IS4

CORPORATION AND SECURITY INVESTIGATION AND REPORT WRITING

Instructor: EDGARDO G. GABLINES, Ph.D., CST, CSP

MODULE 1 - CORPORATE SECURITY

Learning Objectives:
At the end of the course, the students will have the ability to:
1. Appreciate the value and importance of corporate security in the private sector;
2. Identify what are the possible risks face by the security personnel inside and outside the
establishment;
3. Understand and discuss the solutions to the existing risks; and
4. Discuss the core elements of corporate security.

Corporate security identifies and effectively mitigates or manages, at an early stage, any

developments that may threaten the resilience and continued survival of a corporation. It is a
corporate function that oversees and manages the close coordination of all functions within the
company that are concerned with security, continuity and safety.

Globalisation has changed the structure and pace of corporate life; the saturation of traditional
markets is taking companies to more risky places; the shift towards a knowledge economy is eroding
the importance of ‘place’ in the business world; new business practices such as offshoring challenge
companies to manage at a distance; and new forms of accountability, such as corporate governance
and corporate social responsibility, put added pressure on companies to match their words with
deeds, wherever they are operating.

At the same time, security risks have become more complex, too. Many of the threats, such as
terrorism, organised crime and information security, are asymmetric and networked, making them
more difficult to manage. There is also greater appreciation of the interdependence between a
company’s risk portfolio and the way it does business: certain types of behavior can enhance or
undermine an organization’s ‘licence to operate’, and in some cases this can generate risks that
would not otherwise exist. As a result, security has a higher profile in the corporate world today than it
did five years ago. Companies are looking for new ways to manage these risks and the portfolio of
the security department has widened to include shared responsibility for things such as reputation,
corporate governance and regulation, corporate social responsibility and information assurance.

There are six characteristics of alignment between security and the business:

1. The principal role of the security department is to convince colleagues across the business to
deliver security through their everyday actions and decisions – not try to do security to or for the
company.

2. The security department is in the business of change management rather than enforcement
and works through trusted social networks of influence.

3. Security is there to help the company to take risks rather than prevent them and should
therefore be at the forefront of new business development.

4. Security constantly responds to new business concerns and, as such, the portfolio of
responsibilities and their relative importance will change over time. Security departments should
never stand still or become fixed entities. In many companies today, its role is more concerned with
overall corporate resilience than ‘traditional’ security.

5. Security is both a strategic and operational activity, and departments must distinguish between
these two layers.

6. The power and legitimacy of the security department does not come from its expert
knowledge, but from its business acumen, people skills, management ability and communication
expertise.[1]
Core Elements

Core elements of Corporate Security are:

 Personnel security
 Physical security
 Information security
 Corporate governance
 Compliance and ethics programs
 Crime prevention and detection
 Fraud deterrence
 Investigations
 Risk management
 Business continuity planning
 Crisis management
 Environment, safety and health
 Roles

For many years corporate security has been dominated by a ‘defensive’ approach, focused on
protection and loss prevention. The head of security was seen as little more than the ‘guard at the
gate’, someone whose actions invariably stopped people doing their jobs instead of enabling the
business to function more effectively. Typically, heads of security came from a narrow talent pool,
namely police, armed forces or intelligence.

There are many reasons companies tend to recruit security managers from these
backgrounds. The police and armed forces churn out individuals with intensive training in the practice
of security and protection, and have hands-on experience that is rarely available elsewhere. There
are a number of reasons greater diversity is essential within the corporate security function.

There is a growing recognition of the strategic importance of security and as a result security
departments need to operate at a much more senior level.
Matrix organisations require a particular approach to management and leadership, which can be
antithetical to those with police or armed services backgrounds. In today’s corporate environment, the
impact of the security department is proportionate to its ability to persuade individuals and teams all
over the company to collaborate and cooperate. This means that dialogue between security
specialists and non-specialists is essential.

Traditional security skills are associated with an approach where security is perceived as a
‘dis-enabler’ of business. Those with formal security training can tend to be risk averse, while
businesses need to take calculated risks to stay ahead of competitors, break into new markets and
maximise profits.
The corporate security function needs people who are happy breaking rules, innovating and thinking
outside the box.58 Studies of security-related professions such as the police, the ambulance service
and local authority emergency planning departments have suggested that ‘too much’ experience in a
traditional security context can inhibit people from making innovative responses to security incidents.
Heads of security consistently rated qualities such as independent thinking, willingness to challenge
assumptions and behaviours and innovation as being ones they value most in their team.
There is a growing recognition of the value of ‘the human element’. According to experts, many
security professionals are typically trained to address security incidents and emergencies in ways that
fail to factor in the human dynamics of such situations, including the impact of emotions, perceptions
and fear on people’s behaviour. Emotional intelligence is critical to effective alignment, but the human
element of security and risk management is routinely overshadowed by the emphasis on technical
security skills.
For security to be aligned with the business, security managers must understand the business and
how they contribute towards its objectives.[2]

The Chief Security Officer (CSO) is the corporation's top executive who is responsible for
security. The CSO serves as the business leader responsible for the development, implementation
and management of the organization’s corporate security vision, strategy and programs. They direct
staff in identifying, developing, implementing and maintaining security processes across the
organization to reduce risks, respond to incidents, and limit exposure to liability in all areas of
financial, physical, and personal risk; establish appropriate standards and risk controls associated
with intellectual property; and direct the establishment and implementation of policies and procedures
related to data security. https://en.wikipedia.org/wiki/Corporate_security
What Is Corporate Security?

https://bizfluent.com/info-8057178-corporate-security.html

The role of corporate security is to protect organizations, their technologies, employees, technical
resources and customer data from internal and external threats. Its ultimate goal is to ensure the
proper functioning of your company and mitigate risks. As a business owner, you can hire security
personnel, purchase security software and switch to more advanced technologies to protect your
company's tangible and intangible assets.

Global security spending is forecasted to reach $96 billion this year, which is 8 percent more
compared to 2017. Organizations are spending large amounts of money to prevent security
breaches, protect financial data and detect cyber-attacks before they escalate. In a 2016 survey,
53 percent of respondents stated that security risks are their primary concern.

Making sure your business follows the latest security practices is important. Whether you own an
online store, a dining venue or a law firm, you must take the steps needed to protect customer
data, safeguard your financial records and prevent cyber-attacks. Failure to do so can damage
your reputation and cause revenue loss. In the worst case scenario, you could end up in jail or be
forced to close your business.

The Role of Corporate Security

The ever-changing business environment along with the rising number of security risks is driving
the demand for data security professionals and services. It's estimated that over 4,000 ransom ware
attacks, 33,000 phishing attacks and 300,000 new malware cases are detected daily in the U.S.
alone. Furthermore, approximately 780,000 data records are lost to hacking. In this digital era,
cybercriminals are getting better and better at stealing information and evading network defences.

Employee theft, for example, is responsible for losses of up to $50 billion annually. A staggering 75
percent of workers have stolen at least once from the company for whom they worked. Approximately
33 percent of U.S. companies filed bankruptcy due to employee theft. It takes about two years on
average to detect this kind of fraud.

The role of security in the corporate world is to mitigate these risks and reduce their impact.
This industry has several branches, including:

a. Risk management.
b. Fraud deterrence.
c. Crime prevention.
d. Compliance programs.
e. Information security.
f. Physical and personal security.
g. Crisis management.
h. Corporate governance.

Each niche has several sub-categories. Information security, for example, encompasses data
security, cloud security, infrastructure protection, customer security software, identity access
management and more.

With the rising number of cyber-attacks, natural disasters and intellectual property theft
cases, corporate security has become a priority in the business world. Each year, more than $600
billion is lost due to cybercrime. In 2016, there were over 4,000 ransom ware attacks on a daily
basis in the U.S. alone. Yet, many small businesses either overlook or ignore corporate security.
Big companies, on the other hand, invest millions in the latest security software and equipment.

The role of corporate security is to protect organizations, their technologies, employees,

technical resources and customer data from internal and external threats. Its ultimate goal is to
ensure the proper functioning of your company and mitigate risks. As a business owner, you can
hire security personnel, purchase security software and switch to more advanced technologies to
protect your company's tangible and intangible assets.
 Global security spending is forecasted to reach $96 billion this year, which is 8 percent more
compared to 2017. Organizations are spending large amounts of money to prevent security
breaches, protect financial data and detect cyber-attacks before they escalate. In a 2016 survey, 53
percent of respondents stated that security risks are their primary concern.

In 2017, companies have spent more than $4.695 million on identity access management,
$57.719 million on security services, $11.669 million on network security equipment and $17.467
million on infrastructure protection. The GDPR or General Data Protection Regulation, which came
into effect on May 28 this year, has forced companies to prioritize data security and reveal the
extent of cyber-attacks within 72 hours.

The new data protection regulations apply to all companies that are dealing with EU
customers, not just to European organizations. Failure to comply can result in fines of up to 20
million Euros or 4 percent of a company's annual global turnover. Corporations and other large
organizations are now required to employ Chief Information Security Officers and Data Protection
Officers to ensure their compliance with the GDPR. Under the new law, companies have
significantly more legal liability in the event of a data breach.

Making sure your business follows the latest security practices is important. Whether you
own an online store, a dining venue or a law firm, you must take the steps needed to protect
customer data, safeguard your financial records and prevent cyber-attacks. Failure to do so can
damage your reputation and cause revenue loss. In the worst case scenario, you could end up in
jail or be forced to close your business.

Depending on your budget and type of business, you can focus on one or more of these
areas. Currently, approximately 35 percent of companies are using multiple data security tools,
such as data backup and encryption software. This number is expected to reach 60 percent by
2020.

Let's say you have a small retail store. In this case, you're facing the risk of employee theft
and fraud, cash register tampering, false price adjustments, refund fraud, burglary and more.
Therefore, it's crucial that you have a security policy in place and use the right tools to deter these
crimes. Simple things such as streamlining the company's policies, implementing eligibility
verification and installing surveillance cameras, can go a long way toward your security.

A corporation, on the other hand, has more extensive needs. It has to employ a security
manager, hire a security team, implement awareness programs and invest in the latest technology
to prevent data breaches and cyber-attacks. Some companies also provide their employees with an
Identity Monitoring benefit, which helps lower the risk of identity theft and increases cyber-security.

How to Increase Business Security

The first step to safeguard your small business from cybercrime, theft and fraud is to create a
security policy. This document should outline the best security practices for your company, such as
developing fraud prevention strategies, managing physical security hardware, controlling ID pass
access and implementing security awareness programs for your staff.

Consider hiring a security officer to make sure your employees follow these practices. He will be
responsible for keeping your business premises secure and protecting your staff. Security officer
duties may include monitoring entrance of people or vehicles in the office building, maintaining
order, detecting signs of intrusion and answering alarms. He may also take messages and answer
phone calls on weekends and during non-business hours.

Make sure you also purchase security software and update or upgrade existing technologies in the
workplace. Depending on your needs, you may switch to multi-factor authentication, use data-
centric encryption for your files and email, back up your data and set up individual logins for your
employees.

Your security policy should also include the steps employees must follow in case of theft, data
breaches, natural disasters and other emergencies. Ask them to regularly back up the files on their
computers, use stronger passwords and keep their software up to date at all times. Train your staff
on corporate security so they can identify and prevent any issues that may arise.
Protecting customer data and business premises should be a priority for your organization. Take
action to secure your business online and offline, instruct and prepare your staff and put strict
permission levels in place to safeguard your files.

Learning Assessment:

Prepare a proposed crisis management plan for the following:

a. Natural disaster

b. Man-made disaster

Instruction: Put your activities in a piece of paper and it must be computerized using Arial font, size
“12”. Take a shot and upload in your section’s group chat and be sure that all of these are readable.
Do not use the WPS portal. Do not forget also to write the following details:
a. Name (Family Name, First Name & Middle Initial)
b. Subject & Section
c. Date of compliance

The above mentioned instructions shall be observed for the rest of your activities.

MODULE 2 - CORPORATE SECURITY MANAGEMENT

Learning Objectives:

At the end of the course, the students will be able to:

1. Apply the demonstrated skills by explaining the approach used by corporate managers in
their respective area of assignments;
2. Demonstrate skills by explaining the reasons why companies are hiring corporate security
managers;
3. Discuss the impact on the presence of security managers in every establishment.

As the world moves on to higher complexity and higher inter connectedness, disruption of
business can arise from serious threats, major accidents, or terrorism even natural calamities.
Emergencies and crises challenge the organizations or the management far beyond the normal level
of business activity.

Corporate Security Management (CSM) describes an ongoing and systematic process to

minimize the effects of natural disasters, man-made disasters and intentional threats to tangible and
intangible assets or organizations.

Identifies and effectively mitigates or manages, at an early stage, any developments that may
threaten the resilience and continued survival of a corporation. It is a coordination of all functions
within the company that are concerned with security, continuity and safety.

CORPORATE SECURITY

For many years, corporate security has been dominated by a defensive approach, focused on
protection and loss prevention. The head of security was seen as little more than the guard at the
gate like the No ID, No Entry policy, someone whose actions invariably stopped people doing their
jobs instead of enabling the business to function more effectively. Typically, heads of security came
from a narrow talent pool, namely police armed forces, intelligence or any law enforcement agency.

There are many reasons companies tend to recruit security managers from these
backgrounds. The police and armed forces churn out individuals with intensive training in the practice
of security and protection, and have hands on experience that is rarely available elsewhere. There
are a number of reasons and greater diversity which is essential within the corporate security
function.
 There is a growing recognition of the strategic importance of security and as a result security
departments need to operate at a much more senior level. Organizations require a particular
approach to management and leadership, which can be antithetical to those with police or armed
services backgrounds. In today’s corporate environment, the impact of the security department is
proportionate to its ability to persuade individuals and teams all over the company to collaborate and
cooperate. This means that dialogue between security specialists and non-specialists is essential.

Traditional security skills are associated with an approach where security is perceived as a
“dis-enabler” of business. Those with formal security training can tend to be risk averse, while
businesses need to take calculated risks to stay ahead of competitors, break into new markets and
maximize profits. The corporate security function needs people who are happy breaking rules,
innovating and thinking outside the box. Studies of security related professionals such as the police,
the ambulance service and local authority emergency planning departments have suggested that too
much experience in a traditional security context can inhibit people from making innovative responses
to security incidents.

Heads of security consistently rated qualities such as independent thinking, willingness to

challenge assumptions and behaviors and innovation as being ones they value most in their team.
One said: I’m looking for people push the boundaries and constantly challenge the way we work.

There is a growing recognition of the value of the human element. According to experts, many
security professional are typically trained to address security incidents and emergencies in ways that
fail to factor in the human dynamics of such situations, including the impact of emotions, perceptions
and fear on people’s behavior. Emotional intelligence is critical to effective alignment, but the human
element of security and risk management is security skills. For security to be aligned with the
business, security managers must understand the business and how they contribute towards its
objectives.

THE CORPORATE SECURITY MANAGER/DIRECTOR

The Corporate security manager or director shall be responsible for the administration,
implementation, and compliance of the organization’s corporate security vision, strategy and
programs. Limit exposure in all areas of financial, physical and personal risk. Hence, in the
performance and execution of his duties and responsibilities he must discharge of the same
considering the following purposes:

1. To provide a continuous, efficient wide security program geared towards minimizing risk
exposure and gaining objectives.

2. To provide for the installation, maintenance and operations of security devices for the facility.

3. To supervise and control the security department and maintain an effective security control
system with the aim of providing an acceptable standard of protection for the facility, its
clientele and employees.

4. To provide and develop and overall employee security training, re-orientation and periodic
training program that meets the standard requirements of the management.

5. To assist the investigation and prosecution of fraud and other relevant cases involving the
management, its clientele or employee and to keep and maintain an efficient recording system
pursuant thereto.

6. To assist the Human Resources Department, whenever possible, in conducting background

investigation for newly hired employees as well as of employees assigned to sensitive areas of
position.

7. To report directly and in a timely manner to the President or its equivalent all security hazards
or danger discovered or reported whether actual or potential and to make appropriate
recommendations or actions.
SECURITY DEPARTMENT

At present the security has a higher profile in the corporate world compared in the past.
Companies are looking for new ways to manage the risk and the portfolio of the company. The
security department has widened to include shared responsibility for things such as reputation,
corporate governance and regulation.

The principal role of security department is to convince colleagues across business to deliver
security through their everyday actions and decisions. The department is in the business of change
management rather than enforcement and works through trusted social network of influence. The
department is there to help the company to take risk rather than prevent them and should therefore
be at the forefront of new business development. The department should never stand still or become
fixed entities. In other multinational companies, its role is more concerned with the overall corporate
resilience than traditional security.

SECURITY THREATS

Multi-dimensional threats to the national security, corporate world and industrial organizations
have increased in many folds from international terrorism, communism, thefts, cyber and white collar
crimes, bomb threats, natural and man-made disasters. It leads into loss prevention and crisis
management. Industrial security includes asset protection, crime control, intelligence, safety I disaster
management this preventing all types of losses and adding to productivity, contrary to earlier notion
that all expenditure on security was not return on investment.

To ensure security at industrial establishments, it’s very important to formulate a standard

security plan and organization security policy. Proper selection of security agency and careful
integration of men and machines are the basic steps in ensuring ideal and all around security.
Industrial security should be planned at the conceptual or design stage of the plant or establishment.
There should be effective and strict rules for access and different regular sensitive areas inside the
industrial establishment. There should be a proper classification of different department and access
control systems with different department and should be installed to prevent unauthorized entry of
any unwanted persons. CCTV cameras at all entry and exit points help security in keeping track the
people moving in and out.

Along with all these preparation and security implementation, there should be a regular
security check and sudden audits to ensure the effectiveness of security facilities and devices. Any
mistakes or weakness in security system should be reported immediately to the security department
or management to deal with all such issues.

WHITE COLLAR CRIME

Emergence of white collar crime, industrial espionage, sabotage, computer crime had made
the task of protecting the assets intricate. Security is no longer an easy job but an all-pervasive
management function of assets protection, crisis management and generation of profit through loss
prevention. In this scenario, there is urgent need to upgrade the knowledge and skills of top level
managers and the security professionals by familiarizing them with the latest advances in the art of
security technology and management.

A GREAT CONCERN

Security is of great concern for all the people in this world. Security is needed everywhere at
home, offices and at every small, medium or large enterprise. Industrial security growth generates
more revenue and employment opportunities. They are of great importance for overall progress of
every country’s economy.

However, with the rise of criminal activities, theft and terrorism the need for better security is
required. Employees working at these industries can give their best performance only in completely
secured environment. Therefore, for better growth of industry and economy, it is the duty of the
organization to ensure proper security to all its employees. Then only, employees put his soul and
mind together for increasing their productivity. It is only possible when there is secure and healthy
working environment. (Ajero, 2014)
Learning Assessment:
a. Scenario:
You are a newly hired Detachment Commander of a security agency and assigned in an area
where a new brewery plant is about to be constructed. Upon visiting the 4 hectare site, the
construction company is actually in its clearing operations. You noticed that the area is surrounded by
squatters and you are now thinking of a possible threats when the company will begin in its operation
years from now. What security measures do you proposed to the company in order to possibly
neutralize the threats?

b. Background Investigation is part and parcel of personnel security investigation (PSI), is

conducted to an applicant before hiring him/her. After hiring an employee, as a Security Manager, do
you recommend to management to continue conducting the background investigation, not only for the
newly hired, but also to those hired long before? Why?

MODULE 3 - INVESTIGATIONS

Learning Objectives:

At the end of the course, the students will be able to:

1. Communicate effectively the importance of security investigation in the corporate world;
2. Apply the knowledge and skills by discussing nature of investigation conducted by security
investigators as compared to investigations done by police investigators; and
3. Discuss the different terms in criminal investigation.

INTRODUCTION

In the past years, the art and science of professional investigation has been dominated and
considered the exclusive domain of government agencies given the task to do it. Many authors about
investigations have been written by personalities from the public law enforcement and, invariably,
these books include such topics as homicide, rape and such other crimes that involve public officers.
While these topics are of great interest, they have little, if any practical application for investigation in
the private sector.

The end of 1970 era and the beginning of the 1980’s mark an era in the security industry, an
era of professionalism. The private sector has matured and has asserted its own place in the
profession that is investigated!

The term “investigation” came from the Latin word vestigium which means "footprint, track." Joined
with the prefix in-, the noun vestigium gave rise to the verb investigare. This word means both "to
track or trace by footprints" and "to study or examine closely." Only the second meaning was kept
when the verb was borrowed into English as investigate (Wordcentral).

It is the act or process of examining a crime, problem, statement, etc. carefully especially to discover
the truth (Cambridge Dictionary).
Criminal Investigation is an investigation qualified and specified for the purpose of studying or
examining a crime.

Criminal Investigation refers to the art and science of collecting, processing and analyzing information
and facts associated with and for the purpose of the following:

1.  To identify the truthful offender/s

2.  To locate the truthful location of the offender/s, and
3.  To provide admissible evidence/s that determine guilt through court      proceedings.

Criminal Investigation starts with the things came first to investigators. It could be the identity of the
offender in case of offense is in flagrante delicto or has been caught in the act then the evidence will
be secured by the arresting officer. 
Another instance which comes first could be identity of the offender in case of offense is in flagrante
delicto or has been caught in the act but the offender managed to evade arrest. Then the evidence
will be secured by the arresting officer and find the offender’s location.

Another situation which comes first could be the evidence before the identity. Upon arrival to the
crime scene, the investigators look for the evidences associative evidence, e.g. fingerprints, footprints
or shoe impressions, etc.

Location of the offender may come first before the identity of the offender most especially with
commission of internet crimes.
Criminal Investigation is a complex process of gathering and analysing information to establish the
truth. This is a task for extraordinary persons. http://moodle.nwssu.edu.ph/enrol/index.php?id=608

FUNDAMENTALS OF SECURITY INVESTIGATION

The Investigative Process

An investigation is the examination, study, searching, tracking and gathering of factual

information that answers questions of solves problems. It is more of an art than a science. Although
the person engaged in investigation is one who gather facts, he or she must develop hypothesis and
for which conclusion must be drawn based on information on hand. The investigative process, that is
to say, is a comprehensive activity involving information collection, the application of logic and
exercise of sound reasoning.

The end result of an investigation is the factual explanation of what transpired, if the incident or
issue is history, or what is occurring, if the issue is of the present.

Two Categories of Investigation

There are two categories of investigation, constructive and reconstructive. Constructive

investigations are covert in nature, performed in secrecy. This type of inquiry occurs while the
suspected activity is taking place or anticipated. An example might be an investigation into a
complaint that a member of middle management solicits sexual favors from female subordinates and
reaps favors accordingly. The purpose of the constructive investigation is to determine if
objectionable activity is taking place.

Reconstructive investigations are necessary when an event has taken place and the
investigator must recreate what happened after the fact. This type of investigation is usually overt in
nature, carried out in the open. (Fulgencio, 2015)

(THE INVESTIGATIVE PROCESS)

As it pertains to the security industry, the investigative process is organizationally oriented as

opposed to being community oriented. Its objective in setting is to seek answers to the basic
questions-the what, who, where, when, why and how-regarding a condition, incident or action
deemed organizationally unacceptable, or to meet organizational objectives. Internal dishonesty, for
example, is an organizationally unacceptable activity. The background investigation of a prospective
new employee would meet one organizational objective.

Most of the investigative process takes place in the collection of information. This gathering or
collection is based on communication and observation. The answers to the six basic investigative
questions will be developed through communication-that is, the written or spoken word-or by
observation-that, physical evidence that can be observed (whether by human eye or microscope)
touched, or any way quantitatively measured.

Communication

Communication includes information received from informants, information developed through

the interview process, and information obtained in interrogation.

Consider a simple example. A homeowner, hearing the glass of his front window breaking,
runs to the room and commences an immediate inspection to determine the cause. He observes a
baseball lying among the pieces of broken glass. Sticking his head out of the broken window, ball in
hand, he shouts to a silent group of youngsters in the street. “Okay, you guys, which one of you did
it?” As he asks the question, simultaneously he observes that a boy named Harry is holding a
baseball bat. Based on the fact thus far gathered, he forms a hypothesis that Harry struck the ball
with the bat, causing the ball to enter the homeowner’s living room through the window.

Up to this point the homeowner, in a natural investigative role as a victim, has had only the
benefit of his own powers of observation in forming his hypothesis. But a couple of the boys in unison
say, “Harry did it.” The investigative process has advanced through communication from informants.
“Did you do it Harry?” ask the homeowner. “Yes sir,” answers Harry, dropping his head. The question
and its answer are two other basic elements of communication-interrogation and admission.

Ideally, as in this example, the investigator’s work is simplified if given some direction by an
informant, if witnesses are available and willing to cooperate, or if a suspect is known and can be
interrogated. Such simplification is not to suggest that all is easy in the communications aspects of
investigation. Quite the contrary! Developing informants, or developing a climate in which employees
or non-employees will voluntarily confide in you, is not easy. It takes a talent. The ability to extract
painlessly all the information a witness may have requires training and experience. Only a skillful
interviewer can get the specialist to explain the workflow of the finance unit so it is comprehensible
and understandable. Finally, the ability to interrogate, and in that interrogation to obtain voluntary
admissions and confessions; requires a high level of skill.

The point to be drawn is that communication, although not necessarily easy to manage well, is
often extremely helpful to the investigative process. Unfortunately, it is not always available. In such
circumstances, the investigator must rely totally on observation, at least during the initial of his
inquiry, as he seeks to know the What, Who, Where, When, Why and How of a situation.

Observation

Scientific technology, in such areas as fingerprinting, infrared photography, motion picture

photography, videotape and document analysis, to name but a few, plays a vital role in the
observatory aspects of modern investigation. In the author’s judgment (Dr. Fulgencio), perhaps too
much emphasis has come to be placed on technology and too little on man’s power of observations.

This is not to suggest that, because new cars are too sophisticated, we should return to the
horse and buggy. It is to emphasize that the common denominator of both the buggy and the car is
take one from point. A to point B. total reliance on the car could lead to immobility if it breaks down or
gas supplies run short. In an investigation we want to get from point A to point B, and we should be
able to walk, ride a horse, drive a buggy, ride a bicycle or use any other means of progress available
to us.

A far wide range of important information is available to us through our own powers of
observation than through the use of a laboratory. To see, to touch, to smell and to hear are all forms
of observation. Did you ever touch the hood of an automobile to determine if it had recently been
driven as evidence by its warmth? Did you ever mark the label on a bottle of liquor to determine later
if someone was taking authorized sips? Such uses of the power of observation are as natural and
commonplace as eating and breathing. Consider the example of a woman shopper who returns to her
new car, parked in the shopping center’s lot, only to find a scratch, dent or ding in her car door. It is
predictable (natural and commonplace) that this unskilled woman will promptly inspect the adjacent
automobile to determine if any part of that car reveals, at a height of a corresponding to the damage
to her car, any evidence of paint fragments that would prove culpability-coloration of victimized
vehicle on suspect vehicle, or vice versa.

In fact, the power of observation is natural and commonplace in seeking investigative answers
and solving problems, why is it that those who are professionally charged with conducting
investigations fall to understand, fully appreciate and maximize such powers? The answer, can be
found in modern technology, which militates against our need to fine-tune our own faculties.

Just a few decades ago, people had to rely their own resources. We do not. We hardly tape
our
Capabilities because we do not have to. In our advanced and sophisticated society, there is relatively
little need to be observant. Take the weather as an example. Today we have televised report on
tomorrow’s weather based on the sophisticated use of satellite photography. Whatever the weather
predicts, we accept. Yet, even now, there are men and women who can predict the weather with
remarkable accuracy by observing the nature in the raw – by observing cloud formation, density,
coloration, direction, temperature fluctuations, etc. Divers and fishermen will tell you that on a calm
day when all seagulls sit in the water, bad weather is coming fast – and their predictions are at least
as accurate as official forecasts. In terms of observatory skills, man is only as resourceful as his
needs. (Fulgencio, 2005)

Qualities of the Investigator

To the unlimited, the aspirant and the distant observer, there is an aura of romanticism
surrounding the investigator and his work. Their illusion is quickly dispelled in the light of reality. The
real world of investigative work is hard, demanding and rarely glamorous. Occasionally, a case may
come along that is exciting, or one in which answers come easily, but as a rule investigation is a
tedious, exhausting, frustrating, time-consuming and sometimes dirty (in the literal sense) process.
Invariably, the novice investigator is somewhat dismayed by the difference between his or her
preconceptions of the nature of the work and the reality.

Crimes are not solved b ingenious and clever super sleuths but by hardworking men and
women who universally share one common denominator: perseverance. In the other words of Samuel
Johnson, “Great works are performed, not by strength, but perseverance.” The investigative virtue is
defined as “holding to a course of action, belief, or purpose without giving way; steadfastness…
continuing strength or patience in dealing with something really difficult. It particularly implies
withstanding difficulty or resistance” in striving for a goal.

Qualities of Characteristics that are necessary in the effective investigation:

1. Observant
2. Resourceful
3. Patient
4. People-oriented
5. Understanding human behaviour
6. Knowledge about legal implications of the work
7. A skilled communicator
8. Receptive
9. Possessed of a sense of well-being
10. Dedicated to the work
11. A self-starter
12. Sceptical
13. Intuitive
14. Energetic
15. A good actor
16. Capable of sound judgment
17. Logical
18. Intelligent
19. Creatively imaginative
20. Of good character
21. Professional

Invariably a successful investigator whether a man or a woman will possess in varying degrees,
each of these traits, either as an innate or learned qualities.

Powers of Observation

Skill in observation does not come naturally. It must be learned or it must be practiced. It
requires seeing as opposed to merely looking; and, after seeing, the ability to draw intelligent
conclusions.

An underlying characteristic of a good observer is curiosity. If you are curious about a person,
the power of observation can reveal a great deal. In personal appearance and grooming, for instance,
are fingernails manicured or dirty? Are the nails chewed? Is the hair of convention cut, long and
shaggy, or carefully styled?

Obviously, there is much to see, and much can be learned by observing. This is not to say that
intelligent, concise or totally accurate conclusions can always be drawn from any given observation.
But valid conclusions can often be made. Think of the wife who waits up for her husband and
observers lipstick on his collar. He can speak eloquently of the power of observation.

Resourcefulness
 The resourceful person is one who, when one path or strategy is blocked or comes to a dead
end, finds another. He thinks in terms of alternatives: If this does not work, something else will. If the
information is not available at one source, he will turn to another. The person who lacks of
resourcefulness has a tendency to give up when the initial plan to strategy fails.

Patience

The quality of patience is not only a virtue in investigative work, it is essential particularly in
surveillance assignments. It is not uncommon in surveillance assignments for investigators to have to
sit in a parked automobile day after day, week after week. The average man would give-up, but
patience pays off for the investigator. We did hear of one impatient investigator – but he did not last
long.

Interaction with People

The investigator must be people-oriented. He must be comfortable around and with people.
Our two key sources of information are observation and people. People communicate, and there is a
direct relationship between the amount of rapport between two people and the amount of
communication.

The individual who likes and enjoys other acts like a human magnet; he attracts people. Those
who are uncomfortable around others subconsciously avoid or shun them – and that is perceived.
The investigator who enjoys people is usually very adaptable in adjusting to a wide spectrum of
different types of people. He is comfortable with the dock worker as well as an executive, with a
person on welfare or resident of a main street flophouse as well as a political or government official.

There is also something to be said for kindness and respect for others. It pays off when the
investigator is seeking assistance and information. This applies not only in developing information but
also in the day-in and day-out gathering of what appears to be inconsequential information.

Understanding Human Behavior

In addition to the human understanding involved in being people-oriented by nature, there is

another aspect of understanding human behavior that is important for the investigator. It belongs in
the area of practical psychology. The investigator has to have a fine sense for what makes most
people “tick.”

There are times when it is appropriate to cry, even for men; there are also times when it is
appropriate. That is true of laughter, sarcasm, anger, resentment and the whole range of emotions
and responses. Sensitivity to the reactions and emotions of others can make the difference between
success and failure. With the person who is experiencing shame, the empathic investigator can keep
communication alive. The investigator who fails to appreciate or understanding that person’s feeling
may act or react in a way that closes communication.

Understanding the Legal Implications

The investigator in the public sector today is very sensitive to the legal implications of his
actions. This is not always equally true in the private sector. This may be due, in part, to the very
clear distinction between public and private law enforcement that has existed in the past, particularly
in the private security man’s immunity from such restrictions as the Miranda requirements.

That situation is rapidly changing. The private security investigator may or may not be caught
up in the same legal problems as the public law enforcement officer, but the lines of difference are no
longer so clearly drawn. And many other legal ramifications affect the work of the private investigator,
particularly as it pertains to making arrests and the discharge of employees. The trend is to focus on
how and what the investigator did, rather than what the accused did. The investigator must therefore
be sensitive to the gray areas of the law, as well as clearly defined legal limitations on his actions.
(Fulgencio, 2005)

DEFINITION OF TERMS

ABDUCTION – The elements constituting the crime of abduction are: (1) the person kidnapped must
be a woman. It is immaterial if she is a widow, a married woman, or virgin, as all three classes are
comprised within the generic term of “woman.” (2) The crime must be committed against her will. (3) It
must be committed with unchaste designs, that is, with the intention of lying with the woman.

ABUSE OF RIGHTS – A principle in Civil Law, which holds that indemnity for damages, may be
granted in cases where there is an abuse of rights. A person should be protected only when he acts
in the legitimate exercise of his right, that is, when he acts with prudence and in good faith; but not
when he acts with negligence or abuse. Such principle is found in the Chapter on Human Relations in
the Civil Code.

ACCESSORY – The accessory of an automobile is any article designed to be used in connection with
such vehicle to add to its utility or ornamentation and which is primarily adapted for such use whether
or not essential to the operation of the vehicle.

ACCOMPLICE – One who is concerned in the commission of a crime. In its fullness, the term
“accomplice” includes in its meaning all persons who have been concerned in the commission of a
crime, all participes criminis, whether they are considered in strict legal propriety as principals in the
first or second degree or merely as accessories before or after the fact. In general, the word
“accomplice” should be rendered into Spanish by the use of some such as “participante en el delito.”

ACT OF LASCIVIOUSNESS – All acts of lewdness committed upon a person of either sex, short of
lying with a woman and anything leading up to it. What constitutes lewd or lascivious conduct must be
determined from the circumstances of each case.

AFFIDAVIT - Summary judgment. The kind of affidavit necessary to support a summary judgment is
that affidavit from which it may be clearly drawn that certain facts pleaded by either party are certain,
undisputed and indubitable which dispense with the hearing or trial of the case.

AGENT – A person who binds himself to render some service or to do something in representation or
on behalf of another, with the consent or authority of the latter.

ALIBI – To establish alibi, a defendant must not only show that he was present at some other place at
about the time of the alleged crime, but also that he was at such other place for so long a time that it
was impossible for him to have been at the place where the crime was committed, either before,
during, or after the time he was at such other place.

ALLEGED – The word “alleged” or “allegedly” connotes something “claimed”. It leaves the truth of the
averment an open question.

ARBITRARY DETENTION – Arbitrary detention begins not merely from the moment a person is
locked up in prison cell but from the moment such person is deprived of his liberty without legal
grounds. And it ends only when such person is absolutely freed from any restraint on his person.

ARREST – It is the taking of a person into custody in order that he may be bound to answer for the
commission of an offense.

ARSON - Is defined as the intentional or malicious destruction of a property by fire. It is also defined
as the criminal burning of property.

AUTHORITY – A person or persons, or a body, exercising power or command; for those upon whom
the people have conferred authority.

BAIL – The word “bail” as used in the prohibition against excessive bail is inadequately translated by
the word “fianza”, as bail implies a particular kind of bond that is to say, a bond given to secure the
personal liberty of one held in restraint upon a criminal or quasi criminal charge.

BOMBING - Any incident which uses a device constructed with criminal intent and using high
explosives, low explosives, or blasting agents explodes. This term also refers to incidents where
premature detonation occurs during preparation, transportation, or placement of a constructed device.
BOMB THREAT – An information or warning, written or oral, claiming knowledge that a dangerous
device, such as a bomb or similar type of explosives, has been or will be placed in a building, aircraft,
sea craft or other facilities with the intent to harm people and destroy properties.

CARNAPPING - The taking, with intent to gain, of a motor vehicle belonging to another without the
latter’s consent, or by means of violence against or intimidation of persons, or by using force upon
things.

CAUSE OF DEATH – A declaration of by what means and by whom the declarant was injured is
within the purview of the term “the cause of the declarant’s death” in a dying declaration.

COMMAND POST/HOLDING AREA - Area where case conferences, briefings and debriefings are
being conducted by the responding agencies.

CRIME SCENE – A venue or place where the alleged crime/incident/event has been committed.

CRIMINAL INVESTIGATION – It is the collection of facts in order to accomplish the three-fold aims –
to identify the guilty party; to locate the guilty party; and to provide evidence of his (suspect) guilt.

CRIMINAL INVESTIGATOR – A public safety officer who is tasked to conduct the investigation of all
criminal cases as provided for and embodied under the Revised Penal Code/Criminal Laws and
Special Laws which are criminal in nature. A well-trained, disciplined and experienced professional in
the field of criminal investigation duties and responsibilities.

DUE PROCESS OF LAW – The requirement that no person shall be held to answer for a criminal
offense without “due process of law” simply requires that the procedures fully protect the life, liberty,
and property of the citizens in the State.

DYING DECLARATION – Requisites. In order that a dying declaration may be admissible, the
following requisites must concur; 1) it must concern the crime involved in and the circumstances
surrounding the declarant’s death; 2) at the time of the declaration, the declarant must be conscious
of impending death; 3) the declarant must be competent as a witness; and 4) the declaration must be
offered in a criminal case for homicide, murder, or parricide in which the declarant was the victim.

EXPLOSIVES – Any chemical compound, mixture or device, the primary or common purpose of
which is to function by explosion. The term includes, but is not limited to, high explosives, black
powder, pellet powder, initiating explosives, detonators, safety fuses, squibs, detonating cord, igniter
cord and igniter.

EXPLOSIVE INCIDENTS – Any explosives-involved situation that encompasses bombings,

incendiary bombings, attempted bombings, stolen and recovered explosives, threats to government
facilities involving explosives, hoax devices and bomb threats.

FENCING –Is the act of any person who, with intent to gain for himself or for another, shall buy,
receive, posses, keep, acquire, conceal, sell or dispose of, or shall buy and sell, or in any other
manner deal in any article, item, object or anything of value which he knows, or should be known to
him, to have been derived from the proceeds of the crime of robbery or theft.

FIRST RESPONDERS – Are members of the police, military, fire, medical teams, and other volunteer
organizations who are expected to be the first to respond to calls for assistance in cases of incidents
involving explosives.

HOMICIDE - Any person who shall kill another without the attendance of any of the circumstances
enumerated in the crime of murder. (Under Art 249 RPC)

IN FLAGRANTE DELICTO – In the very act of committing a crime.

INVESTIGATION – While instigation exempts, entrapment does not; the difference between the two
beings that in entrapment the crime had already been committed while in instigation the crime was
not yet, and would not have been, committed were it not for the instigation by the peace officer. - An
inquiry, judicial or otherwise, for the discovery and collection of facts concerning the matter or matters
involved.
- It is the process of inquiring, eliciting, soliciting and getting vital information/facts/circumstances in
order to establish the truth.
INVESTIGATOR/OFFICER – Shall refer to any law enforcement personnel belonging to the duly
mandated law enforcement agencies (LEA) tasked to enforce Republic Act 9208 such as officers,
investigators and agents of the Philippine National Police, National Bureau of Investigation, Bureau of
Immigration.

MIRANDA DOCTRINE – A principle on the rights of a suspect from forced self-incrimination during
police interrogation as enshrined in the 1987 Philippine Constitution’s Bill of Rights (Article III, Sec.
12).

MURDER – Any person who shall kill another person with evident premeditation, treachery, superior
strength, aid of armed men, consideration of prize and reward of promise and by means of fire,
poison, explosion and other means involving great waste and ruin. (Under Art 248, RPC)

NATURAL DISASTER - A disaster caused by natural forces rather than by human action, e.g. floods,
storms, typhoons/tornados, drought, earthquakes, volcanic eruptions.

PARENTS PATRIAE – Parent or guardian of the country. The states as a sovereign, as parent
patriae, has the right to enforce all charities of a public nature, by virtue of its general superintending
authority over the public interest, where no other person in entrusted with it. A prerogative inherent in
the supreme, power of every State, to be exercised in the interest of humanity, and for his prevention
of injury to those who cannot protect themselves.

PHYSICAL EXAMINATION - The conduct of examining the engine and chassis number of a motor
vehicle by a Crime Laboratory Technician and/or Police Officer through the use of the naked eyes to
determine whether there is a sign of tampering/alteration.

PHYSICAL EVIDENCE - Evidence addressed to the senses of the court that are capable of being
exhibited, examined, or viewed by the court. This includes but not limited to fingerprints, body fluids,
explosives, hazardous chemicals, soil/burned debris, bombs, electronic parts used in the commission
of the crime.

PHYSICAL INJURY- Harm done to a child’s psychological or intellectual functioning which may be
exhibited by severe anxiety, depression, withdrawal or outward aggressive behavior, or a combination
of said behaviors which may be demonstrated by a change in behavior, emotional response or
cognition;

PIRACY – The act of exact, unauthorized, and illegal reproduction on a commercial scale of a
copyrighted work or of a trademarked product.

PNP CRISIS MANAGEMENT COMMITTEE (PNP CMC) - A Committee created by the PNP that
specifically handles cases of kidnapping. POINT OF ORIGIN - The exact physical location where a
heat source and fuel comes in contact with each other and a fire begins.

POLICE BLOTTER – A record or log where all types of operational and undercover dispatches shall
be recorded containing the five "W"s (WHO, WHAT, WHERE, WHEN AND WHY) and one "H" (HOW)
of an information.

POST-BLAST INVESTIGATION (PBI) - Comprehensive forensic inquiry specifically on a bombing

incident through conduct of various investigative techniques which involves recovery of physical
evidence mainly for reconstruction of explosive fragments recovered to determine the device
components, the modus operandi and subsequently to identify the perpetrator(s).

POST BLAST INVESTIGATION TEAM – Composed of the criminal investigator(s) assisted by the
bomb technicians/EOD personnel and SOCO personnel.

SPOT REPORT – Refers to an immediate initial investigative or incident report addressed to Higher
Headquarters pertaining to the commission of the crime, occurrence of natural or man-made disaster
or unusual incidents involving loss of lives and damage of properties.

SUSPECT OR SUSPECTS – Individual(s) who is/are pointed to be by the victim(s) and witness (es)
to have had committed the crime in issue. Subject person is not considered as a criminal unless
otherwise his/her conviction is pronounced in the court. (PNP Criminal Investigation Manual 2011)
Learning Assessment: (For Module 3)

a. What is the very objective why the security department of a company is conducting its own
investigation when there’s an incident happened inside the compound or facility?

b. After the security investigator has already conducted his investigation to an employee who was
caught stealing the company’s property, is it necessary to turn over the suspect to the nearest police
station? Why?

c. The soft drinks company is currently having its expansion by constructing another building for
their bottling operations. You are told by the President of the company that the construction firm who
won the bidding is about to send their workers and the heavy equipments five (5) days from now.
Being the company’s security manager, what security measures do you want to be implemented
inside?

d. Incident report making for every security guard is essential for it is very basic thing that the
security guard on duty shall make it whenever there is an incident happened. You know already that
many guards assigned in your company have lack of knowledge about this and not even understood
how to use the 5w’s & 1H. As a security manager of the company, what remedy you think is best to at
least improve the guard’s skills in report writing?

MODULE 4- GENERAL PRINCIPLES OF INVESTIGATION

1.1 DEFINITION OF INVESTIGATION

Investigation is the collection of facts to accomplish a three-fold aim: a. to identify the suspect; b.
to locate the suspect; and c. to provide evidence of his guilt. In the performance of his duties, the
investigator must seek to establish the six (6) cardinal points of investigation, namely: what
specific offense has been committed; how the offense was committed; who committed it; where
the offense was committed; when it was committed; and why it was committed.

1.2 PROTOCOLS IN INVESTIGATION Protocol 1: Jurisdictional Investigation by the Territorial Unit

Concerned The Police Station, which has territorial jurisdiction of the area where the crime
incident was committed, shall immediately undertake the necessary investigation and processing
of the crime scene, unless otherwise directed by higher authorities for a certain case to be
investigated by other units/agency.

Duties of the First Responder

a. Proceed to the crime scene to validate the information received;

b. Record the exact time of arrival and all pertinent data regarding the incident in his issued pocket
notebook and notify the TOC;

c. Cordon off the area and secure the crime scene with a police line or whatever available material
like ropes, straws or human as barricade to preserve its integrity;

d. Check whether the situation still poses imminent danger and call for back up if necessary;

e. Identify possible witnesses and conduct preliminary interview and ensure their availability for the
incoming investigator-on-case;

f. Arrest the suspect/s if around or in instances wherein the suspect/s is fleeing, make appropriate
notification for dragnet operations;

g. Prepare to take the “Dying Declaration” of severely injured persons with the following requisites:

1. That death is imminent and the declarant is conscious of that fact;

2. That the declaration refers to the cause and surrounding circumstances of such death;

3. That the declaration relates to facts which the victim is competent to testify to; and
4. That the declaration is offered in a case wherein the declarant’s death is the subject of the inquiry.
(Section 37, Rule 130 of the Rules of Court).

h. Evacuate the wounded to the nearest hospital using emergency services;

i. Account for the killed, wounded and arrested persons for proper disposition;

j. Conduct initial investigation; and

k. Brief the investigator-on-case upon arrival and turn over the crime scene. PNP Criminal
Investigation Manual 2011 1 - 4

l. Conduct inventory on the evidence taken at the crime scene; Inventory receipt should be properly
signed by the first responder, SOCO and the investigator.

PHASES OF INVESTIGATIONS

The main objective of a police investigator is to gather all facts in order to:

Phase I Identify the suspect/s through (1) confession; (2) eyewitness testimony, (3) circumstantial
evidence; and (4) associate evidence;

Phase II Locate and apprehend suspect/s; and

Phase III Gather and provide evidence to establish the guilt of the accused.

In proving the guilt of the accused in court, the fact of the existence of the crime must be established;
the accused must be identified and associated with the crime scene; competent and credible
witnesses must be available; and the physical evidence must be appropriately identified. The
investigator must know by heart the elements of a specific crime.

CRIME SCENE PROCESSING

a. The Crime Scene Search

1. Processing and Securing a Crime Scene – Processing a crime scene includes the application of
diligent and careful methods by an investigator/policemen to recognize, identify, preserve and collect
fact and items of evidentiary value that may assist in reconstructing that which actually occurred. The
crime scene is the area surrounding the place where the crime occurred. The processing of the area
at the scene includes all direct traces of the crime. And this is determined by the type of crime
committed and the place where the act occurred.

2. Protecting the Crime Scene and the Evidence – Successful crimes scene processing depends
upon the policeman’s or investigator’s skill in recognizing and collecting facts and items of value as
evidence, and upon his ability to protect, preserve, and later, to present these in a logical manner.
This requires making careful and detailed notes and sketches; written statements and transcribing
verbal statements of witnesses, suspects and marking and preservation of collected physical objects
of evidentiary nature.

3. Laboratory examination of objects and substances located usually at the crime scene. Objects and
substances needing examination in some cases are carried, intentionally or unintentionally, by
suspects from the crime scene. (PNP Criminal Investigation Manual 2011)

RA 7438 – RIGHTS OF THE PERSON UNDER CUSTODIAL INVESTIGATION Violations under RA

7438:
a. Any arresting public officer or employee or any investigating officer, who fails to inform any person
arrested, detained or under custodial investigation of his rights to remain and to have competent and
independent counsel preferably of his own choice; and

b. Any person who obstructs, prevents or prohibits any lawyer, any member of the immediate family
of a person arrested, detained or under custodial investigation, or any medical doctor or priest or
religious minister or by his counsel, from visiting and conferring privately chosen by him or by any
member of his immediate family with him, or from examining and treating him or from ministering to
his spiritual needs. (PNP Criminal Investigation Manual 2011)

What is the primary job of an investigator in order to determine whether or not an offense has
been committed under the law?

Primarily, the job of an investigator is to discover whether or not an offense has been
committed under the law, after determining what specific offense has been committed. He must
discover How it was committed, by Whom it was committed, Where was it committed, When was it
committed, and under certain circumstances, Why it was committed.

What are the five (5) qualities of a good investigator?

a. The ability to persevere or stick to a task in spite of the monotony and the many obstacles
which surrounds it;
b. He must have certain abilities and an intelligence which would enable him to acquire
information easily and readily and to use this information truthfully. He should have the
capacity to think through situations. The investigator must be as intelligence as the offender;
c. He must be honest. He must be incorruptible and must possess personal integrity. The
investigator will be subjected to all kinds of temptations: physical, emotional and material.
Temptation to gain will be continuously present and he must be able to recognize and resist it.
d. He must have an understanding of the people and the environment in which he lives. He must
know the weakness and strength of the people, so that he can use them to his advantage,
particularly during interrogation. A knowledge of the psychology of human behaviors is
essential to the investigator. The investigator should be aware of the factors of the social
pattern that contributes to the kinds of behaviors exhibited by the individual.
e. He must have a keen power of observations and accurate description. Observation implies a
clear mental picture of what is seen. It requires a seeing of detail, a study of detail, and a
recognition that the whole picture is composed of many details.(Tradio, 2000)

Define Physical Evidence.

Articles and materials which are found in connection with the investigation and which aid in
establishing the identity of the perpetrator or the circumstances under which the crime was committed
or which, in general assist the prosecution of the criminal.

Name the Kinds of Physical Evidence

a. Corpus Delicti – Objects or substances which are essential parts of the body of crime.
b. Associative Evidence – Evidence which links the suspect to the crime scene or offense.
Fingerprints and shoe impressions are good example.
c. Tracing Evidence – Articles which assist the investigator in locating the suspect.

What are the evaluation of Physical Evidence?

The investigator must be able to recognize the valuable physical evidence and determine it is
significance to the offense. In order that an investigator can appreciate the value of physical
evidence, he must have the following characteristics:

a. A knowledge of the law of evidence

b. Ability to recreate imaginatively the event preceding during and after the commission of a
crime.
c. Ability to recognize indications of a “modus operandi.”
d. Knowledge of substantive law relating to the offense.
e. Knowledge of scientific laboratory techniques and the conclusions which may be derived from
their use.(Tradio, 2000)

THREE TOOLS OR THE 3 I’s IN CRIMINAL INVESTIGATION

1. Information – is the knowledge which the investigator gathered and acquired from other
persons.
 2. Interrogation – is the process of questioning witnesses and suspects to obtain further
information. The effectiveness of interrogation depends on the craft, logic, and psychological
insight of the interrogator in interpreting the information relevant to the case.
3. Instrumentation – is the application of instruments and methods of physical science to the
detection of crime. It is the application of physics, chemistry, and biology in crime detection.

MODUS OPERANDI

It means the method of operation. The modus operandi file enables the investigator to
recognize a pattern of criminal behavior, to associate a group of crimes with a single perpetrator to
enable them to predict, approximately, the next target of the criminal, and to assist the complainants,
eyewitnesses and investigators to recognize the perpetrator by means of the recorded information
concerning the characteristics of his criminal activities.

The modus operandi records are classified and filed in such a way as to assist in identifying
the crime as one committed by a known criminal or as one of a series committed by an unidentified
criminal.

Modus operandi record devised by Major General Sir Llewely Atcherly, is a method which has
been accepted and adopted by several police department. It consist of:

a. Property – the nature of the stolen property provides an excellent clue in crimes which involves
robbery or theft.
b. Description – if the criminal was observed, a verbal description is usually the most important
clue to the identity of the perpetrator.
c. Observation at the Scene – the data of the scene are important since they may result in a
useful pattern. Thus, the objects and substances seen, tasted, or felt will contribute to the
complete picture.
d. Motive – in addition to the acquisition of property, there are many other criminal motives. Thus,
in murder, rape and assault, in general, a pattern of behavior may be discerned in the course
of a series of crime. This observation is particularly true with regard to the crimes
accomplished by the psychopaths.
e. Time – the time at which the crime was committed is an important element in the pattern.
Naturally, since the exact moment of occurrence cannot be readily established in many cases,
the investigator must endeavour to establish the time of occurrence between determinable
limits.
f. Peculiarities – from evidence, weakness of character will ordinarily reveal themselves in the
uninhibited surroundings of the crime. Peculiarities such as partaking of the victim’s liquor,
psychopathic defecation, and theft in inconsequential items such as ties or cuff links are
particularly significant.
g. Observed Peculiarities – an observer of the offense may be able to supply valuable clues in
the form of personal idiosyncrasies. Speech is one of the most important clues. Enunciation
dialect, and diction can be closely described. (Tradio, 2000)

METHODS OF OBTAINING INFORMATION

A. INTERVIEW

1. Interview Defined.

An interview is the questioning of person who is believe to possess knowledge that is official
interest to the investigator. In an interview, the person questioned usually gives his account of an
incident under investigation or offers information concerning a person being investigated in his own
manner and words.

2. Give the importance of an Interview

In most cases, interviews are the only sources of information and great part of the investigation
is devoted to them.

3. Give and Explain the Qualification of an Interview.

a. Rapport – Good relationship between the interviewer and the subject. The investigator
must endeavour to win the confidence of the subject wherever this is possible. Rapport will let the
subject unloose a flood of useful information, while strange relationship between interviewer and
subject will make the latter be reluctant to give any desired information.

b. The interviewer must possess a forceful personality. He may induce trust and
confidence by the strength of his character. He must by sympathetic and understanding without any
air of superiority.

c. Breadth of Interest – It is necessary for the interviewer and the subject to develop a
meeting ground of interest. The interviewer must have a sympathetic personality, broad practical
knowledge and knows the background of the subject. He must be acquainted with the social behavior
and life of gamblers, the temperament of storekeeper, etc.

d. A good investigator must have the qualities of a salesman, an actor, and a psychologist.
He must possess insight, intelligence and persuasiveness. His speech should be suited to the
situation.

Distinguish Interview from Interrogation.

The term interview may be used to mean the simple questioning of a person who is
cooperating with the investigator, while interrogation may be used to describe the vigorous
questioning of one who is reluctant to divulge information.

Background Interview

What are the common data required for the background report?

Background interview is the simplest type of interview which concerns itself with the gathering
of information regarding the background of a person. The following are the common data required for
a background report:

a. Background date – which must include the following:

1. Date and time of the interview
2. Name, vocation and address of the interviewed
3. Full name of the subject
4. Length of acquaintance in years
5. Type of contract, whether business or social
6. Degree of association, whether daily, occasionally or rarely
7. When last seen
8. Names-parents, brothers and sisters
9. Marital status and children
10. Residence-past and present
11. Educational background
12. Personal and financial habits
13. Personality traits
14. Membership in organizations
15. Relatives in foreign lands
16. Honesty, loyalty and discretion
17. Recommendation for a position of trust
18. Evaluation
19. References

Stages of Interview in Criminal Cases

a. Preparation – Before the actual interview, the investigator should mentally review the
case and consider what information the subject can contribute. He must acquaint himself with the
background of the witness, plan his interview, and when necessary, prove himself with a checklist of
the important points of the future interview.

b. Approach – On the first meeting between the investigator and the witness, the
investigator should show his credentials and inform the subject of his identity. This is done to avoid
misunderstanding and future charge of misrepresentation.
 c. Warming-up – Preliminary subject matter of the conversation must be focused to warm-
up the atmosphere, to promote cordially and trust with each other. The witness should be given every
opportunity to give a complete account without interruption.

d. Questioning – The interviewer or investigator should start questioning on points he

wants to elicit. Elements of the offense and his knowledge of the crime should guide the investigator
in his questioning.

What are the Rules to be observed in Questioning?

Questions should only be asked when the person appears prepared to give the desire
information in an accurate fashion. Direct questions have a restraining effect and will not be suitable
until the witness has given his own story and ready to cooperate in giving additional information. The
following are the rules to be observed:

a. One question at a time – multiple questions are confusing.

b. Avoiding implied answer – implied answers are useless. Suggesting the answer defeats
the purpose of the interrogation.

c. Simplicity of the questions – long, complicated and legalistic questions are confusing
and irritating. Subject may refuse to answer and this cause embarrassment and
resentment.

d. Saving faces – embarrassing situation on the subject because of exaggeration or error

in matter of time, distance and description can be avoided if the interrogator will
cooperate with the subject to save “his face.” The investigator should not ridicule his
stupidity, poor judgment and other deficiencies.

e. “Yes” and “No” Questions – Do not insist on a “yes” or “no” answers because it will
result to inaccurate answers and prevent a flow of information. Qualified answers should
encouraged.

f. Positive Attitude – A positive way of questioning and approach should be employed. A

negative method of questioning is inviting a negative answer. Timidity and lack of
confidence on the part of the investigator are easily detected by an average man.
Leadership and firmness are respected and command acquiescence.

B. INTERROGATION

Interrogation Defines.

An interrogation is a questioning of a person suspected of having committed an offense or of a

person who reluctant to make a full disclosure of information in his possession which is pertinent to
the investigation.

What are the purposes of Interrogation?

a. To obtain a confession to the crime.

b. To induce the subject (suspect or witness) to make an admission.
c. To learn the facts and circumstances surrounding the crime.
d. To learn the identity of the accomplices.
e. To develop information which will lead to the recovery of the fruits of the crime.
f. To discover the details of other crimes participated in by the suspect.

What should be the attitude of the Investigator in the Interrogation Room?

a. Dominate the Interview – The strength of the personality of the investigator must dominate and
command the situation. He must never lose self-control, be ill-tempered, hesitant in the face of
any violent reaction, or obvious fumbling for questions as a result of lack of resourcefulness.
b. Distracting Mannerism – Anything that will distract the attention of the subject should be
avoided. Passing in the room smoking, telephone ringing, etc., should be avoided.
 c. Language – The language of the interrogator must be in consonance with the level of the
subject’s mentality. The choice of words should be made with the view to encourage a free
flow of speech from the subject.
d. Dress – Civilian dress is more likely to inspire confidence and friendship in a criminal than a
uniform. The sight of a protruding gun may arouse enmity or a defensive attitude on the part of
the criminal.
e. Preliminary Conduct – It is advisable to identify yourself and inform the subject of the purpose
of the investigation. At the start, you must inform the suspect of his rights against self-
incriminatory questions.
f. Presence of Other Person(s) – Limit the number of persons present during the interrogation.
Ordinarily, the investigator or rather the interrogator should be alone with the subject and that
other parties maybe called in for specific purposes, such as signing the confession.
g. Place – Interrogation must in an office or room where the interrogator shall have psychological
advantage. In the subject’s home, he may be confident, indignant, or recalcitrant.(Tradio,
2000)

Learning Assessment: (for Module 4)

a. Scenario:
Johnny, a 17 year old truck helper was accidentally hit by a reversing truck that caused to his
instantaneous death. Prior to the incident, Johnny was sleeping on the pavement at the back portion
of his attended truck. The truck driver Danilo of legal age, not knowing the presence of Johnny at the
back, suddenly maneuvering in reverse motion that accidentally hit the victim. Incident occurred at
one parking area of the facility.

Considering that there’s a crime scene due to this incident, and being the security manager of
the company, what instruction do you give to the guard assigned in the parking area?

b. You received a phone call from an anonymous caller that there is a bomb placed at a certain
area of the compound. Being the Detachment Commander, what will be your initial action on this?

MODULE 5. POLICE REPORT

POLICE REPORT

Primarily, report is defined as an account of any occurrence prepared after thorough

investigation. It is also defined as an account or statement describing in detail an event, situation, or
the like, usually as the result of observation or inquiry. (Balares, et. al., 2016)

Police report is an exact narration of facts discovered during the course of crime investigation
which serves as a permanent written record for future reference. It also defined as a permanent
written record of police activities classified as informal and formal which communicates important
facts concerning people involved in criminal activities. (Foronda, 2009)

On the other hand, police report deals with the story of action performed by police personnel. It
is chronological or step-by-step account of an incident that transpired in a given time, at a given
place. It is also defined as an account of some subjects specifically investigated, or an official
statement of facts. Police report results from the fact that someone has asked for them and needs
them for immediate or future use. In any event, police reporting has become one of the most
significant processes in modern police operations.

A police officer, after rendering his/her duty, must render a report. His immediate supervisor
must be aware of the things he/she had done in the field during his/her tour of duty, and submitting a
report is the only way to do that. Making a report is also the means of recognizing his/her good deeds
that may deserve a merit or award.

Police report writing is considered technical writing, and as such, one needs to develop
special skills and techniques. Police report writing is the backbone of criminal investigation and
prosecution.

Quite literally, the success of police operation depends upon the quality if the report and the
ability of the police officer to write them effectively. The PNP relies on written reports to relay
information to superiors, co-workers, the courts and numerous other agencies. Reports are also used
to train personnel and to get people to follow procedures and policies. (Balares, et. al., 2016)

WHAT ARE THE PURPOSES OF POLICE REPORTS?

1. Written report to serve as materials from which records system are made;

2. Written report to reveal as part of the component or the record system, the direct relationship
between the efficiency of the department and the quality of its reports and reporting
procedures;

3. Written report to guide police administrators for policy formulation and decision making;

4. Written report to serve as a gauge/yardstick for efficiency evaluation of police officers; and

5. Written report to guide prosecutors and courts in the trial of criminal cases investigated by the
police. (Foronda, et. al., 2009)

WHAT IS A POLICE REPORT?

The author (Dr. Foronda), quoting the article of Dr. Soriano, stated that report is basically a
story of actions performed by man. A police report is chronological or step-by-step account of an
accident that transpired in a given time, at a given place. It is also defined as an account of an
investigation, of an official statement of facts. Police reports result from the fact that someone has
asked for them and needs them for immediate or future use. In any event, police reporting has
become one of the most significant processes in modern police operations.(Foronda, 2009)

WHAT ARE THE IMPORTANT USES OF REPORT WRITING?

1. Reports serve as records for police administration in planning, directing, and organizing the
unit’s duties.
2. Reports can be used as legal documents in the prosecution of criminals.
3. Reports are utilized by other agencies.
4. Reports can be useful to tri-media for public information purposes
5. Reports can be utilized for research purposes.
6. Reports improve the personality of the writer

WHAT ARE THE CRITERIA TO BE CONSIDERED IN REPORT WRITING?

The Language

1. Clarity
2. Accuracy
3. Brevity
4. Specificity
5. Completeness
6. Timeliness
7. Security
8. Impartiality

According to the book of Dr. Oscar Soriano, one of the most basic considerations of report writing
is the language used. Direct-to-the-point words are essential to good police report writing. Use of
specific words also contributes to factual police reports. Every complete sentence must have at least
one subject and one predicate. Diction refers to the manner and style of expression in words.

It is almost always necessary to use a paragraph in any narrative report. A paragraph is simply
a warning to the reader that a change in thought is about to occur, or that a new subject to be
explored. The report should be complete, easily understood, brief and accurate.

1. Clarity – The police report must be clear and it should be written directly and easy to
understand.
 2. Accuracy – The police report must conform to the established rules of syntax, format, spelling
and grammar. The data presented must be precise and the information given must be factual.

3. Brevity – The police report must be short, with simple sentences, common words and easy to
understand.

4. Specificity – The police report must be specific by using concrete examples. A good
descriptive narration gives life to the written words through particular terms that project hues,
movements, quantities and shapes.

5. Completeness – The police report must be complete by using the 5W’s and 1 H.

6. Timeliness – The police report must be submitted on time. As much as possible immediately
after the incident has happened.

7. Security – The police report must be considered classified, hence, transmission, handling, and
access to these reports should be limited only to police personnel who are granted by higher
authority security clearance. It is a top secret documents.

8. Impartiality – The police report must know what the receiving office needs to know. Important
data must not be omitted or added to conceal responsibilities, to impute liabilities or to favor
parties.

WHAT IS NEEDED IN PREPARING AND WRITING A REPORT?

The police writer will make an outline from the facts of the case and follow a chronological
sequence. After an outline has been identified they will make sure that their notes will be organized
and reviewed first for completeness prior to the actual writing of the report. The outline should answer
the 5Ws and 1H. The facts presented in Report Writing should prove the importance of police report.
The real answers lies in the quality of the result of accomplishment and basic principles. The police
reports are from simple, brief memorandum to a complex. Formal investigation requires the
application of basic standards such as clear, pertinent, brief, complete, current, accurate, fair,
properly classified, informative, and objective. It should be submitted in proper formal and should be
on time.

WHAT ARE THE TWO (2) TYPES OF POLICE REPORT?

1. An informal report usually is a letter or memorandum or any one of many prescribed or used in
day-by-day police operations. It customarily carries three items besides the text proper; date
submitted, subject, and persons or person to whom submitted. It may, however, contain many times
of administrative importance along with the subject matter of the text. Actually, most police reports
may be placed in this category.

2. A formal report suggests a full-dress treatment, including cover, title page, letter of transmittal,
summary sheet, text, appendixes, and perhaps an index and bibliography.

WHAT ARE THE CLASSIFICATIONS OF POLICE REPORT?

a. Performance report which contains information as to the status of an activity, activities, or

operations.
b. Fact-finding report which involves the gathering and presentation of data in logical order,
without an attempt to draw conclusions.
c. Technical report which presents data on a specialized subject.
d. Problem-determining report which attempts to find the causes underlying a problem or to find
whether or not a problem really exists.
e. Problem solution report which analyses the thought process that lies behind the solution of a
particular problem.

HOW ARE POLICE REPORTS CATEGORIZED?

 a. Operational Reports include those relating to the reporting of police incidents, investigation,
arrests, identification of persons, and a mass of miscellaneous reports necessary to the
conduct of routine police operations.
b. Internal Business Reports relate to the reporting necessary to the management of the agency
and include financial reports, personnel reports, purchase reports, equipment reports, property
and maintenance reports, and general correspondence.
c. Technical Reports presents data on any specialized subject, but usually relate to completed
staff work and add to the specific knowledge necessary to proper functioning of police
management.
d. Summary Reports furnish intelligence information necessary to the solution of crime accident,
and police administrative problems.

ANATOMY OF CRIME as explained by Commissioner Dir. Gen. Miguel Coronel.

WHAT ARE THE ELEMENTS OF A CRIME TO HAPPEN?

“For any crime to happen, there are three (3) elements or ingredients that must be present at
the same time and place. These are the MOTIVES, the INSTRUMENTALITIES and the
OPPORTUNITIES.

The motives are the reasons or causes why a person or group of persons perpetuate a crime.
Examples are disputes, economic gain, jealousy, revenge, insanity, and thrill. Intoxication, drug
addiction and many others.(Foronda, 2009)

INSTUMENTALITIES

OPPORTUNITIES

MOTIVES

As presented by Gen. Miguel Coronel – Commissioner, NAPOLCOM

The Instrumentalities are the means or instruments used in the commission of the crime. It
could be firearm, a bolo, a fan knife, and icepick, poison or obnoxious substance, a crow bar, a
battery-operated hand drill for carnapping motor vehicle, etc. Both the motives and instrumentalities
belong to and are harboured and wielded respectively by the criminal.

The Opportunities consist of the acts of omission and/or commission by a person (victim)
which enable another person or group of persons (the criminal/s) to perpetrate the crime. Illustrative
examples include leaving one’s home or car unattended for a long time, walking all alone in a well-
known crime prone alley, wearing expensive jewelries in slum area, readily admitting a stranger into
one’s residence and the like. Opportunity is synonymous with carefulness, acts of indiscretion and
lack of crime prevention-consciousness on the part of the victim.

Whether the crime incident would happen or not, it will depend on the presence and merging of
MOTIVES, INSTRUMENTALITIES and OPPORTUNITIES at the same time and the same place. The
absence of any one ingredient, out of the three, will mean that there shall be no crime. The most that
could happen is an accident arising out of reckless imprudence; since there is no motive. A freak
crime incident shall occur when all the three elements are present and merged at the same time and
the same place; but the victim is not the intended one, due to mistaken identity.”

WHAT IS POLICE REPORT WRITING FORM?

Every agency has its own forms and procedures for competing operational reports. But there is
a standard format on how to prepare a report that is simple yet complete.

We have what do you call a basic or informal report that deals with the ordinary miscellaneous,
day to day memorandum, letter, or form accomplished by any member of the unit, section,
precinct/station or department in accordance with the prescribe general orders, special order,
circulars, numbered memoranda.

WHAT ARE THE CONTENTS OF THE BASIC OR INFORMAL REPORT?

a. The heading or the letter head of the organization.

b. The date of preparation or submission.

c. The person or office to whom it is addressed or submitted.

d. The name of the writer or source of the report.

There are some exceptions to the Rule such as but not limited to: Reports of investigation on
administrative complaints and minor cases involving violation of city/municipal ordinances, basic or
informal reports are generally internal in nature. It seldom goes out of the department. What is a
Report? It is a permanent written record which communicates all important facts of the case to be
used in the future.

Capt. Henry Wrobleski, Book for the Record: Report Writing in Law Enforcement wrote:

HOW ARE THE LAW ENFORCEMENT REPORTS CLASSIFIED?

1. Administrative Reports
2. Operational Reports

Administrative reports deal with the routine functioning of the department or agency. Such reports
may cover proper uniform, reporting procedures, and grievances. This book is primarily concerned
with the second type of report, operational reports, which deals with the activities of the law
enforcement officers.

WHAT ARE THE TYPES OF REPORTS TO BE PREPARED?

INITIAL OR PRELIMINARY REPORT. This is done as soon as complaint is received. Reporting

process begins when officer completes preliminary investigation report referred to as case report.

CASE REPORT. Refers to the initial detailed listing of the facts of the case.

THE PRELIMINARY REPORT CONTAINS THE FOLLOWING:

1. The offense
2. Current date/time
3. Date and time of offense if known
4. Identification date pertaining to victim or other reporting party
5. Location of offense
6. Method of operation
7. Identification data pertaining to suspect(s)
8. Identification of officer(s)

PROGRESS REPORTS. Describe progress of the investigation from to time and ensures constant
follow-ups.

Termination of investigation may be done due to:

1. Lack of leads, hence case is suspended.
2. Awaiting for further developments and gathering of evidences.
3. Closed – perpetrator(s) arrested and case filed in the proper court of jurisdiction.

FINAL INVESTIGATION REPORT is rendered when case is competed, that is complaint(s), witness,
sufficiency of evidences and perpetrators are identified so as to warrant filing of case and and/or
termination of investigation due to circumstances listed above.

FORM NO. 1
Sample of Investigation Report Format
 ____________________
(Date)

SUBJECT : (on this space –Indicate here whether the report you will be preparing is an initial
investigation report about a case, progress report or final investigation report)

TO : (Write the designation of the person/or authority who assigned the case)

I. AUTHORITY FOR INVESTIGATION

1. This portion should contain a brief statement of when, where and by whom the investigation
was made and should cite the authority for making it. If the investigation was made on the basis of
oral orders, this should be stated naming the individual issuing the order and the date thereof. If
made pursuant to written orders, specific reference to the document, stating date and the original
directing authority, whether local or higher authority)

II. DETAILS

2. (This part of the report contains all relevant investigation activities conducted by the
investigator in his search for final answers to the 5W’s and 1 H in solving the case it constitutes
the narration of work done on a case. It is the story of everything done on the matter in making the
report writing are followed. Accuracy, completeness, brevity, style and form, and fairness should
be observed. It enumerates sources of information presented and including actions taken by
investigator and the facts gathered during the investigation.)

3. (Details should be presented in a logical chronological arrangement, that is, which one should
be presented first, and the next, etc.)

III. RECOMMENDATIONS

4. (This part of the report contains appropriate recommended actions to be taken by the one
authorized to make decision regarding decision of all phases of the case depending on whether
report is initial investigation report, progress investigation report, and final investigation report.)

_____________________________
Investigating Officer

SAMPLE FORMAT NO. 2

SUBJECT: _____________________________________________________
MATTER OF CASE: _____________________________________________

I. AUTHORITY:
(This contains a brief statement of when, where and by whom the investigation was made and
should cite the authority for making it. If the investigation was made on the basis of oral orders,
this fact should be stated, naming the individual issuing the order and the date thereof. Same
holds true if made pursuant to written orders, citing specific reference to the document and stating
the date and the original directing authority whether local or higher authority.)

II. MATTERS INVESTIGATED:

(This section represents the mission of the investigator/investigating officer. In essence, it
answers the question: “What is the investigation about?” Most of these are written complaints or
reports alleging that some persons have committed some crimes or impropriety, or the
complainant has been unjustly treated. If the allegations are too long to cite, a summary may be
made with appropriate references to documents placed as appendix upon which the investigation
was based.)

III. FACTS OF THE CASE:

 (This contains a presentation of the real truth about the case or cases investigated.
Appropriate descriptions, completeness and clarity are particularly applicable to this section. It
contains a coherent presentation of all pertinent facts free from further arguments and bias and
fully supported by evidences. The facts regarding several matters at issue should be presented in
the same manner as that presented in the preceding section under “Matters investigated.” If there
are several allegations to be handled, the presentation should be such that the reader will know at
all times which allegation is being considered. The facts of each allegation should be put together
to tell the story, especially if the investigating officer is reporting orally. Short cuts for the sake of
brevity are never permissible if they involve the omission of a single fact necessary to establish
the truth and to convey that conviction to a careful reader. Where the only evidence procurable
concerning an element of the case is the conflicting statements of two witnesses who seem to be
entitled to equal credence, the investigating office may quote from the testimony of the witnesses.
But this procedure should be exceptional and not used in lieu of making a determination of the
facts based on the study, analysis and weighing of evidences).

IV. DISCUSSION
(This section should indicate the presumption and inference from all the circumstances in the
case to give the directing authority the clearest possible picture. It should contain such related
factual matter of argument as may be necessary, to establish the conclusions and
recommendations based thereon. In simple cases, requiring no explanatory matter and meriting
no mention of mitigating or extenuating circumstances this section must be avoided.

In that event, this section should be indicated and worded substantially as follows: “This case
possesses no aspects or conditions requiring special discussion; and there are no mitigating or
extenuating circumstances.” Frequently, however, the evidence is so evenly divided, pro and con,
to the attending circumstances are so unusual that some explanation justifying conclusions
reached is necessary. In the event acts of irregularity or misconduct are established in the case of
a person whose past record has otherwise been such excellence, justice requires that it should be
included in the discussion.

V. CONCLUSIONS
(This represents a concise summary of the results of investigation directly consequent from
and supported by the facts. There should logically follow from the facts of the case as found and
set forth in the report, and should contain no item not supported by the facts contained in the
preceding parts of the report. They are usually stated in the order naturally suggested by the
statement of the allegations or facts. Conclusions should not be a repetition of the facts merely
worded differently. Since the facts upon which they are based will have preceded this section, no
further statement of facts or repetition is necessary or desirable in the conclusion. They should
represent the investigating officer’s honest, well-studied opinion as to the real truth of each of the
matters at issue. As such, they should contain no apology, or qualification such as “it appears”, it
is believed”, or it seems probable’.

VI. RECOMMENDATIONS
(This should contain the practical suggestions as to appropriate action to be taken to make
suitable disposition of all phases of the case. They should follow, as far as practicable, the same
sequence as was used in the presentations of the conclusions.

Recommendations should be consistent with and appropriate to the conclusions. They

constitute the investigating officer’s judgment, based on the facts he has established, as to the
action the directing authority should take. They should stipulate the proper action in the case of a
wrong committed or the remedy for an unsatisfactory situation or condition found to exist. If the
facts and conclusions disclose that no wrong was committed nor was there a condition requiring
correction, the recommendation may be that the case be closed.)

_______________________________
(Investigating Officer)

Learning Assessment: (For Module 5)

a. Make a Sport Report of a certain incident. (You can conceptualized your own scenario)

b. Make an Investigation Report regarding the incident.

 References:

Ajero, Joel M. (2014) Industrial and Corporate Security Management. Quezon City. Wiseman’s
Books Trading, Inc.

Balares, Marilyn F. et. Al., (2016) Police Report Writing. Quezon City. Wiseman’s Books
Trading,
Inc.

Foronda, Mercedes A. (2009) Technical Report Writing for Criminal Justice Education. Quezon
City. Wiseman’s Books Trading, Inc.

Fulgencio, Eduardo M. (2005) Security Management: Principles, Techniques & Applications.

Manila. Kadena Press-Asia Foundation, Inc.

https://en.wikipedia.org/wiki/Corporate_security
https://bizfluent.com/info-8057178-corporate-security.html

What is the role of corporate security?

The role of corporate security is to protect organizations, their technologies, employees, technical

resources and customer data from internal and external threats. Its ultimate goal is to ensure the proper
functioning of your company and mitigate risks. https://bizfluent.com/info-8057178-corporate-
security.html

What is information security?

The state of being protected against the unauthorized use of information, especially electronic data, or the
measures taken to achieve this.
"The growing use of mobile applications is posing a risk to information security"

The term 'information security' means protecting information and information systems from unauthorized

access, use, disclosure, disruption, modification, or destruction in order to provide integrity, confidentiality, and
availability. https://csrc.nist.gov

 Information Security is basically the practice of preventing unauthorized access, use,

disclosure, disruption, modification, inspection, recording or destruction of information.
https://www.geeksforgeeks.org/what-is-information-security/

What Is Corporate Governance?

Corporate governance is the system of rules, practices, and processes by which a firm is directed and
controlled. Corporate governance essentially involves balancing the interests of a company's
many stakeholders, such as shareholders, senior management executives, customers, suppliers,
financiers, the government, and the community.
https://www.investopedia.com/terms/c/corporategovernance.asp

Ethics and compliance programs

Ethics and compliance programs have become an important tool for evaluating and
mitigating noncompliance and fraud risks, to improve operations and protect company
reputations. https://www2.deloitte.com/br/en/pages/risk/solutions/programas-de-etica-
compliance.html

What are the Most Common Types of Business Fraud?

 Payroll Fraud. Payroll fraud is the most common fraud which happens whenever there is no
transparency in payroll records. ...
 Financial Statement Fraud. ...
 Multiple Payment Fraud. ...
 Asset Misappropriation Fraud. ...
 Affinity Fraud.
https://www.dvphilippines.com 

Risk management is the process of identifying, assessing and controlling threats to an organization's capital
and earnings. These threats, or risks, could stem from a wide variety of sources, including financial
uncertainty, legal liabilities, strategic management errors, accidents and natural disasters.

Risk management is the term applied to a logical and systematic method of establishing the context,
identifying, analysing, evaluating, treating, monitoring and communicating risks associated with any activity,
function or process in a way that will enable organisations to minimise losses and maximize opportunities.
www.dmp.wa.gov.au

What is a business continuity plan?

A business continuity plan (BCP) is a document that outlines how a business will continue operating during an
unplanned disruption in service. It’s more comprehensive than a disaster recovery plan and contains
contingencies for business processes, assets, human resources and business partners – every aspect of the
business that might be affected. https://www.ibm.com/services/business-continuity/plan#

Crisis management is the process by which an organization deals with a disruptive and unexpected event
that threatens to harm the organization or its stakeholders. [1] The study of crisis management originated with
large-scale industrial and environmental disasters in the 1980s.[2][3] It is considered to be the most important
process in public relations. https://en.wikipedia.org/wiki/Crisis_management

Health, safety and environment (HSE) refers to a branch, or department, within a company that is

responsible for the observance and protection of occupational health and safety rules and regulations along
with environmental protection. https://www.workplacetesting.com
Intellectual Property(IP) is the categorized representation of intangible things such as copyrights, patents,
trademarks, unique concepts, and ideas. According to the rule of Intellectual Property, these intangible
services should receive same legal protection just as the tangible property. In brief, it refers to the mere
ownership of one’s ideas.

Creating a unique product for your business or bringing innovative ideas into reality can prove to be a
priceless asset. Majority of the new entrepreneurs don’t recognize the need of protecting their
Intellectual Property, and the ones who know are not aware of where to start.
Here are some ways to protect your Intellectual Property:

1. Keep it under scrutiny

If you mostly get your work outsourced from domestic or global partners, make it a priority to find out
if they employ world-class security for securing your IP. Also, you should be confident that the remote
employees are accessing your IP in the desired manner.

2. Be aware of your Intellectual Property Rights

Invest some of your time in making you and your innovative team aware of the crucial IP rights.
Further, deeply study the relevance of copyrights, trademarks, patents, etc. to protect your business
from the last-minute shocks in future. And yes, remember to formulate a strong policy for your IP
protection.

3. Consult an expert
Discuss your case with a certified attorney who is a pro at handling such cases and provides standard
solutions to the clients. Seeking advice from the patent attorney that is not located in your region or
country can also save you from having a dent in your pockets.

4. Double check if your idea is unique

You’ll have to do proper research to ensure that your idea is solely and uniquely yours. For having
100% surety in this regard, conduct trademark, and patent searches and find out if somebody else is
already safeguarding them.

5. Hire an auditor
If you consider patents as your only valuable assets, you are sadly mistaken. Besides, you need to
focus equally on your copyrights and trademarks and hire an auditor for distinguishing between the
registered and non-registered ones.
6. Keep a record of almost everything related
For protecting your IP from theft or unwanted loss, you must record the progress made at regular
intervals. Everything from the conception of your idea, the number of meetings conducted, when they
were conducted, to the names of persons who were a part of those events, needs to be maintained. If
you maintain an accurate copy of these events, this will work as a sound evidence giving you the
ownership of your product or idea.

7. Protect your IP without delay

It’s mandatory to protect your IP because the delay of a single minute can lead to copying or stealing
of your precious idea. So, be active and file for your Intellectual Property protection because your
competitors won’t lead a chance to outdo you in any aspect.
Intellectual Property is a daunting subject to apprehend, so it makes sense to approach the best
consultancies or professionals for its protection.
Your idea can revolutionize the whole world, so why not follow the appropriate process to protect it
first?

Multi-factor authentication (MFA) is used to ensure that digital users are who they say they are by
requiring that they provide at least two pieces of evidence to prove their identity. Each piece of
evidence must come from a different category: something they know, something they have or
something they are. 
 
If one of the factors has been compromised by a hacker or unauthorized user, the chances of another
factor also being compromised are low, so requiring multiple authentication factors provides a higher
level of assurance about the user’s identity.
 

 
What are the benefits of multi-factor authentication?
Passwords may reign supreme as the most common way to authenticate your online identity, but they
increasingly provide very little protection. Once a password is stolen, hackers can use those
credentials to log in to applications and business systems, bypass other access controls and wreak
serious havoc. In fact, according to the 2020 Verizon Data Breach Investigations Report, stolen login
credentials are the top tactic used by hackers to achieve data breaches. 
 
And there are an alarming variety of attack vectors hackers can take advantage of to steal passwords
or gain access, including phishing attacks, brute force attacks, web app attacks, point of sale
intrusions and even stolen hardware.

Unfortunately, users often make it easier for hackers by choosing weak passwords, using the same
password for multiple applications, storing passwords in insecure locations and keeping the same
password for long periods of time. These practices may help them remember their logins, but they
invite hackers in through the front door.
 
Multi-factor authentication provides a layer of protection for both employees and customers that
addresses all of these weaknesses. It mitigates the ripple effect of compromised credentials—a bad
actor may steal your username and password, but if they’re prompted for another factor before they
can access critical data, make a transaction or log into your laptop, they’ll be sunk.
 
A recent Ping Identity survey revealed that IT and security professionals consider multi-factor
authentication to be the most effective security control they have in place for protecting both on-
premises and public cloud data. Not only that, but many MFA solutions on the market are fast and
easy to implement, meaning an organization can put this highly effective security measure in place
without expending a great deal of time or effort.
 
Multi-factor authentication is also an excellent way to enable enterprise mobility, an initiative that’s
always high on the priority list for companies undergoing a digital transformation. Productivity
increases when employees can use their preferred devices to easily and securely access all of the
resources they need without being tied to the office. By using MFA to log into business applications or
to the network remotely via VPN, they get the flexibility and on-demand access that they value, and
organizations can make sure their network and data are protected.
 
MFA can also be a key requirement when it comes to complying with certain industry or geographical
regulations. For example, PCI-DSS requires that MFA be implemented in certain situations to prevent
unauthorized users from accessing systems that process payment transactions, and MFA can help
healthcare providers comply with HIPAA. It’s also a key part of meeting strong customer
authentication requirements dictated by PSD2, a regulation pertaining to financial institutions in the
EU.
 
How does multi-factor authentication work?
A user's credentials must come from at least two of three different categories, or factors. Two-factor
authentication, or 2FA, is a subset of MFA where only two credentials are required, but MFA can use
any number of factors.
 

What you know (knowledge)

The most common example of this factor is, of course, the password, but it could also take the form of
a PIN, or even a passphrase--something only you would know.
 
Some organizations may also set up knowledge-based authentication like security questions (e.g.,
"What is your mother's maiden name?"), but basic personal information can often be discovered or
stolen through research, phishing and social engineering, making it less than ideal as an
authentication method on its own.
 
What you have (possession)
It's much less likely that a hacker has stolen your password and stolen something physical from you,
so this factor confirms that you are in possession of a specific item. This category includes mobile
phones, physical tokens, key fobs and smartcards.
 
 There are a few ways that this authentication works, depending on the item, but some common
methods include confirming via a mobile app or pop-up notifications from your mobile phone, typing in
a unique code generated by a physical token, or inserting a card (e.g., at an ATM).
 
What you are (inheritance)
This factor is commonly verified by a fingerprint scan on a mobile phone, but also includes anything
that would be a unique identifier of your physical person--a retinal scan, voice or facial recognition,
and any other kind of biometrics.
 
There are a lot of possibilities spread across these three categories, and different authentication
mechanisms may be better for different companies depending on their unique needs and use cases.
By evaluating the relative strength, costs and benefits to both IT and users, an organization can find
the combination that works best for them and their users. 
 
Examples of modern multi-factor authentication
Some organizations may want to set up multi-factor authentication for all users, employees and
customers alike. It's especially effective when combined with a single sign-on (SSO) solution, which
removes many passwords from the equation, strengthening security even further and improving the
user experience.
 
That said, some organizations may not feel the need to require MFA in all cases. To optimize
employee and customer convenience, they might choose to bypass MFA in low-risk scenarios, while
requiring stronger security in high-risk situations, for particularly sensitive data or for high-value
transactions.  For example:
 
 A bank may allow a customer to log into his online account with just a username and password, but require a
second authentication factor before transactions can be approved.
 An organization may want a higher level of assurance that an employee is who she claims to be when
accessing an HR application from a coffee shop or other off-domain location.
 A retailer may set up MFA to kick in when a vendor logs into their portal from a new device, to make sure it's
not a hacker trying to get in with a stolen password.
 
This kind of multi-factor authentication is called contextual, adaptive or risk-based MFA. The beauty
of using contextual MFA is that it can strengthen security only when warranted, and these
requirements or use cases can easily change and evolve over time.
 
Watch the video to see how a modern MFA solution with support for multiple authentication methods
and contextual policies can increase protection for your enterprise, but also provide a better
experience for your employees, customers and partners.
 
Play Video

MFA in practice
It’s usually a simple process for employees to download an app or carry a token that can be used
regularly for multi-factor authentication at work. When it comes to MFA for customers, it gets a bit
tricky, since they have high expectations for streamlined experiences, and are quick to abandon
clunky log-ins. Given the choice, customers have not been keen on enabling MFA protection for their
accounts, even when it’s available for free from the service provider. 
 

Organizations are encouraging customers’ use of MFA by explaining how it can not only enhance
account security without significantly impacting their sign-on experience, but also make their other
interactions (e.g., verifying their identity during a customer service call) more streamlined. And some
organizations are even making MFA available through their own customer-facing mobile applications,
rather than forcing customers to download a separate app or use less secure factors.

A good MFA strategy will carefully balance the risks of compromised credentials against the impact
on employee productivity or customer experience when determining MFA requirements and risk-
based policies.
The best modern MFA solutions can strike the balance between security and convenience by
supporting multiple authentication options, implementing adaptive policies and integrating seamlessly
into existing applications.

FIDO2, passwordless and the future of MFA

The FIDO Alliance is an industry consortium designed to make passwordless MFA available to all
users and the online services they interact with. Given the magnitude of costs associated with a
typical breach—not to mention the lost revenue and residual damage to your company’s reputation—
it’s risky to rely on passwords and other knowledge factors such as KBA and one-time passcodes,
which have proven vulnerable to attacks. The FIDO2 standard defines a common way for browsers
and online services to implement MFA. It provides users with passwordless options such as security
keys, biometrics and other mobile-device-based solutions, removing knowledge factors (what you
know) to improve security for end users and online services.

Professionalism in Security Field

When someone displays professional conduct, they act in a way that is expected of that

specific professional. Therefore, a security guard is professional and ethical if they do what is
considered to be morally sound and act in the manner you would expect a security guard to act.
www.interstatesecuritycorp.com