, 109-134. doi:10.1016/b978-0-12-416681-3.00004-5
What Is High Availability? (2014). High Availability IT Services, 53-102. doi:10.1201/b17958-6
Why Training and Awareness Are Important. (2010). Managing an Information Security and
Privacy Awareness and Training Program, Second Edition, 7-18.
doi:10.1201/9781439815465-3
chevron_up_icon
1 out of 7
circle_padding
hide_on_mobile
zoom_out_icon
logo.png

Your All-in-One AI-Powered Toolkit for Academic Success.

  +13062052269
info@desklib.com

Available 24*7 on WhatsApp / Email

[object Object]
Unlock your academic potential

Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.