Hazard 360 Ltd

Student Handbook (PPT)

Webinar Training Services
ASIS PSP Physical Security Professional

Author
Alan Smith CPP, PSP, DPI, Fsyl
ASIS Physical Security Professional
 Hazard 360 Ltd Student Handbook – ASIS Physical Security Professional Certification

Introduction
This handbook has been designed to provide pre-course content to enable the student to become
familiar with the webinar learning methodology.
Webinar Delivery
Over the ten day study period you will receive one webinar per day and Confirmation of
Knowledge Assessments, these assessment are made up of a series of questions taken from the
webinar power-point presentations.
The webinars are designed for the student to be interactive and have the appropriate coffee
breaks to ensure that each student’s attention span is maintained.
Knowledge Assessments
The knowledge assessments are delivered on line using multi choice questions, each knowledge
assessment has a time limit dependent upon the number of question which ranges from 20 – 40
questions in each assessment.
ASIS Study Syllabus

PPT Study Reference Points

© Hazard 360 Ltd PSP Page 2 of 6

 Hazard 360 Ltd Student Handbook – ASIS Physical Security Professional Certification
Trainers Background (Alan Smith CPP, PSP, DPI, FSyL)
Alan has been delivering training in Saudi Arabia and nearby countries since November 2016 and
has a good understanding of KSA and its cultures.
During this period Alan has delivered training to over 300 delegates who have attended ASIS CPP,
PSP and security management courses. Many of the delegates being sponsored by their
employers.

 ASIS KSA Chapters

 Saudi Aramco
 Sabic
 Sipchem
 High Commission of Industrial Security

Testimony – 01/02/2021
Greetings, Mr Smith
I have attended a Security Operations & Management course with you at Al Othman Kumbanniski
hotel at Al Khobar.
During the course I asked you how to pass PSP and you have given me a lot of advice, guidance
and resources related to PSP.
Mr. Smith, I have passed the PSP exam from the first try with a score of 700 without taking the
review course, only by implementing your direction and following your advice, please accept my
deepest thanks and appreciation.
Adel AI-Enezi - [email protected]

© Hazard 360 Ltd PSP Page 3 of 6

 Hazard 360 Ltd Student Handbook – ASIS Physical Security Professional Certification

Table of Contents
Webinar 1:

 Concepts in Risk Management

 Functions of Physical Security
 Planning and Conducting Physical Security Assessments
 Poll 1 Knowledge Assessment Questions
 Poll 2 Knowledge Assessment Question
Webinar 2:

 Planning and Conducting Physical Security Assessments

 Physical Security Metrics
 Basic Design Concepts
 Influencing Factors in Physical Security Design
 Poll 3 Knowledge Assessment Questions
 Poll 4 Knowledge Assessment Question
Webinar 3:

 Security Architecture and Engineering

 Integrated Security Strategies
 Structural Security Measures
 Poll 5 Knowledge Assessment Questions
 Poll 6 Knowledge Assessment Question
Webinar 4:

 Structural Security Measures Continued

 Poll 7 Knowledge Assessment Questions
 Poll 8 Knowledge Assessment Question
Webinar 5:

 Structural Security Measures – Continued

 Crime Prevention through Environmental design
 Electronic Security Systems
 Poll 9 Knowledge Assessment Questions
 Poll 10 Knowledge Assessment Question
Webinar 6:

 Electronic Security Systems

 Poll 11 Knowledge Assessment Questions
 Poll 12 Knowledge Assessment Question

© Hazard 360 Ltd PSP Page 4 of 6

 Hazard 360 Ltd Student Handbook – ASIS Physical Security Professional Certification
Webinar 7:

 Electronic Security Systems

 Security Officers the Human Element
 Poll 13 Knowledge Assessment Questions
 Poll 14 Knowledge Assessment Question
Webinar 8:

 Principles of Project Management

 Project Planning and Preparation (Include Patterson ED 2)
 Poll 15 Knowledge Assessment Questions
 Poll 16 Knowledge Assessment Question
Webinar 9:

 Project Planning and Preparation (Include Patterson ED 2) continued

 Project Implementation
 Poll 15 Knowledge Assessment Questions
 Poll 16 Knowledge Assessment Question
Webinar 10:
The mock exam consists of 125 questions and is broken down into five modules (each of 25
questions in duration), between each module there will be a five minute break.

 Mock Exam of 125 Questions

Student Assessment
The student performance scores are taken from each of the daily knowledge assessments, these
assessments give a clear picture of the student’s assimilation of the study content.
Attendance Certificates
Each student must attend all webinars and complete all knowledge assessments and mock exam
upon completion of the study syllabus a certificate of attendance shall be issued by Hazard 360
Ltd.

© Hazard 360 Ltd PSP Page 5 of 6

 Hazard 360 Ltd Student Handbook – ASIS Physical Security Professional Certification

Timetable:

Week 1: 28th February – 4th March 0800 - 1200

Sun  Chapter 1: Concepts in Risk Management

Webinar 1
 Chapter 2: Functions of Physical Security
 Chapter 3: Planning and Conducting Physical Security Assessments
Mon  Chapter 3: Planning and Conducting Physical Security Assessments
Webinar ;2
 Chapter 4: Physical Security Metrics
 Chapter 5: Basic Design Concepts
 Chapter 6: Influencing Factors in Physical Security Design
Tue  Chapter 7: Security Architecture and Engineering
Webinar 3
 Chapter 8: Integrated Security Strategies
 Chapter 9: Structural Security Measures
Wed  Chapter 9: Structural Security Measures Continued
Webinar 4
Thu  Chapter 9: Structural Security Measures – Continued
Webinar 5
 Chapter 10: Crime Prevention Through Environmental design
 Chapter 11: Electronic Security Systems

Week 2: 7th March – 11th March 0800-1200

Sun  Chapter 11: Electronic Security Systems
Webinar 6

Mon  Chapter 11: Electronic Security Systems

Webinar 7
 Chapter 12: Security Officers the Human Element

Tue  Chapter 13: Principles of Project Management

Webinar 8
 Chapter 14: Project Planning and Preparation (Include Patterson ED 2)

Wed  Chapter 14: Project Planning and Preparation (Include Patterson ED 2)

Webinar 9
 Chapter 15: Project Implementation

Thu  Mock Exam 125 Questions

Webinar 10

© Hazard 360 Ltd PSP Page 6 of 6

 PSP® Physical Security Principles
Welcome to ASIS PSP Webinar (1) of Training Programme

PSP

© Hazard 360 Ltd 2021 (PSP) 1

PSP® Physical Security Principles

ASIS PSP 2015
Module (1) Agenda

 Chapter 1: Concepts in Risk Management

 Chapter 2: Functions of Physical Security

 Chapter 3: Planning and Conducting Physical Security Assessments

© Hazard 360 Ltd 2021 (PSP) 2

 PSP® Physical Security Principles

PSP – Chapter 1
Concepts in Security Risk Management

© Hazard 360 Ltd 2021 (PSP) 3

PSP® Physical Security Principles

Terminology

© Hazard 360 Ltd 2021 (PSP) 4

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 1: P 1
Physical Protection Systems

Within a physical protection system there are three key elements which are
integrated to protect assets against theft, sabotage or other malicious acts.

3 2

© Hazard 360 Ltd 2021 (PSP) 5 M

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 1: P 2
There are two types of Adversary Categories these Are:

1. An Adversary who use’s intrusion to gain access to the target asset

2. An Adversary who plans to attack the site from outside without

gaining access, this type of adversary has the intention to mount an
explosive, chemical, biological, or radioactive attack remotely.

Physical Intrusion at the site Remote Intrusion at the site

© Hazard 360 Ltd 2021 (PSP) 6 O
 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 1: P 2, 3
“Five key Factors” that need to be considered when designing a physical
security system to deny access to adversaries:

Intelligence and Countermeasure

 Type of Adversary
 Amount of time the adversary requires getting to the assets inside
 Number and type of detectors inside and out of the site
 Delays that slow down the attack i.e. Preventative Measures
 Size, strength, and equipment of the response force

“Type of adversary will dictate protective measures to be deployed”

© Hazard 360 Ltd 2021 (PSP) 7 D

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 1: P 3

Adversary who plans to attack the site from Outside:

This type of adversary has the intention to mount an explosive, chemical,
biological or radioactive attack.
Key Points
• The amount of time the adversary requires getting to the assets inside
• Number and type of detectors inside and outside the site
• Size, strength and equipment of the Response Force
It is up to the security designers and managers to:
• Balance Security Controls against Risk
• Balance cost against the actual perceived threat
Installation considerations include
• Aesthetics of Facility / Buildings – Security Culture
• Human Rights
• Health and Safety / Building Codes

© Hazard 360 Ltd 2021 (PSP) 8

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 1: P 4

Physical Security systems consist of the proper mix of the following.

Architectural elements, such as barriers and locks, exterior and interior

lighting, critical building services, space layout, parking, dock facilities,
egress stairs and adjacent facilities.

Operational elements, such as organisation and staffing, policies and

procedures, training, visitor control, security guard staffing, post order
assignment and execution, alarm and incident assessment, incident
responses, administration of security systems, delivery processing and
emergency response.

Security systems elements, such as automated access control systems,

intrusion detection and alarm systems, closed-circuit television (CCTV)
systems, communication systems, and security control centre equipment.

By using all three elements gives you an Integrated Security System

© Hazard 360 Ltd 2021 (PSP) 9 E

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 1: P 4
Prevention Methodology Alignment

Architectural Elements Preventative Measures

Operational Elements Corrective Measures

Security Systems Elements Detective Measures

© Hazard 360 Ltd 2021 (PSP) 10 L

 PSP® Physical Security Principles
ASIS PSP 2015 CH 1: P 7,8

Protective Measures
The next step is to recommend a suite of protective measures to effectively
address the relevant risks while considering available resources and any
adverse impact on the enterprise's mission and operations.

Selection Test Implementation Training

Cost Operational Environment Cost of Implementation Cost
Urgency Integration Disruption Available / Personnel
Convenience Convergence Policies & Procedures Training Materials
Aesthetics Risk Reduction Familiarisation
Trainers

 “Risk management” must be “Recognized as a Cyclical Process” that

must regularly re-evaluate changes in assets, threats, vulnerabilities,
and loss event impact. It should be a continuous process due to
changing elements (Technology, Environment, Changes at Facility)

© Hazard 360 Ltd 2021 (PSP) 11 P

PSP® Physical Security Principles

Preventative Measures

If the goal is to intercept

adversary before building
penetration, response
force must arrive within 1
minute of alarm

If the goal is prevention of

sabotage, the response
force must arrive within 2
minutes

If the goal is containment

after attempted theft,
interception must take
place within 3 minutes.

© Hazard 360 Ltd 2021 (PSP) 12

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 1: P 4 - 9

Facility Prevention Methodology Prevention Application

Preventive measures at a facility • Buildings

typically protect perimeter access, • Lighting
such as fencing, lighting, and vehicle • Barriers
barriers. Architectural umber of • Fencing
exterior entrances to the building. • Vehicle Barriers
They also direct personnel entering • Locks
the building or entering restricted • Active Denial Systems
areas through points where entry • Employee Screening
may be controlled by either • Employee Work Assignment
personnel or access control systems. Instructions
Locks and metal or metal-clad • Protective Force
exterior doors are examples of • Visitor Control
measures that delay attacks on a
facility.

© Hazard 360 Ltd 2021 (PSP) 13

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 1: P 9 - 11

Components of Corrective Measures

Reduce the effect of an attack by allowing a rapid and effective response.
Development of corrective measures should focus on various threat
scenarios. The corrective actions should be proportional to the identified
threats.
Corrective measures require both plans and personnel. The plans are of two
types:

1) Instructions for monitoring the PPSs, assessing the alarms and

information provided by all subsystems, and dispatching an appropriate
response.
2) Scenario-based procedures for responding to breaches in security.
Response personnel include the protective force assigned to the facility
and any local, state, or federal responders.
Key Point
Plan for an emergency evacuation. Consider ways to prevent security
breaches during evacuation.

© Hazard 360 Ltd 2021 (PSP) 14

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 1: P 11 - 18

Detective Measures Application of Elements

Discover attacks and activate preventive
• Display Assessment Subsystems
or corrective measures. Detective
measures use security subsystems, • Intrusion Detection
written procedures, and human • Exterior Sensors
resources. • Interior Sensors
• Identification
Security subsystems use technology to
• Access Control
help detect the means that perpetrators
use to carry out an attack on a facility. • CCCTV Camera Surveillance
• Data and Video recording
Security subsystems at facilities include • Communications
display and assessment, intrusion
• Search Equipment
detection, identification, centralized
• Investigation
monitoring, access control, CCTV,
communications, search, and • Human Elements
investigation.

© Hazard 360 Ltd 2021 (PSP) 15

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 1: P 1, 2
The First Step in Asset Protection

 Perform a threat and Vulnerability Analysis

Physical security is primarily concerned with restricting physical access by

unauthorised people and vehicles to controlled facilities by applying
defence in depth methodology
Physical access controls for protected facilities are generally intended to do
what?

Deter Distinguish Delay Detect Trigger Deny

© Hazard 360 Ltd 2021 (PSP) 16

 PSP® Physical Security Principles
ASIS PSP 2015 CH 1: P 3,4

Taking a Strategic Risk Management Approach

In regard to assets the strategy should articulate

 What is being protected

 Why it is being protected
 How it is being protected!
The solution is to develop a comprehensive assets protection strategy based on a
strategic risk management approach. This encompasses Sound Planning,
Management, and Evaluation.

The goal of risk management is:

 To manage loss effectively at the least cost.

 Deployment of Security is a significant factor related to “Risk”

© Hazard 360 Ltd 2021 (PSP) 17 A, R, T, MY, MM

PSP® Physical Security Principles

ASIS PSP 2015 CH 1: P 3,4

Consideration of Assets
• The first step in establishing any effective assets protection program
involves “Identification and valuation of business's assets”.

• “All types of assets”—tangible, intangible, and mixed—should be

considered and incorporated into the risk assessment process.

Asset Criticality is based on? (Ref: ISPS CH 4 P 53)

1. Organizations Mission and Goals
2. Organizations Resources
3. Organizations Ability to cope and recover from an incident if assets are
lost

© Hazard 360 Ltd 2021 (PSP) 18 M), MD, ME

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 4: P 53
Three steps in the identification of Company Assets

1. Define and understand the company’s primary business functions and

processes

2. Identify site and building infrastructure and systems

3. Identify the company’s Critical Tangible and Intangible Assets

© Hazard 360 Ltd 2021 (PSP) 19 ML

PSP® Physical Security Principles

ASIS PSP 2015 CH 1: P 5

Consideration of Assets
Tangible Asset Definition
Tangible assets are generally those that you can see, touch or directly
measure

Intangible Assets Definition

An intangible asset is an asset that is not physical in nature. Corporate
intellectual property (e.g. items such as patents, trademarks, copyrights,
business methodologies), goodwill and brand recognition are all common
intangible assets in today's marketplace.

Critical Assets – Can be a mixture of Tangible and Intangible Assets

Include people, facilities, systems and equipment which, if destroyed,
degraded, or otherwise rendered unavailable, would affect the reliability or
operability of an organisation.

© Hazard 360 Ltd 2021 (PSP) 20 MP

 PSP® Physical Security Principles
We will now break for a 10 Minute Break

© Hazard 360 Ltd 2021 (PSP) 21

PSP® Physical Security Principles

ASIS PSP 2015 CH 1: P 5
Categorisation of Assets

Key Point: People are a company’s most critical asset

© Hazard 360 Ltd 2021 (PSP) 22

 PSP® Physical Security Principles
ASIS PSP 2015 CH 1: P 5

The Security Risk Management Process

• The process begins by establishing the

context of the risk through communication
and consultation with stakeholders and
then conducting a comprehensive risk
assessment.

• The risk context should take into account

both the internal and external set of
circumstances or rules within which the
organisation is operating. Creating a proper Context: The circumstances
risk context can help an organisation to that form the setting for an
create an appropriate risk action plan. event, statement, or idea, and
in terms of which it can be
fully understood.

© Hazard 360 Ltd 2021 (PSP) 23

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 4: P 51

Risk Analysis Process Flow Chart – Eight Steps of Evaluation of Risk

 The risk assessment provides security managers with a relative risk

profile that defines all types of assets and which assets are at the
greatest peril against specific threats.

© Hazard 360 Ltd 2021 (PSP) 24 MA

 PSP® Physical Security Principles
ASIS PSP 2015 CH 1: P 6

Analysing The Risk

Analysing Risk
Risk analysis is the process of “Identifying potential areas of loss”, and
implementing countermeasures to mitigate the probability of the loss.

Has two associated factors!

 It introduces the concept of the impact of a loss event

 It place identified risks in a priority of order addressing those that are
of importance first.

Prioritisation
The priority may be organised by category (e.g., risk of physical damage,
risks to people, mission or operational risk, infrastructure risk, etc.) or in
other ways (such as by level of projected mitigation cost, monetary value or
suggested timeframe to address)

© Hazard 360 Ltd 2021 (PSP) 25 MR

PSP® Physical Security Principles

ASIS PSP 2015 CH 1: P 7

Analysing The Risk

“The objective of a comprehensive assets protection strategy” is to find the
right balance between a focus on high-probability risks and low-probability
(but high-consequence) risks.

© Hazard 360 Ltd 2021 (PSP) 26 MT

 PSP® Physical Security Principles
ASIS PSP 2015 CH 1: P 9

Risk Mitigation and Four D’s

Risk mitigation strategies involve the selection and implementation of

security and other measures to address the identified and prioritized risks to
an organization, facility, mission, or asset. Several concepts support risk
mitigation strategies:
In order for Delay to be effective
what must be accomplished?
Deter
Detect
Delay
Deny

© Hazard 360 Ltd 2021 (PSP) 27 OY

PSP® Physical Security Principles

ASIS PSP 2015 CH 1: P 9

Four D’s

Deter

© Hazard 360 Ltd 2021 (PSP) 28

 PSP® Physical Security Principles
ASIS PSP 2015 CH 1: P 9
Four D’s
Detect

To = Time of Detection
TA = Alarm is assessed
T1 = Response force interruption time
Tc = Adversary task completion time

© Hazard 360 Ltd 2021 (PSP) 29 OM

PSP® Physical Security Principles

ASIS PSP 2015 CH 1: P 9

Four D’s

Delay

Protection in Depth Layered Security

© Hazard 360 Ltd 2021 (PSP) 30

 PSP® Physical Security Principles
ASIS PSP 2015 CH 1: P 9

Four D’s

Deny

© Hazard 360 Ltd 2021 (PSP) 31

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 4: P 52, 53
Security Risk is calculated for an individual asset using the following
formula.

 Asset Value Rating x Threat Likelihood Rating x Severity of Incident

Rating x Vulnerability Rating = Security Risk Rating

ASR x TLR x SIR x VR = SRR

How is an Assets Criticality Determined?

 An assets criticality is based on the “Mission, Goals, and Resources” of

the organisation and the company’s ability to “cope and recover from
an incident if assets are lost”.

© Hazard 360 Ltd 2021 (PSP) 32 OO

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 4: P 56
Three Types of Threat Categorization
Criminal Threats
Information can be sourced from the following list to gain statistics and data
about crime related events that could affect an enterprise.

 Local police crime statistics

 Uniform crime reports – Department of Justice
 Demographics – social data
 Prior criminal and civil complaints
 Professional groups and associations

Non-Criminal Threats
 Natural Disaster
 Man-made threats or disasters

© Hazard 360 Ltd 2021 (PSP) 33

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 4: P 57
Consequential Threats
A consequential event is one that occurs because of a relationship between
events, or between two different organisations.

This protest outside the premises of the Royal Bank of Scotland in Bristol
affected several businesses as the road was closed off for a period of nine
hours.

© Hazard 360 Ltd 2021 (PSP) 34 OD

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 4: P 54
Some factors to consider in Valuing Assets

 Injuries or deaths related to facility damage

 Asset Replacement Cost
 Revenue loss due to lost functions
 Availability of Replacements
 Critical Support Agreements in Place

Types of Costs to be considered when valuing assets

 Direct Costs
 Indirect Costs

© Hazard 360 Ltd 2021 (PSP) 35 OE

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 4: P 54
Direct Costs

 Financial Loss associated with the event, such as the value of goods lost or
stolen
 Increased insurance premiums for several years after a major loss
 Deductible expenses on insurance coverage
 Loss business from a loss event (e.g. stolen goods cannot be sold to
consumers)
 Labour expenses, incurred as a result of the event (e.g. increase in security
coverage after a loss event)
 Management time dealing with the event (e.g. dealing with the media)
 Punitive damages awards not covered by ordinary insurance

© Hazard 360 Ltd 2021 (PSP) 36

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 4: P 54
Indirect Costs

 Negative media coverage

 Long term negative consumer perception (e.g. that a certain business
location is unsafe)
 Additional public relations costs to overcome image problems
 Lack of insurance coverage due to higher risk category
 Higher wages needed to attract future employees because of negative
perceptions about the enterprise
 Shareholder legal claims for mismanagement
 Poor employee morale leading to work stoppages, higher turnover etc.

© Hazard 360 Ltd 2021 (PSP) 37

PSP® Physical Security Principles

ASIS PSP 2015 CH 1: P 6

All Hazards Approach:

“Physical Security Planning”: should adopt an all hazards perspective

 In other words, a balanced approach that looks at the big picture and
identifies that in the context of risk, A hazard is a contributing factor to
a peril (Situation of serious and immediate danger).

An example of the all hazards approach

You have food preparation facility, located next to a chemical production

plant. You would need to consider the impact on the business should there
be a spillage or release of chemical products. How would this impact your
business?

© Hazard 360 Ltd 2021 (PSP) 38 OL

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 4: P 56
Threat and Hazards Methodology
The second major step in the security analysis is the identification of types of
events or incidents that can occur on a site based on:-

 Site’s previous history

 Incidents at similarly situated sites
 Crimes that are common to this type of business operation
 Natural disasters

Definitions
 Threat: Intent to injure or damage, an indication of something pending
 Hazard: Event associated with nature (potential danger, adverse conditions)
 “Loss Event Profile”: A list of threats affecting the assets being safeguarded

© Hazard 360 Ltd 2021 (PSP) 39 OP

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 4: P 57
Factors used in Determining the probability that a threat will occur

 Historical data at the site

 The history of like events at similar companies
 The makeup of the neighbourhood and immediate vicinity
 Overall geographical locations
 Political and Social conditions
 Changes in economy

How is the probability that a threat will occur be decided

By considering the “Likelihood that a loss Risk Event may occur in the
future”.

© Hazard 360 Ltd 2021 (PSP) 40 OA

PSP® Physical Security Principles
We will now break for a 10 Minute Break

© Hazard 360 Ltd 2021 (PSP) 41

PSP® Physical Security Principles

Polling Group (1) Questions 1 - 27 (Thirty Minute Duration)

© Hazard 360 Ltd 2021 (PSP) 42

 PSP® Physical Security Principles
We will now break for a 10 Minute Break

© Hazard 360 Ltd 2021 (PSP) 43

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 4: P 58
Other Conditions Affecting Likelihood
There are “Six Categories” of conditions that tend to increase exposure to
risk of loss, these are?

1. Physical Environment – construction, location, composition and

configuration.
2. Social Environment – demographics, crime rates, population
characteristics.
3. Political Environment – type and stability of Government, local law
enforcement resources and management.
4. Historical Experience – type and frequency of prior loss events.
5. Procedure and Processes – how assets are used, stored and secured.
6. Criminal Capabilities – type and effectiveness of criminals and tools of
aggression.

© Hazard 360 Ltd 2021 (PSP) 44 M

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 4: P 59
Assessing Asset Vulnerability

“Vulnerability is a specific “Weakness or Gap” in an organizations asset

protection”.
Key Factors to Consider

 Lack of redundancy or back-up for critical functions or systems

 Single points of failure
 Collocation of critical systems, organisations or components
 Inadequate response capability to recover from attack
 Ease of adversary to access facility
 Inadequate security measures in place
 Presence of hazardous material
 Potential for collateral damage from other companies in the area
© Hazard 360 Ltd 2021 (PSP) 45 O

PSP® Physical Security Principles

ASIS PSP 2015 & ASIS IPPS CH 1: P 6 / CH 4: P 59

Looking at Vulnerabilities

Vulnerability (59)
Any weakness that can be exploited by an aggressor (terrorist or criminal)
or that makes an asset susceptible to damage from Natural Hazards or
Consequential events

Defining a Vulnerability

 Vulnerability is a characteristic of the organization or facility. As such, it

is generally something over which the organization can exercise at least
some degree of control.

Defining Threat
“Threats, on the other hand, are usually outside the control of the
organization”.

© Hazard 360 Ltd 2021 (PSP) 46 D

 PSP® Physical Security Principles
ASIS PSP 2015 CH 1: P 6

Looking at Vulnerabilities

 Threat: The threat is the exploitation of the vulnerability by an

adversary

 Impact: Is disruption to business operations, possible loss of revenue,

reputational damage.

© Hazard 360 Ltd 2021 (PSP) 47

PSP® Physical Security Principles

CPNI 4 D’s Video

© Hazard 360 Ltd 2021 (PSP) 48

 PSP® Physical Security Principles
ASIS FPSM GSL 2009 Page 9

Layered Protective Zones

3.1.2.1 Outer Layer
Physical controls at the outer protective layer or perimeter may consist of
fencing or other barriers, protective lighting, signs and intrusion detection
systems. It is the outermost point at which physical security measures are used
to deter, detect and delay.
3.1.2.2 Middle Layer
The middle layer, at the exterior of buildings on the site, may consist of
protective lighting, intrusion detection systems, locks, bars on doors and
windows, signs and barriers such as fencing and the façade of the building itself.
Protection of skylights and ventilation ducts can discourage penetration from the
roof.
3.1.2.3 Inner Layers
Usually, several inner layers are established. Their placement is designed to
address an intruder who penetrates the outer and middle protective layers. The
following physical controls are normal at this layer: window and door bars, locks,
barriers, signs, intrusion detection systems and protective lighting.

© Hazard 360 Ltd 2021 (PSP) 49

PSP® Physical Security Principles

ASIS PSP 2015 CH 1: P 10

Five Avenues of Addressing Risk

Removing any opportunity
for risk to cause a loss
event
Risk
Avoidance

PSM Applied
Risk Risk Spread the risk at
Residual Risk Acceptance Spreading Different
Remains
locations

Risk Risk
Reduction Risk Transfer
Reduce Generally associated
Vulnerability with purchasing
insurance
© Hazard 360 Ltd 2021 (PSP) 50 E
 PSP® Physical Security Principles
ASIS PSP 2015 CH 1: P 11

Layered Security – Defence in Depth

The principle of layered security, also known as defence-in-depth, applies to

three key components:

1. Physical environments.
2. Logical environments.
3. Converged environments.

Defence-in-depth recognizes that a single protection measure is not

adequate, and that a series of well-planned and complementary levels of
security measures comprise an effective assets protection scheme.

© Hazard 360 Ltd 2021 (PSP) 51 L

PSP® Physical Security Principles

ASIS PSP 2015 CH 1: P 11
Definition of Layered Security

Physical security approach that requires a criminal to penetrate or overcome a

series of security layers before reaching the target. The layers might be perimeter
barriers; building or area protection with locks, CCTV and guards; and point and
trap protection using safes, vaults, and sensors.

Components of Layered Security

 Personnel Security
 Technical Security
 Policies and Procedures
 Security Education
 Facility Layout
 Traffic Patterns
 Watch Programmes

© Hazard 360 Ltd 2021 (PSP) 52

 PSP® Physical Security Principles
ASIS PSP 2015 CH 1: P 12
Mitigation Measures
• physical (structural) security (barriers, locks, access control, etc.)
• electronic security systems
• security officers
• policy and procedures/business practices
• employee training and awareness
• layout, design, and architecture and engineering
• CPTED (crime prevention through environmental design)
• contracts and clauses
• legal and financial posturing
• insurance
• personnel security
• information security (IT and non-IT)
• travel security
• liaison and relationships
• business continuity and crisis preparedness

© Hazard 360 Ltd 2021 (PSP) 53

PSP® Physical Security Principles

PSP – Chapter 2
Functions of Physical Security

© Hazard 360 Ltd 2021 (PSP) 54

 PSP® Physical Security Principles
ASIS PSP 2015 CH 2: P 16

Purpose of Physical Security

 At the most basic level, the purpose of physical security is to “Protect

Assets”, whether they are tangible, intangible, or mixed and whether they
take the form of people, property, or information.

• Physical security measures aim to either prevent a direct assault on premises

or reduce the potential damage and injuries that can be inflicted should an
incident occur.

• A sensible mix of general good housekeeping alongside appropriate

investments in CCTV, intruder alarms and lighting that deter as well as
detect—measures that will also protect against other criminal acts such as
theft and vandalism and address general health and safety concerns.

 “Physical Security Measures” define a security measure as a “device,

system, or practice of a tangible nature designed to protect people and
prevent damage to, loss of, or unauthorized access to assets.”

© Hazard 360 Ltd 2021 (PSP) 55 P, A

PSP® Physical Security Principles

ASIS PSP 2015 CH 2: P 17

Components of Physical Security

An effective physical security strategy employs four basic functions in an
orchestrated and tailored manner:

• Controlling access: relates to any technique used to limit or otherwise

manage access to an area, facility, compound, system, person, or other asset.

• Observation: is necessary to detect an approaching threat (such as an

intruder or a storm), characterize the threat, aid in formulating a response.

• Detecting: events makes possible a notification, which may or may not

require an immediate response. This function works in close partnership with
the observation function to identify an event (or impending event) and
provide timely and appropriate notification.

• Responding: is the effort to neutralize, contain, or mitigate an event. It may

also include an assessment that the event does not require immediate
action.

© Hazard 360 Ltd 2021 (PSP) 56 R

 PSP® Physical Security Principles
ASIS PSP 2015 CH 2: P 18
Four D’s Structure

Four Key
Functional
Elements

© Hazard 360 Ltd 2021 (PSP) 57 T

PSP® Physical Security Principles

ASIS PSP 2015 CH 2: P 19

Structural, Electronic and Human Components

Structural Electronic Human
Components Components Components
Barriers Surveillance Security Officer Force
Fencing Access Control Other Human Support Functions
Bollards Intruder Detection Visitor Management
Terrain CCTV Cameras Badging ACS
Locks Communications Security Operations Centre
Design, Architecture, Eng Weapons
CPTED Incident Management Systems
Landscaping
Lighting
Glass Treatments

© Hazard 360 Ltd 2021 (PSP) 58

 PSP® Physical Security Principles
ASIS PSP 2015 CH 2: P 22

Peripheral Systems Interfaces

• It is especially critical in modern facilities to address the relationship between

security components and peripheral systems and interfaces.

 A major challenge in many facility construction, renovation, or system

upgrade projects, for example, is the potential for conflict between security
systems and life safety systems.

• Building controls may include automated elevator controls, automatic or

motion-activated room lighting, climate controls, automated zone
lockdowns, and environmental monitoring (e.g., temperature, humidity,
smoke, chemical, and other sensors).

 Like life safety systems, building controls often interoperate with security
management systems. “Careful planning is advised in order to avoid
conflicts” and ensure that the facility protection objectives are satisfied.

© Hazard 360 Ltd 2021 (PSP) 59 MY

PSP® Physical Security Principles

We will now break for a 10 Minute Break

© Hazard 360 Ltd 2021 (PSP) 60

 PSP® Physical Security Principles

PSP – Chapter 3
Planning and Conducting Physical Security Assessments

© Hazard 360 Ltd 2021 (PSP) 61

PSP® Physical Security Principles

ASIS PSP 2015 CH 3: P 25

Security Assessment

A thorough and accurate understanding of the situation is critical to any

physical security project—whether a complete system design or a simple
component upgrade.

“Security Survey or Risk Assessment”

 Is the basic tool for developing this understanding is the Security Survey
or Security Risk Assessment

 The foundation of any security survey is to identify the “Assets to be

Protected”

© Hazard 360 Ltd 2021 (PSP) 62

MM, MO
 PSP® Physical Security Principles
ASIS PSP 2015 CH 3: P 26

General Risk Assessment Models and Considerations

In essence, all credible security risk assessment models are based on an

assets threats vulnerabilities impact analysis mitigation baseline approach
• A comprehensive risk assessment begins by identifying and placing some
value (either absolute or relative) on the organization’s assets.
• Then there is an evaluation of the relevant threats to those assets,
followed by a vulnerability assessment.
• Consideration is then given to the potential impact of a loss event (such
as an attack, theft, property damage, etc.), as well as means of
summarizing and prioritizing the revealed risks.
• Risk mitigation measures are recommended and ultimately blended into
a comprehensive protection strategy.

© Hazard 360 Ltd 2021 (PSP) 63

PSP® Physical Security Principles

ASIS PSP 2015 CH 3: P 27

Qualitative Analysis

 Qualitative analysis includes any approach that “Does Not Use Numbers
or numeric values to describe the risk components”. Generally,
comparative terms such as critical, high, medium, low, and negligible
may be used to gauge the asset value and levels of risk components and
risk itself. This is most suitable when evaluating basic security
applications.

© Hazard 360 Ltd 2021 (PSP) 64 MD

 PSP® Physical Security Principles
ASIS PSP 2015 CH 3: P 27, 32

Quantitative analysis

 Includes any approach that “Use’s Numeric Measures (Numbers)” to

describe the value of assets or the level (severity or probability) of
threats, vulnerabilities, impact, or loss events. It can vary from simple
scale ratings (e.g., 1 to 5) to sophisticated statistical methods and
mathematical formulas. This method is used to measure the
effectiveness of a physical protection system whose primary functions
are to detect, delay, and respond.

 Quantitative Analysis should be carried out by a “Multidisciplinary

Team of Subject Matter Experts” to reach credible and justifiable
numbers.

© Hazard 360 Ltd 2021 (PSP) 65 ME

PSP® Physical Security Principles

ASIS PSP 2015 CH 3: P 29

Assets
Asset identification is critical to an estimate of risk at a site however, one of
the difficulties in determining the value of an organization’s assets is the lack
of agreement on exactly what assets are.

 The assessor (security professional) and the “Asset owner must agree at
the outset on what will and will not be considered an “asset” for the
purposes of the assessment (and overall risk management process).
Many asset owners do not have a clear understanding of their assets—other
than those that appear on the balance sheet.

What is the best way to value assets?

Maintain an Asset Register

© Hazard 360 Ltd 2021 (PSP) 66 ML

 PSP® Physical Security Principles
ASIS PSP 2015 CH 3: P 29

Cost Lost Formula

Asset values can be quantified in different ways. One way to is assign them a
relative value, such as a number from 1 (low) to 5 (high), based on priority.

Another way is to apply a cost-of-loss formula

K = Cp + Ct + Cr + Ci - I
• K = total cost of loss
• Cp = cost of permanent replacement
• Ct = cost of temporary substitute
• Cr = total related costs (remove old asset, install new, etc.)
• Ci = lost income cost
• I = available insurance or indemnity

© Hazard 360 Ltd 2021 (PSP) 67 MP

PSP® Physical Security Principles

ASIS PSP 2015 CH 3: P 30
Adversary Sequence Diagram

A force multiplier is the use of adversary sequence diagrams when assessing

a facility. The use of an adversary sequence diagram can produce in detail the
likely path of an adversary. By using an adversary sequence diagram the
assessor can a lot a time factor for each stage of the adversary path.

© Hazard 360 Ltd 2021 (PSP) 68

 PSP® Physical Security Principles
ASIS PSP 2015 CH 3: P 30

Comprehensive View of Threats

Adversaries
Intent

Policies and
Procedures
Security
Awareness

Environmental
Hazards

© Hazard 360 Ltd 2021 (PSP) 69 MA

PSP® Physical Security Principles

ASIS PSP 2015 CH 3: P 30

Evaluating Threats
Intentional threats.
Evaluation of intentional threats is based on identification and study of potential
adversaries.
Natural threats.
Natural threats are typically evaluated using historical trends and statistics. Long-
term data is generally collected on weather and other natural hazards for
specific geographic areas, terrains, and environments. In some cases, natural
hazard effects data has been assembled for particular industry sectors or facility
types.
Inadvertent threats.
“Inadvertent threats are the most difficult to predict and prepare for”. The
nature of the workforce, operations, or other environmental factors may suggest
a level of inadvertent threat, there is usually little or no historical data to use for
planning purposes. The best defences are preparation, education and
awareness, and the realization that the threat exists.

© Hazard 360 Ltd 2021 (PSP) 70 MR

 PSP® Physical Security Principles
ASIS PSP 2015 CH 3: P 30
Inadvertent threats.

Generally the most difficult to identify including:

• Accidents,
• Errors
• Omissions
• Peripheral Threats

Peripheral Threat

A subset of the inadvertent threat is the “Peripheral Threat”!

 For example, a threat that is targeted at a neighbouring facility but that
may have a major impact on one’s own operation.

© Hazard 360 Ltd 2021 (PSP) 71 MT

PSP® Physical Security Principles

ASIS PSP 2015 CH 3: P 30
Evaluating Threats
Inadvertent Peripheral Threats
A subset of the inadvertent threat is the peripheral threat—for example, a threat
that is targeted at a neighbouring facility but that may have a major impact on
one’s own operation.

Impact Consequences
The effects of peripheral threats can include utility interruptions, required
evacuations, closure of access routes, unwanted attention or traffic, full or partial
operations shutdowns, productivity disruptions, and environmental affects (e.g.,
smoke, debris, water or chemical runoff, etc.)

Mitigation
Inadvertent threats are the most difficult to predict and prepare for. The nature of
the workforce, operations, or other environmental factors may suggest a level of
inadvertent threat, there is usually little or no historical data to use for planning
purposes. The best defences are preparation, education and awareness, and the
realization that the threat exists.

© Hazard 360 Ltd 2021 (PSP) 72

 PSP® Physical Security Principles
ASIS PSP 2015 CH 3: P 30

Consequential Event Threats

A consequential event is one that occurs because of a relationship between
events, or between two different organisations.

This protest outside the premises of the Royal Bank of Scotland in Bristol
affected several businesses as the road was closed off for a period of nine
hours.

© Hazard 360 Ltd 2021 (PSP) 73

PSP® Physical Security Principles

ASIS PSP 2015 CH 3: P 31

Natural Threats

 In assessing natural threats, Observability is reversed, referring to

security personnel’s ability to observe, become aware of, or track an
oncoming threat, such as a storm.

 Exploitability is the natural threat’s ability to damage the facility,

mission, of the organization.

Two Common factor to measure “Vulnerability” are:

1. Observability: is the ability of an adversary to see and identify a

vulnerability. For example, a hole in a chain link perimeter fence will
likely be highly observable by a potential adversary, whereas an
inoperable video camera would not.
2. Exploitability: is the ability of the adversary to take advantage of the
vulnerability once aware of it.

© Hazard 360 Ltd 2021 (PSP) 74 OY

 PSP® Physical Security Principles
ASIS PSP 2015 CH 3: P 31, 32

Physical Security Assessment consist of “Two Main Components”

1. The Risk to Physical Assets and Property

2. Protection Measures related to Physical Security

Risk Mitigation

 The “Security Practitioner” has a range of options to address the risks

faced by an organization or facility. Some options may not be available
because they are not feasible or are too costly, financially or otherwise.

© Hazard 360 Ltd 2021 (PSP) 75 OM

PSP® Physical Security Principles

ASIS PSP 2015 CH 1: P 32
Example Simplistic Risk Matrix

Risk Level Impact

Risk Formula: Threat x Vulnerability x Impact (Risk= T x V x I)

© Hazard 360 Ltd 2021 (PSP) 76 OO

 PSP® Physical Security Principles
Advisory Sample Security Survey Tool

Security Survey Risk Analysis Template

© Hazard 360 Ltd 2021 (PSP) 77

PSP® Physical Security Principles

ASIS PSP 2015 CH 3: P 26

Security Risk Assessment – also known as “Security Survey”

 In essence, all credible security risk assessment models are based on an

assets, threats, vulnerabilities, impact analysis, mitigation baseline
approach.

 A comprehensive risk assessment begins by identifying and placing some

value (either absolute or relative) on the organization’s assets.

Deliverables

 Then there is an evaluation of the relevant threats to those assets,

followed by a vulnerability assessment. Consideration is then given to the
potential impact of a loss event (such as an attack, theft, property
damage, etc.), as well as means of summarizing and prioritizing the
revealed risks.

© Hazard 360 Ltd 2021 (PSP) 78 OD

PSP® Physical Security Principles
Polling Group (2) Questions 1 - 23 (Thirty Minute Duration)

© Hazard 360 Ltd 2021 (PSP) 79

 PSP® Physical Security Principles
Welcome to ASIS PSP Webinar (2) of Training Programme

PSP

© Hazard 360 Ltd 2020 1

PSP® Physical Security Principles

ASIS PSP 2015
Module (2) Agenda

 Chapter 3: Planning and Conducting Physical Security Assessments

 Chapter 4: Physical Security Metrics

 Chapter 5: Basic Design Concepts

 Chapter 6: Influencing Factors in Physical Security Design

© Hazard 360 Ltd 2020 2

 PSP® Physical Security Principles

PSP – Chapter 3 (Continued)

Planning and Conducting Physical Security Assessments

© Hazard 360 Ltd 2020 3

PSP® Physical Security Principles

ASIS PSP 2015 CH 3: P 34

Physical Security Survey Context

A critical, on-site examination...to ascertain the present security status,

identify deficiencies or excesses, determine the protection needed, and
make recommendations to improve the overall security of the operation.

To protect their assets, business and property owners or managers must

develop security measures and programs designed to counter the many risks
with which they are confronted in today’s global environment.

The concept of adequacy is becoming extremely important, in part due to

the rapidly growing propensity for negligent security litigation.

Around the world, courts and regulatory agencies are becoming more and
more involved in determining what is or is not adequate security. The most
common and reliable tool for determining adequacy and foreseeability is
the “Security Survey”

© Hazard 360 Ltd 2020 4 M

 PSP® Physical Security Principles
ASIS PSP 2015 CH 3: P 34

Security Survey Definition

 The security survey is the methodology use to carry out an examination

of a facility to assess the current security levels, determine whether
security countermeasures are adequate and to recommend
improvements to the facility security plan.
Security Surveys
Are usually concerned with measuring at least three basic factors:
 “Quality, Reliability and Cost”

Key Components of conducting a security survey are:

 “Observing, Questioning Analysing, Verifying Investigating, Evaluating”

© Hazard 360 Ltd 2020 5 O

PSP® Physical Security Principles

ASIS PSP 2015 CH 3: P 34, 35

Physical Security Survey Context

 Whereas a comprehensive risk assessment focuses equally on assets,

threats, vulnerabilities, and consequences, a “Security Survey” places
more emphasis on vulnerabilities presented.

 lack of redundancy or backups for critical functions or systems

 single points of failure
 Collocation of critical systems, organizations, or components
 Inadequate response capability to recover from an attack
 Ease of aggressor access to a facility
 Inadequate security measures in place
 Presence of hazardous materials
 Potential for collateral damage from other companies in the area

© Hazard 360 Ltd 2020 6 D

 PSP® Physical Security Principles
ASIS PSP 2015 CH 3: P 35

Physical Security Survey – Broder 2012 P 45

A critical, on-site examination...to ascertain the present security status,

identify deficiencies or excesses, determine the protection needed, and
make recommendations to improve the overall security of the operation.
The purpose of the survey is to:

 Determine and document the current security posture,

 “Identify deficiencies and excesses in existing security measures”,
 Compare the current posture with a determination of the appropriate
level of security or protection needed
 Recommend improvements in the overall situation.

© Hazard 360 Ltd 2020 7 E

PSP® Physical Security Principles

Planning and Conducting Physical Security Assessments

Security Survey and Security Audit – Descriptor:

© Hazard 360 Ltd 2020 8

 PSP® Physical Security Principles
ASIS PSP 2015 CH 3: P 35

Cost Benefit Analysis

 The security practitioner should determine or estimate the actual costs

of implementing the program and weigh them against the impact
(projected results) in terms of loss reduction, financial savings,
acquisition, life cycle, replacement, or other measures.

Security Risk Assessment – Security Survey

 A cost benefit analysis should be used when conducting both a security

risk assessment and security survey.

© Hazard 360 Ltd 2020 9 L

PSP® Physical Security Principles

ASIS PSP 2015 CH 3: P 36, 38
Approaches to Physical Security Assessments

In a security survey, “Checklists” can help ensure that key elements are not
overlooked and can provide a sequence of events for the survey. However,
checklists should not be used as the centre-piece or entirety of a physical
security assessment.

There are three methods used to conduct physical security assessments

 Outside – Inward Approach

 Inside –Outward Approach
 Functional Approach

© Hazard 360 Ltd 2020 10 P

 PSP® Physical Security Principles
ASIS PSP 2015 CH 3: P 36, 38
Outside-Inward Approach

Under this approach, the assessment team takes on the role of an adversary
(perpetrator) attempting to penetrate the physical defences of a facility (in a
notional sense rather than literally).
The team begins outside the facility (where the public would have free
reign) and notionally approaches the outer perimeter (whether that is a
fence line, natural barrier, building wall, or other barrier).
The criminal behaviour of the environment is also taken into consideration to
include actual crimes committed outside the facility.

© Hazard 360 Ltd 2020 11 A

PSP® Physical Security Principles

ASIS PSP 2015 CH 3: P 36, 38
Inside-Outward Approach
Here the assessment team takes on the role of the security professional
(defender), they work from the asset or target out toward the outer
perimeter.
• The assessors evaluate each successive layer of security, determining how
the measures at that layer operate, how effective they are, how they
contribute to the deter-detect-delay-deny concept, and how the layer
could be improved.
• At each layer, multiple possible solutions should be considered, such as
architectural features, structural security, CPTED, electronic security
systems, security officer support, policies and procedures, and others.
 The team should also “Consider Interdependencies at Each layer”. For
example, they could ask, “How would a power failure affect the
measures at this layer?” or “If a master key were stolen, how many
layers would it allow an intruder to breach before the intruder is
stopped or detected?”

© Hazard 360 Ltd 2020 12 R

 PSP® Physical Security Principles
ASIS PSP 2015 CH 3: P 36, 38

Functional Approach to Physical Security Assessment

When conducting a functional physical security assessment (Assessor

evaluates security functions, disciplines, and collates findings, the following
five functional elements should be evaluated.

 Security Architecture
 Structural Security Measures
 Crime Prevention Through Environmental Design (CPTED)
 Electronic Security Systems
 Security Officers and the Human Element

Evaluation of these functional areas and disciplines must be integrated with

consideration of environmental factors, peripheral risks (e.g., neighbours),
and relevant policies and procedures.

© Hazard 360 Ltd 2020 13 T

PSP® Physical Security Principles

ASIS PSP 2015 CH 3: P 39

SWOT Analysis (Strengths, Weaknesses, Opportunities, Threats)

“SWOT Analysis” a situational business analysis that involves a strategic

evaluation of key internal and external factors. Swot refers to Strengths,
Weaknesses, Opportunities and Threats – Conducive to Creative Thinking

Positive Negative
Attributes Attributes

INTERNAL STRENGHS WEAKNESSES

EXTERNAL OPPORTUNITIES THREATS

© Hazard 360 Ltd 2020 14 MY

 PSP® Physical Security Principles
ASIS PSP 2015 CH 3: P 40
Typical Areas and Items to be Assessed

Each area and item should be evaluated in terms of:

 Appropriateness for the situation

 Age
 operability,
 Maintenance
 Interoperability
 Aesthetics
 Consistency with the current use of the space.

© Hazard 360 Ltd 2020 15

PSP® Physical Security Principles

ASIS PSP 2015 CH 3: P 40-43
Physical Security Assessment Areas of Evaluation
Each area should be evaluated in terms of appropriateness for the situation, age,
operability, maintenance, interoperability, aesthetics, and consistency with the
current use of the space.

 Barriers – Active, Passive, Dispensable

 Doors, Windows, Review content of each
section prior to undertaking
 Other Openings
you ASIS PSP Certification
 Locks Exam
 Safes and Containers
 Signage and Lighting
 Alarm Systems and other electronic system – sub systems
 Security Officer Services
 Vehicle, traffic and parking controls
 Utilities Protection
 Visitor Management
 Mail Package Handling

© Hazard 360 Ltd 2020 16

 PSP® Physical Security Principles
ASIS PSP 2015 CH 3: P 43

Protection of Utilities (Electricity, Gas, Oil, Water)

Protection Measures

 Location and physical protection

 Access control
 Backup/emergency sources
 Protection of telecommunications and data lines

© Hazard 360 Ltd 2020 17 MM

PSP® Physical Security Principles

ASIS PSP 2015 CH 3: P 44

Security Survey Testing and Evaluating Protocols

As part of the survey, tests of certain systems and procedures may be

appropriate.

 If tests are conducted, they should be fully coordinated with the “Building
owner or manager and, if applicable, any outside agencies that may be
involved (e.g., first responders, alarm monitoring services, etc”.

Methodology

 Tester should evaluate the ability to penetrate and gain access to internal
areas during working hours, and non working hours.
 If access is achieved, will determine whether employees challenged the
Tester after the fact
 Deception, Tail Gating or Piggy backing, Manipulation of locks

© Hazard 360 Ltd 2020 18 MO

 PSP® Physical Security Principles
ASIS PSP 2015 CH 3: P 44

Security Survey – Areas to be Tested

 “Shipping and Receiving” – Most Vulnerable

 Alarms
 Computer / Server room security
 General Access Control

© Hazard 360 Ltd 2020 19 MD

PSP® Physical Security Principles

ASIS PSP 2015 CH 3: P 44

Testing of Shipping and Receiving Areas of Operations

Methodology

 Control points are checked by physical observation of selected

shipments both (incoming and Outgoing) against bill of Laden or
Inventory Records

© Hazard 360 Ltd 2020 20

 PSP® Physical Security Principles
We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 21

PSP® Physical Security Principles

ASIS PSP 2015 CH 3: P 44

Testing of Alarm Protocols

Control Room: Alarm Communication & Display “ACD” Methodology

 How the alarm is received

 Procedure on how to deal with Alarm
 Response by facility occupants
 Response by Security Officer

© Hazard 360 Ltd 2020 22

 PSP® Physical Security Principles
ASIS PSP 2015 CH 3: P 44

Testing of Computer Server Rooms

When conducting the security survey the assessor should pay particular
attentions to the access control protocols during

 Working and non – working hours

General Access Controls

 Attempt to gain access to the facility and selected internal areas during
both normal working hours and nonworking hours. Determine whether
access is possible and, if so, whether employees challenge the
“intruders” after the fact.

© Hazard 360 Ltd 2020 23

PSP® Physical Security Principles

ASIS PSP 2015 CH 3: P 44

Physical Security Survey / Assessment Reports

 Survey reports generally have two functions: first to communicate, and

second, to persuade.” The most in-depth and competent security survey
may be useless if the results are not properly reported or applied.

The five criteria elements of good reporting are as follows

 Accuracy
 Clarity
 Conciseness
 Timeliness
 Slant or Pitch

© Hazard 360 Ltd 2020 24 ME, ML

 PSP® Physical Security Principles
ASIS PSP 2015 CH 3: P 44

Report Delivery

“The Final Criterion”, slant or pitch, refers to the tone of the report. It
should be courteous and not overly nit-picky or focused on minor details. It
should not be written in a “got you” tone to highlight how poor the security
posture is or how ineffective the existing security strategy is.

 The report should also exhibit areas where security measures are being
delivered effectively, the report should focus on how the security
posture can be improved and why that might be important.

© Hazard 360 Ltd 2020 25 MP

PSP® Physical Security Principles

ASIS PSP 2015 CH 1: P 45

Incident Management

Any risk assessment architecture will have components that rely on incident
management (historical and empirical) data.

Such data may include

 Loss event history

 Threat frequency Analysis
 Single annual loss expectancy
 Impact Assessment

© Hazard 360 Ltd 2020 26 MA

 PSP® Physical Security Principles
ASIS PSP 2015 CH 1: P 45

Annual Loss Expectancy (ALE)

ALE is the product of the costs of: Terminology

ALE – Annual Loss Expectancy
 Incident impact SLE – Single Loss Expectancy
 Frequency of occurrence. ARO – Annual Rate of Occurrence
Formula

Example: If you have a warehouse fire SLE = $250.000 and you expect 2 fires
in a year.
ALE = SLE * ARO
ALE = $250,000 *2
ALE = $500,000

© Hazard 360 Ltd 2020 27 MR

PSP® Physical Security Principles

ASIS PSP 2015 CH 3: P 46

Automated Assessment Tools

Many automated tools on the market can assist in performing risk assessments
and risk analyses. There are pros and cons to using these computer programs,
but the operative term is assist. Software should not be relied on as the sole
element in conducting a physical security assessment
The fact that computer programs cannot or do not factor in unquantifiable
characteristics (which may have a significant influence on risk), such as the
personality or culture of an organization

Vulnerability in using Automated Assessment Tools

 They may give a false sense of knowledge in security assessments

 They may be costly
 Software may be complex
 Computers cannot factor in unquantifiable characteristics

© Hazard 360 Ltd 2020 28 MT

 PSP® Physical Security Principles
ASIS PSP 2015 CH 3: P 46

Example Hazard 360 Ltd Commercial Premises SRS

© Hazard 360 Ltd 2020 29

PSP® Physical Security Principles

ASIS PSP 2015 CH 3: P 46

Example Hazard 360 Ltd Hospital SRS

© Hazard 360 Ltd 2020 30

 PSP® Physical Security Principles
ASIS PSP 2015 CH 3: P 46

Example SRS Question Group Business Risk Register

© Hazard 360 Ltd 2020 31

PSP® Physical Security Principles

PSP – Chapter 4
Physical Security Metrics

© Hazard 360 Ltd 2020 32

 PSP® Physical Security Principles
ASIS PSP 2015 CH 4: P 50

Benefit of Security Risk metrics Program

The knowledge gained from the security risk metric program when
effectively applied, helps security professionals do the following:

• Better understand performance.

• Identify potential risk within the program.
• Identify problems and discover broken internal processes.
• Measure internal compliance with organizational policy.
• Better leverage current security system capabilities.
• Measure how their program performs against established benchmarks.
• Improve accountability.
• Communicate program performance.
• Drive performance improvement.
• Justify resource allocation.

© Hazard 360 Ltd 2020 33

PSP® Physical Security Principles

ASIS PSP 2015 CH 4: P 49, 50

Understanding Metrics

“If you can’t measure it, you can’t manage it.”

In relation to metrics, “Success can be hard to measure” if no events or

incidents have taken place within the organisation?

Metric:

 Is a measure based on a reference that involves at least two points, e.g.,

quantity over time. The primary goal of metrics is to facilitate insight into
performance and operations.

Security:

 Protection from or absence of danger. Therefore, security metrics should

tell us about the state or degree of safety relative to a reference point and
what to do to avoid danger.

© Hazard 360 Ltd 2020 34 OY

 PSP® Physical Security Principles
ASIS PSP 2015 CH 4: P 49, 50

Understanding Metrics
If you can measure it, you can manage it!
In a world of tight budgets and increased regulations and oversight,
executives continually hold their managers to a higher standard of
performance and accountability.
Managers are now asked to provide hard data to justify funding and
resource requests, and they must show the return on investment (ROI) for
their programs. Budgets constrain the physical security system design.
One increasingly popular approach to this challenge—as well as overall
program management—is the use of:

 Performance Metrics – Can Demonstrate (ROI)

 The status of Security Program
 Performance trends
 Demonstrate the ROI or value-added for a program.

© Hazard 360 Ltd 2020 35 OM

PSP® Physical Security Principles

ASIS PSP 2015 CH 4: P 50, 51

“Design Metrics”
The main tool in “Design Metrics” is a “Measurement Framework”.
Measurement frameworks guide one’s thinking about what performance
means and what ultimately leads to sustainable success.
ASIS Foundation sponsored major research that resulted in several useful
products:
• “The Security Metrics Evaluation Tool” (Security MET), which security
professionals can self-administer to develop, evaluate, and improve
security metrics
• A library of metric descriptions, each evaluated according to the Security
MET criteria
• Guidelines for effective use of security metrics to inform and persuade
senior management, with an emphasis on organizational risk and return
on investment

© Hazard 360 Ltd 2020 36 OO, OD

 PSP® Physical Security Principles
ASIS PSP 2015 CH 4: P 51
Security Metrics Evaluation (Security Met)
There are three components of a security metric evaluation tool

1. Technical Criteria
2. Operational Criteria
3. Strategic Criteria

Technical Criteria Operational Security Criteria Strategic Corporate Criteria

 Reliability  Cost  Return on investment

 Validity  Timeliness  Organizational
 Generalizability  Manipulation relevance
 Communication

© Hazard 360 Ltd 2020 37 OE

PSP® Physical Security Principles

We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 38

PSP® Physical Security Principles
Polling Group (3) Questions 1 - 24 (Thirty Minute Duration)

© Hazard 360 Ltd 2020 39

PSP® Physical Security Principles

We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 40

 PSP® Physical Security Principles
ASIS PSP 2015 CH 4: P 50

Designing a Metrics Programme Enterprise Performance Framework

Technical Criteria
• reliability Effectiveness: How well are the security
systems and programs operating, e.g., in
• validity
detecting, delaying, or annunciating?
• generalizability

Operational (Security) Criteria

• cost Efficiency: How quickly are the
organization’s programs responding to
• timeliness
security alarms, incidents, and customer
• manipulation requests?

Strategic (Corporate) Criteria

Strategic improvement: How well are the
• return on investment objectives of the security program
• organizational relevance aligned with the overall objectives of the
• communication organization?

© Hazard 360 Ltd 2020 41 M

PSP® Physical Security Principles

ASIS PSP 2015 CH 4: P 53

Physical Security Metrics

Encompasses three major key components these are:

 Systems

 Personnel

 Regulations

© Hazard 360 Ltd 2020 42 O

 PSP® Physical Security Principles
ASIS PSP 2015 CH 4: P 54
Metrics and Smart Methodology

Specific. Each metric should matter to someone and should

S provide clear, actionable intelligence to that consumer.

Measurable. The product of a metric formula must be a quantifiable

M value, and preferably a natural number or percentage

Attainable. A metric that takes too much time to gather becomes less
A effective. Time may be better spent taking remedial action on known
issues instead of gathering data to support arduous metrics.
Repeatable. A metric cannot be compared to anything, not even to
R itself, if it is not produced in a consistent and uniform fashion.

Time-dependent. A metric should be consistently collected using the

T same time periods (day, week, month) or it will yield inaccurate results.

© Hazard 360 Ltd 2020 43 D

PSP® Physical Security Principles

ASIS PSP 2015 CH 4: P 54

Physical Security Systems Metrics

The goal of establishing “Metrics” for such systems is to reduce the amount
of noise on the operator’s screen. Reducing this noise enables the systems
to operate efficiently, sending only legitimate alarms or system notices to
the operator.
Common types of alarm Data User-defined actions/alarms.
User-defined alarms are essentially the
 Forced Door
focus of SOC operators.
 Door Held Open
These alarms are configured to include
 Unauthorised Access Attempts detailed information about the alarm and
 User Defined Actions or Alarms specific instructions for response to
the alarm.
 “Communication Failure” Cabling Wiring Issues cable can be
compromised, or shorted out, against
metal?
© Hazard 360 Ltd 2020 44 E,L
 PSP® Physical Security Principles
ASIS PSP 2015 CH 4: P 59

Presenting Metrics

Metrics can be displayed in a simple manner using a Metrics Summary

Chart

© Hazard 360 Ltd 2020 45

PSP® Physical Security Principles

ASIS PSP 2015 CH 4: P 60-63

Personnel Performance

Personnel performance can be measured in two categories

 Response
This is a performance metric that may already exist under a security officer
services or system integrator contract—namely, as part of their performance
requirement. Here are two ways to implement this metric:

• Guard Force Response - Time can be measured in response to an alarm

• Integrator Response – Time can be measured against SLA’s
 Training
• Metrics that deal with training effectiveness or that measure related
performance

© Hazard 360 Ltd 2020 46 P

 PSP® Physical Security Principles
ASIS PSP 2015 CH 4: P 64

Training Metrics Personnel Performance

Metrics that deal with training effectiveness or that measure related

performance should be developed from two perspectives:

(1) Inward-facing training metrics.

“These cover training required for the Security Staff” as part of their annual
performance plan, position requirements, contract, or professional
development.

Outward-facing training metrics:

These cover customer training requirements developed and delivered by the

security office to the organization’s employees or other audiences.
They may include such topics as policies and procedures, IT security, handling
sensitive information, privacy rules, emergency procedures, business ethics,
workplace violence prevention, and travel security.
© Hazard 360 Ltd 2020 47 A

PSP® Physical Security Principles

ASIS PSP 2015 CH 4: P 64

Public Sector Metrics

Within the Public Sector there are two common categories of metrics

 Compliance of Facilities
 Compliance of Systems

Collecting Metrics

There are two objectives of collecting physical security programme metrics

 To Provide assurance of Effectiveness of the security plan

 To Facilitate Improvement

© Hazard 360 Ltd 2020 48 R, T

 PSP® Physical Security Principles
ASIS PSP 2015 CH 4: P 62, 66

Additional Recommended Metrics

 External dependency responsiveness

 This metric measures the time responsiveness of external dependencies

(e.g., contracting office, IT technical support, etc.) in meeting security
department requests.

Response o Customer Requests (62)

 Response to customer requests is one of the most significant metrics
any office can monitor.

© Hazard 360 Ltd 2020 49

PSP® Physical Security Principles

PSP – Chapter 5
Basic Design Concepts

© Hazard 360 Ltd 2020 50

 PSP® Physical Security Principles
ASIS PSP 2015 CH 5: P 73

Overview and Conceptual Perspectives

Any physical security project, to be successful, must incorporate basic design

concepts at all phases—especially the planning and early design phases.

Essentially, the conceptual perspectives discussed in the first three chapters

of the book, primarily concerning security risk management, should be
applied to all thought and decision-making processes concerning the
following:

 Facilities (design, layout, utilization, etc.)

 Overall protection strategies
 Structural and electronic security systems
 Security officer operations (and other human support)

© Hazard 360 Ltd 2020 51

PSP® Physical Security Principles

ASIS PSP 2015 CH 5: P 74

Design Principles

 “Three foundational principles are the four Ds (deter, detect, delay, and
deny) and layered security (defense-in-depth)”.
A layer might be physical (such as a wall or entry control point) or functional.
For example, a physical intrusion detection system layer, a video surveillance
system layer, and a response force layer might all work together (possibly
along with a physical layer) to provide protection for a particular area of a
facility.

 The “Critical Point of Detection” is defined as the point where the delay
time remaining exceeds the response force time.
Meeting protection objectives requires a comprehensive strategy that
incorporates layered security and the four Ds to measure projected
effectiveness.

© Hazard 360 Ltd 2020 52 MY, MM

 PSP® Physical Security Principles
ASIS PSP 2015 CH 5: P 75

Critical Point of Detection:

To = Time of Detection
TA = Alarm is assessed
T1 = Response force interruption time
Tc = Adversary task completion time

CPD

© Hazard 360 Ltd 2020 53

PSP® Physical Security Principles

ASIS PSP 2015 CH 5: P 75

Point Versus Area Security:

Area Security

 Where there is significant perimeter

protection and entry is tightly controlled at a
single portal.

Point Security

 Where the outer perimeter is loosely

controlled and the primary security focus is
at the individual buildings (or restricted
areas within the buildings (i.e. “Panic or Safe
room”)

© Hazard 360 Ltd 2020 54 MO

 PSP® Physical Security Principles
ASIS PSP 2015 CH 5: P 75

Conflict In Design Process:

 Sometimes surveillance systems, sensors, door systems, other access

control mechanisms, security lighting, and a security officer force
conflict with one another.

 Security goals may not align with an organisation’s mission or culture

 Conflicts can also develop between safety and security.

For example, should electronic door locks fail safe or fail secure? The answer
often depends on conflict with “Building Codes or Fire Codes”.
Such components as door hardware, window materials, audible alarms,
lighting, and electronic access control systems must satisfy both security and
safety objectives (and meet code or regulations).

© Hazard 360 Ltd 2020 55 MD

PSP® Physical Security Principles

ASIS PSP 2015 CH 5: P 76

Balanced Protection:

 In an ideally balanced design, electronics, structural measures, human

activities, and procedures are carefully orchestrated to complement one
another and work in a true systems sense.

 Balanced protection can also mean that no matter how an adversary

attempts to accomplish his or her goal, effective elements of physical
security architecture will be encountered.

 In this context, a balanced system is a configuration where the minimum

time or “Difficulty to Penetrate” each barrier is equal, and the probability
of detecting penetration of each barrier is equal. This is known as
“Balanced Protection”

© Hazard 360 Ltd 2020 56 ME

 PSP® Physical Security Principles
ASIS PSP 2015 CH 5: P 77

Additional Design Elements:

Type of Facility – Key Factor

 The type or use of a facility plays a key role in the nature of the physical
Security design and strategy employed to meet protection objectives.

 The type of operations conducted at a facility play a key role in its

“Physical Security Design” – “Physical Security Strategy” – “Protection
Objectives”

For example, data centres and biotechnology laboratories require specialized

environmental control and air handling systems, decisions should be made
early in the design process as to where the equipment that comprises these
systems should be located and whether it requires special security features
to protect it from vandalism, tampering, or intentional attack or sabotage.

© Hazard 360 Ltd 2020 57 ML

PSP® Physical Security Principles

ASIS PSP 2015 CH 5: P 78

Design Criteria:
Performance Criteria
A design process based on performance criteria will select elements and
procedures according to the contribution they make to overall system
performance. By establishing a measure of overall system performance,
these values may be compared for existing (baseline) systems and
upgraded systems, and the amount of improvement can be determined.
The increase in system effectiveness can then be compared to the cost of
the proposed upgrades for a cost-benefit analysis.
Feature Criteria
On the other hand, a feature criteria approach selects elements or
procedures to satisfy requirements that certain items be present. The
effectiveness measure is the presence of those features. The use of a feature
criteria approach in regulations or requirements should generally be avoided
or handled with extreme care. (Checklist are often used in this approach)

© Hazard 360 Ltd 2020 58 MP, MA

 PSP® Physical Security Principles
ASIS PSP 2015 CH 5: P 79

Role of Procedures:
An effective physical security strategy combines people, procedures, and
equipment into an integrated system that protects assets from the expected
(or reasonably expected) threat.
While the human and particularly the technology components are often
emphasized, the value of procedures cannot be overstated.
Procedural Changes can be: “Cost-effective solutions” to physical
protection issues
Should always be considered in conjunction with other existing or
recommended elements.
Procedures include not only operational and maintenance functions, but
also training and awareness for employees and facility users, security
officer/response force training, and business practices of the organization
(such as whether visitors must be escorted in some areas).

© Hazard 360 Ltd 2020 59 MR

PSP® Physical Security Principles

ASIS PSP 2015 CH 5: P 79

Developing Security System Procedures:

Five Key Elements

 People
 Operations
 Maintenance
 Training and Awareness
 Incident based and exploratory Investigations

© Hazard 360 Ltd 2020 60 MT

 PSP® Physical Security Principles
We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 61

PSP® Physical Security Principles

ASIS PSP 2015 CH 5: P 82

Design Practises
Vulnerabilities
Loading docks, trash bins/dumpsters, and
backup generators are key considerations Bollards not fit for purpose
in facility design and have definite security
No fencing to protect generator
relevance.
No obvious CCTV Coverage
No obvious security lighting

© Hazard 360 Ltd 2020 62

 PSP® Physical Security Principles
ASIS PSP 2015 CH 5: P 83

Design Practises
Another recommended practice, especially in retail, warehouse, and cargo
transportation settings, is the physical separation of shipping and receiving
areas This is particularly relevant for a plant, warehouse, dock, trans
shipment point, store, or similar facility.

© Hazard 360 Ltd 2020 63

PSP® Physical Security Principles

ASIS PSP 2015 CH 5: P 85

Design Practises
What is wrong Bollard Layout ?

Unfortunately, the building

owner, property manager, and
security director all failed to
coordinate with their neighbour
in the adjacent office building.
Because the adjacent building
has no bollards, an attacker can
simply drive around the bollards
on the right or left side and
Failure to deliver Balanced Protection attack either building at will.

© Hazard 360 Ltd 2020 64

 PSP® Physical Security Principles

PSP – Chapter 6
Influencing Factors in Physical Security Design

© Hazard 360 Ltd 2020 65

PSP® Physical Security Principles

ASIS PSP 2015 CH 6: P 90 - 95

Design Practises

Influencing factors to consider in physical security design

 Characteristics of Assets under protection

 Ownership of Occupancy
 Purpose of the Facility
 Access
 Characteristics of Surroundings
 Characteristics of Location
 Additional Influencing Factors
 Mitigations options based on Influencing Factors

© Hazard 360 Ltd 2020 66

 PSP® Physical Security Principles
ASIS PSP 2015 CH 6: P 90

Characteristics of the Assets under Protection

When approaching a physical security project, one might focus on a building
or other structure. Within that structure are numerous assets that warrant
protection, and the strategy is designed to offer a certain level of security. In
some cases, however, the project focus is different.
For example, a physical security program may include a strategy to protect
the following:
• an individual (such as a corporate • data stored or processed by a
executive, government official, or computer, IT network, device, or
celebrity) telecommunications system
• an item of intellectual property (such • a high-value object (e.g., a painting,
as a trade secret or physical model of sculpture, jewel, cash, etc.)
a device) • animals, plants, bio-organisms, or other
• an event or series of events living things
• a capability (such as bandwidth in a
• a vehicle (automobile, train, ship,
communications or transmission
aircraft, or other conveyance)
system)

© Hazard 360 Ltd 2020 67

PSP® Physical Security Principles

ASIS PSP 2015 CH 6: P 90 - 95

Characteristics of Building or Facility

When the asset is a building or facility, a different set of influencing factors
should be considered:
Who owns the building? The answer can affect the ability to make changes
to a structure, enter contract agreements, and conduct other forms of
business.
Building Design: The buildings were designed such that architectural and
security features could more easily be removed or installed according to the
needs of the occupants.
Multi Tenant Buildings: Another relevant issue is whether the building will
house one or multiple tenants. In multitenant facilities, a more adaptable
operable and flexible approach must be taken to physical security design,
and the deployment of Protective Security Measures. Different tenants have
different requirements and expectations, which may vary over time.

© Hazard 360 Ltd 2020 68 OY, OM

 PSP® Physical Security Principles
ASIS PSP 2015 CH 6: P 90 - 95

Purpose of the Facility

“How and by whom will the facility be used”? The answers may significantly
influence the physical security strategy as well as the design and layout.
The following are types of facilities with specific purposes:

• Power Plants • Manufacturing plants • Hospitals

• Dams • Facilities that handle • laboratories
• Other utilities classified or sensitive • chemical plants
• Telecommunications information
facilities • Transportation facilities
• large retail facilities • Military facilities

Such issues as access control, standoff distance, sensor types, nature of the
security officer force, reliance on public utilities, and other factors depend
on the purpose of the facility.

© Hazard 360 Ltd 2020 69 OO

PSP® Physical Security Principles

ASIS PSP 2015 CH 6: P 90 - 95

Access

Some facilities are meant to be open to the public (e.g., shopping centres),
while others limit access to authorized personnel (such as employees). The
intended access to a facility (private, public, or mixed) can have a significant
influence on physical security strategies.
 Among the features that can be affected are facility layout, parking
arrangements, security systems, and the role or use of security officers

© Hazard 360 Ltd 2020 70

 PSP® Physical Security Principles
ASIS PSP 2015 CH 6: P 90 - 95

Characteristics of the Surroundings

Impact
Security professionals must consider the “Facility’s surroundings, including
the terrain and neighbours, Neighbours can have a significant impact” on
the threats and vulnerabilities of a facility as well as the potential impact of
an undesirable event.
Consequential Threat
Another issue is how neighbours may affect ingress and egress. Will a
chemical spill, vehicle accident, facility lockdown, labour dispute, or other
incident at a neighbour’s facility shut down access to or from one’s own
facility?

© Hazard 360 Ltd 2020 71 OD

PSP® Physical Security Principles

ASIS PSP 2015 CH 6: P 90 - 95

Characteristics of Location
The setting of a facility can also be significant. Physical security may be
implemented differently in a dense urban area than in a suburb, small town,
or rural or remote area.
The response time for first responders may also differ greatly, increasing the
need for self reliance in the event of a security incident.
Consideration should be given to:

 Type of Vulnerability Assessment

 Physical Security
 Deployment of Risk Mitigation Measures

© Hazard 360 Ltd 2020 72 OE

 PSP® Physical Security Principles
ASIS PSP 2015 CH 6: P 90 - 95

Selecting Mitigation Options based on Influencing Factors

An overarching goal should be cohesiveness among the organization, the
mission, the risk profile, and the protection strategy (including measures and
tools employed).
The goals and mission of an organization should be carefully considered in
selecting a risk mitigation strategy to protect personnel, property, and
reduce liability.
Any strategy or option chosen must be evaluated in terms of availability,
affordability, and feasibility of application to the enterprise’s operation.

Impact on
Business
Operations

Critical Assets
© Hazard 360 Ltd 2020 73

PSP® Physical Security Principles

ASIS PSP 2015 CH 6: P 90 - 95

Additional Influencing Factors

Other influencing factors include the level of “Senior Management Support”

for security, the budget process and resource availability, and access to
human capital, outsource providers, and special expertise or services.

An overarching goal should be cohesiveness among the organization, the

mission, the risk profile, and the protection strategy (including measures and
tools employed).

 The goals and mission of an organization should be carefully considered

in selecting a risk mitigation strategy to protect personnel, property,
and reduce liability.

© Hazard 360 Ltd 2020 74 OL

PSP® Physical Security Principles
Polling Group (4) Questions 1 - 25 (Thirty Minute Duration)

© Hazard 360 Ltd 2020 75

 PSP® Physical Security Principles
Welcome to ASIS PSP Webinar (3) of Training Programme

PSP

© Hazard 360 Ltd 2020 1

PSP® Physical Security Principles

ASIS PSP 2015
Module (3) Agenda

 Chapter 7: Security Architecture and Engineering

 Chapter 8: Integrated Security Strategies

 Chapter 9: Structural Security Measures

© Hazard 360 Ltd 2020 2

 PSP® Physical Security Principles

PSP – Chapter 7
Security Architecture and Engineering

© Hazard 360 Ltd 2020 3

PSP® Physical Security Principles

ASIS PSP 2015 CH 7: P 97

Security Architecture and Design

A foundational element of an “Integrated Assets Protection Strategy” is

Security Architecture and Design. This discipline addresses the design of
facilities and building complexes such that security features are built in from
the start rather than added as an afterthought.
Security architecture and design can be applied to:
• New Construction
• Renovation
• Expansion.
Ideally, security professionals work with architects, engineers, general
contractors, and others throughout the process, using the results of a risk
assessment. This approach saves money and improves protection.

© Hazard 360 Ltd 2020 4 M

 PSP® Physical Security Principles
ASIS PSP 2015 CH 7: P 99

Design Overview
When beginning a “new project”, the first priority is to determine the
“Client’s requirements.” In engineering, this includes such concepts as site
layout, the size of the structure needed, the number of people to be housed,
and the activities to be performed in the building.

In security design, the basic factors to know from the outset are these:

 Governing codes and regulations

 Protection requirements
 Type of construction
 Site layout
 Material selection
 Utilities
 Life safety

© Hazard 360 Ltd 2020 5 O

PSP® Physical Security Principles

ASIS PSP 2015 CH 7: P 99

State and Local Requirements that should be considered for projects

 “Codes and Regulations” - These are Legal Requirements!

 Guidelines and Standards
 Permitting Requirements
 Contractual Requirements

© Hazard 360 Ltd 2020 6 D

 PSP® Physical Security Principles
ASIS PSP 2015 CH 7: P 99, 100

Codes and Regulations

Some codes and many guidelines address security design. A designer must
be aware of when and if a particular security requirement may violate (or
fail to adhere to) other regulations, such as life safety codes.

Definitions

• Code – Regulations are a legal requirement

• Guideline and Standards are recommendations
Issuing Bodies

• Federal Emergency Management Agency (FEMA)

• American Society of Civil Engineers (ASCE).

© Hazard 360 Ltd 2020 7 E

PSP® Physical Security Principles

ASIS PSP 2015 CH 7: P 100

Design Challenges

 The challenge for designers and their clients is to balance the need to
maintain public access against ensuring public safety.

Federal Emergency Management Agency

According to FEMA there are to classifications of threats or hazards

 “Natural”
 “Human”

© Hazard 360 Ltd 2020 8 L

 PSP® Physical Security Principles
ASIS PSP 2015 CH 7: P 100

Calculating Risk Formula

The basic assessment approach should incorporate some evaluation of asset

value, threat, and vulnerability to determine risk to the facility.

A simple equation for calculating risk is:

 Risk = Vulnerability x Threat x Asset Value

© Hazard 360 Ltd 2020 9 P

PSP® Physical Security Principles

ASIS PSP 2015 CH 7: P 100

Project Requirements

Many companies developing new technologies advertise them as offering

the best protection available on the market.
Therefore, it is vital to diligently research products and services and ensure
they meet the client’s requirements. Systems can be tested and certified,
but some systems do not have a valid testing mechanism by which to
evaluate them, thereby making them more difficult to assess.

Vulnerability

 A potential pitfall in choosing security technology is the “Inability to

thoroughly evaluate products” advertising claims prior to installation.

© Hazard 360 Ltd 2020 10 A

 PSP® Physical Security Principles
ASIS PSP 2015 CH 7: P 101

Types of Construction
A design may be significantly changed if it is a retrofit or renovation project
in contrast to new construction.

© Hazard 360 Ltd 2020 11

PSP® Physical Security Principles

ASIS PSP 2015 CH 7: P 101

Security Architecture and Design – Accountability

Regardless of the type of construction, the “Security Designer” should

recognize the potential for the creation of failure points.
If a catastrophic event occurs, what will be the first part of the structure to
fail?
To paraphrase the old axiom, a system is only as good and as strong as its
weakest point.

© Hazard 360 Ltd 2020 12 R

 PSP® Physical Security Principles
ASIS PSP 2015 CH 7: P 102

Site Layout
For perimeter security, the basic premise of design is the five Ds: deter,
detect, deny, delay, and defend.
• The easiest option is to push the threat as far away from the target as
possible,
• “Standoff Distance” also increases the footprint of the site and may have
environmental considerations in addition to the cost factors.
• The designed facility should appear as less of a target of opportunity than
its neighbour
• All systems (both security systems and building systems) must be kept in
good working order.
• The sight of unmaintained equipment, such as broken cameras or
breached fence lines, implies that security is not a priority and makes the
facility appear to be an easy target.

© Hazard 360 Ltd 2020 13

PSP® Physical Security Principles

ASIS PSP 2015 CH 7: P 102

© Hazard 360 Ltd 2020 14

 PSP® Physical Security Principles
ASIS PSP 2015 CH 7: P 102

Perimeter Protective Measure According to Marier,2012 the

author describes protecting a
 Fence Line site using Five D’s
 Guard Personnel
 Cameras • Deter

 Vehicle Barriers • Detect

 Intrusion Detection Systems • Deny
 Signs • Delay
 Natural Barriers • Defend

© Hazard 360 Ltd 2020 15 T

PSP® Physical Security Principles

ASIS PSP 2015 CH 7: P 102

Perimeter
• Give notice of the legal boundary of the premises.
• Help channel entry through a secured area by deterring entry elsewhere
along the boundary.
• Provide a zone for installing intrusion detection equipment and video
surveillance system.
• Deter casual intruders from penetrating a secured area, keeps “Honest
People Honest”
• Force an intruder to demonstrate his or her intent to enter the property.
• Create a psychological deterrent.
• Reduce the number of security officers required.
• Demonstrate a facility’s concern for security.

© Hazard 360 Ltd 2020 16 MY

 PSP® Physical Security Principles
ASIS PSP 2015 CH 7: P 102

Perimeter
When we talk about the perimeter fence being the primary point of detection,
we are implying that there are electronic risk mitigation measures installed to
the fence, or its immediate environment. One aim: is to detect an adversary’s
intrusion! “Detection” to enable a faster response.
These include the following:

• Fence Disturbance Sensors

• Sensor Fence Detection
• Electric Fence
• Seismic Pressure Sensors
• Magnetic Field Sensors
• Ported Coaxial Cable Sensor
• Fibre Optic Sensors
• CCTV Camera Surveillance
Implementing the above frustrates and adversary’s attempts by denying access

© Hazard 360 Ltd 2020 17 MM

PSP® Physical Security Principles

ASIS FPSM GDL SEC 3.2.2: P 16

3.2.2 Site Hardening

Key factors in hardening a facility include the following:
“Stand-off distance, which is the distance between a critical asset and the
nearest point of attack” (usually using an explosive device).
Structural integrity of the premises against attacks (such as forced entry,
ballistic attack, or bomb blast) and natural disasters (such as earthquakes,
hurricanes, or tornadoes).

Four Key Components of Site Hardening:

1. Stand off Distance

2. Structural Integrity
3. Prevention of Progressive Collapse
4. Redundancy Operating Systems

© Hazard 360 Ltd 2020 18 MO

 PSP® Physical Security Principles
Port Facility Beirut Fire / Explosion - Video

Pay special attention to the Blast Wave!

© Hazard 360 Ltd 2020 19

PSP® Physical Security Principles

ASIS PSP 2015 CH 7: P 103

Building Design Against Blast

Site and building design can significantly improve or hinder the impact of a
blast on structures. When a blast occurs, the building is affected by more
than just the initial pressure wave from the explosion.
These are some common terms related to pressure from a blast:
Incendiary thermal effect
A bright flash or fireball at the instant of detonation; unless highly
combustible materials are involved, the thermal effect plays an insignificant
part.
Energy Wave
The leading edge of the energy wave released by an explosion that rolls out
in a circular pattern from the source. (“Also known as Shock or Blast Wave”)
Reflective pressure
The energy of the shock wave that is redirected by objects along the initial
pathway; reflective

© Hazard 360 Ltd 2020 20 MD

 PSP® Physical Security Principles
We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 21

PSP® Physical Security Principles

ASIS PSP 2015 CH 7: P 104

Building Design Against Bomb Blast

“Site and Building Design” can significantly improve or hinder the impact of
a blast on structures. When a blast occurs, the building is affected by more
than just the initial pressure wave from the explosion. Vulnerability can be
increased or decreased by the “Building Shape”.

© Hazard 360 Ltd 2020 22 ME, ML

 PSP® Physical Security Principles
ASIS PSP 2015 CH 7: P 105

Building Design Against Bomb Blast

Shock or blast wave: the leading edge of the energy wave released by an
explosion that rolls out in a circular pattern from the source.

The detection characterisation of potential threats from explosive devices can be

enhanced by “Standoff Distance” from Premises

© Hazard 360 Ltd 2020 23 MP

PSP® Physical Security Principles

ASIS PSP 2015 CH 7: P 105

Three Types of Security Zones

Perimeter Nonexclusive Zone Exclusive Zone

Entry Control Access Control Controlled Entry

• Controlled entry • Highly restricted

Site Boundary

Vehicles Barriers
Structure

with less restrictive area

• Natural Landforms, access Access Control
Fencing, Planters
• Knee Walls and • May contain Public • Proximity Card, Pin,
Bollards Right of way Keypad
• Active Passive Jersey • Intercom with
Barriers Password or Facial
Recognition, CCTV
Increasing Levels of Security

© Hazard 360 Ltd 2020 24 MA

 PSP® Physical Security Principles
ASIS PSP 2015 CH 7: P 106

Material Selection
The structure and design of the building is extremely important as Failure
Points of design can cause a building to progressively collapse.

“One or Two main support

beams are compromised”

© Hazard 360 Ltd 2020 25 MR

PSP® Physical Security Principles

ASIS PSP 2015 CH 7: P 106

Progressive Collapse Khobar Towers Dahran

© Hazard 360 Ltd 2020 26 MR

 PSP® Physical Security Principles
ASIS PSP 2015 CH 7: P 107

Facades
Certain materials are more likely to break apart when struck by significant
force or pressures.

• The fragments generated by the breakdown of the surface then become

hazards themselves.

• Debris may be picked up by wind or blast pressures and propelled toward

other structures, causing harm to buildings, key assets, or, even worse,
people.

• Materials that are readily fragmented, such as ballast material on

rooftops, are easily torn from the surface in natural hazard events like a
tornado and propelled by the winds at speeds and forces sufficient to
damage other structures or people.

© Hazard 360 Ltd 2020 27

PSP® Physical Security Principles

ASIS PSP 2015 CH 7: P 107

Interior Layout
Interiors can be designed with an open or closed (compartmentalized) floor
plan or a combination of the two.

• The client should weigh all options, with the assistance of the designer,
to determine the best layout for the facility based on the activities that
will be conducted in the area.

• It will likely be a combination of both open and closed floor plans, but
the percentage of each must be decided objectively.
 Open floor plans provide great visibility of all activities and personnel
and “Leave few places for Privacy”.

 Closed or compartmentalized floor plans provide privacy for personnel

to conduct business. However, awareness of activities occurring in the
area is significantly reduced, “and “Escape routes may be Restricted”.

© Hazard 360 Ltd 2020 28 MT, OY

 PSP® Physical Security Principles
ASIS FPSM GDL SEC 3.1.2: P 8

Interior Layout
 Put higher-security activities in the middle and lower-security activities
in outer layers.

“Protection in Depth”
The strategy of forming layers of protection for an asset
© Hazard 360 Ltd 2020 29 OM

PSP® Physical Security Principles

ASIS PSP 2015 CH 7: P 108

Glazing
Read the bullet points located on page 109-110

 Select glass type carefully

 Reduce the size of the window
 Consider reinforcement of glass
 Locate windows away from potential sources of blast
 Ensure that the construction and design are supportive of the panes.
 A blast curtain, fixed at both ceiling and floor, will capture
fragmentation
 In a retrofit, install a catch bar in conjunction with a reinforced window.

© Hazard 360 Ltd 2020 30

 PSP® Physical Security Principles
ASIS PSP 2015 CH 7: P 110

Site Utilities
“Designers should consider how the utilities enter the facility” and then
protect those areas if they are deemed critical services. If it is a critical
utility, it makes sense to consider a design that loops or provides a
redundant feed so if service is lost, it can be back-fed from another location.

Unsecured
Utility Covers
Secured
Utility Cover

© Hazard 360 Ltd 2020 31 OO

PSP® Physical Security Principles

ASIS PSP 2015 CH 7: P 111

HVAC Systems
• Heating, ventilation, and air conditioning (HVAC) systems provide fresh
air, temperature control, and humidity control. Depending on the
function of the facility, HVAC may provide personnel comfort and also
protect mission-essential equipment.
 The fresh air intakes are potential targets for an assailant to introduce a
chemical or biological weapon. For this reason, the intakes should be
protected. They should also be placed away from sources of
contamination, such as emergency generator exhaust pipes.

© Hazard 360 Ltd 2020 32

 PSP® Physical Security Principles
ASIS PSP 2015 CH 7: P 111

Emergency power – Redundancy

 During the design phase, it is important to determine what equipment or

systems need to maintain power at all times and what “Length of
Interruptions” can be Tolerated”

 This will help determine the “Amount of backup power the emergency
generator needs to supply during a power outage”. This information is
also necessary to determine if an uninterruptible power supply (UPS) is
required and what capacity it must have.

 During the design phase, it is important to determine what “Redundancy

Equipment or Systems” need to maintain power at all times and what
length of interruptions can be tolerated. This will help determine the
amount of backup power the emergency generator needs to supply
during a power outage.

© Hazard 360 Ltd 2020 33 OD

PSP® Physical Security Principles

ASIS PSP 2015 CH 7: P 111

Emergency power – Redundancy Systems

UPS
Controller

Power Failure UPS Carries

Critical Loads! Power Out
Until Generator
Kicks in to take major
power load
Normally 5-15 Seconds

UPS / Generator
Control Cabinet
© Hazard 360 Ltd 2020 34
 PSP® Physical Security Principles
ASIS PSP 2015 CH 7: P 112

Other Utilities

Redundancy Requirements

 Communications systems (e.g., phone and Internet)

 Potable water
 Gas
 Sanitary sewer

SCADA – Supervisory Control and Data Acquisition

 SCADA Systems: Although this is not a utility itself, it is a critical

component in the operability of systems, it must be protected from
attack, as a breach of this system can take down critical components
and damage operations.

© Hazard 360 Ltd 2020 35 OE

PSP® Physical Security Principles

ASIS PSP 2015 CH 7: P 112

Life Safety Systems

Applicable Code: National Fire Protection Association (NFPA 101)

Considerations for life safety and security are as follows:

• Evacuation and egress points

• Door alarms
• Smoke detection and trouble alarms
• Fire detection systems
• Sprinkler or other suppression system
• Chemical and biological hazard detection
• Mass notification systems
• Emergency lighting and wayfinding systems
• Annunciator panels
• Emergency planning

© Hazard 360 Ltd 2020 36

 PSP® Physical Security Principles
ASIS PSP 2015 CH 7: P 113, 114

Evacuation
Security systems or methods cannot impede life safety and therefore must
work together to ensure the safety and survival of personnel.
The following are key steps to take when planning evacuations:

 Designate primary and secondary evacuation routes, if not more, from all
areas of the building, including outdoor areas such as rooftops.
 Identify muster points away from the facility and other potential hazards.
 Identify personnel who may require special assistance during an event
and note the locations of any special equipment they may immediately
need.
 Identify the locations of any special equipment that may be necessary
during evacuation (e.g., escape ladders).
 Identify the locations of fire extinguishers, smoke detectors, and first aid
kits.
 Identify the locations of the shutoffs for gas, water, and electricity.
© Hazard 360 Ltd 2020 37

PSP® Physical Security Principles

ASIS PSP 2015 CH 7: P 114

Shelter In Place

Depending on the emergency, it may be necessary to take shelter in place

rather than leave the facility.

Examples include extreme weather (such as a tornado) or an active shooter

outside the facility. Every facility should have designated areas where
occupants can gather.

These areas are often designed with isolated wall structures to provide
additional protection from the threat and tend to be inside the structure in
places such as stairwells.
“Architecture and engineering are a “Critical Design Tool” and
part of an integrated asset protection strategy for any facility

© Hazard 360 Ltd 2020 38 OL

 PSP® Physical Security Principles
Security Architecture and Engineering Shelter In Place Video

© Hazard 360 Ltd 2020 39

PSP® Physical Security Principles

We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 40

PSP® Physical Security Principles
Polling Group (5) Questions 1 - 25 (Thirty Minute Duration)

© Hazard 360 Ltd 2020 41

PSP® Physical Security Principles

We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 42

 PSP® Physical Security Principles

PSP – Chapter 8
Integrated Security Strategies

© Hazard 360 Ltd 2020 43

PSP® Physical Security Principles

ASIS PSP 2015 CH 8: P 119

The terms integrated and integration are widely used in the security and
assets protection community—especially in relation to physical security.

Systems Approach

The systems approach...involves identifying the:

 Desired system
 Determining what the subsystems are and how they interact,
 Setting objectives
 Defining the details of the environment in which the system must operate
 Modelling and designing the system
 Implementing the Systems
During the process, methods or criteria must be developed for measuring or
evaluating the effectiveness of the “Systems Integration”

© Hazard 360 Ltd 2020 44

M
 PSP® Physical Security Principles
ASIS PSP 2015 CH 8: P 120

Integration Methodology
Four levels of integration are highly relevant to the security profession and the
development of physical security strategies. Each level represents an increasingly
broad perspective.

Four levels to be considered

 Integrated electronic security systems

 Integrated physical security elements
 Integrated security programs
 Integration in enterprise risk management

 It is also crucial to make sure the system’s software is acceptable and can
be supported by the organization’s IT resources. Other departments that
may need to interface with the system database (such as the human
resources department)

© Hazard 360 Ltd 2020 45 O

PSP® Physical Security Principles

ASIS PSP 2015 CH 8: P 120

Integrated Electronic Security Systems

Integrated electronic security systems • Access Control, CCTV Camera Systems
• Intruder Detection System, Biometric Systems
• Security Lighting
• Security Control Room, AC&D Monitoring
Integrated physical security elements • Fencing, Gates, Turnstiles, Active Barriers, Bollards,
• Locking Systems
• HVM Barriers
Integrated security programs • Integrated security program is a security strategy
that leverages a common set of configurations,
rules, policies and practices to secure all of an
organization's workloads
Integration in enterprise risk • Enterprise risk management (ERM) is a plan-based
management business strategy that aims to identify, assess, and
prepare for any dangers, hazards, and other
potentials for disaster—both physical and
figurative—that may interfere with an organization's
operations and objectives.

© Hazard 360 Ltd 2020 46

 PSP® Physical Security Principles
ASIS PSP 2015 CH 8: P 121

Preventative and Remedial Maintenance

Accountability and Responsibility:
Often the best solution is to select a “Single Source Contractor” to take
responsibility for the system’s preventive and remedial maintenance.
As the single point of contact, the source will diagnose the cause of the
problem and manage the process of getting it resolved.
Resolution may include third parties who supply or maintain particular
system components, or it may require assistance from other service
providers, such as networking services, telecommunication services, or
application software companies.

“Single Source Contractor” is the most cost effective method of controlling

Preventative and Remedial Maintenance

© Hazard 360 Ltd 2020 47

D

PSP® Physical Security Principles

ASIS PSP 2015 CH 8: P 122

Integrated Physical Security Elements

The multiple elements of physical security must be integrated to operate as
part of a comprehensive physical security strategy. Physical security
elements are generally categorized as electronic security systems, structural
security measures, and human capital. At a more detailed level, however,
the following should be considered as potential components of any physical
security strategy.
architecture and engineering sensors
facility layout alarms
design landscaping intrusion detection systems
natural access control communications systems
electronic access control systems lighting (security and general)
natural surveillance security officer force
electronic surveillance systems concierge or reception staff
doors and locking systems auxiliary personnel
fencing, gates, and walls outsource providers
structural barriers (bollards, wedge barriers, etc.) working dogs

© Hazard 360 Ltd 2020 48

 PSP® Physical Security Principles
ASIS PSP 2015 CH 8: P 123, 124

Integrated Security Programmes

The physical security strategy (and its components) integrate with such
disciplines as these:

• Personnel security “Integrated security systems have three

major defining attributes”:
• IT security
• Information assets protection 1. They comprise numerous subsystems
together into one complete, highly
• Technical security
coordinated, high-functioning system.
• Investigations
2. They involve both integration of
• Training and Awareness
components and integration of
• Executive protection functions.
• Product security 3. They utilize a communications
• Crime prevention infrastructure or medium (usually via an
IT network).

© Hazard 360 Ltd 2020 49 E

PSP® Physical Security Principles

ASIS PSP 2015 CH 8: P 124

Two Categories of Integrated Security Systems

“Convergence-based Integrated Security Systems”

Integrated Security Systems, that communicate or interact with one another

automatically!

Enterprise integrated security systems

Security systems that have been integrated with other systems, including
elevators, private automatic branch exchanges, human relations programs, and
security video and intercommunications systems at the corporate level, and
operate uniformly across the entire enterprise

Key Point

 The human element of security, which relates to decision-making, common

sense, and awareness, must be integrated into the system during the
design phase, not after the system has been designed and implemented

© Hazard 360 Ltd 2020 50 L

 PSP® Physical Security Principles
ASIS PSP 2015 CH 8: P 125

Integration in Enterprise Risk Management

The final and broadest aspect of integrated assets protection comes at the
enterprise level with the concept of enterprise risk management. At this
level, all relevant functions and disciplines are blended—along with
security—to focus on the organization’s key assets and a highly
comprehensive strategy to protect them so essentially:

1) Integrates individual components into an electronic security system

package,

2) Which integrates into a physical security package,

3) Which blends into an overall security program, which then becomes

part of an enterprise risk management domain.

© Hazard 360 Ltd 2020 51

PSP® Physical Security Principles

ASIS PSP 2015 CH 8: P 127

“Physical Security Information Management (PSIM)”

In concept, PSIM not only draws in data from security sources but also
integrates information from building control systems

 Various environmental monitors

 Situational indicators
 And other sources.

A key benefit is that more in-depth situational awareness results from the
PSIM system’s ability to integrate the physical access control system (PACS)
and the VMS (video management system), along with other
communications and tracking systems

© Hazard 360 Ltd 2020 52 P

 PSP® Physical Security Principles
ASIS PSP 2015 CH 8: P 127

Integration in Enterprise Risk Management

“Integrated security systems are force multipliers” and they can expand the
reach of a security staff by extending the eyes, ears and voice of the console
officer into the depths of the facility.... The better the system integration, the
better the organization will be able to use its security force.

© Hazard 360 Ltd 2020 53 A

PSP® Physical Security Principles

PSP – Chapter 9
Structural Security Measures

© Hazard 360 Ltd 2020 54

 PSP® Physical Security Principles
ASIS FPSM GDL 2009 SEC 3: Page 9

Layered Protective Zones

3.1.2.1 Outer Layer
Physical controls at the outer protective layer or perimeter may consist of
fencing or other barriers, protective lighting, signs and intrusion detection
systems. “It is the outermost point at which physical security measures are
used to deter, detect and delay”.
3.1.2.2 Middle Layer
The middle layer, at the exterior of buildings on the site, may consist of
protective lighting, intrusion detection systems, locks, bars on doors and
windows, signs and barriers such as fencing and the façade of the building itself.
Protection of skylights and ventilation ducts can discourage penetration from the
roof.
3.1.2.3 Inner Layers
Usually, several inner layers are established. Their placement is designed to
address an intruder who penetrates the outer and middle protective layers. The
following physical controls are normal at this layer: window and door bars, locks,
barriers, signs, intrusion detection systems and protective lighting.

© Hazard 360 Ltd 2020 55 R

PSP® Physical Security Principles

ASIS GDL FPSM 2009 SEC 3.1.2.1: P 9
Outer Layer of Security encompasses the following:

 Fencing or other Barriers

 Protective Lighting
 Signs
 Intrusion Detection Systems

© Hazard 360 Ltd 2020 56

 PSP® Physical Security Principles
ASIS GDL FPSM 2009 SEC 3.1.2.1: P 9
Middle Layer of Security encompasses the following:

 Protective Lighting
 Intrusion Detection Systems
 Locks
 Bars on Doors and Windows
 Signs

 Barriers such as fencing and the

façade of the building itself

© Hazard 360 Ltd 2020 57

PSP® Physical Security Principles

ASIS GDL FPSM 2009 SEC 3.1.2.1: P 9
Inner Layer of Security encompasses the following:

 Windows and Door Bars

 Locks
 Barriers
 Signs
 Intrusion Detection Systems
 Protective Lighting

© Hazard 360 Ltd 2020 58

 PSP® Physical Security Principles
ASIS GDL FPSM 2009 SEC 3.2.1.1.2: P 11
Suggested Height for Low, Medium, High Security Environments

 Low Security : 5 - 6 feet (1.5 – 1.8 meters)

 “Medium Security: 7 feet(2.1 meters)”

 High Security: 18 – 20 feet (5.4 – 6.0 meters

If fences are intended to discourage human trespassing!

 They Should be installed with Barbed Wire atop of the fence

© Hazard 360 Ltd 2020 59 T

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 133

Overview

“Three primary components of physical security are structural security,

electronic security systems, and the human element, including security
officers and response forces”

All three components must work together in an orchestrated fashion to

achieve the most effective and efficient protection posture in any setting.

Structural security includes a number of elements, such as the overall

structure of buildings and facilities physical barriers, “Locking Systems” and
“lighting”.
Natural barriers: “Deter the undetermined, and delay the determined”.
Discourage the determined. Channel the determined through authorised
access points. Create protective security layers.

© Hazard 360 Ltd 2020 60 MY,MM,MO

 PSP® Physical Security Principles
We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 61

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 133

Physical Security Strategy - Barrier - Descriptors

There are two types of Structural Barriers (1) Passive – Fixed (2) Active - Movable

© Hazard 360 Ltd 2020 62 MD

 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 134

Barriers – Walls
Walls are generally more resistant to penetration than are doors, windows,
vents, and other openings. Still, most walls can be breached with the right
tools. In some cases, a “Wall may be an adversary’s best path for forcible
entry”.

• From a threat perspective, in addition to typical cutting tools, vehicles

can ram through cinder block, wood frame, and many other common
wall types. Moreover, explosives can produce holes large enough to
enter.
• “Reinforcement of concrete is claimed to be a Formidable Barrier” that
generally extends penetration delays. Even after an explosion, rebar
usually remains intact, at least enough that the adversary must remove it
before passing through.
• Removing the rebar often takes longer than removing the concrete. Delay
can be increased by using additional rebar, increasing rebar size, or
decreasing centre-to-centre rebar spacing.

© Hazard 360 Ltd 2020 63 ME, ML

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 135 - 137

Barriers – Doors
Doors should be:
• Minimized and locked to channel traffic.
• Metal or solid wood.
• Installed with an astragal plate to cover the bolt.
• Installed so the hinges are on the inside to preclude removal of the
screws, or the use of chisels or cutting devices.
• The pins in the exterior hinges should be welded, flanged or otherwise
secured, or hinge dowels should be used to preclude the door's removal.
• The quality of door construction should equal lock quality.
• Fire exit doors should have audible alarms.
• All doors controlled by Electronic Access Control, especially warehouse or
loading dock doors should have door open alarms.
• Padlocked or locked when not being used

© Hazard 360 Ltd 2020 64

 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 135 - 137

Barriers – Doors

That weakest part is often a door.

Doors are classified as follows:

• Standard industrial doors

• Personnel doors
• Attack- and bullet-resistant doors
• Vehicle access doors
• Vault doors
• Blast-resistant doors

“Eliminating unnecessary doors is the first

step in upgrading a facility’s resistance to
penetration”
© Hazard 360 Ltd 2020 65 MP

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 135 - 137

Barriers – Doors
Key Points
The principle of “Balanced Protection Design” requires that doors and their
associated frames, hinges, bolts, and locks be strengthened to provide the
same delay as that provided by the floors, walls, and ceilings of the parent
structure (i.e. Balanced Protection)
• Most common “Exterior Doors” are 1.3/4 in. (44 mm) thick with 16 or
18 gauge (1.5 or 1.2 mm) steel surface sheets.

• Construction is usually hollow core or composite, and the door may

feature glass or louvers.

• A composite door core contains non-combustible, sound-deadening

material, usually polyurethane foam or slab. Light-gauge vertical
reinforcement channels are sometimes used inside hollow core doors to
add strength and rigidity.

© Hazard 360 Ltd 2020 66 MA, MR

 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 135 - 137

Barriers – Doors - Vulnerabilities

Key Points
• “Forced separation of 1/2 in. (13 mm) to 3/4 in. (19 mm) is usually
enough to pry open a door”
• Replacing a single conventional lock with a high-security, multiple-
deadbolt system that requires a key on each side of the door would
virtually eliminate prying attacks.
• Panic (or crash) bars can be defeated in about one minute with small
hand tools, which produce less noise than thermal cutting. If noise is not
a factor, power tools can be used. One way to upgrade a panic bar-
equipped door is to install a bent metal plate with a drill-resistant steel
section fastened to it. The plate prevents chiselling and wire hooking of
the panic bar
• Another recommendation is to “Remove Exterior Doorknobs - Handles”
and other hardware from emergency exit doors. Doing so hinders prying
attacks from the outside but does not compromise rapid emergency
egress.

© Hazard 360 Ltd 2020 67 MT, OY, OM

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 138

Windows and Other Openings:

Annealed Glass
Annealed glass breaks into “Large Shards” that can cause
serious injury, and building codes may restrict its use in
places where there is a high risk of breakage and injury,
such as door panels and fire exits.

Tempered Glass
“Is treated to resist breakage Building codes require
tempered glass for safety reasons” because when the glass
breaks, it fragments into small pieces rather than shards

Wired Glass
Provides some resistance against large objects, but it may
still shatter. It is often required for certain windows by fire
codes (used to maintain fire ratings in fire-rated doors),
which is the primary purpose of most wired glass.

© Hazard 360 Ltd 2020 68 OO, OD, OE

 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 138

Windows and Other Openings:

Laminated glass
“Is composed of two sheets of ordinary glass
bonded to a middle layer or layers of plastic
sheeting material”.
When laminated glass is stressed or struck, it
may crack and break but the pieces of glass
tend to adhere to the plastic material.
For laminated glass to be effective, it should
be installed in a frame, and the frame should
be secured to the structure.
It is also the referred glass type for mitigating
blast forces. It will aid in protecting building
occupants from glass shattering in the event
of an explosion.

© Hazard 360 Ltd 2020 69 OL

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 138

Windows and Other Openings:

Bullet-resistant or Burglar-resistant Glass

Provides stronger resistance to attack. It is
laminated and consists of multiple plies of
glass, “Polycarbonate”, and other plastic films
to provide many levels of ballistic resistance
Thickness of glass increasing in alignment
with the calibre bullet being specified

© Hazard 360 Ltd 2020 70 OP

 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 138

Windows and Other Openings:

Key Points

 Standard glass is highly “Frangible(Brittle)”. Penetration with hand tools

generally takes only a few seconds.

 Tempered glass, formed through reheating and sudden cooling, features

greater mechanical strength and better thermal stress characteristics,
but it can be broken with handheld impact tools in a few seconds.

 Wired glass is used often in fire doors windows. The 1/4 in. (6 mm) thick
material is fabricated with diamond, square, or hexagonal wire patterns.
Wired glass can be penetrated with hand tools in about 20 seconds

© Hazard 360 Ltd 2020 71 OA,OR

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 140

Service Ducts – Other Openings:

• Other openings include shafts, vents,
ducts, or fans; utility tunnels;
channels for heat, gas, water, electric
power, telephones; sewers and other
drains.
• Where such openings “Exceed 96
square inches, they should be
fortified with steel bars or grills, wire
mesh, expanded metal and fencing
(and/or possibly protected with
intrusion detection devices).
• Consideration should also be given to
other objects that might be passed
through an opening (contraband,
weapons, etc.).

© Hazard 360 Ltd 2020 72 OT

 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 133

Windows and Other Openings:

Bars and steel grills can be used to protect
windows:
• Bars should be at least one half inch in
diameter, round, and spaced apart six
inches on centre.
• If grills are used, use number nine gauge
two-inch square mesh.
• Bars and grills must be securely fastened
to the window frame so that they cannot
be pried loose.
Security Practitioners must
Outside hinges on a window should have ensure that they comply
non-removable pins i.e. the hinge pins should with building codes and
be welded, flanged or otherwise secured. regulations personnel
safety

© Hazard 360 Ltd 2020 73

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 139, 219

Windows and Other Openings:

Window Security:
Secure windows on the inside using a lock, locking bolt, slide bar, or crossbar
with a padlock.
Securely fasten window frames to the building so that they cannot be pried
loose.
As with glass panels in a door, window glass can be broken or cut so the
intruder can reach inside and release the lock.
Windows require additional protection if they are:
• Less than 18 ft. from ground
• Larger than 96 square inches

© Hazard 360 Ltd 2020 74 DY

 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 142 - 150

Expanded Metal: Does not unravel is tough and difficult to cut good for High Security Areas

© Hazard 360 Ltd 2020 75 DM

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 143

Chain Link Fence Signage

Chain link fencing to mark boundaries or discourage penetration by small

animals can be 4 ft. (1.2 m) in height.

 Signs are usually placed on a boundary fence, typically at 50 ft. (15 m)

intervals, to indicate ownership and to warn of possible danger within.

“But a chain link fence intended to discourage human penetration is

generally not less than 7 ft. (2.1 m) in height”.

© Hazard 360 Ltd 2020 76 DO

PSP® Physical Security Principles
Polling Group (6) Questions 1 - 32 (Forty Five Minute Duration)

© Hazard 360 Ltd 2020 77

 PSP® Physical Security Principles
Welcome to ASIS PSP Webinar (4) of Training Programme

PSP

© Hazard 360 Ltd 2020 1

PSP® Physical Security Principles

ASIS PSP 2015
Module (4) Agenda

 Chapter 9: Structural Security Measures Continued

© Hazard 360 Ltd 2020 2

 PSP® Physical Security Principles

PSP – Chapter 9 Continued

Structural Security Measures

© Hazard 360 Ltd 2020 3

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 145, 146

Barriers – Chain Link Fence Application

Advantages
Can provide early
detection if IDS
and CCTV applied.

Disadvantages
Can be breached
easily with a
blanket, wire
cutters, or bolt
cutters.

“Advisory Note”
Pay specific
attention to fence
specifications,
these may come
up in the exam.

“The general height of a chain link fence in a Medium security environment is 7 Feet”

© Hazard 360 Ltd 2020 4 M, O

 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 151 - 158

Barbed Wire and Razor Wire Applications

Barbed wire varies in gauge, coating weight,
number of barbs, and spacing of barbs. “If
intended to discourage human trespassing,
fences constructed entirely of barbed wire
should be at least “7 ft. (2.1 m) tall”, not
counting the top guard”. The strands should
be tightly stretched and attached firmly to
posts spaced less than 6 ft. (1.8 m) apart.
Barbed or razor tipped wire may be formed
into concertina coils, which may be used for
top guards on barriers or as fencing in itself.
Temporary or tactical barriers of barbed or
razor concertina wire can be laid quickly.
Local building codes may address the use of
this type of application with barbed wire.

© Hazard 360 Ltd 2020 5 D

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 151 - 158

Electric Fence Deployment:

Electric security fences consist of a close wire grid supported by posts fitted
with insulators. “These fences can be simple five-wire systems for wall-top
security, or multi-zoned systems with up to “50 wires” for high-security
sites”. Most industrial applications are 8 ft. (2.4 m) high with 20 wires, and
are fitted to the inside of the chain link perimeter fence.
Electric security fences normally come in two forms:
 The all live-wire deterrent fence that relies on the human fear of an electric shock.
 The monitored fence, where, in addition to the fear factor, the fence will detect cutting or
climbing of the wires with surveillance cameras.
Monitored fences are usually integrated with intruder alarms, or access control systems and
CCTV camera surveillance.
Electric security fences are non-lethal, but unpleasant for the adversary who chooses to make
contact. They do not use electric current; instead electrical energy in the form of a pulse is
discharged onto the wire about “45 times a minute”.

© Hazard 360 Ltd 2020 6 E, L

 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 151 - 158

Cable System Fencing

Another type of fencing consists of high-
strength cables (Figure 9-5).
Cable system fences are generally used in
vehicle access control applications and
allow considerable “deflection” and partial
penetration of the site before resistance
occurs. The amount of deflection is based
on the distance between the concrete dead
men, typically about 200 ft. (61 m).
As a result, the installation requirements for
fences and gates that incorporate a cable
system differ slightly from other types of
walls and fences

© Hazard 360 Ltd 2020 7 P

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 294

Clear Zone:
A perimeter intrusion detection system
performs best in an isolated clear zone
(or isolation zone). The clear zone
increases detection probability,
reduces nuisance alarms, and prevents
defeat. It also promotes good visual
assessment of the causes of sensor
Clear Zone
alarms.
A clear zone is usually defined by two
parallel fences extending the entire
length of the perimeter. The fences
keep people, animals, and vehicles out
of the detection zone, and the area
between the fences is usually cleared of
all aboveground structures, including
overhead utility lines, as well as plants.

© Hazard 360 Ltd 2020 8 A

 PSP® Physical Security Principles
Advisory

© Hazard 360 Ltd 2020 9

PSP® Physical Security Principles

Advisory

Adversary Penetration Methodology Fences

© Hazard 360 Ltd 2020 10

 PSP® Physical Security Principles
Adversary Penetration Methodology Fences Video

Most Fences can be circumvented in less than one (1) Minute

© Hazard 360 Ltd 2020 11

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 146

Barriers – Gates
Key Points
The number of pedestrian and vehicular gates should be kept to the
minimum, consistent with efficient operation and safety. Local building
codes must be taken into consideration when designing gates.
All gates should be provided with locks.
Gates come in many types: single-swing gates for walkways, double-swing
gates for driveways, multi-fold gates for any opening up to 60 ft. (18.2
meters), and overhead single-slide and double-slide gates for use where
there is insufficient room for gates to swing.
Cantilever slide gates, both single and double, are available for driveways
where an overhead track would be in the way. “Vertical-lift gates are made
for special purposes such as loading docks”.

© Hazard 360 Ltd 2020 12 R, T

 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 146

Barriers – Gates

© Hazard 360 Ltd 2020 13

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 146

Pedestrian Gates:
There are two types of pedestrian gates:

(1) is a primary boundary gate which gives access to an organisation’s

property where there is no primary point of detection applied.

(2) The pedestrian gate forms part of the primary boundary protection
system, in this case the gate will generally be fitted with an access control
system assisted with security intercom and CCTV Surveillance.
 The main vulnerability with pedestrian gates is that personnel can be
tailgated, thus allowing unauthorised people access to the
organisation’s premises.
The best way to combat this problem is the installation of pedestrian
turnstiles with an anti-pass back facility. Also, in accordance with the
Disability Act, 2010, access for wheelchair users will still have to be taken
into consideration, with an airlock type system possibly needing to be
deployed, dependent upon the security environment.

© Hazard 360 Ltd 2020 14

 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 146

Vehicle Gates Applications

Gates establish specific points of entrance and exit to an area defined by
fences and walls. They function to limit or prohibit the free flow of
vehicular traffic, and establish a controlled traffic pattern. Gate barriers
and perimeter fences should be equal in delay effectiveness.
Gates often require additional hardening features because, as a
consequence of their weak hinges, locks and latches they are considered
easy to defeat. In addition, a vehicular driveway is often aimed directly
towards a gate, making the gate susceptible to ramming by a vehicle.

© Hazard 360 Ltd 2020 15

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 146

Pedestrian Access Turnstile and Disabled Gate:

All pedestrian access points should be monitored by CCTV camera
surveillance, especially where wheelchair disability gates are installed. This is
to ensure that tailgating vulnerabilities can be monitored.

• Turnstile and Disability Gate – Read In/

Read Out Anti Passback configuration.
• CCTV Camera Surveillance
• Communications Intercom
What is wrong with this type of
• Disability Access – Long Range Reader
configuration? programmed for disabled persons only

© Hazard 360 Ltd 2020 16

 PSP® Physical Security Principles
ASIS FPSM GDL 2008 SEC 3.2.1.3.2: P 14

3.2.1.3.2 Turnstiles
Turnstiles are designed to control pedestrian traffic and minimise tailgating
(piggybacking). They are made in various heights: low, waist high (about 3
ft. or 0.9 meters), and full height (about 7 ft. or 2.1 meters). Low turnstiles
are easy to hurdle and offer little protection, unless attended.

Security officers and video surveillance with

motion sensing may be used to detect when a
person is hurdling a turnstile.

It is important to remember that when a

turnstile is added to a fence, the turnstile itself
may provide a means for an intruder to climb
over and enter the fenced area.

© Hazard 360 Ltd 2020 17 MY

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 151

There are two basic categories of barriers:

Passive (fixed) and Active(operable).

Passive barriers are fixed in place, do not allow for vehicle entry, and are
used to provide perimeter protection away from vehicle access points.
Passive barriers are:

 Fixed bollards
 Engineered planters
 Jersey barriers
 Heavy objects and trees
 Water obstacles
 Walls and fences (discussed in previous

© Hazard 360 Ltd 2020 18 MM

 PSP® Physical Security Principles
ASIS FPSM GSL 2009 SEC 3.2.1.2: P 13

3.2.1.2 Planters, Bollards, Concrete Barriers, and Steel Barricades

Concrete barriers may be cast in place and anchored into the ground so that
removal would be difficult.
Reinforced park benches and large concrete blocks can also serve as
concrete barriers. Another form is the concrete highway median barrier,
also known as the Jersey barrier or T-rail. These barriers are more effective
in stopping a vehicle when they are joined together and bolted to the
ground.
Various concrete barriers are available in crash-rated configurations
meeting the “Department of Defence (DOD) K-ratings; K4, K8, and K12”.
Standard highway metal guard rails may also be used as vehicle barriers,
though they generally will not stop a vehicle impacting the guard rails in a
perpendicular fashion. Steel barrier systems are available in crash-rated
configurations meeting the Department of Defence (DOD) K-ratings; K4, K8.
and K12.

© Hazard 360 Ltd 2020 19 MO

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 151

There are two basic categories of barriers:

Active Barriers Passive Barriers Natural Barriers

Planters Jersey Barrier

Wire
Rope

© Hazard 360 Ltd 2020 20

 PSP® Physical Security Principles
We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 21

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 151

Application and Methodology of Active Barriers as a Protective Measure

 Active barriers are used at vehicle access control points forming part of
the perimeter barrier system or at entry points to specific building
within a site to provide a barrier for vehicle screening or inspection.

© Hazard 360 Ltd 2020 22

 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 151, 153

Passive and Active Barriers – Key points

• To reduce the visual impact, bollard height should typically not be more
than 30 in. (0.76 m)
 Bollard spacing should be between 36 and 48 in. (0.9 and 1.2 m),
depending on the kind of traffic expected and the needs of pedestrians
and the handicapped.
• Bollards should be kept clear of ADA (Americans with Disabilities Act)
access ramps and the corner quadrants at streets.
 In no case should bollards exceed a height of 38 in. (1 m), inclusive of
any decorative sleeve.

© Hazard 360 Ltd 2020 23 MD

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 151, 153

Active Barriers Bollards – Key points

Bollards can be shallow mount or deep mount, depending on the ground
condition and surrounding environment.
Deep-mount configurations are more effective, but shallow mounts can be
bolstered by specially tailored footing designs and installation techniques. In
either case, local code restrictions, buried utilities, and soil conditions must
be considered.

Surface Mount Bollards Set in Ground Bollards

© Hazard 360 Ltd 2020 24
 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 154

Passive and Active Barriers – Key points

 “The downside of retractable bollards and wedges is that they require
more maintenance than fixed bollards and also require training for
security officers and others who will maintain and operate the
systems”. They are also subject to accidental activation, which can cause
damage or injury and lead to lawsuits against the property owner or
security provider.
Traffic Lights to Control Vehicle Movement
When Bollards go
down Rising
Barriers go up.

Bollards cannot
be raised until
Rising Barriers
have gone back
to closed position
Safety Feature – Barrier and Bollards are linked
© Hazard 360 Ltd 2020 25
ME

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 155

Hostile Vehicle Mitigation Barriers – Standards

The Department of State (DOS) and American Society Testing Materials
(ASTM) ratings are described according to test vehicle weight and speed.
These ratings are useful for judging barrier effectiveness in general.
However, for detailed analysis, additional factors such as angle of attack,
height of bumper, height of payload, and others must be considered.

Vehicle Weight Vehicle Speed (mph) DOS ASTM

Pounds
15,000 30 mph K4 M 30
15,000 40 mph K8 M 40
15,000 50 mph K12 M 50

© Hazard 360 Ltd 2020 26 ML, MP

 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 156, 157

Active Barriers Rising Wedge – Key

points
Retractable bollards and especially
wedge systems require careful
maintenance and monitoring.
Product specifications generally Surface Mount Barrier
describe cycles per unit time or cycles
between maintenance.
Will the barrier normally be retracted
and deployed only as needed in a
threat situation?
Or will the barrier normally be in the
deployed position and lowered each
time an authorized vehicle enters?
Set In Ground Barrier

© Hazard 360 Ltd 2020 27 MA

PSP® Physical Security Principles

Advisory

HVM Bollards, Folding Gates, Turnstile, Passive Barrier

© Hazard 360 Ltd 2020 28

 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 160

Containers and Vaults – Key Points

The degree of protection from intrusion afforded by a vault or safe may be

measured in terms of the “Lock Resistance”.

 A safe designed for fire protection would not be effective in preventing a

forced entry. Materials used to dissipate heat may do little to resist the blow
of a hammer.

 A safe designed to protect money will give little protection against fire
because its thick, solid steel walls transfer heat rapidly to the interior. Paper
will be destroyed quickly by a fire in such a container.

 Underwriters Laboratories (UL) has a well-established protocol for testing

and rating safes and protective containers based on the level of protection
they can be expected to provide.

 UL Standard requires that a safe weighing less than “750 lb”. (340 kg) be
anchored.

© Hazard 360 Ltd 2020 29

MR, MT

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 160-163

Fire Resistant Safes – Key Points

 A fire-resistant safe keeps its rated value for about “20 to 30” years,
depending on climate.

• Two general categories of safes are record safes designed for fire
protection and safes designed for protection of valuables against forcible
penetration.

© Hazard 360 Ltd 2020 30

OY
 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 162

Fire Resistant Safes – Key Points

Fire-resistant safes fall into one of three classes (350-4, 350-2, or 350-1),
based on the time expectations for paper records to be protected in a fire.
All three classes must pass tests against fire, explosion, and impact.
• During the fire endurance test, the inside temperature of a safe is
recorded and cannot exceed 350° F (177° C) at the specified time limit
(four hours, two hours, or one hour).
• At the end of the tests all papers inside the safe must be entirely legible
and not crumble or fall apart during removal and examination.
• Additional test criteria include the ability of the container to provide
the same temperature conditions after being dropped from a “height of
30 ft.”. (9.1 meters).
• This simulates a container falling through three floors of a building in a
collapse situation. The container must also demonstrate the ability to
avoid exploding when exposed to a sudden temperature of 2,000° F
(1,093° C).
© Hazard 360 Ltd 2020 31 OM

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 160-163

Underwriters Laboratories
Underwriters Laboratories “designates three
classes” of records protection equipment
(containers) as follows:
1) Class 125, specified for floppy discs and
similar flexible computer media
2) Class 150, specified for magnetic media,
tapes, discs, and photographic materials
3) Class 350, specified for paper records and
products

• Paper combusts above the 350 “F”

• Magnetic tapes distort above 150 “F”
• Flexible Computer Disks distort above 125 “F”

© Hazard 360 Ltd 2020 32 OO, OD

 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 160-163

Underwriters Laboratories – Fire Resistant Safe Ratings

© Hazard 360 Ltd 2020 33

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 164

GSA Approved Safes

Although not specifically designed to protect valuables, six classes of safes
for protection against either forcible or surreptitious entry have been tested
and approved by the “U.S. General Services Administration (GSA) for the
storage of government classified information”.
The standards are available at www.gsa.gov.

© Hazard 360 Ltd 2020 34 OE

 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 164

Burglar Resistive Safes

Resists an attack in which the burglar uses tools, a torch, or explosives and has
sufficient time to work. This type of equipment is made of laminated or solid
steel. Laminated steel is defined as two or more sheets of steel, with the facing
surfaces bonded together, with no other material between the sheets. It is
designed to prevent forcible entry.
Descriptors
TL – Common electrical and mechanical tools
TRTL – Above plus cutting torches
TXTL – Above plus high explosive
Resistance Time
TL - 30 Minutes
TRTL - 60 Minutes TL – 60 x 6
TXTL – 30 Minutes Means resistant level
applies to six sides of the
What does “TL – 60 x 6” Mean?
safe

© Hazard 360 Ltd 2020 35 OL

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 164 - 167

Burglar Resistive Vaults – Key Points

 A Vault is Vaults are specially constructed rooms or areas intended to limit

access and provide protection to the assets in the space

An important consideration is the location of the vault. An exterior location is

not desirable because an exterior wall might provide a convenient point for an
individual to attack the vault surfaces from outside.

 Also, all six surfaces of a vault should give equal protection against forced
entry. (Balanced Protection Methodology to be applied)

Unreinforced concrete should never be used for protection against forced

penetration. Steel reinforcing bars, referred to as rebar, are commonly used as
reinforcement for concrete. Rebar is normally sized by number, the numbers
representing multiples of 1/8 in. (3 mm) diameter. For example, a Number 3
would be a 3/8 in. (10 mm) diameter rebar. The current ASTM vault
construction specification requires the use of rebar.

© Hazard 360 Ltd 2020 36

PSP® Physical Security Principles
We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 37

PSP® Physical Security Principles

Polling Group (7) Questions 1 - 25 (Thirty Minute Duration)

© Hazard 360 Ltd 2020 38

 PSP® Physical Security Principles
We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 39

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 165

Fire Resistive Vaults – Key Points

Compared to vaults designed to protect against theft, vaults designed to
protect against fire are generally less expensive, follow very different
construction standards, and provide much less protection from theft.

Another consideration is the legal responsibility and liability of the custodian

to meet any special regulatory requirements or standards established by an
insurance carrier or government agency.

 The principal U.S. standard for fire-resistive vaults is National Fire

Protection Association (NFPA) 232. The standard does not consider
forcible entry.

 Because fire resistance is determined by wall thickness, the minimum

thickness of a 4- hour vault wall is 12 in. (30.5 cm) for brick and 8 in. (20.4
cm) for reinforced concrete. The minimum thickness for a 6-hour vault
wall is “12 in”. (30.5 cm) for brick and “10 in”. (25.4 cm) for reinforced
concrete.
© Hazard 360 Ltd 2020 40
M, O
 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 164 - 167

Fire Resistive Vaults – Key Points

Vaults require unusually good design and
construction to ensure that the structure
withstands all the conditions that could be
imposed on it by fire.
One should avoid installing vaults below
grade because under certain conditions
burning or smoldering debris can accumulate
in a basement to produce a long-lasting
cooking effect that overcomes the vault’s
protective qualities.
Also, vaults below grade might be damp,
enabling mold to harm records, and may also
be subject to flooding.

© Hazard 360 Ltd 2020 41

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 164 - 167

Burglar Resistive Vaults – Key Points

An important consideration is the location of the vault. An exterior location
is not desirable because an exterior wall might provide a convenient point
for an individual to attack the vault surfaces from outside.
Also, when designing a vault, all six surfaces of a vault should give equal
protection against forced entry. (“Balanced Protection Methodology to be
applied”)
Unreinforced concrete should never be used for protection against forced
penetration. Steel reinforcing bars, referred to as rebar, are commonly used
as reinforcement for concrete. Rebar is normally sized by number, the
numbers representing multiples of 1/8 in. (3 mm) diameter. For example, a
Number 3 would be a 3/8 in. (10 mm) diameter rebar. The current ASTM
vault construction specification requires the use of rebar.

© Hazard 360 Ltd 2020 42

D
 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 164 - 167

Burglar Resistive Vaults – Key Points

All surfaces of the vault are vulnerable to
penetration.
A vault will only delay, not stop, a determined
intruder. It is impossible to construct a vault that
cannot be penetrated.
Vaults are designed to resist penetration for a
defined period. Even the thickest, best reinforced
concrete is vulnerable to an intruder with the
necessary skill, manpower, and tools.
“The walls, ceiling, and floor must be at least 12
inches thick” in order for a poured concrete vault
to provide protection enough to delay an intruder,
provided other countermeasures of detection are
present.

© Hazard 360 Ltd 2020 43

E

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 164 - 167

Burglar Resistive Vaults – Key Points

Steel reinforcement increases the penetration delay because even though
the concrete can be penetrated by an explosion, the reinforcing material
usually remains intact. The steel reinforcing material must then be removed,
requiring more time.

• The size of reinforcing steel has a significant effect on the protective

qualities of a reinforced concrete surface.
• For example, Number 4 or smaller rebar can be cut with handheld,
manually operated bolt cutters,
• While Number 5 to 8 rebar requires power-operated hydraulic bolt
cutters, cutting torches, or burning bars.
• Rebar larger than Number 8 can only be cut with a torch, burning bar,
power saw, or explosives.

© Hazard 360 Ltd 2020 44

L
 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 164 - 167

Burglar Resistive Vaults – Key Points

• It may be difficult to isolate an attempted penetration through the floor

of an alarmed vault if the vault is locked with a time lock, as is the case
with modern bank vaults.
• Even if an alarm signals a penetration, it will be impossible to open the
vault door until the programmed time.
• However, CCTV with audio and lighting, installed inside the vault, can
permit observation and, if recorded, create a record of the intrusion and
generate a response force
• Inadequate policies and procedures for opening and closing vaults are
often the downfall of even the best-designed vaults.
• Vault resistance levels are invalidated by the installation of any door,
ventilator, or other port whose manufacturer’s installation instructions
have not been followed.

© Hazard 360 Ltd 2020 45

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 169 - 172

Locking Policy

 As with all major security functions, the lock program should be based on a
written policy. This is especially true in larger organizations with many
employees or many facility locations. The locking policy should do the
following:

• Require that a systematic approach be taken to the use of locks for security
purposes.
• Assign specific responsibility for the development of the lock program.
Where there is a formal security organization, the logical assignment is to
that department. Where there is no full-time professional security specialist
or staff, the assignment can be given to any responsible manager.
• Make all persons who will use or have access to keys, locks, access devices, or
combinations responsible for compliance with the program requirements.
• This responsibility can be enforced through the regular line organization so
that each employee may be evaluated on performance under this policy,
along with performance in general, at salary review time.

© Hazard 360 Ltd 2020 46

 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 168 - 178

Locks
Locks are important elements in facility access control since they secure the
movable portions of barriers. However, locks should generally not be relied
on as the only means of physical protection for important areas at a facility.
Because an individual with enough skill and time can compromise them,
locks should be used with complementary protection measures.

Locks can be divided into two very general classes:

1) Those that operate on purely “Mechanical principles”

2) Those that combine “Electrical energy with mechanical operations”
and are commonly associated with automated access control systems.
Locks vary by physical type, application, and mode of operation.

© Hazard 360 Ltd 2020 47

P

PSP® Physical Security Principles

Advisory

Locking Terminology taken from Fennelly

© Hazard 360 Ltd 2020 48

 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 170

High Security Locks

 “Mechanical locks differ from high security locks as their keys are cut at
precise angles and depths”, so that the key will both raise the individual
tumbler array of driver and the pins to a shear line and at the same time,
turn each pin so that the interlocking mechanism is positioned to pass
through the grove at the base of the plug, permitting it to rotate to move
the bolt.

© Hazard 360 Ltd 2020 49

A

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 168 - 178

Mechanical Lock
 The “two major components in most mechanical locks are the “Coded
mechanism and the Fastening device”. The coded mechanism may be a
key cylinder in a key lock or a wheel pack in a mechanical combination
lock. The fastening device is usually a latch or bolt assembly

© Hazard 360 Ltd 2020 50 R

 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 169

Warded Lock
The mechanical lock longest in use and first developed is
the warded lock. The lock is exemplified by the open, see-
through keyway and the long, barrel-like key. Still found in
older homes, farm buildings, and older British Inns (Public
Houses/Taverns), the warded lock is a very simple device.
Are vulnerable to spring manipulation

© Hazard 360 Ltd 2020 51 T

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 169

Lever Lock

 The lever lock finds continued

application today in such varying
situations as desk, cabinet and
locker installations, bank safe
deposit boxes and U.S. mailboxes.

Although the lever lock is inherently

susceptible to picking, it can be
designed to provide a high degree of
lock security through resistance to
picking.
Lever locks offer more security than
Warded Locks

© Hazard 360 Ltd 2020 52

MY
 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 170

Pin Tumbler Lock A control key can be

used to change the
Maximum useful combinations, assuming eight core
(8) tumbler depth increments.
• Useful combinations are no more than 23%
of theoretical combinations.
• Master keying greatly reduces the number
of useful combinations.
• Poor quality locks can be picked easily.
• Most use warded keyways for added
security.

“Most widely used lock in the

US – Exterior, Interior doors”

© Hazard 360 Ltd 2020 53

MM, MO

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 170

Wafer Tumbler Lock

The wafer tumbler lock uses flat tumblers
fashioned of metal or other material to bind
the plug to the shell. Their design permits
master keying. In addition, wafer tumbler
locks may be designed for double-bitted
keys.
The key slots in the discs correspond to the
cuts, or bittings cut in the key. Note how each
cut in the key will align it’s corresponding disc
in a straight line with the others
The double bit key has an enlargement at the
base, so the lock must have a much wider
slot for insertion of the key compared with
that for a cylinder lock. This makes it much
easier to introduce burglary tools or to
manipulate inside the lock. The slot for
inserting a double bit key is very wide

© Hazard 360 Ltd 2020 54 MD

 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 170

Dial Combination Lock

Dial type combination locks, while not
employing a key, resemble the lever
tumbler lock in many respects. They
operate by aligning gates on tumblers to
allow insertion of a fence in the bolt.
However, the tumblers are fully circular
and are interdependent. That is, in moving
one, results in moving the others. This
makes the order of movement important,
and is really why these are true
combination locks rather than permutation
locks.

© Hazard 360 Ltd 2020 55

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 171

Electronic Combination Lock

Electronic combination locks have been
developed as replacements for dial
combination locks on safes and secure
document cabinets. These devices are
powered by the user turning the dial; the
combination numbers are displayed via an
LCD or other visual display rather than by
gradations on the dial.
 “The display is viewable only from a
limited angle and the number being
dialled bears no direct relationship to
the position of the mechanical dial”.
Additional features include a time-out of a
specified number of seconds between each
number dialled, and a two-person rule
where two numbers must be dialled before
the lock will open.

© Hazard 360 Ltd 2020 56

ME
 PSP® Physical Security Principles
ASIS FPSM GDL P 20 3.3.4.8

Master Keying
Almost any pin-tumbler lock can be master keyed, involving the insertion of
master pins between the drivers and key pins.
An entire series of locks could be
combined to be operated by the same
master key.
Also possible is a hierarchy of master
keys:
• Grandmaster
• Master
• Sub-master
• Grand Master Key opens all locks
But note that master keying reduces
• Mater Key opens locks in several group’s
the number of useful combinations in • Sub-master Key opens lock in specific group
a series. For effective master keying • “Extreme Vulnerability if Master Key is Lost”
accountability must be maintained

© Hazard 360 Ltd 2020 57 ML

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 172

Security Vulnerabilities of Mechanical Locks

Attack by impression-making and “try keys.” If a blank designed for the particular
keyway can be introduced into the lock before any biting cuts have been made, it
may be possible, by applying turning pressure, to make faint marks on the key
blank. “Try keys” or “jingle keys” are key blanks that are correctly milled to fit the
particular keyway and that contain random biting. Insertion in the keyway and
combined turning and raking movements may cause the lock to open.

© Hazard 360 Ltd 2020 58

MP
 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 168 - 178

Brute Force Attacks on Mechanical Locks

© Hazard 360 Ltd 2020 59

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 173

Electrified Locking Mechanisms

Electrified locks allow doors to be locked and unlocked by a remote device.
That device may be an electric push button, a motion sensor, a card reader, a
digital keypad, or a biometric device.

 Electrified locks may be mechanical or electromagnetic. Locks may be

powered with DC current, AC current, batteries, or PoE (power over
Ethernet).

The lock’s power source must be compatible with available power sources
and other access control applications and functions.

© Hazard 360 Ltd 2020 60

 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 173 - 175

Types of Electrified Locking Mechanisms

Electric Deadbolt Electric Latch Electric Strike

Electric Lockset Exit Device Electromagnetic Lock

© Hazard 360 Ltd 2020 61

PSP® Physical Security Principles

We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 62

 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 173

Electrified Locking Systems Health and Safety Compliance

Fail Safe Condition

A fail safe locking mechanism is one that will “unlock under any failure
condition”. The failure mode most commonly considered is loss of power,
but failure of the mechanism itself and any connected control device must
also be considered.
Most but not all locks related to code-required egress are fail safe to ensure
that they provide free egress if a power failure occurs at the same time as a
fire emergency.

© Hazard 360 Ltd 2020 63

MA

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 173

Electrified Locking Systems Health

and Safety Compliance

Fail Secure
A fail secure lock is one that will
remain locked when power is lost or
another failure occurs.
“A fail secure lock may be used on a
door in the path of egress provided
that free egress is available
regardless of the state of the lock’s
power or other control
mechanisms”.
Manual door release handle on
inside of door. No handle on the
exterior of the door.

© Hazard 360 Ltd 2020 64

MR
 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 173

Electrified Locks – Key Points

• Can be set up as fail safe or fail secure.

• May use “Boolean logic” if in a system (e.g. airlock).
• Some have no moving parts (magnetic), some electrify the striking plate
while others have power to the bolt.
Man Trap – Airlock Methodology
A Door is opened by using the ACS Keypad.
Whilst “A” Door is open, B Door remains secured.
When “A” Door is closed B Door can then be
opened using the ACS Keypad and A Door remains
secured.
This methodology restricts direct access into the
restricted area in a controlled manner.

© Hazard 360 Ltd 2020 65

MT

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 176

Designing Security Locking Systems

Despite the sophistication of modern access control systems, such as card

and biometric readers authorizing access via computer software, the
traditional mechanical lock and key remain the most commonly used system
for restricting access to corporate or institutional facilities and assets, the
justifications for this choice include low cost, simplicity of operation, and
reliability.

Vulnerability
These benefits are lost if the locking systems are not professionally planned
and administered. The loss of a master key could require the replacement of
all key cylinders within a facility at a cost of thousands of dollars. Similarly,
the lack of control over key issuance and return could lead to asset losses
from theft or destruction that could cost an organization millions of dollars.

© Hazard 360 Ltd 2020 66

 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 176

Designing Security Locking Systems

Application

 A locking system must be designed

 Design must be flexible to accommodate system size and site occupancy
 Without the correct planning security degrades to mere privacy
 Selecting the most appropriate locking mechanisms for the application

• Total number of locks • Facility drawings or floor plans

• Major categories of sectors of the system • Door numbering schematics
• Security objectives • Door type (metal, wood, glass, etc.)
• Size and turnover of population • Perimeter locked assets
• Related or supportive security subsystems • Utility breakers, storage areas, gates
• Intelligence or information requirements • Building hatches
• Criticality of asset exposure • Other Openings

© Hazard 360 Ltd 2020 67

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 178

Designing Security Locking Systems

Locking Policy
As with all major security functions, the “Lock Program” should be based on
a “Written Policy”. This is especially true in organizations with many
employees or many facility locations.
The locking policy should do the following:
• Require that a systematic approach be taken to the use of locks for
security purposes.
• Assign specific responsibility for the development of the lock program.
• Make all persons who will use or have access to keys, locks or access
devices, or combination information responsible for complying with
program requirements.

© Hazard 360 Ltd 2020 68

OY
 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 261

Rapid Entry Key System

Rapid entry systems enable emergency responders to enter a facility when

no one is available to provide access. “A rapid entry key vault is a specially
designed, weatherproof, fixed box containing essential keys to the facility”.
Rapid entry key boxes may be monitored by the facility’s alarm system to
detect unauthorized opening or tampering.
A key to the box should be supplied to emergency responders at the time of
installation. These are typically located at the main entry point and are also
typically required by the AHJ where life safety considerations must be met.

© Hazard 360 Ltd 2020 69

OM

PSP® Physical Security Principles

HMO CCTV Illumination Video & Senstar Intelligent Light Systems

Security Lighting
Is the most important elements in the performance of CCTV Camera Systems

© Hazard 360 Ltd 2020 70

 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 179, 180

Types of Lighting and Lamps

Streetlight. This projects a downward, circular illumination.
Searchlight. This uses a “Very narrow, high-intensity beam of light” to
concentrate on a specific area. It is used in correctional, construction, and
industrial settings to supplement other types of lighting.
Floodlight. This projects a medium to wide beam on a larger area. It is used
in a variety of settings, including the perimeters of commercial, industrial,
and residential areas usually mounted on buildings near the perimeter.
Fresnel. “This lighting typically projects a narrow, horizontal beam”. Unlike
a floodlight, which illuminates a large area, the Fresnel can be used to
illuminate potential intruders while leaving security personnel concealed. It
is often used at the fence boundaries of the perimeters of industrial sites.
High mast lighting. This is used mainly in parking lots and along highways
and usually varies from 70 to 150 ft. (21 to 46 m) in height, and is the
primary determinant of lighting levels outside the perimeter boundary.

© Hazard 360 Ltd 2020 71 OO, OD, OE

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 179 - 194

Types of Lighting and Lamps

Photometric Typical
Luminaire
designation Distribution
characteristics
Medium wide
Streetlight
asymmetric

Asymmetric glare
Fresnel Lens
protection

Extremely narrow
Searchlight
beam

Medium to wide
Floodlight
beam

FHW Typical Equipment for Protective Lighting – Page 210

© Hazard 360 Ltd 2020 72

 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 180

Lighting Categories

© Hazard 360 Ltd 2020 73

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 180

Lighting Categories

Have a CRI Of 70%

© Hazard 360 Ltd 2020 74

OL, OP
 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 180

Lighting Categories

© Hazard 360 Ltd 2020 75

OA

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 179 - 194

Advantages of LED Lighting

Another development in LED lighting utilizes “24 Volt power (instead of
typical 120 Volt” to operate a series of fence- or wall-mounted perimeter
security lights.
• These lights can be spaced at intervals of 10, 20 or 30 feet (approximately
3, 6 or 9 meters) apart along a perimeter fence or building wall to
produce a reflected, glare free light.
• This targeted lighting system produces a lumen level that allows the
human eye to see past the light discharge into the darkness, which
virtually eliminates the contrasts that over-lighting causes and the
blinding problems so often encountered with traditional lighting.
• With the rapid increase in the use of security cameras and Internet-based
monitoring, this higher quality glare-free perimeter lighting can also
potentially improve image quality for most monitoring systems.
• LED lamps provides a more cost effective solution in the long term for
security lighting

© Hazard 360 Ltd 2020 76 OR

 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 182

Lighting has three major security purposes:

 To create a psychological deterrent

 To enable detection
 To enhance the capabilities of CCTV systems

To fulfil these purposes, the appropriate amount, type and intensity of light
needs to be placed over the correct space in an efficient manner.

1. Must provide adequate, even light on boundaries and approaches.

2. Illuminate areas and structures within boundaries.
3. Point glaring lights toward eyes of an intruder.
4. Use minimal light on patrol routes.
5. Use high brightness contrast for intruder and background.

© Hazard 360 Ltd 2020 77

OT

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 183

Lighting Challenges

“Ineffective Lighting”

• Severe contrasts between light and shadow can disorient surveillance

(human or electronic).
• Poor lighting can facilitate intruders’ attempts to hide or evade detection.
• Inappropriate lighting can make security officers or other response forces
more visible and vulnerable (compared to the intruder).

Too Much Lighting

• Glare caused by excess lighting can blind security officers or response forces.
• Imbalance between exterior and interior lighting can permit undesired
visibility into a facility from the outside.
• Over-lighting can create blind spots or “white out” for security cameras.
• Increased contrast between light and shadow can impede effective
observation.

© Hazard 360 Ltd 2020 78

DY
PSP® Physical Security Principles
Polling Group (8) Questions 1 - 30 (Thirty Minute Duration)

© Hazard 360 Ltd 2020 79

 PSP® Physical Security Principles
Welcome to ASIS PSP Webinar (5) of Training Programme

PSP

© Hazard 360 Ltd 2020 1

PSP® Physical Security Principles

ASIS PSP 2015
Module (5) Agenda

 Chapter 9: Structural Security Measures – Continued

 Chapter 10: Crime Prevention Through Environmental design

 Chapter 11: Electronic Security Systems

© Hazard 360 Ltd 2020 2

 PSP® Physical Security Principles

PSP – Chapter 9 Continued

Structural Security Measures

© Hazard 360 Ltd 2020 3

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 184

Lighting Challenges

© Hazard 360 Ltd 2020 4

 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 184

Lighting Challenges
“Light Pollution”
Can include light spillage and light trespass. Light spillage is simply light that
overshoots its intended area or spills beyond the limit or point where it is
needed or wanted. Light trespass represents a situation where the light
spillage extends into a neighbour’s property or an area where it interferes
with (or could potentially interfere with) the activities of another entity,
organization, person, or facility. The ramifications of light spillage and light
trespass can range from energy waste and simple annoyance to hostility or
lawsuits.
Beam direction
Shape and coverage is another consideration. It can be affected by the type
of lamp, luminary design, mounting technique, location, and environmental
conditions. The choice of fixture and mounting has a major impact on beam
direction. Figure 9-19 shows an example of ineffective beam direction.”

© Hazard 360 Ltd 2020 5 M

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 186

Lighting Terminology
• Lumens: The quantity of light emitted by a lamp.
• Illuminance: The concentration of light over a particular area measured
in lux. the number of lumens per square meter, or foot-candles (fc), the
number of lumens per square foot. One foot-candle is equal to 10.76
Lux (often approximated to a ratio of 1:10).
• Reflectance: When we see an object, our eyes sense the light reflected
from that object.
• “The measure of reflectance is the ratio of the quantity of light
(measured in lumens) falling on it, to the light being reflected from it,
expressed as a percentage”.
Advisory Note: Pay special attention to this slide for ASIS Exam

© Hazard 360 Ltd 2020 6 O,D

 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 187,189

Lighting Terminology
• Colour Rendition Index (CRI]: Ability of a lamp to faithfully reproduce the
colours seen in an object. CRI is measured on a scale of 0 to 100. A CRI of
70 to 80 is considered good, above 80 is considered excellent, and 100
percent is considered daylight.
• Corrected Colour Temperature (CCT) Measured in Degrees Kelvin: A
measure of the warmth or coolness of a light. “CCT has a considerable
impact on mood and ambiance of the surroundings”.
• Lamp Efficacy: The ratio of the lumens of ‘light-out’ to ‘power-in’ - the
higher the efficacy number, the more efficient the lamp.

Advisory Note: Pay special attention to this slide for ASIS Exam

© Hazard 360 Ltd 2020 7 E, L

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 188 - 189

Lighting Terminology

Lamp
Also known as a light bulb

Luminaire (also known as fixture)

This is the complete lighting unit, consisting of the lamp, its holder, and the
reflectors and diffusers used to distribute and focus the light

Mounting hardware
Examples would be a wall bracket or a light pole used to fix the luminaire at the
correct height and location.

Electrical power
This is energy source that operates the lamp, ballasts, and photocells.

© Hazard 360 Ltd 2020 8

 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 186, 188, 190

Starting and Restrike Times and Lighting Characteristics

Best for Illumination and CCTV Camera Surveillance Most Economical to Run
© Hazard 360 Ltd 2020 9 P

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 179 - 194

Guidance for Minimum Lighting Levels

© Hazard 360 Ltd 2020 10

 PSP® Physical Security Principles
ASIS PSP 2015 CH 9: P 189

Lighting Economic Considerations

The cost of lighting is a major factor in the decision of the level of lighting
that will be installed for security and safety. Some lighting is mandated by
code or other regulations, such as those regarding fire safety or retail
banking, or those from the Nuclear Regulatory Commission (NRC) or OSHA.

For a typical lighting installation, the operating cost consists of capital items
(such as lamps and ballasts), maintenance, and energy. The proportion of
these costs is approximately:

 Maintenance cost 4 %
 Capital Items 8 %
 Energy Cost 88 %

Advisory Note: Pay special attention to this slide for ASIS Exam

© Hazard 360 Ltd 2020 11 A

PSP® Physical Security Principles

ASIS PSP 2015 CH 9: P 192

Lighting Considerations for Electronic Surveillance Systems

Where electronic surveillance systems or cameras are used as part of the

protection strategy, some additional lighting considerations apply:

 Colour rendering index (CRI) for accurate reproduction and

identification of colors
 Reflectance of materials
 Directionality of the reflected lighting

“In general, color cameras require twice the light that monochrome
cameras need for the same picture quality”. In addition, a color camera
needs at least 50 percent of its full video signal or color registration starts to
fade, whereas black-and-white needs only 20-30 percent of full video

Advisory Note: Pay special attention to this slide for ASIS Exam

© Hazard 360 Ltd 2020 12 R

 PSP® Physical Security Principles

PSP – Chapter 10
Crime Prevention Through Environmental Design

© Hazard 360 Ltd 2020 13

PSP® Physical Security Principles

ASIS PSP 2015 CH 10: P 198

Principles of CPTED

At its core, CPTED is based on

Common sense, heightened awareness about how people use their space for
legitimate and criminal intentions.

CPTED is best applied using a multidisciplinary approach that engages:

 Planners
 Designers
 Architects
 Landscapers,
 law enforcement
 Security professionals
 Facility users (residents, employees, etc.) in working teams.

© Hazard 360 Ltd 2020 14

 PSP® Physical Security Principles
ASIS PSP 2015 CH 10: P 198

The CPTED approach focuses on three key Management Tools:

Places
Manipulating the physical environment to produce behavioural effects that
reduce the fear and incidence of certain types of criminal acts.
Behaviour
Understanding and modifying people’s behaviour in relation to their physical
environment.
Design Use of Space
Redesigning space or using it differently to encourage desirable behaviours
and discourage illegitimate activities.
Reducing the conflicts between incompatible building users and building
uses, with the goal of eliminating "no persons land" that no one takes
ownership of.

© Hazard 360 Ltd 2020 15 T

PSP® Physical Security Principles

ASIS PSP 2015 CH 10: P 198

Places:

Physical environments (such as office buildings, parking garages, parks and

public spaces, multifamily apartment buildings, warehouses, schools, houses
of worship, and shopping centres) can be designed to produce behavioural
effects that reduce the opportunity for certain types of crime and the fear of
those crimes.

 For example, in a parking garage adding emergency call stations and

additional lighting helps overcome a feeling of distance and isolation.

 “Design or redesign of a place to decrease crime opportunities”

© Hazard 360 Ltd 2020 16 MY

 PSP® Physical Security Principles
ASIS PSP 2015 CH 10: P 198

Behaviour:
Some locations seem to predict, create, promote, or allow criminal activity
or unruly behaviour while other environments elicit compliant and law-
abiding conduct

Criminal Activity Deterrent Criminal Activity Motivator

© Hazard 360 Ltd 2020 17

PSP® Physical Security Principles

ASIS PSP 2015 CH 10: P 198

Design and use of Space

Redesigning a space or using it more effectively can encourage desirable
behaviour and discourage crime and related undesirable conduct.
For example, it would be an appropriate countermeasure to place parking in
front of a convenience store to reduce criminal activity

© Hazard 360 Ltd 2020 18

 PSP® Physical Security Principles
ASIS PSP 2015 CH 10: P 199

Broken Widow Theory

The “broken windows” theory (Wilson & Kelling,

1982) suggests that leaving broken windows or
other decay markers (e.g., graffiti, trash, or
abandoned furniture) unattended or unrepaired
can lead to the impression of abandonment and
increase crime opportunity as no capable
guardian is observed.
A parked car left too long with one broken
window may soon have more. Maintenance of a
building, including lighting, paint, signage,
fencing, walkways, and any broken items is
critical for showing that someone cares about
the building and is responsible for the upkeep.

© Hazard 360 Ltd 2020 19 MM

PSP® Physical Security Principles

ASIS PSP 2015 CH 10: P 198 - 199

Principles of CPTED
CPTED “Targeting” CPTED CPTED
Management Tools Elements Tools

In 1972, architect Oscar Newman of the U.S. Department of Housing and

Urban Development released a ground breaking work called Defensible
Space, wherein he explored how opportunities for criminal behaviour were
literally being engineered into our “built environments.” It is generally from
Newman’s pioneering work that CPTED had its genesis

© Hazard 360 Ltd 2020 20 MO, MD, ME

 PSP® Physical Security Principles
ASIS PSP 2015 CH 10: P 198 - 199

Example of the Application of CPTED Tools

© Hazard 360 Ltd 2020 21

PSP® Physical Security Principles

We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 22

 PSP® Physical Security Principles
ASIS PSP 2015 CH 10: P 199

Tools of CPTED
• Ownership,
• Claim Spaces • Responsibility
• Legitimate Use • Accountability
• Police Support

• Observation
• Visibility
• Detection

• Clean Zones • Main Entrance

• Gardeners • Designated Area
• Maintenance • Intruder Detection

© Hazard 360 Ltd 2020 23 ML

PSP® Physical Security Principles

ASIS PSP 2015 CH 10: P 200

Criminal Behaviours and Patterns

Criminal behaviour and patterns are a critical consideration in CPTED

planning and security design. Research has shown that a site’s physical
features may influence offender (or potential offender) choices by altering
the chances of detection or changing other factors.

 In short, the likelihood of crime increases when a potential criminal

feels the chances of detection and identification are low and the
chances of escape are high.

Teenage Adversary Motivators

• “Low probability of detection”

• “Low probability of Identification”
• “Positive probability of evading capture”

© Hazard 360 Ltd 2020 24 MP

 PSP® Physical Security Principles
ASIS PSP 2015 CH 10: P 202

CPTED – Prevention

 Quickly remove signs of victimization.

 Improve physical security.

 Block easy access to targets..

 Protect especially vulnerable targets.

 Regulate access to high-risk assets or areas

© Hazard 360 Ltd 2020 25

PSP® Physical Security Principles

Crime Prevention Through Environmental Design Part 3 Page 202 - 203

Capable Guardian Concept

• Routine activity theory suggests that the presence of

capable guardians may deter crime. “Criminals
generally avoid targets or victims who are
perceived to be armed, capable of resistance, or
potentially dangerous”.
• Criminals generally stay away from areas they feel
are aggressively patrolled by police, security officers,
or nosy neighbours. Likewise, they avoid passive
barriers such as alarm systems, fences, and locks.
• Criminals look for the easiest, least-risky path.
• The concepts of natural surveillance and capable
guardians can help reduce a site’s perceived
vulnerability and make it less attractive to offenders.

© Hazard 360 Ltd 2020 26 MA

 PSP® Physical Security Principles
ASIS PSP 2015 CH 10: P 203, 204

Second Generation CPTED

In second generation CPTED, the legitimate activity supports employed in
first generation CPTED are reinforced by developing community cohesion
and a more permanent sense of neighbourliness.
Second generation CPTED employs four main strategies:

• Cohesion. Techniques include community groups, neighbourhood

associations, and personal development programs.
• “Capacity threshold. Also known as tipping point theory, this strategy
balances land uses and urban features”. For example, too many
abandoned properties can tip an area into crime
• Community culture. Cultural, artistic, sporting, and other recreational
activities bring neighbourhood people together in common purpose.
• Connectivity. Strategies link the neighbourhood to surrounding
neighbourhoods and to funding and political support from corporations
and upper levels of government.

© Hazard 360 Ltd 2020 27 MR

PSP® Physical Security Principles

ASIS PSP 2015 CH 10: P 206

Territoriality
This concept contends that people take better care of space when they feel
some degree of ownership or responsibility over it—whether formal or
informal. This leads to facility users (employees, residents, visitors, etc.)
being more observant and vigilant, more likely to report suspicious activity,
more prone to notice and correct (or report) safety hazards, and generally
better stewards of the property.
Training
“The most basic tool of territoriality is an effective training and awareness
program”. Through such programs people know what to look for and feel
empowered to play a role in the maintenance, safety, and security of a given
space.

© Hazard 360 Ltd 2020 28 MT

 PSP® Physical Security Principles
ASIS PSP 2015 CH 10: P 207

Tools that address the three elements of CPTED – Signage

Architectural design considerations

The architect or graphics consultant can offer advice about

such issues as the size and typeface of letters, distance
from which graphics can be read, reflectivity, necessary
lighting, location, and parties intended to observe the
signs and graphics.

For example, for a sign to be clearly read by a person with

20/20 vision at 50 ft. (15 m), the letters must be at “least
6 in. (15 cm) high”, and graphics or symbols must be at
least 15 in. (38 cm) high. Some typefaces are easier than
others to read at a distance. Interior lighting levels should
be at least 20 foot-candles (215 lumens per square meter),
and lamps must be positioned to avoid glare on the
signage.

© Hazard 360 Ltd 2020 29 OY

PSP® Physical Security Principles

ASIS PSP 2015 CH 10: P 207

Tools that address the three elements of CPTED - Signage

Systems considerations. Graphics and signage should be consistent,

uniform, and well distributed.
Just as fire exit signs must be displayed and illuminated at all stairways,
security signage should be systematically displayed at all critical areas.

© Hazard 360 Ltd 2020 30

 PSP® Physical Security Principles
ASIS PSP 2015 CH 10: P 207

Tools that address the three elements of CPTED – Signage

Procedural Considerations
Graphics and signage can be used to clarify procedures e.g. having
employees wear ID badges for clearance, or putting shoppers on notice of
shoplifting surveillance. Signs can also identify areas of a facility where
sensitive information should not be discussed.

© Hazard 360 Ltd 2020 31

PSP® Physical Security Principles

Crime Prevention Through Environmental Design Part 3 Page 209

Reducing Crime Through Architectural Design

By working with appropriate community and professional groups, security

practitioners can integrate CPTED features into the facility design to reduce
opportunities for crime.
Integrating CPTED “During Initial Planning” is more cost-effective than
making changes after construction has begun. Designing without security in
mind can lead to lawsuits, injuries, expensive retrofitting, and the need for
additional security personnel.
“Security Measures” added after construction may distort important
building functions, add to security personnel costs, and result in exposed,
unsightly installations.

© Hazard 360 Ltd 2020 32 OM, OO

 PSP® Physical Security Principles
Crime Prevention Through Environmental Design Part 3 Page 209

Site Development and Security Zoning

Unrestricted zones
Some areas of a facility should be completely unrestricted to persons
entering during the hours of designated use. The design of unrestricted
zones should encourage persons to conduct their business and leave the
facility without entering controlled or restricted zones. Unrestricted zones
might include lobbies, reception areas, snack bars, certain personnel and
administrative offices, and public meeting rooms.
Controlled zones.
In these zones, a person must have a valid purpose for entry. Once admitted,
the person may travel from one department to another without severe
restriction. Controlled zones might include administrative offices, staff
dining rooms, security offices, office working areas, and loading docks.

© Hazard 360 Ltd 2020 33

PSP® Physical Security Principles

Crime Prevention Through Environmental Design Part 3 Page 209

Site Development and Security Zoning

Restricted Zones
These are sensitive areas limited to staff assigned to those areas. Sections
within restricted zones may require additional access control.

• Functions and departments located in restricted zones may include

vaults, sensitive records, chemicals and drugs, food preparation,
mechanical areas, telephone equipment, electrical equipment, control
rooms, laboratories, laundry, sterile supply, special equipment, and
sensitive work areas.

• Once circulation patterns are successfully resolved through security

zoning, mechanical solutions can be considered.

© Hazard 360 Ltd 2020 34 CKA

 PSP® Physical Security Principles
Crime Prevention Through Environmental Design Part 3 Page 211

Site Development and Security Zoning

Whenever possible, security planning should begin “During Site Selection”.

• The goal is to find a site that meets architectural requirements and
provides security advantages.

• The security analysis should assess conditions on-site and off-site, taking
into account topography, vegetation, adjacent land uses, circulation
patterns, neighbourhood crime patterns, police patrol patterns, sight
lines, areas for concealment, location of utilities, and existing and
proposed lighting.

• Other key factors are access points and circulation patterns for vehicles,
employees, service personnel, visitors, and off-site pedestrians.

© Hazard 360 Ltd 2020 35 OD

PSP® Physical Security Principles

Crime Prevention Through Environmental Design Part 3 Page 211 - 214

CPTED Key Points

Integrating CPTED during initial planning is more cost-effective than making
changes after construction has begun.
Designing without security in mind can lead to lawsuits, injuries, expensive
retrofitting, and the need for additional security personnel.

• Determining requirements
• Knowing the available up to date Technology
• Understanding Architectural Implications
• The architect then converts the security requirements into an
architectural program. Like a restaurant menu, the program defines what
will be produced and what it will cost.

© Hazard 360 Ltd 2020 36

PSP® Physical Security Principles
We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 37

PSP® Physical Security Principles

Polling Group (9) Questions 1 - 23 (Thirty Minute Duration)

© Hazard 360 Ltd 2020 38

PSP® Physical Security Principles
We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 39

PSP® Physical Security Principles

PSP – Chapter 11
Electronic Security Systems

© Hazard 360 Ltd 2020 40

 PSP® Physical Security Principles
Electronic Security Systems - CPNI Access Control Video

Complacency and lack of Access Control Policy and Procedures is the main
contributor to access control exploitability and unauthorised access.

© Hazard 360 Ltd 2020 41

PSP® Physical Security Principles

Paterson ED 2 IPSP CH 1: P 2
Objectives of Physical Access Control

 Deter Potential Intruders

 Distinguish authorised from unauthorised people
 Delay and Prevent Intrusion Attempts
 Detect Intrusions and Monitor Intruders
 Trigger appropriate incident response by communicating to Security
Officers and Police
 Deny by opposing or negating the effects of an overt or covert action

© Hazard 360 Ltd 2020 42

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 241

Access Control Systems

Electronic access control systems validate one or more credentials, which

can be in the form of something you know, something that is inherent to
you, or something you carry
This verification decision is usually based on determining whether the
person (1) is carrying a valid credential, (2) knows a valid personal
identification number, or (3) possesses the proper unique physical
characteristic that matches the person’s characteristic recorded at
enrolment (biometrics, such as fingerprint, hand geometry, etc.) or could
be a combination of all three.
These three concepts are summarized as:

 What you have Combination of all three could be used

for low volume throughput into high
 What you know security environments i.e. a
 What you are. biochemical laboratory

© Hazard 360 Ltd 2020 43 M, O

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 242

Means of Defeating Access Control Points

An adversary may use several types of attacks to defeat an access control
point:
1) “Deceit”
The adversary employs false pretences in an attempt to convince security
personnel or an employee to permit entry. Employee training regarding the
security plan, although not fool proof, is a valuable component of any
security program. Social engineering techniques are a real threat to any
access controls.

2) “Direct Physical Attack” - Force and tools may be used to enter an area.

3) “Technical Attack “- The adversary forges a credential or guesses or

obtains pass codes or PINs.

© Hazard 360 Ltd 2020 44 D

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 242

Access Control Vulnerabilities

Piggybacking:
When an authorized person allows an
unauthorized person, usually an
acquaintance. Etc., into a controlled area,
with only one card being read by the system.
Non-Compliance by employee

Tailgating:
The perpetrator waits at a controlled portal
for someone to enter the facility, and then
enters as an unauthorized person before the
portal closes.
Direct exploitation of vulnerability by
Adversary

© Hazard 360 Ltd 2020 45 E

PSP® Physical Security Principles

Electronic Security Systems Part 3 Page 244

Credentials

Many types of credentials are used in personnel access control. They include the
following:

1) Photo identification badges (the most practical and generally accepted)

2) Exchange badges
3) Stored-image badges
4) Coded credentials

The first three require a manual check by a guard with a high degree of vigilance.
Coded credentials are checked automatically

“Guard inattentiveness can reduce its effectiveness, especially at times when

large numbers of people are entering a facility”.

© Hazard 360 Ltd 2020 46 L

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 245

Exchange Badge System

The badge exchange system requires that matching badges be held at each
access control point. When an employee presents a badge and requests
entry, a guard compares the individual to the photo on the corresponding
exchange badge held at the access control point. If the two match, the guard
exchanges the badges and allows entry.
The exchange badge may contain more information than the employee
badge, and it may be a different color. The employee’s badge is held at the
access control point until the employee leaves the area, at which time the
badges are again exchanged. In this way, the exchanged badge worn within
the secure area is never allowed to leave the area.
This type of system is normally used in high security compartmentalised
facility.

© Hazard 360 Ltd 2020 47

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 247, 248

Credentials
More sophisticated systems use a coded card or a biometric reader, thus
eliminating the need for a security guard to be involved in the screening

1. Magnetic stripe
2. Wiegand wire
3. Bar code
4. Proximity Card
5. Smart card

© Hazard 360 Ltd 2020 48 P

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 247

Near Field Communication (NFC)

• There is significant activity in the use of NFC

(Near Field Communications). This in concert
with smart phones is gaining significant
traction as a credential.

• The growth in mobile applications for banking

and other transactions where trusted (I am
who I say I am) exchanges are critical is
rapidly raising the bar for this type of
credentialing.

• Many smart card manufacturers are

developing NFC credentialing and
provisioning software.

© Hazard 360 Ltd 2020 49 A

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 247

Magnetic Strip Coding

 A strip of magnetic material located along one edge of the badge is

encoded with data. The data are then read as the magnetic strip is
moved through or inserted into a magnetic reader.

The unit of magnetic intensity used to describe the coercivity is the Oersted.

 Two materials have been used as the magnetic stripe medium. The one
most commonly used for credit cards is a 300 Oersted (low-coercivity)
magnetic material. This material is relatively easy to erase.

 The coercivity of the second magnetic stripe material is in the range of

2,500 to 4,000 Oersted (high-coercivity). This material is the one most
commonly used in security credential applications and is very unlikely
to be accidentally erased.

© Hazard 360 Ltd 2020 50 R

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 247

Types of Credentials
Wiegand Card Technology
Wiegand-based access control cards use a coded pattern on magnetized
wire embedded within the card. When this card is inserted into a reader, the
reader's internal sensors are activated by the coded wire. This type of card is
moderately priced, and will handle a large amount of traffic. It is less
vulnerable to vandalism and weather effects than other types of cards, but it
does stand up to a considerable amount of wear and tear.

“Advisory Note” Rely on short – length magnetic wires

embedded within the card. Cards contain up to 26 wire
bits, which make up millions of code combinations
possible. The card is immune to demagnetisation and
difficult to copy. FHW - 9th Edition, Page 178

© Hazard 360 Ltd 2020 51

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 248

Types of Credentials
Proximity Card
This is one whose information can be read without the badge being
physically placed into a reader device. Proximity badges can be classified by
the method of powering the badge, operating frequency range of the badge,
and read-only or read/write capability.
Proximity badges fall into “Two groups” according to frequency. Low
frequency badges are in the 125 kHz range, and high-frequency badges
range from 2.5 MHz to over 1 GHz.
A read-only badge contains a specific code that is usually fixed at the time
of manufacture and cannot be changed.
The read/write badge, on the other hand, usually contains a larger data field
and can be programmed by the system manager as required.

© Hazard 360 Ltd 2020 52 T, MY

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 248

Proximity Badge

Proximity badge. This is one whose information can be read without the
badge being physically placed into a reader device.

“Proximity badges can be classified by three designations”

 By the method of powering the badge

 Operating frequency range of the badge
 Whether the badge is read-only or read / write capability.

© Hazard 360 Ltd 2020 53 MM

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 248

Types of Credentials
Smart Card
These contain an integrated chip embedded in them. They have coded
memories and “Micro-Processors” hence, they are like computers. The
technology in these cards offers many possibilities, particularly with
proximity card-based / card-access systems.

“Advisory Notes”

Main advantages are large memory and resistance

to forgery. Garcia, 2nd Edition, Page 192

FIPS 201 is based on the requirement for US Federal

Agencies to use a contactless and contact smart card
technology. Garcia, 2nd Edition, Page 192

© Hazard 360 Ltd 2020 54 MO

 PSP® Physical Security Principles
Human Interface Biometrics Access Control Video

© Hazard 360 Ltd 2020 55

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 262

Biometric Performance Designations – Error Types

Many biometric technologies use error rates as a performance indicator of

the system.

 A Type I error, also called a false reject, is the improper rejection of a

valid user.

 A Type II error, or a false accept, is the improper acceptance of an

unauthorized person.

© Hazard 360 Ltd 2020 56 MD

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 261 - 262

Biometric Locks

 Biometric locks function by recognition a person’s Specific physical

characteristic, such as fingerprint, hand geometry, face, iris, and retina.

 If the specific characteristic is verified, the locking device is activated to

permit access after the control parameters for access have been met—
namely, that the authorized location and authorized time for entry are
consistent with the security settings for that control point

Two methods of Biometric System Functionality is:

1: “Recognition”
2: “Verification”

© Hazard 360 Ltd 2020 57 ME

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 261 - 265

Used primarily in
Low Security Application

© Hazard 360 Ltd 2020 58 ML

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 261 - 265

Key Points:
Hand Geometry
Personnel identity verification using the hand or
finger geometry system is based on characterizing
the shape of the hand. “The underlying technique
measures three-dimensional features of the
hand, such as the widths and lengths of fingers
and the thickness of the hand”.
“Photographic image of hand” 3 D Image
Hand Writing
These systems provide low security and are best
used in applications where signatures are already
used to authorize transactions.

© Hazard 360 Ltd 2020 59 MP

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 261 - 265

Biometric Systems

© Hazard 360 Ltd 2020 60

 PSP® Physical Security Principles
We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 61

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 261 - 265

Key Points
Iris – Eye Pattern
The unique structure of an iris can be used to identify an individual. This
system operates in the recognition mode, “So entry of a PIN is not
required”.
Voice Recognition
This technology currently offers low security. The system may ask the user to
speak a specific, predetermined word or to repeat a series of words or
numbers selected by the system to verify access. “There has been little
evidence of new development in the application of this technology”

Facial Recognition
“Facial Verification Systems” use distinguishing characteristics of the face to
verify a person’s identity. Most systems capture the image of the face using a
video camera, although one system captures a “Thermal image using an
infrared imager”

© Hazard 360 Ltd 2020 62 MA,MR, MT

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 261 - 265

Biometric Systems

© Hazard 360 Ltd 2020 63

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 266

Metal Detectors

Magnetometer Hand Held Metal Metal Detector Portal

Detector (HHMD)

Passive device that monitors the earth’s magnetic field and

detects changes caused by presence of ferromagnetic
materials. “Materials such as copper, aluminium and zinc
are not detected”. While most firearms are made of steel,
some are not. Although the term magnetometer is often
used to refer to metal detectors in general,

© Hazard 360 Ltd 2020 64 OY

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 267

Two Methods of Detecting Metal

At present two methods can be used to actively detect metal:

(1) Continuous wave

 Continuous-wave detectors (no longer commercially available) generate
a steady-state magnetic field within the frequency band of 100 Hz to 25
kHz.

(2) Pulsed-field detectors

 Generate fixed frequency pulses in the 400 to 500 pulse-per-second

range.

© Hazard 360 Ltd 2020 65 OM

PSP® Physical Security Principles

Physical Person Manual Search Video

© Hazard 360 Ltd 2020 66

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 266, 267

Metal Detectors

© Hazard 360 Ltd 2020 67

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 266, 267

Key Points

Metal Detector – Walk Through Portal

When a portal metal detector is used to detect very small quantities of
metal such as gold, detection may be very difficult. In the case of a
continuous-wave detector, the use of a higher-than-usual frequency will
enhance detection; in all cases very-high-sensitivity operation will be
required.
Because high-sensitivity operation will sharply increase the nuisance alarm
rate, an area for personnel to change out of steel-toed shoes and to remove
other metallic items from their bodies may be required.
Handheld metal detectors can detect even very small quantities of metals
and may be better suited to the task of screening for very small items.

© Hazard 360 Ltd 2020 68

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 266, 267

Metal Detector – Walk Through Portal

Metal Detector Portal

Susceptible to:
NAR’s
• Metal moving outside
the portal Transmitter,
power lines,
Fluorescent lighting
(NAR),
• Nearby steel support
beams metallic items
e.g. chairs, bins
(reduced PD).

Any metal outside the port can cause NAR’S

© Hazard 360 Ltd 2020 69 OO

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 266 - 268

Metal Detectors
One system employed for the detection of metal is a magnetometer. The
magnetometer is a passive device that monitors the earth’s magnetic field
and detects changes to that field caused by the presence of ferromagnetic
materials. This method detects only ferromagnetic materials (those that are
attracted by a magnet). Materials such as copper, aluminium, and zinc are
not detected.
At present two methods can be used to actively detect metal, continuous
wave and pulsed field, continuous wave detectors are no longer available

Package Search
Active interrogation methods used to detect contraband objects include a
family of X-ray approaches: single energy transmission X-ray, multiple-energy
X-ray, computed tomography (CT) scan, and backscatter X-ray. In general,
these methods are not safe for use on personnel

© Hazard 360 Ltd 2020 70

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 266 - 268

Metal Detectors
Key Points
• Both hand held and walk through metal detectors must be rested on a
daily basis to ensure that they are functioning correctly.
• Personnel conducting handheld and walk through operations must not
have any metal upon their body I in their shoes i.e. steel cap safety boots
as these can generate a false alarm.
• Because the magnetic field is not confined to the area between the coils
and metal detectors are sensitive to metal moving outside the physical
boundaries of the detector, care must be exercised in determining
detector placement.
• Any movable metallic objects either in front or to the side of the
detector, such as doors, forklifts, and carts, can cause nuisance alarms.
Electromagnetic transients, such as radio transmitters, power-line
fluctuations, and flickering fluorescent lighting, can cause false alarms.

© Hazard 360 Ltd 2020 71

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 268

Package Search
Packages may be searched for contraband manually or by active
interrogation. Active interrogation methods used to detect contraband
objects include a family of X-ray approaches: single energy transmission X-
ray, multiple-energy X-ray, computed tomography (CT) scan, and backscatter
X-ray. (Not safe to be used on People)

A conventional single-energy-transmission X-
ray package search system produces an image
for an operator to inspect. This approach is
effective when the operator is

 Properly trained
 Vigilant
 De- cluttered image

© Hazard 360 Ltd 2020 72 OD

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 268

Package Search
Packages may be searched for contraband manually or by active
interrogation. Active interrogation methods used to detect contraband
objects include a family of X-ray approaches:

 Single energy transmission X-ray, multiple-energy X-ray, computed

tomography (CT) scan, and backscatter X-ray.

 Low dose backscatter can be safely used on people

© Hazard 360 Ltd 2020 73

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 266, 267

Millimetre Scanners
Due to the fact that
weapons made of
plastic or carbon
fibre cannot be
detected by metal
detectors there are
only two methods of
detection a physical
pat down search or
by the use of a
Millimetre Scanner
as depicted on the
right.

© Hazard 360 Ltd 2020 74

 PSP® Physical Security Principles
Electronic Security Systems Part 3 Page 269 - 274

Explosive Detection

© Hazard 360 Ltd 2020 75 OE

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 269, 274

Explosive Detection

© Hazard 360 Ltd 2020 76 OL

 PSP® Physical Security Principles
Electronic Security Systems Part 3 Page 275

Canine olfaction (smelling by dogs)

• This is used widely in law enforcement and the military for locating
hidden explosives and drugs. Where mobility is required, such as building
searches or quickly relocating detection capabilities, canines excel.

• Detection is actually made by the handler “Who observes the Dog’s

Behaviour”. Canines and their handlers require constant retraining to
continue to identify synthetic compounds such as explosives.

• The reliability of canine inspection is subject to the vigilance and skill of

the handler and the health and disposition of the dog.

© Hazard 360 Ltd 2020 77 OP

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 272 - 274

Six Methods used to detect Trace Explosives

 Ion Mobility Spectrometry

 Colorimetric
 Chemiluminescence
 Mass Spectrometry
 Fluorescence
 Canin Olfaction

© Hazard 360 Ltd 2020 78

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 275

Biological Agent Detection – Chemical Detection

Most biological agents are not immediately lethal, so response time may not
be as critical as for chemical attacks.

Biological Agent versus Chemical Detection Methods

 Biological detection methods usually involve filtering air for several

hours and then analysing the filter (several more hours).

 Chemical detectors sample air at various perimeter locations and work

more quickly.

© Hazard 360 Ltd 2020 79

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 275

Chemical and Biological Agent Detection

Chemical and biological agent detection is typically performed with “Point

Sensors, searching for evidence of an attack at the site perimeter.

• In the case of chemical agent attack, an adversary may attack suddenly

with large (and therefore quickly lethal) concentrations, and the security
system goal is an early warning for successful interruption and
neutralization of the adversary.

• Military and environmental chemical (trace) detectors have been

developed over the past century for this purpose

• Chemical detectors normally sample air at various perimeter locations

and may not be appropriate for use in checkpoint screening.

© Hazard 360 Ltd 2020 80 OA

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 275

Chemical and Biological Agent Detection

Biological agent detection differs from chemical detection in two ways.

• First, most biological agents are not immediately lethal, so response time
may not be as critical as for chemical attacks.

• Second, detection methods usually involve filtering air for several hours
and then analysing the filter (several more hours). As a result of this
delay, it can be difficult to detect the biological agent in time to prevent
exposure; however, once the agent is identified, any personnel who have
been exposed can be treated
• Some “Chemical Sensors” use optical methods to achieve standoff
detection”.

© Hazard 360 Ltd 2020 81 OR

PSP® Physical Security Principles

Polling Group (10) Questions 1 - 28 (Thirty Minute Duration)

© Hazard 360 Ltd 2020 82

 PSP® Physical Security Principles
Welcome to ASIS PSP Webinar (6) of Training Programme

PSP

© Hazard 360 Ltd 2020 1

PSP® Physical Security Principles

ASIS PSP 2015
Webinar (6) Agenda

 Chapter 11: Electronic Security Systems

© Hazard 360 Ltd 2020 2

 PSP® Physical Security Principles

PSP – Chapter 11 Continued

Electronic Security Systems

© Hazard 360 Ltd 2020 3

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 276

Physical Intrusion Systems – Overview

Intrusion detection systems include exterior and interior intrusion sensors,

video alarm assessment, access control, and alarm communication systems
working in combination.

• Intrusion detection is the process of detecting a person or vehicle

attempting to gain unauthorized entry into an area. When an interior
intrusion sensor is integrated into a security system, every sensor must
conform to probability of detection, proper maintenance, and frequency
of false alarms.

• The intrusion detection boundary should be thought of as a sphere

surrounding the protected item so that all intrusions, whether by surface,
air, underwater, or underground, are detected. Exterior intrusion
detection technology tends to emphasize detection on or slightly above
the ground surface.

© Hazard 360 Ltd 2020 4

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 276

Three main characteristics of an Intrusion Sensor Performance

Three main characteristics of intrusion sensor performance are:

 Probability of Detection

 Nuisance Alarm Rate – (Any alarm that is not caused by intrusion)

 Vulnerability to Defeat

 For any specific sensor and scenario, the “two values PD and confidence
level (CL) are used to describe the effectiveness of the sensor”.
Manufacturers often state values of PD without stating the CL. In such
cases, they are likely implying a value of at least 90 percent for CL.

© Hazard 360 Ltd 2020 5 M, O

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 276

Performance Characteristics (PD)

The probability of detection depends primarily on these factors:
target to be detected (e.g., walking/running/crawling intruder, tunnelling,
etc.)
• sensor hardware design
• installation conditions
• sensitivity adjustment
• weather conditions
• condition of the equipment

The system designer should specify the detection criteria for a sensor or
sensors system. This specification should note what will be detected, what
actions are expected, any other considerations such as weight or speed of
movement, and what probability of detection is required.

© Hazard 360 Ltd 2020 6

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 276

Performance Characteristics (PD)

Vulnerability to Defeat
An ideal sensor cannot be defeated; however, all existing sensors can be.
Different types of sensors and sensor models have different vulnerabilities to
defeat.
The objective of the PPS designer is to make the system very difficult to
defeat.
There are two general ways to defeat the system:

• “Bypass”. Because all intrusion sensors have a finite detection zone,

going around its detection volume can defeat any sensor.

• “Spoof”. Spoofing is any technique that allows the target to pass through
the sensor’s normal detection zone without generating an alarm.

© Hazard 360 Ltd 2020 7 D

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 277

Performance Characteristics (PD)

Test Methodology
The perimeter intrusion detection system shall be capable of detecting a
person, weighing 35 kilograms or more, crossing the detection zone by
walking, crawling, jumping, running, or rolling, at speeds between 0.15 and 5
meters per second, or climbing the fence at any point in the detection zone,
with a detection probability of 90 percent at 95 percent confidence.

When a high PD is required at all times and under all expected weather
conditions, the use of “Multiple Sensors is Recommended”. Contingency
plans and procedures are needed so compensatory measures can be
implemented in the event of loss of any or all sensors.

© Hazard 360 Ltd 2020 8 E

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 277

Probability of Detection

The Probability of Detection depends of six factors

 Target to be detected

 Sensor Hardware Design

 Installation Conditions

 Sensitivity Adjustment

 Weather Conditions

 Conditions of the equipment

© Hazard 360 Ltd 2020 9

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 276

Performance Characteristics (PD)

Nuisance Alarm Rate (NAR)

A nuisance alarm is any alarm not caused by an intrusion. The nuisance
alarm rate states the number of nuisance alarms over a given period. In an
ideal system, the nuisance alarm rate would be zero.

 “Nuisance alarms deliver false positives, system failure, operator error,

equipment maintenance”.

• Nuisance alarms have many causes. Natural causes include vegetation

(trees and weeds), wildlife (animals and birds), and weather conditions
(wind, rain, snow, fog, lightning). Industrial causes include ground
vibration, debris moved by wind, and electromagnetic interference.

© Hazard 360 Ltd 2020 10 L

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 278

Alarm Initiation Conditions

Sensors of all types should be included in the PSP to initiate alarms under any of
the following conditions:

Intrusion Sensors Occurrence of a potential intrusion event

State Sensors A change in a safety or process condition being
monitored (rise in temperature, presence of smoke, etc.).
Fault Event Sensors Loss of electrical power
Tamper Sensors Opening, shorting, or grounding of the device circuitry;
tampering with the sensors; or changes in impedance on
a circuit enclosure or distributed control panels
(transponders).
Sensor Failure Failure of the sensor itself

Units to be installed outdoors or in unheated structures should be capable of

operating in temperatures ranging from -30° F. to 150° F. (-34° C to 66° C).

© Hazard 360 Ltd 2020 11 P

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 279

Standards

“Standards” can help users judge the quality and appropriateness of

sensors from various manufacturers. Several authoritative bodies provide
guidance.
The following security system standards, are especially relevant for security
installers and users because they specify the manner of installation or
operation in the United States.

• 681 Installation and Classification of Mercantile and Bank Burglar Alarm

Systems USA
• 1076 Proprietary Burglar Alarm Units and Systems USA
• 1641 Installation and Classification of Residential Burglar Alarm Systems
USA

© Hazard 360 Ltd 2020 12 A

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 248 - 298

Exterior Sensors
Intrusion detection systems (IDS) detect an intruder entering an area that
has been protected by electronic sensors. They raise an alarm so that an
appropriate response can be made.

Classifications Applications Installation Considerations

 Passive  Buried Line • Topography
 Active  Fence Associated • Vegetation
 Covert  Free Standing • Wildlife
 Visible • Background Noise
 Line of Sight – Terrain • Climate and Weather
following • Soil ground covering
 Volumetric • Water – streams
 Application • Lightning Protection

© Hazard 360 Ltd 2020 13 R

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 248 - 298

Exterior Sensors Features

 Active: Sensors that transmit energy into an area and detect changes in
that energy caused by heat, or the motion of an intruder. Their signal
makes them simple for an intruder to be located. Active sensors transmit
and receive
 Passive: Sensors that emit no energy of their own. They monitor the
protected area and detect energy emitted by an intruder or changes in
energy fields caused by the intruder. The intruder finds them more
difficult to locate. Generally, passive sensors are safer for use in explosive
or hazardous environments as they emit no potentially explosion-
initiating energy.
 Covert: Sensors that are hidden from view. Because they are more
difficult for an intruder to detect and locate, they can operate more
effectively. In addition, covert sensors are generally more aesthetically
pleasing,

© Hazard 360 Ltd 2020 14 T, MY

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 248 - 298

Exterior Sensors Features

Overt: Sensors that are located in plain sight of the Intruder, creating a
definite psychological deterrent. Overt sensors are typically less costly and
less difficult to Install and repair than covert devices.

Line of Sight: Sensors that require a clear line of sight within the detection
area. Generally to use such sensors where the terrain is not flat “Requires
Extensive Site Preparation., they require a flat, level ground surface for
effective operation.

Terrain following: Sensors that detect equally well on flat or irregular

terrain, offering uniform detection throughout the protected area.

© Hazard 360 Ltd 2020 15 MM

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 285

Ported Coaxial Cable

Dual or single ported coaxial cable (also known as Leaky Coax).
The detection volume of ported coax sensors extends about “1.5 to 3.0 ft.”.
(0.46 m to 0.91 m) above the surface and about 3 to 6 ft. (0.91 m to 1.83 m)
wider than the cable separation.
Activation methodology
Responds to nearby motion of materials with high dielectric content or high
conductivity e.g. people and vehicles.
NAR’S
Susceptible to moving metal objects and moving water.
Best used in protected clear zone.

Buried Line Volumetric Active Covert Terrain Following

© Hazard 360 Ltd 2020 16 MO

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 286

Fence Disturbance Sensors

Typically mounted on a chain-link fence.
Activation Methodology
Where fence post movement < 0.5” for 50lb pull
at 5 feet above ground, and fabric deflection
< 2.5” for 30lb pull at centre between posts.
NAR’S
Susceptible to animals, wind debris, hail, traffic.
Can be circumvented by burrowing under, or bridging - may be used in
conjunction with buried seismic sensors, concrete fence base etc.

Passive Visible Terrain Following

© Hazard 360 Ltd 2020 17 MD

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 287

Sensor Fence
The sensor wires make up the fence itself.
May be taut wire with transducers (mechanic, strain
or piezoelectric). May be encased in barbed wire.
Taut wire can be mounted on existing fences or
Fence Post or installed on an independent row of posts as depicted
Activation Methodology
Deflection of wires, cutting wires, separation of wires or climbing, They
require a force of “25 lbs (11.3kg)” to cause an Alarm.
NAR’S
Large animals walking into fence or improper installation and
maintenance.
Passive Visible Terrain Following

© Hazard 360 Ltd 2020 18 ME

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 287

Electric Field Capacitance Sensor

Detect change in capacitance coupling
among set of wires. Range beyond wire
of 1m, but high sensitivity = high NAR.

The sensitivity of such sensors can be adjusted to extend up to “3.3” ft. (1

m) beyond the wire or plane of wires
Activation Methodology
Activated by adversary moving into detection zone can be used on chain link
fence to provide additional protection against digging under or bridging over.
NAR’S
Susceptible to lightning, rain, fence motion, small animals, ice storms can
cause substantial breakage to wires and standoff insulators.
Active Visible Terrain Following

© Hazard 360 Ltd 2020 19 ML

PSP® Physical Security Principles

We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 20

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 288

Free Standing Active Infrared Sensor

Generally infrared sensors (IR) are used to protect external elevations. The IR
beam is transmitted from an IR light emitting diode through a collimating
lens.
Collimate lens are used in active infrared sensors to convert the divergent
beams of infrared light into parallel beams resulting in an efficient collection
of signal at the receiver.
Activation Methodology
When the line of sight beam is broken the sensor sends signal to monitoring
station.
NAR’s
“Atmospheric Conditions” such as fog, snow,
vegetation, may cause visibility between two
arrays to be less than distance between the
arrays, thereby sending the system into
alarm”.
© Hazard 360 Ltd 2020 21 MP

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 285

Buried Line Sensors – Pressure or seismic

Hoses filled with pressurized liquid
String of Geophones
Fibre Optic Mesh
Activation methodology
They respond to an adversary walking, running, jumping or crawling.

NAR’S
Susceptible to animals, vehicle vibration and lightning
Can be defeated by bridging if an adversary knows location

Buried Line Passive Covert Terrain Following

© Hazard 360 Ltd 2020 22

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 288

Bistatic Microwave Sensor

Typically, two antennae at opposite ends of detection zone, one transmits,
one receives. Distance should not exceed 120 yds. Operates near 10 or 24
GHz.
Respond to changes in vector sum (direct, and reflected waves of static
objects in zone) caused by objects moving.
Often installed to detect crawling or rolling intruders, so ground surface
needs to be flat (+0, -6”) to avoid blind spots. Long perimeters require
antenna overlap to avoid blind spots. Offset 10 yds.
Activation Methodology
Adversary moving into sensor detection zone.
NAR’S
Standing water, surface water, lose fences, snow
and vegetation.
Free Standing Visible Line of Sight Active Volumetric

© Hazard 360 Ltd 2020 23

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 306

Monostatic Microwave Sensor

In this configuration, the transmitter and
receiver are in the same unit.
Radio-frequency energy is pulsed from
the transmitter, and the receiver looks
for a change in the reflected energy.
Activation Methodology
An advantage of volumetric
Motion by an intruder causes the motion sensors is that they
reflected energy to change and thus
causes an alarm. will detect an intruder
moving in the detection
NAR’S zone regardless of the point
Standing water, surface water, loose of entry into the zone. (i.e.
fences, snow. they can be considered as
point or area sensors)

Free Standing Visible Active Volumetric

© Hazard 360 Ltd 2020 24 MA

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 290

Video Motion Detection (VMD)

VMDs are passive, covert, line-of-sight sensors that process
video signals from the video surveillance system.
Activation Methodology
VMDs sense a change in the video signal level for a defined portion of the
viewed scene. The portion could be a large rectangle, a set of discrete
points, or a rectangular grid. Detection of human body movement is reliable
except in fog, snow, heavy rain, or darkness. That limitation can be overcome
with thermal sensing cameras
NAR’S
Outdoor use of VMDs may encounter many potential sources of nuisance
alarms, such as apparent scene motion due to unstable camera mounts;
changes in scene illumination due to cloud shadows, shiny reflectors, or
vehicle headlights; and moving objects in the scene, such as birds, other
animals, blowing debris, and precipitation.
Passive Covert Line of Sight

© Hazard 360 Ltd 2020 25

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 248 - 298

Key Points
Integration with Video Assessment System

• In many perimeter security systems, video is used for alarm assessment.

“For best results, the system design, system compatibility and
subsystems must be compatible”.

• Video assessment offers the advantage of facilitating remote evaluation

of the alarm condition, eliminating the need to constantly dispatch
security officers to determine the cause of an alarm, possibly too late to
make an accurate assessment.

• For maximum effectiveness, sensors must be placed so that when an

alarm occurs, the camera viewing the zone can view the entire zone.

© Hazard 360 Ltd 2020 26 MR

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 292, 293

Key Points
Continuous Line of Detection
A perimeter is a closed loop around an area that needs protection. A worthy
design goal is to ensure uniform detection around the entire length of the
perimeter. Sensors must form a continuous line of detection around the
perimeter, so hardware must be configured so that the detection zone from one
perimeter sector overlaps with the detection zones for the two adjacent sectors
Protection-in-Depth
In this context, protection-in-depth means the use of multiple lines of detection.
“At least Two Continuous Lines of detection should be used in high-security
systems”.
Complementary Sensors
The perimeter sensor system can be made better not only with multiple lines of
sensors but also with multiple, complementary types —for example, microwave
and active infrared. This approach takes advantages of different sensor
technologies’ different PD, NAR, and vulnerabilities, but also increases
probability of detection

© Hazard 360 Ltd 2020 27 MT

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 294, 295

Key Points
Clear Zone
A perimeter intrusion detection system performs best in an isolated clear
zone (or isolation zone). “The clear zone, which is usually used at high-
security facilities, increases detection probability, reduces nuisance alarms,
and prevents defeat”. It also promotes good visual assessment of the causes
of sensor alarms. Two parallel fences extending the entire length of the
perimeter usually define a clear isolation zone. (Generally provide a high
probability of detection)

Sensor Configuration
Overlapping the detection volumes of different sensors in each sector
enhances performance by creating a larger overall detection volume. Defeat
of the sensor pair is less probable because a larger volume must be
bypassed or two different technologies must be defeated.

© Hazard 360 Ltd 2020 28 OY

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 295

Key Points
Site-Specific System
“A protection program designed for one site cannot be transferred to another,
as every site has a unique combination of configuration and physical
environment. The physical environment affects the selection of types of
sensors for perimeter sensor systems”.

Tamper Protection

• Both the hardware and the system design should aim to prevent defeat by
tampering. In other words, the system should be tamper-resistant and
tamper-indicating.
• Tamper switches should be placed on sensor electronics and junction box
enclosures used for either mounting or wire-ups supporting the device’s
operation.
• Aboveground power and signal cables can be placed inside metal conduit.
Alarm communication lines should use line supervision, which detects if lines
have been cut, disconnected, short-circuited, or bypassed.

© Hazard 360 Ltd 2020 29 OM

PSP® Physical Security Principles

Patterson ED 2 IPPS CH 7: Page 131

Line Supervision:

• Ensure that the integrator provides hardwire

direct current line supervision for sensor-to
control panel links.
• “Use a terminating end of line (EOL) resistor to
supervise the circuit, monitor changes in the
current that flows through the detection
circuit”.
• A designed install, so that supervision circuitry
initiates an alarm in response to opening,
closing, shorting or grounding of the conductors.
• Specify that the circuit supervisor units provide
an alarm response in the control centre in one
second or less.

© Hazard 360 Ltd 2020 30 OO

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 297

Key Points

Lightning Protection

Because they are installed outdoors, exterior sensors are exposed to electrical
storms at most sites. Lightning can disable, damage, or destroy the electronics
used in sensor equipment. Three primary precautions apply to reducing lightning
damage.
1) First, signal cables should be shielded, whether by their internal cable
construction or by using metal conduit.
2) Second, a good ground system is needed. This requires elimination of
ground loops and use of grounds at a single point.
3) Third, at the ends of the cables, passive transient suppression devices can
be installed.
Because “Fiber-Optic” transmission cables are not affected by lightning, they
have become the preferred method for transmitting data long distances
outside a building.

© Hazard 360 Ltd 2020 31 OD

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 299

Interior Sensors

• In a system with “Administrative Procedures, access controls, and

material monitoring”, interior intrusion sensors can be highly effective
against insider threats.
• If interior intrusion sensors are correctly placed, installed, maintained,
and tested, they can generate alarms in response to unauthorized acts or
the unauthorized presence of insiders as well as outsiders.
• Interior sensors are often placed in access mode during regular working
hours, making them more susceptible to tampering by an insider.

© Hazard 360 Ltd 2020 32 OE

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 300

Classification of Sensors

There are several ways of classifying the types of intrusion sensors.

This discussion uses the following classification:

 Active or passive
 Covert or Visible
 Volumetric or Line detection
 Application

© Hazard 360 Ltd 2020 33

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 300 - 301

Classification of Sensors
Active Sensors
Transmit a signal from a transmitter and, with a receiver, detect changes in
or reflections of that signal
Passive Sensors
Produce no signal from a transmitter and are simply receivers of energy in
the proximity of the sensor. This energy may be due to vibration (from a
walking person or a truck), infrared energy (from a human or a hot object),
acoustic activity (sounds of a destructive break-in), or a change in the
mechanical configuration of the sensor (in the case of the simpler
electromechanical devices).
The distinction between active and passive has a practical importance
The presence or location of a passive sensor can be more difficult to
determine than that of an active sensor; this puts the intruder at a
disadvantage. “In environments with explosive vapours or materials,
passive sensors are safer than active ones because they emit no energy
that might initiate explosives”.

© Hazard 360 Ltd 2020 34 OL

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 300

Classification of Sensors

Covert or Visible

• Covert sensors are hidden from view; examples are sensors in walls or
under the floor.
• Covert sensors are more difficult for an intruder to detect and locate, and
thus they can be more effective; also, they do not disturb the appearance
of the environment.
• Visible sensors are in plain view of an intruder; examples are sensors that
are attached to a door or mounted on another support structure.
• Another consideration, however, is that visible sensors may deter the
intruder from acting. Visible sensors are typically simpler to install and
easier to repair than covert ones.

© Hazard 360 Ltd 2020 35

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 301

Classification of Sensors
Volumetric
• The entire volume or a portion of the volume of a room or building can
be protected using volumetric motion sensors such as ultrasonic.
• “An advantage of volumetric motion sensors is that they will detect an
intruder moving in the detection zone regardless of the point of entry
into the zone”.
Line Detection
• Forcible entry through doors, windows, or walls of a room can be
detected using line sensors.
• These sensors only detect activity at a specific location or a very narrow
area.
• Unlike volumetric sensors, line sensors only detect an intruder if he or
she violates a particular entry point into a detection zone.

© Hazard 360 Ltd 2020 36 OP

PSP® Physical Security Principles
We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 37

PSP® Physical Security Principles

Polling Group (11) Questions 1 - 26 (Thirty Minute Duration)

© Hazard 360 Ltd 2020 38

 PSP® Physical Security Principles
We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 39

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 299 - 314

Classification of Sensors
Application
Sensors may be grouped by their application in the physical detection space.
Some sensors may be applied in several ways.
There are three application classes for interior sensors:
1: Boundary-Penetration Sensors
These detect penetration of the boundary to an interior area.
2: Interior Motion Sensors
These detect motion of an intruder within a confined interior area.
3: Proximity Sensors
These can detect an intruder in the area immediately adjacent to an object
in an interior area or when the intruder touches the object.

© Hazard 360 Ltd 2020 40 M

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 299 - 314

Classification of Sensors

© Hazard 360 Ltd 2020 41

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 299 - 314

Classification of Sensors

© Hazard 360 Ltd 2020 42 O, D

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 308

Dual Technology Sensors – And Gate

“Dual Technology Sensors utilises And Gate Methodology”

© Hazard 360 Ltd 2020 43 E

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 294

Dual Technology Sensors – OR Gate

© Hazard 360 Ltd 2020 44

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 303, 302, 306

Classification of Sensors

© Hazard 360 Ltd 2020 45

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 304

Classification of Sensors
Electromechanical
The most common type is a simple switch,
generally installed on doors and windows,
typically using a magnetic design consisting of
a switch unit and a magnetic unit.

“Another type of magnetic switch is the Hall effect

switch”. It is completely electronic, without
mechanical reed switches, and it requires power. It
provides a higher level of security than balanced
magnetic switches.

© Hazard 360 Ltd 2020 46 L, P

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 301 - 305

Classification of Sensors

© Hazard 360 Ltd 2020 47 A

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 307

Classification of Sensors

© Hazard 360 Ltd 2020 48

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 299 - 314

Classification of Sensors

© Hazard 360 Ltd 2020 49

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 299 - 314

Interior Motion Sensors – Pressure Mats

Picture 1 displays the old technology of

pressure mat which is very rarely used now.

Picture 2 depicts the new type of

technology that is being deployed in high
security facilities. When combined with
distributed databases and unique PINs or
cards, the authorized holder’s actual weight,
plus or minus a set margin, can be stored.
When the PIN is entered in the keypad or
the card inserted in the reader, the
transducer-detected weight will be
processed by the software entry algorithm.

© Hazard 360 Ltd 2020 50

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 310

Classification of Sensors

Radio frequency (RF) sensors are the most common type of

wireless sensors. In the United States, they typically
operate in the “300 MHz or 900 MHz”bands, and some
systems use spread-spectrum techniques for transmission.

A typical RF wireless sensor system consists of

sensor/transmitter units and a receiver. A
sensor/transmitter unit includes both sensor and
transmitter electronics in one package and is battery-
powered. Battery life is advertised as “two to five years,
depending on the number of alarms and transmissions”

© Hazard 360 Ltd 2020 51 R

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 314

Line Supervision

Line supervision is a way to monitor the communication link between a

sensor and the alarm control centre. Using supervised lines between the
sensor and host alarm system as well as continuously monitoring sensor
tamper switches also helps protect against insider threats.

End of Line Resistor

“EOLR’s” are resistors, of a known value, that are used to terminate

protective loops or zones, such as those found in IDS systems. The purpose
of EOLR's is to allow the control panel to supervise the field wiring for open
or short circuit conditions.

© Hazard 360 Ltd 2020 52

 PSP® Physical Security Principles
CPNI CCTV Principles Video

A Critical component of installing a CCTV Camera Surveillance System

is the use of an Operational Requirement Document (ORD)

© Hazard 360 Ltd 2020 53

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 315

Video Surveillance

Video surveillance is primarily used to do the following:

1. Detect activities that call for a security response

2. Collect images of an incident for later review and use as evidence if

needed.

3. Assist with incident assessment

© Hazard 360 Ltd 2020 54 T

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 315

Eight Elements of a Video Surveillance System

1. Field of View
2. Scene
3. Lens
4. Camera
5. Transmission Medium
6. Monitor
7. Recording Equipment
8. Control Equipment

© Hazard 360 Ltd 2020 55

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 315

Main Elements of a Video Surveillance System

Field of View: This is the area visible through the camera lens.
Scene: This is the location or activity to be observed.
Lens: The lens determines the clarity and size of the field of view.
Camera
The camera converts the optical image provided by the lens to an
electronic signal for transmission. The camera requires mounting hardware
and sometimes a housing for protection against vandalism or environmental
conditions (e.g., rain, snow, etc.).
Transmission medium
This is the medium through which the signal generated from the camera is
transmitted to equipment for viewing or recording, typically over coaxial
cable, twisted pair wire, network cable, optical fiber, or radio frequency
signal.

© Hazard 360 Ltd 2020 56

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 315

Main Elements of a Video Surveillance – Sub Systems

Monitor
The monitor can display one or more video images with the appropriate
equipment.
Recording Equipment
This includes recorders and equipment for selecting which images to record,
the speed at which the images will be recorded, the resolution of the
capture, and the compression format for the capture.
Control Equipment
This equipment is used to control what video is viewed and where the video
is stored. This equipment can also be used to change the field of view of a
specific camera via pan/tilt and zoom (PTZ) functions.

© Hazard 360 Ltd 2020 57

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 316

CCTV Camera Systems

The application dictates the “Equipment”, not the other way around.
If a system component is obsolete but still performing well, it is because the
“Original application was correctly designed to meet the performance
needs”.
A video surveillance system’s “System Functional Requirements” can be
recognised by asking these questions:

 What is the purpose of the system?

 What specifically is each camera supposed to view?
 What are the requirements for real-time monitoring or recorded video?

© Hazard 360 Ltd 2020 58 MY

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 317

CCTV Camera Functional Requirements

Different functions require different fields of view. One must consider three
factors:
Target. This may consist of
• Persons (individuals or groups)
• Packages or objects
• Vehicles (individual)
• Traffic
Activity. This could be
• Assault
• Vandalism
• Trespassing
• Robbery
• Package or vehicle left unattended

© Hazard 360 Ltd 2020 59 MM

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 317

CCTV Camera Systems

Purpose.
“To identify person or object and direction of travel using both fixed and
PTZ Cameras”.

Fixed Camera Operability

Provides a defined focal view that includes a person face and a wide focal
length to capture the background this camera is static capturing one view

PTZ Camera Operability

A pan/tilt and zoom (PTZ) camera is able to pan (move side to side) or tilt
(move up and down), enabling the operator to observe a much larger
viewing area. In addition, a motorized varifocal lens is used to expand or
narrow the field of view, providing enhanced viewing flexibility.

© Hazard 360 Ltd 2020 60 MO

 PSP® Physical Security Principles
We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 61

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 318

Theory of Visual Security

All Analogue: CCTV monitors and cameras employ a “Two-to-One (2:1)

interlace pattern”. The monitor first paints the odd-numbered horizontal
sweep lines of the image, and then resweeps the screen with the even-
numbered horizontal sweep lines.
This process creates 60 fields (half pictures) of information per second in
NTSC and 50 fields per second in PAL.
Combining one odd field and one even field of video information produces
one complete frame or picture of Analogue video.
In NTSC, for example, the viewer sees 30 complete frames each second.

Digital Video Technology: does away 2:1 interlace. Digital images are
presented on the monitor as a full grid of small coloured squares. Digital
video is not measured in terms of frames or NTSC or Pal standards.

© Hazard 360 Ltd 2020 62 MD

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 318

Theory of Visual Security

• 60 hz • 50 hz
• 525 horizontal scan lines • 625 horizontal scan lines
• Full-frame TV is 30 fps • Full-frame TV is 25 fps

© Hazard 360 Ltd 2020 63

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 318

Uses of Video Subsystems in Security

There are only three reasons to have cameras in security applications?

1. To obtain visual information about something that is happening.

2. To obtain visual information about something that has happened.
3. To deter undesirable activities.

• Satisfying the first two reasons requires the right combination of camera and
lens. One should base the choice of camera first on the camera’s sensitivity,
second on its resolution, and third on its features.
• Sensitivity refers to the minimum amount of visible light that is necessary to
produce a quality image.
• Resolution defines the image quality from a detail or reproduction
perspective.
• The camera’s features are the aspects that give one camera an advantage
over another.

© Hazard 360 Ltd 2020 64 ME

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 319

Selecting CCTV Cameras

When selecting a CCTV Camera, the criteria should apply in the following
order!

1. Cameras Sensitivity
2. Camera Resolution
3. Camera Features

• Sensitivity refers to the minimum amount of visible light that is necessary

to produce a quality image.
• Resolution defines the image quality from a detail or reproduction
perspective.
• The camera’s features are the aspects that give one camera an advantage
over another.

© Hazard 360 Ltd 2020 65 ML

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 319

Uses of Video Subsystems in Security – Key Points

Compatibility

It is common to use different camera models within the same system.

However, it is important to “verify compatibility” when using cameras that
were produced by different manufacturers within the same system.
Phasing and sequencing problems most often arise when cameras from
several manufacturers are used in one system. Incompatibility with
operations, viewing, or storage and playback can affect digital systems.

© Hazard 360 Ltd 2020 66 MP

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 319

Uses of Video Subsystems in Security

Subject: This is the ability to identify something or someone within the
scene beyond a shadow of a doubt. Therefore, to show the full body and still
make it possible to identify the person beyond a shadow of a doubt, the
scene can be no more than 20 ft. (6 m) wide.
Action: This form of identification captures what happened
Scene: Each scene should stand on its own merit, it is a collection of
information at a specific location

10%

1) Subject Identification 2) Action Identification 3) Scene Identification

© Hazard 360 Ltd 2020 67 MA

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 319, 320

Key Terms – Angle of View

Identification from a steep angle is difficult with CCTV images. “Subject
identification, for example, depends first on the size and detail of an image
and second on the angle of view”.

“Two Key Components are: Size and detail of image and Angle of View”

© Hazard 360 Ltd 2020 68 MR

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 320

Analog Systems Components

1. Camera (used to transform a
reflected light image into an
electronic signal)
2. Transmission cable (used to
transmit the electronic video
signal from the camera to the
monitor)
3. Monitor (used to translate the Components
electronic video signal into an
image on a screen) • Fixed Cameras
• PTZ Cameras
• Control Unit / Key, Mouse, Joy Stick
• Lens
• Video Transmitter Receiver
• Amplifier

© Hazard 360 Ltd 2020 69 MT

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 322

Digital Systems Components

1. Cameras
2. “Digital electronic signal
carrier, such as Category 6e
(Cat 6e) cable or digital
network”
3. PC with viewing or recording
software (sometimes
accessible via a Web browser Components
or remote video device, such
• Digital Electronic Scanning Software
as a smartphone or tablet
• Controller / GUIs, Mouse, Joy Stick
computer)
• Switcher
• Lens
• Video Transmitter Receiver
• Amplifier
• Video Recorder – DVD, NVR

© Hazard 360 Ltd 2020 70 OY

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 324

System Design

Video surveillance systems are not as complicated as they appear. System

design can be addressed by following a few simple rules:

1. Keep the system in perspective. Video surveillance systems contain only

three major components: camera, cable, and monitor. Any other item
is peripheral.

2. Let the application choose the equipment, not the other way around.
Salespeople may claim their equipment will handle all the user’s
needs—without even asking what those needs are.

© Hazard 360 Ltd 2020 71

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 324

System Design
Design Generically
The best system design does not necessarily specify models or brands but
remains open based on site or scene requirements.
Design for the best option first - Economics
Anything can be done with the right resources. It is best to design the
application before establishing a budget. After the design is completed, the
designer should calculate its cost and then, if necessary, remove some
elements.
Don’t feel the system must be built all at once - Expansion
Once the design is completed, the installation may be stretched over several
budget years. The key is to work with equipment that is solid, is proven, and
will most likely remain available for the next several years.

© Hazard 360 Ltd 2020 72

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 327
Equipment Selection – Features
“Automatic gain control (AGC)”:
An AGC circuit is built into most cameras that have a wide range of sensitivity.
This is an “internal video-amplifying system” that works to maintain the video
signal at a specific level as the amount of available light decreases.
“Electronic shuttering”:
Electronic shuttering (manual or automatic) refers to a camera’s ability to
compensate for light changes without the use of automatic or manual iris lenses.
“Backlight Compensation”:
Backlight Compensation is a technique by which parts of the camera pickup
sensor can be de-sensitised to prevent bright areas in view from causing the
picture to flare. So, if one wants to place a camera inside, say, reception looking
towards a glass door, then a camera using 'backlight compensation' must be
installed (and set up properly) to get evenly illuminated pictures. The most
common tool for controlling the brightness of an image focused onto a chip is
the Auto-Iris Lens.

© Hazard 360 Ltd 2020 73 OM, OO, OD

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 328

Equipment Selection – Features

“Auto-iris lens”:
The most common tool for controlling the brightness of an image focused
onto a chip is the auto-iris lens.
Masking:
This method of digital interfacing with the video signal is built into specific
cameras and controllers. Masking divides the video image into grid sections.
Next, various sections are programmed to be ignored. Then the grid overlay
is turned off, and the image is viewed without obstruction.
“Electronic Iris”
This is the first true method of digital signal enhancement that obviates the
need for auto-iris lenses. “Unlike its predecessors, the electronic iris works
on true video signal averaging”. This form of electronic enhancement
literally de-amplifies the super-bright and amplifies the sub-blacks, creating
an equal,

© Hazard 360 Ltd 2020 74 OE, OL

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 324 - 333

System Design
Step Process
1) Write the purpose of the proposed CCTV System.
2) Write the purpose of each camera into the system.
3) Write the areas to be viewed by each camera.
4) Choose the camera style.
5) Choose the proper lens for each camera.
6) Determine the best method for transmitting the video signal from the
camera to the monitor.
7) Layout the control area and determine what enhancements are needed
based on each visual assessment point requirements.

© Hazard 360 Ltd 2020 75

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 324 - 331

System Design
Step 1: Write the purpose of the proposed CCTV System
The system design will depend on the area to be covered, this may be a very
simple application e.g. four cameras placed on a rectangular building or
maybe multiple cameras spread throughout a shopping mall.
Step 2: Write the purpose of each camera into the system
Will the cameras be required for subject identification, action identification
or scene identification?
Step 3: Write the areas to be viewed by each camera
In this step, one defines the proposed cameras’ actual view in terms of both
height and compass points.
Step 4: Choose the camera style
The choice of camera style should be based on sensitivity, resolution,
features and any other design factors.

© Hazard 360 Ltd 2020 76 CKA

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 343 - 348

Step 5: Choose the proper Lens for each Camera

This choice is determined by three different factors: camera format, distance
from the camera to the scene and field of view.
Format Size: The format size of the lens must match or exceed the format
size of the camera. If the Len's format size is too small, the lens will not fill
the imager with a picture.
Thus, a 1/4 inch format camera requires a 1/4 inch format lens or larger
(such as 1/2 or 2/3 inch etc.). e.g. you cannot put a 1/8 inch lens into a
camera that requires a 1/4 inch format lens.
Distance from camera to scene. This factor determines what focal length of
lens is needed. The distance is measured from the front of the camera to the
main subject being viewed, this distance must be measured accurately.

© Hazard 360 Ltd 2020 77

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 351

STEP 6: Determine the best method for transmitting the video signal from
the camera to monitor
Coaxial cable is generally sufficient for Analog cameras, but will not work for
IP-based systems without the proper conversion electronics to transmit
digitally encoded signals on coaxial. For distances of 1,000 ft. (305 m) or
more between the camera and the control point, it may be best to use fibre-
optic cable, regardless of the type of camera. Coaxial cable being used over
1000 feet will require amplification.

STEP 7: Layout the control area and determine what enhancements are
needed based on each visual assessment point’s requirements
Step 2 defined the purpose of each camera. With those definitions, the
system designer can assign triggers and priorities, and then determine which
features the control equipment must have.
Determining triggers and priorities for each camera helps automate the
video system. It is inefficient and ineffective to assign people to sit and
watch tens or hundreds of scenes continuously.

© Hazard 360 Ltd 2020 78 CKA

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 332
Distance from camera to scene.
This factor determines what focal length of lens is needed. The distance is measured
from the front of the camera to the main subject being viewed. This distance must be
measured accurately.

© Hazard 360 Ltd 2020 79 OP

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 332

Field of view.
The field of view (Width and height of
the area being viewed) determines the appropriate
focal length for the lens.

Three main types of lenses are available:

Fixed lens
This provides only one field of view.
Varifocal lens
This lens offers a range of focal lengths and different fields of view. It is usually
adjusted and refocused manually.
Zoom lens
Like the varifocal lens, this offers a range of focal lengths and fields of view, but
without the need to refocus. Often zooms lenses are motorized and can be
controlled remotely.

© Hazard 360 Ltd 2020 80 OA

 PSP® Physical Security Principles
HMO Field of View Video

A field of view is what the CCTV Camera’s lens captures and presents as an
image on the CCTV Operators screen. In short,field of viewis the area of
coverage that thecameracan 'see' within a scene.

© Hazard 360 Ltd 2020 81

PSP® Physical Security Principles

Polling Group (12) Questions 1 - 27 (Thirty Minute Duration)

© Hazard 360 Ltd 2020 82

 PSP® Physical Security Principles
Welcome to ASIS PSP Webinar (7) of Training Programme

PSP

© Hazard 360 Ltd 2020 1

PSP® Physical Security Principles

ASIS PSP 2015
Module (7) Agenda

 Chapter 11: Electronic Security Systems

 Chapter 12: Security Officers the Human Element

© Hazard 360 Ltd 2020 2

 PSP® Physical Security Principles

PSP – Chapter 11 Continued

Electronic Security Systems

© Hazard 360 Ltd 2020 3

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 334

Equipment Selection
Standard Analog CCD Cameras
These may be black-and white or color. The most common type of camera,
these work well in all indoor and many outdoor applications. They are
analog-based and may or may not have digital effects. “Resolution ranges
from 220 horizontal lines (very low) to 580 horizontal lines (very high)”.
IP Cameras
These digital cameras come in black-and-white or color. Like their analog
counterparts, IP cameras require visible light to create an image. They are
available in three basic styles: standard, megapixel, and smart. All IP cameras
measure their resolution as a multiple of the Common Intermediate Format
Megapixel Cameras
A megapixel camera incorporates an image sensor able to deliver images
with more than one million pixels, usually at a minimum resolution of “1280
x 1024 pixels”.

© Hazard 360 Ltd 2020 4 M, O

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 334

Categories of Cameras

IP Cameras
These digital cameras come in black-and-white or color. Like their analog
counterparts, IP cameras require visible light to create an image. They are
available in three basic styles: standard, megapixel, and smart.
All IP cameras measure their resolution as a multiple of the Common
Intermediate Format (CIF).
They may be powered via transformers or may be rated as Power over
Ethernet (POE), in which case they receive their operational power from the
digital switching system via the network

© Hazard 360 Ltd 2020 5

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 334

Categories of Cameras
Infrared (IR) cameras. These cameras require an IR light source to create an
image. “They are used where visible light is not an option”.
Thermal Cameras
These require no visible or IR light to produce an image. Using special filters
and lenses, the cameras monitor the temperatures of the objects in their
field of view and use colors to represent temperatures. Cold objects are
shown in varying shades of blue, while hot objects are shown in varying
shades of red. “They are normally used in High Security Facilities”
Day-night cameras.
All cameras can provide day and night functionality. However, a camera
designed for specifically day and night installations can work in both outdoor
installations and in indoor areas with little or poor lighting. Most true day
night functionality is achieved with a removable IR-cut filter, also called an
IR-blocking filter. The camera automatically monitors sensitivity. It provides
color images during the day. At night, it removes the IR filter to allow IR light
in and then provides video in black-and-white

© Hazard 360 Ltd 2020 6 D, E

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 335

Five Main Types of Camera Lens Are

 Wide Angle - A wide-angle lens captures a very wide scene and thus is
best suited for short ranges—that is, “0 to 15 ft. (4.5 m)”.

 Standard - For an average scene at medium distance, a standard lens is

needed. This type of lens reproduces a view equivalent to what the
human eye sees at the same distance,

 Telephoto - If the required view is a narrow area at long range,

 Zoom - A zoom lens incorporates moving optics that produce the same
views provided by wide-angle, standard, and telephoto lenses, all in one
device

 Varifocal - This is a smaller version of a manual zoom lens, offering the

opportunity to tune the view on-site

© Hazard 360 Ltd 2020 7 L

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 339

Common Intermediate Format Chart (CIF)

“Resolution of Digital Cameras are measured in terms of Common

Intermediate Format Chart (CIF)”

© Hazard 360 Ltd 2020 8 P

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 352

© Hazard 360 Ltd 2020 9

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 352

Types of Lens
The iris sits in the lens assembly
and controls how much light
enters the camera. In bright light a
small aperture is needed; in dull
light a larger aperture is required
to let in the same amount of light.

• An auto-iris lens uses a motor to open or close the iris, responding automatically
to changes in light, and especially suited to outside, where light naturally
changes.
• A manual-iris (aka manual-aperture) lens can be opened or closed during
installation to increase or decrease the amount of light that passes through it.
• A fixed-iris (aka fixed aperture) lens has no adjustable physical control over the
amount of light that passes through it, and is generally used indoors.
• “The primary factor: Is the minimally variable, highly variable or fixed lighting as
this will determine the selection of lens Iris”.
© Hazard 360 Ltd 2020 10 A
 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 352

Types of Lens
The diameter of the lens aperture is called the F-stop. A low F-stop number
means the lens has a large aperture, and works very well in low light.
• A high F-stop number means that the lens works well in bright
conditions. Since most lenses work well in bright conditions, usually only
the low-end performance value is given.
• An F-stop of 1.2 (above) means that this is a very good lens well suited to
low light, but the inference is that it will probably perform well in bright
light as well (as the lens aperture gets smaller).

© Hazard 360 Ltd 2020 11

PSP® Physical Security Principles

MITIE Security Control Room Video

Fully integrated security control room with international functionality

© Hazard 360 Ltd 2020 12

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 352

Alarm Communication Systems

Alarm communication and display (AC&D) is that part of a PPS that
transports alarm and assessment information to a central point, and
presents the information to a human operator.

It is now possible to quickly collect and process a wide variety of

information; the challenge is to effectively present this information in order
to enable decisions about what actions are needed.

There are the two critical elements of an AC & D system ?

1. The transportation or communication of data.

2. The presentation or display of that data to a human operator in a

meaningful manner.

© Hazard 360 Ltd 2020 13 R

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 352

AC & D Attributes
Components

• AC&D components and systems should be designed to last a long time.

• The individual components should be reliable and have a long mean time
between failures (MTBF) = (System Component Effectiveness)
• A reliable system requires less maintenance and is more trusted by
operators.
Risk Mitigation

The AC&D system is a major component in the overall physical protection system
(PPS). Because the PPS protects the site’s critical assets, the AC&D system must
be secure from attacks by adversaries.
For example, procedures should limit who has access to AC&D displays and
system configuration, and only authorized persons should have access to AC&D
information, components, and wiring. As part of this protection, the alarm
communication subsystem should be secured from access by attackers.

© Hazard 360 Ltd 2020 14 T

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 353

AC & D Attributes
AC&D systems must be easy for an operator to use.
While a multitude of sensors can provide considerable data, this data must be
displayed in a fashion that “Presents the essential information to the operator”.
In addition, the user must not be overwhelmed with data, interaction with the
system must be efficient, and users must be able to perform necessary
operations quickly and easily. A system that is easy to use also reduces the
amount of training and retraining needed.

List four Critical Functions of the AC & D System

1. Where the alarm has occurred

2. What or who caused the alarm
3. When the alarm happened
4. What response or action required to the alarm

© Hazard 360 Ltd 2020 15 MY

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 353

Alarm Communication Sub-Systems

The communications sub-system transfers data from one physical location to
another. Specifically, an AC&D communications subsystem moves data from
the collection point (sensors) to a central repository (display).
If the central repository consists of multiple computers or displays, then the
communication sub-system may also move data throughout the repository.

© Hazard 360 Ltd 2020 16

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 355

Security Communications
For many applications, the communications media of choice are telephone,
cellular, optical fiber, satellite, and Internet/network connectivity.
In every communication, security professionals are concerned with the
following:
• Integrity of the communications medium (availability of the message
path)
• Integrity of the message (complete and errorless transmission of the
data)
• Timeliness of the transmission (data communication within an
appropriate time frame)
• Message security (accessibility of the communication to authorized
persons only)
• “Fiber is the cable of choice for terrestrial communication carriers”

© Hazard 360 Ltd 2020 17 MM

PSP® Physical Security Principles

IPPS Paterson ED 2: CH 7: Page 109, 113
Types of Cables

Three types of Coaxial Cable Are:

• RG 6 – 750 FT
• “RG 11 – 750-1500 FT “Amplification required after 1000 feet”
• RG 59 – 1500 – 2500 FT amplification required after 1000 feet
• Different coaxial cables are used depending on the distance between the camera
and the monitor

© Hazard 360 Ltd 2020 18 MO

 PSP® Physical Security Principles
IPPS Paterson ED 2: CH 7: Page 119
Key Points
Without a reliable power source and intact wiring, a security system cannot
function. Indeed cutting the power to a security device may be an
adversary’s first course of action. The availability of electrical power
influences the choice of security devices.

Questions to be consider are?

 What electrical power is available for security hardware, if any?

 What backup power is provided for security?
 Are lightning strikes considerations?
 Is a lightning protection system advisable for new electronic equipment?
 Will all wiring be protected within a conduit?
 How often are alarm signals transmitted back to a monitoring station?
 What communication and protocols will be used?

© Hazard 360 Ltd 2020 19 CKA

PSP® Physical Security Principles

IPPS Paterson ED 2: CH 7: Page 127
Wire Cable Communications

 All wiring including low voltage wiring outside the security of the control
centre console and equipment racks, should be installed in rigid,
galvanised steel conduit conforming to UL6 except where plenum – rated
cable is allowed.

 Low voltage PPS wiring must be separated from power cables by at least
2 inches unless the manufacturer specifically allows for smaller
separation

 “Data transmission media” should not be pulled into conduits or placed

in raceways, compartments, cutlet boxes, function boxes, or similar
fittings with other building wiring.

© Hazard 360 Ltd 2020 20 MD, ME

 PSP® Physical Security Principles
We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 21

PSP® Physical Security Principles

IPPS Paterson ED 2 CH 7: Page 129 - 130

Network Topologies
Bus or linear Topology:
“A single line (the bus) is connected to all nodes”, and Linear
the nodes connect only to this bus. This is commonly
used in many Ethernet networks connecting PPS
Components.

Mesh Topology:
At least two nodes, with two or more paths between
them
“A special kind of mesh, limiting the number of hops
between two nodes is a hypercube”. Mesh

© Hazard 360 Ltd 2020 22 ML, MP

 PSP® Physical Security Principles
IPPS Paterson ED 2 CH 7: Page 129 - 130

Ring - Loop Topology:

These nodes and branches form a ring. If one of the McCulloh
nodes on the ring fails, then the ring in broken and Circuit
cannot work.
• A short circuit or broken connection on the loop
may interrupt all signals on the far side of the
break.
• “This problem can be partially corrected by
using a McCulloh circuit, which can send current
from the control unit over both sides of the
circuit wires out to the break point”.

Dual Ring Topology:

“Has two branches connected to it and is more
resistant to failures”. Typically, the secondary ring in Dual Ring
a dual-ring topology is redundant. It is used as a
back-up in case the primary ring fails.

© Hazard 360 Ltd 2020 23 MA, MR

PSP® Physical Security Principles

IPPS Paterson ED 2 CH 7: Page 129 - 130

Star Topology:
Peripheral nodes are connected to a central
node, which rebroadcasts all transmissions
received from any peripheral node to all
peripheral nodes on the network, including
the originating node. All peripheral nodes
may communicate with each other by
transmitting to, and receiving from, the
central node.

Fully Connected Topology:

“This topology connects all nodes so there is
always a connection path”.
Fully
Connected

© Hazard 360 Ltd 2020 24 MT

 PSP® Physical Security Principles
IPPS Paterson ED 2 CH 7: Page 129 - 130

Tree Topology:
Nodes are arranged as a tree. This resembles an
Interconnection of star networks in that individual
peripheral nodes (i.e. leaves) are required to transmit to
and receive from one other node only, and are not
required to act as repeaters or regenerators. Unlike the
star network, the function of the central node may be
distributed.
Hybrid Topology:
A combination of any two or more network topologies in
such a way that the resulting network does not have one
of the standard form.
For example: a tree network connected to a tree network
is still a tree network. “But a star and bus network
connected together exhibit hybrid network topologies”.
A hybrid topology is always produced when two different Hybrid
basic network topologies are connected. Topology

© Hazard 360 Ltd 2020 25 OY

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 371

Alarm Control and Display (AC&D)

The subsystem’s goal is to support the rapid evaluation of alarms.
The alarm display equipment (the operator’s console) receives information
from alarm sensors. “Several concerns must be addressed in console
design”:

• What information is shown to the operator

• How it is presented
• How the operator communicates with the system
• How to arrange the equipment at the operator’s workstation

An effective control and display subsystem presents information to an

operator quickly and clearly. The subsystem also responds quickly to any
operator commands.

© Hazard 360 Ltd 2020 26 OM

 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 371

List the type of information that an AC&D System may present

• Zone status (access/secure/alarm/tamper)

• Zone location
• Alarm time
• Instructions for special actions
• Telephone numbers of persons to call
• Maps of the zone
• Video where available
• Pre- and post-alarm video call up
• Special hazards or materials associated with the zone
• Sate change icons with color and animation for user ease
• Poorly designed GUI (Graphical User Interface) can overwhelm operator

© Hazard 360 Ltd 2020 27 OO

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 371, 372

Ergonomics – Human Factors

• The control and display subsystem should be designed to serve the

human operator. Ensuring normal temperature, humidity, noise, and
general comfort factors creates an environment suitable for operator
effectiveness and reduces frustration and fatigue.
• Adjustable lighting lets operators set illumination levels as needed for
good viewing of video monitors.

The work area design must consider these factors:

• What the operator needs to see: people, equipment, displays, and

controls
• What the operator needs to hear: other operators, communications
equipment, and warning indicators
• What the operator needs to reach and manipulate: hand or foot controls
and communications equipment
© Hazard 360 Ltd 2020 28
 PSP® Physical Security Principles
ASIS PSP 2015 CH 11: P 371 - 378

Ergonomics – Human Factors

© Hazard 360 Ltd 2020 29

PSP® Physical Security Principles

ASIS PSP 2015 CH 11: P 377

Trends and Issues in Electronic Systems integration

• Big Data – “The crunching of vast collections of information”
• Data Storage Technologies
• Analytics
• Standards
• Data Aggregation
• Near Field Communication
• Smart Cards – Biometrics
• Managed Services
• Product Hybridization
• Robotics
• E-Learning Training Tools

© Hazard 360 Ltd 2020 30 OD

 PSP® Physical Security Principles

PSP – Chapter 12
Security Officers the Human Element

© Hazard 360 Ltd 2020 31

PSP® Physical Security Principles

ASIS PSP 2015 CH 12: P 382

Security Officer Duties

Protection officers are also providing a more diverse array of services for
their employers and clients, often being asked to assist in:

 Communications
 Customer service
 Transportation

© Hazard 360 Ltd 2020 32

 PSP® Physical Security Principles
ASIS PSP 2015 CH 12: P 382, 385

Methodology of Proprietary and Contract Security

Once an organization determines that the use of protection officers will
mitigate a risk, options include using a proprietary or in-house staff
(employed directly by the organization), using contract staff (employed by a
security services firm), or taking a hybrid approach, using both.

Where would you use the Hybrid Approach?

Organizations and decision makers should weigh each approach’s
advantages and disadvantages and “Develop Budget Models” to ensure a
thorough understanding of the costs associated with each alternative.
Technology
“By leveraging technology, often smaller numbers of security personnel
can perform more job tasks”

© Hazard 360 Ltd 2020 33 OE, OL

PSP® Physical Security Principles

ASIS PSP 2015 CH 12: P 384

Determining the need for a security force

A risk management strategy takes full advantage of multiple security
approaches, including behaviour modification strategies such as “Policies,
Procedures, training, and awareness programs”; electromechanical options
such as security systems, locks, and lighting; and personnel, including
security officers.
“Thus, security officers should not be considered a standalone resource
but a part of a comprehensive asset protection plan”.
Cost Benefit
Security personnel are generally the most expensive component of a
security program, but also the most critical.
As with all security measures, use of security officers should be periodically
re-evaluated to ensure that the program achieves desired security
objectives, including maximizing the practical benefit of security budgets

© Hazard 360 Ltd 2020 34 OP, OA

 PSP® Physical Security Principles
ASIS PSP 2015 CH 12: P 384

Mission
The basic mission of security officers is:
• To protect company assets from theft,
sabotage and other hostile acts that may
adversely impact the organization.
• To protect life and property at company
facilities.
Operability:
How security officers accomplish this mission
depends upon the specific assets they must
protect.
• The protection methods are defined in
company-promulgated policies, standards,
procedures, orders and plans

© Hazard 360 Ltd 2020 35

PSP® Physical Security Principles

ASIS PSP 2015 CH 12: P 3841 - 429

Duties:
 The primary function of the security officer is Access Control
 Protect company site, buildings and assets.
 Enforce company policies, standards, procedures and report violations.
 Control around direct vehicle and personnel traffic.
 Maintain order during emergency situations.
 Provide assistance to employees in distress.
 Provide escort services.
 Carry out general and special orders.
 Conduct personnel, package and vehicle inspections.
 Perform safety and security inspections of facilities and personnel.
 Report violations of stated company policies.
 Monitor alarms and dispatch response to incidents.
 Respond to security breaches and apprehend perpetrators.
 Make full and accurate reports of incidents.
 Provide counter-intelligence.

© Hazard 360 Ltd 2020 36

 PSP® Physical Security Principles
ASIS PSP 2015 CH 12: P 384

Engaging a Manned Security Force

 A continuing challenge, especially within the contract security industry,

is the tendency when procuring services to overemphasize low price.

 This short sightedness often leads to disappointing and compromised

service quality.

© Hazard 360 Ltd 2020 37

PSP® Physical Security Principles

ASIS PSP 2015 CH 12: P 384

Necessary Human Being – Security Officer

The need for security personnel can be analysed using the:

 Necessary Human Being concept, i.e., by questioning if the

characteristics and reactions required at a particular security post call
for human capabilities.

 Each post is likely to demand a combination of cognitive (knowledge),

psychomotor (physical), and affective (attitudinal) skills

© Hazard 360 Ltd 2020 38 CKA

 PSP® Physical Security Principles
ASIS PSP 2015 CH 12: P 387

Security Officer Patrol Methods

There are two methods of patrolling:

 “Foot Patrols”
 “Mobile Vehicle Patrols”

 Regardless of the patrol method, the officer should patrol the assigned
area systematically, frequently backtracking and taking unexpected
routes.

 Officers on patrol observe a wide variety of people, assets, and

locations. A patrol officer must continuously be vigilant and have a solid
familiarity with the patrol area and surrounding environment.

© Hazard 360 Ltd 2020 39 OR

PSP® Physical Security Principles

ASIS PSP 2015 CH 12: P 389

Dealing with Disturbed Person

Security officers frequently encounter disturbed people, e.g., persons who

are mentally ill, under the influence of alcohol or illegal drugs, temporarily
unable to control themselves due to physical or emotional trauma, or
otherwise behaving in an irrational manner that could result in injury to
themselves or others.

Use of force policy

 A well defined use of force policy provide the practical parameters on

how disturbed individuals should be handled and a measure of legal
protection

 “In dealing with disturbed people the safety of the responding security
officer is paramount”

© Hazard 360 Ltd 2020 40 OT

 PSP® Physical Security Principles
ASIS PSP 2015 CH 12: P 392

Security Officers and Security Awareness

Security officers are often the first contact a visitor, customer, vendor, or
employee has with an organization. The way they deal with people has a
marked effect on the initial impression made by the organization.

Security officers can also help form and maintain good relationships
between the security department (in-house or contract) and others in the
organization.

 By being involved in a security awareness program, officers can have a

positive impact in encouraging employees to report or decrease
security risks.

While some people are antagonistic toward anyone in an enforcement

position, well-trained officers who are courteous, act with restraint, and use
good judgment can often overcome such resistance.

© Hazard 360 Ltd 2020 41

PSP® Physical Security Principles

ASIS PSP 2015 CH 12: P 392, 393

Security Officers and Intelligence

By collecting information that relates to asset protection, specifically

concerning criminal or adversary activities, security officers assume an
intelligence role.

To be successful in this role the security officer should be trained in the

following:

 Fundamentals of Investigations
 Interviewing Techniques
 Investigative Report Writing

© Hazard 360 Ltd 2020 42

PSP® Physical Security Principles
We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 43

PSP® Physical Security Principles

Polling Group (13) Questions 1 - 29 (Thirty Minute Duration)

© Hazard 360 Ltd 2020 44

 PSP® Physical Security Principles
We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 45

PSP® Physical Security Principles

ASIS PSP 2015 CH 12: P 394

Security Officer Uniform and Equipment

 Before an organization purchases uniforms and equipment, it is wise to

review “state and local statutes and regulations” to ensure that any
proposed purchases of uniforms and equipment comply with the law.

The purpose of such regulation is to ensure that the general public is clearly
able to distinguish private security officers from law enforcement officers.

© Hazard 360 Ltd 2020 46 M

 PSP® Physical Security Principles
ASIS PSP 2015 CH 12: P 395

Security Officer Identity Badge

Considerations

 Identity Badge generally display a photograph of the person

 The badge normally provides the officer with proper identification and
access to areas that he or she needs to tour regularly or areas which
may need to be entered in and emergency

© Hazard 360 Ltd 2020 47

PSP® Physical Security Principles

ASIS PSP 2015 CH 12: P 396

Security Officer Weapons

One of the greatest liabilities an organization faces involves issuing deadly

weapons to security officers. If allowable by regulation, the decision to arm
an officer should be based on the existence of one or both of the following
conditions:

 There is a greater danger to life safety without the weapon.

 The officer may reasonably be expected to use fatal force.

© Hazard 360 Ltd 2020 48

 PSP® Physical Security Principles
ASIS PSP 2015 CH 12: P 398

Security Officer Standards

ASIS GDL PSO – 2010

 ASIS International recognized the need for increased standards for

private security officers in 2001 and developed the Private Security
Officer Selection and Training Guideline (ASIS, GDL PSO-2010), and has
recently been updated in 2019

© Hazard 360 Ltd 2020 49

PSP® Physical Security Principles

ASIS PSP 2015 CH 12: P 402

Security Officer Ethics

 A security officer must be guided by ethical conduct. The International

Foundation for Protection Officers promulgated a code of ethics (IFPO,
2010, p xxv), which states that a protection officer shall do the
following:

• Respond to the employer’s professional needs.

• Exhibit exemplary conduct.
• Protect confidential information.
• Maintain a safe and secure workplace.
• Dress to create professionalism.
• Enforce all lawful rules and regulations.
• Encourage liaison with public officers.
• Develop good rapport within the profession.
• Strive to attain professional standards.
• Encourage high standards of officer ethics.
© Hazard 360 Ltd 2020 50
 PSP® Physical Security Principles
ASIS PSP 2015 CH 12: P 403

Security Officer Cognitive Learning – Knowledge Based

• The intellectual aspect of learning - cognition -includes the amount of

material that is learned and the theory relating to the material.

• Example – Reading instructions on how to set and unset an Alarm

System and then putting that information into operation

© Hazard 360 Ltd 2020 51 O

PSP® Physical Security Principles

ASIS PSP 2015 CH 12: P 403

Security Officer Affective Learning

How a person views a situation is changed by affective learning. Training of

this type includes:

 Understanding various cultures

 Dealing with disabled persons,

 Practicing safety compliance

 Exploring the methods used by adversaries to acquire information.

© Hazard 360 Ltd 2020 52 D

 PSP® Physical Security Principles
ASIS PSP 2015 CH 12: P 404

Psychomotor learning
The physical or hands-on aspect of learning falls under the psychomotor
domain.
Six examples of Psychomotor are:

 Operating Equipment
 Defensive Driving Tactics
 Firearms Training
 Fire Extinguisher Training
 First Aid Skills
 Emergency Response Skills

© Hazard 360 Ltd 2020 53 E

PSP® Physical Security Principles

ASIS PSP 2015 CH 12: P 406

Benefits of Training:
• Improved job performance.
• Ease of supervision.
• Procedure review.
• Staff motivation.
• Reduced turnover.
• Legal protection.

© Hazard 360 Ltd 2020 54

 PSP® Physical Security Principles
ASIS PSP 2015 CH 12: P 408

Security Officer Training

There are three types of training methods used to train and evaluate
security officers.

 Pre-Assignment Training – in accordance with applicable legal

requirements

 On the job training

 Annual training sufficient to maintain security officer proficiency

Security Officers should pass a written or performance examination (or

both) to demonstrate that they understand the subject matter

© Hazard 360 Ltd 2020 55 L

PSP® Physical Security Principles

ASIS PSP 2015 CH 12: P 412

Use of Case Studies in Security Officer Training

Case Studies

 Are a teaching tool and are useful for guiding the security officer
training it is also useful for guiding the learner in any topic where
discretionary judgment is necessary.

Case studies can be used to supplement lectures and give them life. The
lecturer can present the facts needed and then offer time for discussion.

Video presentations can reduce the time needed for the facts to be
presented.

© Hazard 360 Ltd 2020 56 P

 PSP® Physical Security Principles
ASIS PSP 2015 Advisory
Training Strategies:

Security managers can use a number of strategies to make their training programs more
cost-effective.
Examples of strategies that have been used successfully include the following:

• Off-duty training
Training drives productivity
• Tuition reimbursement
quality service and
• Recognition programs succession planning
• Integrated training
• Videos
• Supervisory training
• Internships
• Previous experience
• Officer selection,
• Job rotation
• Professional memberships
• Distance Learning

© Hazard 360 Ltd 2020 57

PSP® Physical Security Principles

ASIS PSP 2015 Advisory

Training should include the following elements:

© Hazard 360 Ltd 2020 58

 PSP® Physical Security Principles
ASIS PSP 2015 CH 12: P 414

Obstacles to Providing Training:

Before developing training programmes, protection managers must have a clear
understanding of the obstacles that arise to implementation so they can foresee them and
plan for them.
Rushing blindly into the launch of a training syllabus usually results in substantial
problems.
Unfortunately, when this happens, the training programme is derailed and security officers
do not receive much needed training.

What do you think are the most common obstacles?

 Budgetary limitations
 Scheduling
 Lack of management training expertise
 Prejudice
 Ego / Egotism

© Hazard 360 Ltd 2020 59

PSP® Physical Security Principles

We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 60

 PSP® Physical Security Principles
ASIS PSP 2015 CH 12: P 421

Elements of Security Officer Instruction

General Orders Makeup
Are generally made up from requirement statements (Policy, Procedures)
Post Orders Makeup
Post orders generally contain a list of procedures for the security team to
follow in the day to day operations,
(i.e) At 06:00 hours The security shall attend the research and Development
building and disarm the alarm system which is located at the main entrance.
Special Orders Makeup
A special order may be issued, for example, if the procedures for a particular
post are affected by the temporary closure of another gate, or if a facility is
hosting a special event. It is especially important that special orders clearly
specific the time period in which the order is in effect.

© Hazard 360 Ltd 2020 61 A,R, T

PSP® Physical Security Principles

ASIS PSP 2015 CH 12: P 422

Summary of Orders
The orders should provide guidance and support and covey the following
information to the Security Team.

 Express the policies of the protected enterprise

 Summarise required security officers duties
 Avoid the problems of word of mouth instructions
 Provide a basis for site specific training

© Hazard 360 Ltd 2020 62

 PSP® Physical Security Principles
ASIS PSP 2015 CH 12: P 423, 424

Personnel Database Information

• Name, address, and telephone numbers

• Employee number
• Shift and overtime preferences
• Maximum number of hours the employee is allowed to work availability
of the employee (particularly important for a part time officer)
• Special training, certification, and qualifications (skills inventory)
• Vacation allowance and specific days requested
• Scheduled training days
• Posts from which the officer is excluded
• Other considerations, such as physical limitations

© Hazard 360 Ltd 2020 63

PSP® Physical Security Principles

ASIS PSP 2015 CH 12: P 424

Scheduling Considerations

Proprietary Force
For a proprietary security officer, factors other than post hours and shift
time must be considered.

 Paid Holidays
 Sick Time
 Other absences, such as jury duty, family illness, or emergencies

© Hazard 360 Ltd 2020 64 MY

 PSP® Physical Security Principles
ASIS PSP 2015 CH 12: P 425

Contract Security Force

The client and the agency usually agree to the basic schedule when a
contract guard force is in place.
The agreement sets forth the total number of officer hours required in a
given week. It then becomes the responsibility of the Security Contractor to
provide individual officers at the required posts to cover scheduled hours.

Vulnerability – Disadvantage

 In practice, the replacement security officer may never have been

assigned before to the particular client location.

 Such a security officer cannot become familiar with post requirements

in one or two hours, and an inexperienced officer may cause more
harm than good.

© Hazard 360 Ltd 2020 65 MM

PSP® Physical Security Principles

ASIS PSP 2015 CH 12: P 425

Daily Occurrence Log / Book (DOB)

The daily occurrence Log / Book is used by the security officers record
matters of importance.

 Officers should log their meal periods just as they report their other
activities. If an incident occurs, the log may allow verification of
whether an officer was on a meal break or should have been at the
post.

© Hazard 360 Ltd 2020 66

 PSP® Physical Security Principles
ASIS PSP 2015 CH 12: P 425, 426

Supervisor Training Responsibilities

Personnel who supervise others should receive special training in:

 Management
 Leadership
 Human relations
 Interpersonal communication skills
 Labour and criminal laws
 Emergency response

Ideally, this training should be completed prior to promotion as a supervisor

and should also be a continuing requirement while the supervisor occupies
this position.

© Hazard 360 Ltd 2020 67 MO

PSP® Physical Security Principles

ASIS PSP 2015 CH 12: P 426

Supervisor Post Order Compliance

The Supervisor should conduct regular review of post orders with security
personnel to provide assurance that the officer is competent and
understands the content of the post orders.

Evaluation
To ensure the post order is read and to reinforce the training, the supervisor
can later visit each post and do the following:

 Ask one or more specific questions about the new order.

 Observe the officer in an actual situation involving its application.

 Set up a hypothetical situation requiring the officer to show a working
knowledge of the order.

© Hazard 360 Ltd 2020 68 MD

 PSP® Physical Security Principles
ASIS PSP 2015 CH 12: P 426

Supervisor Continuous Security Officer Training

The purpose of continuous training is to:

 The Supervisor Provides feedback to an officer in response to situations

that were not handled correctly

 The Supervisor provides training when new material is introduced that

requires familiarisation by the officer

© Hazard 360 Ltd 2020 69 ME

PSP® Physical Security Principles

ASIS PSP 2015 CH 12: P 427

Quality Control Program

Security Officer Inspection areas to be assessed:

 Personal Appearance
 Condition of the Post
 Availability and condition of required personnel and post equipment
 Quality of officer response to training questions or simulations
 Quality of officer response to real – life situations

© Hazard 360 Ltd 2020 70 CKA

 PSP® Physical Security Principles
ASIS PSP 2015 CH 12: P 427

Quality Control Program

The objective of QA is to maintain and improve service, as well as prevent

problems before they happen; in contrast, the objective of QC is to test, to
inspect, or to identify problems, typically at the job or contract site, in order
to correct them. Thus, QA and QC are inextricably linked, as both are
essential to maintain service quality, as well as to continuously improve
security officer performance and operations.

Deliverable

 One of the deliverables in relation to security officers is their

performance on the job.

© Hazard 360 Ltd 2020 71 ML

PSP® Physical Security Principles

ASIS PSP 2015 CH 12: P 427

Quality Control Program

In the context of Security Officer Operations the purpose of a Quality

Control Program is to focus on:

 Management systems and processes that help ensure consistent

service quality

© Hazard 360 Ltd 2020 72 CKA

 PSP® Physical Security Principles
ASIS PSP 2015 CH 12: P 427

Quality Control Program

Inspections:
Quality control inspections have several objectives:

• Identify trends
• Identification of substandard performance
• Subject areas requiring supplemental training
• Procedures needing clarification.

 Information captured by quality control inspections also serve as a useful

tool for identifying and rewarding exceptional security officer
performance and for communicating performance quality to clients or
management.

© Hazard 360 Ltd 2020 73 CKA

PSP® Physical Security Principles

ASIS PSP 2015 CH 12: P 430

Leveraging the Human Element

Security Awareness

The visibility of security officers and their frequent daily contact with people
make security officers uniquely positioned to be important players in
organizational efforts to broaden security awareness.

 Cost-effective and practical ideas to increase organization-wide security

awareness include incorporating such training into new-hire
orientations, special luncheons, or regular business meetings.

© Hazard 360 Ltd 2020 74 CKA

 PSP® Physical Security Principles
ASIS PSP 2015 CH 12: P 430, 431

Business Watch Program

Business Watch programs offer yet another way to broaden security

shoplifting, fraud, and vandalism.

Strategy:

 Strategies include connecting designated police officers with business

and community leaders, who jointly assist local business owners,
operators, and employees in reporting and preventing crime.

© Hazard 360 Ltd 2020 75

PSP® Physical Security Principles

We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 76

PSP® Physical Security Principles
Polling Group (14) Questions 1 - 15 (Twenty Five Minute Duration)

© Hazard 360 Ltd 2020 77

 PSP® Physical Security Principles
Welcome to ASIS PSP Webinar (8) of Training Programme

PSP

© Hazard 360 Ltd 2020 1

PSP® Physical Security Principles

ASIS PSP 2015
Module (7) Agenda

 Chapter 13: Principles of Project Management

 Chapter 14: Project Planning and Preparation (Include Patterson ED 2)

© Hazard 360 Ltd 2020 2

 PSP® Physical Security Principles

PSP – Chapter 13
Principles of Project Management

© Hazard 360 Ltd 2020 3

PSP® Physical Security Principles

ASIS PSP 2015 & ASIS IPPPS CH 13: P 437 / CH 2: 19

Project Management

Project management involves the following elements: (437)

 Planning

 Organizing

 Controlling Resources

 “The Project is a temporary effort with a defined beginning and end”

The typical physical protection system (PSP) implementation Process (19)

 The process can take from 18 – 24 months

© Hazard 360 Ltd 2020 4 M

 PSP® Physical Security Principles
ASIS PSP 2015 CH 13: P 438

Security Project Triangle of Constraints

Determines the
Describes the work
value of finance to
to be done.
carry out the work

Project Schedule

Sets the stages, and phases in a time table

for the work to be conducted (WBS)

© Hazard 360 Ltd 2020 5 O

PSP® Physical Security Principles

ASIS PSP 2015 CH 13: P 440

Project Risk Analysis

Every security project should be based on a qualified risk analysis.
Risk analysis identifies assets that need to be protected, determines the
impact of the organization regarding losses, and the perils that may affect
assets.
Any security project performed without a risk analysis will necessarily be
flawed, since decisions reached on the scope of work will be uninformed as
to the threats, probabilities, vulnerabilities, and consequences of possible
security events.
Accordingly, the organization will be unprepared to deal with unknown risks,
decisions will be based merely on decision makers’ assumptions.
It is common after a catastrophe to hear people in decision making authority
say, “I had no idea that could happen.” Foreknowledge from a qualified risk
analysis can prevent worst-case security events, often at minimal or no
additional cost.

© Hazard 360 Ltd 2020 6

 PSP® Physical Security Principles
ASIS PSP 2015 CH 13: P 440

Project Management

Five basic task s of a physical protection system (PSP) Implementation are:

1. Conducting planning and assessment to determine security

requirements

2. Developing conceptual solutions for resolving vulnerabilities

3. Preparing PSP design and construction documentation

4. Soliciting bids and conducting pricing and vendor negotiations

5. Installing, testing and commissioning the PSP

© Hazard 360 Ltd 2020 7

PSP® Physical Security Principles

ASIS PSP 2015 CH 13: P 441, 442

Project Management Process

The project management process for a typical integrated PSP project

includes these elements:

 Project Concept
 Designing the Project
 Management the bid Process
 Managing the Implementation Process
 Acceptance of Work
 Initialising and managing warranty Process

© Hazard 360 Ltd 2020 8

 PSP® Physical Security Principles

PSP – Chapter 14
Project Planning Preparation

© Hazard 360 Ltd 2020 9

PSP® Physical Security Principles

ASIS PSP 2015 CH 14: P 444

Technical Security Project

Six Progressive Tasks

1. Risk Analysis
2. Conceptual (Schematic)
3. Design Development
4. Construction Documents
5. Bidding
6. Construction

© Hazard 360 Ltd 2020 10 D

 PSP® Physical Security Principles
ASIS PSP 2015 CH 14: P 447

Technical Security Project

The level of protection for a group of assets must meet the protection
needs of the most critical asset in the group. However, the designer of a PPS
may separate a critical asset for specific protection instead of protecting the
entire group at that higher level. Thus, the requirements analysis and
definition process is designed to do the following:

• Ensure that the selected solutions will mitigate real and specific
vulnerabilities.
• Provide a cost/benefit justification for each solution.
• Identify all elements (technology, staffing, and procedures) and resources
required for each solution.
• Provide a basis for the accurate and complete system specification that
will be used to procure and implement the solutions.

© Hazard 360 Ltd 2020 11 E

PSP® Physical Security Principles

ASIS PSP 2015 CH 14: P 452

Understanding Basis of Design

Once the requirements definition is complete and the individual design
requirements are identified, the designer prepares a basis of design and
submits it to the project team.
Basis of Design Documents
The basis of design documents the initial designation of assets deemed
critical, outlines the overall objectives of the asset protection program,
describes the results of the risk analysis, lists the functional requirements to
be satisfied by the eventual design, and provides a narrative operational
description of the proposed systems, personnel, and procedures that
constitute the PPS or program.
Basis of Design Approval
The “Basis of Design” becomes the designer’s means to obtain consensus
from the design team on the goals and objectives of the project, what will
constitute the project, and how the project will secure the assets

© Hazard 360 Ltd 2020 12 L

 PSP® Physical Security Principles
ASIS PSP 2015 CH 14: P 453

Understanding Conceptual Design

The conceptual design, also called a design concept or the “Schematic

Phase, is the last task of the planning and assessment process and is initially
developed as a product of the risk assessment. In this task, the designer
formulates a complete security solution for the assets to be protected.
• The security solution typically consists of protection strategies grouped
together to form an asset protection program or augment an existing
one.
• The solution normally includes security systems complemented by
procedures and personnel. At the conceptual stage, the solution is
expressed in general narrative and descriptive terms accompanied by an
initial budgetary estimate for design and construction.
• The design concept incorporates the basis of design; documents the
findings, conclusions, and recommendations from any initial surveys; and
is the first opportunity to document the project’s design.

© Hazard 360 Ltd 2020 13 P

PSP® Physical Security Principles

ASIS PSP 2015 CH 14: P 456

Construction Documents

Following approval of the design development phase package, the designer

will begin working on the construction documents (CD) phase. The CD phase
will result in a package that is essentially ready for bid or construction. A
typical CD phase package may include the following:

• CD drawings
• Specifications
• Bill of quantities
• Refined system budgets
• Contract terms and conditions (usually from the owner’s purchasing
department)

© Hazard 360 Ltd 2020 14 CKA

 PSP® Physical Security Principles
ASIS PSP 2015 CH 14: P 456

Construction Documents

“CD drawings differ from DD drawings in their level of detail”.

A good CD drawing and specifications package should include everything the
installing contractor will need to know to accurately bid the project and
should also answer every question the installing contractor will have about
how the systems should be installed.
Design Development (DD) documents do not have the same detail as a CD
Construction Document

• This includes information on related trades and how to coordinate the

work with those trades.
• For example, it should be clear as to which trade (security or door
hardware) is providing locks and lock power supplies and how those locks
are fitted to the doors and integrated into the access control system.

© Hazard 360 Ltd 2020 15 A

PSP® Physical Security Principles

ASIS PSP 2015 CH 14: P 456

Specification
The systems specifications mirror and complement the actual systems
design in sufficient detail to achieve the following:
The final implementation reflects what was intended.
In all cases, the systems specification contains the actual performance
instructions and criteria for constructing the systems included in the design.
• Included in the specification should be functional testing to ensure the
system will do what it is expected to do as well as continual, periodic
programmed testing to ensure the integrity of the system over time.
• Drawings and plans are virtually useless and are open to interpretation
unless there are associated specifications detailing construction and
systems performance criteria.
• Drawings and plans show what is to be constructed, whereas the
specification details the owner’s intent and how it is to be constructed.

© Hazard 360 Ltd 2020 16 CKA

 PSP® Physical Security Principles
IPPS Paterson ED 2: CH 3: Page 31 - 34
Project Management

 Has evolved for the purpose of Planning, Coordinating, and Controlling

complex and diverse activities of modern security projects

Benefits of Quality Project Management Process

 A standardised approach, with repeatable and documented work

practices act as a consistent guideline for successfully completing the
project

© Hazard 360 Ltd 2020 17 CKA

PSP® Physical Security Principles

ASIS PSP 2015 CH 14: P 458 - 463

Most Commonly Supplied Drawings

Plan drawing: Depicts an area in a map like form, to specify where at a

particular site the security devices are located.

Elevation Drawing: drawings showing vertical surfaces to show how security

services are mounted on walls.

Detail drawing: depicting cable terminations or special mounting

requirements.

Riser Diagram: depicting complete security sub-systems, including all

devices and how they are connected in a building.

Conduit and Cable Lists: show types and quantities of conduit and cable.

© Hazard 360 Ltd 2020 18 R,T

 PSP® Physical Security Principles
ASIS PSP 2015 CH 14: P 459

Security System Drawings

Plan Elevation

Riser Schedule

© Hazard 360 Ltd 2020 19

PSP® Physical Security Principles

IPPS Paterson ED 2: CH 3: P 32
What is a project?

1. “It is a temporary undertaking to accomplish a unique process”

2. It has a defined starting and finish points
3. It requires resources such as money, people, equipment and supplies
4. Will involve several people performing inter-related activities
5. The project will have a primary sponsor or customer

Project Manager must balance:

 Scope
 Time
 Cost

© Hazard 360 Ltd 2020 20 MY,MM

 PSP® Physical Security Principles
We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 21

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 3: P 33
Skills and characteristics of a good Project Manager
Process Management Skills
 Organised
 Logical General
Management
Skills
 Analytical
 Self Disciplined Oral
Leadership
Written
Skills
Comms
People Management Skills

 Leadership
 Supervision Team
Supervisory
Building
 Team Building Skills
Skills

 Communication Abilities

© Hazard 360 Ltd 2020 22 MO

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 3: P 33
Stakeholders
Project managers work with stakeholders, who are the people involved in or
affected by project activities, such as the project sponsor, project team,
support staff, customers, users, suppliers, installers, and even opponents of
the project.
Elements of a Successful Project
Have clear plans as to what they will achieve, and they provide a noticeable
benefit to the company for the costs incurred. Common elements of
successful projects include the following

 Consistent involvement of end users

 Executive management support
 Clear statement of objectives and requirements

© Hazard 360 Ltd 2020 23 MD

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 3: P 34
Planning Attributes

• What is the real need or purpose of this project?

• What methods, processes, or actions were used to define the project?

• What will the results of this project do for the stakeholders?

• “Incomplete project planning and analysis are frequent root causes of
project Failure!

© Hazard 360 Ltd 2020 24 ME

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 3: P 35
Project Scope Document

 Is the document prepared during the planning stage of the project

Ten elements of the Project Scope Document

 Executive Summary A well worded objective is “SMART”
 Project Benefits Specific
 Project Objectives Measurable
 Project Scope Aggressive
 Estimated Project Hours Realistic
 Estimated Cost Time bounded
 Estimated Duration Example Statement
 Assumptions Upgrade access control system by
 Major Risks January 2016 to allow for a
 Objectives throughput rate of 2 seconds to all
high traffic speed gates.
© Hazard 360 Ltd 2020 25 CKA

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 3: P 41
Two key reminders for Project Managers

1. Determine and sequence activities

2. Keep project on schedule and under control

© Hazard 360 Ltd 2020 26 ML

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 3: P 42, 43
Key Points - The Control Effort

Which includes gathering information, reviewing progress, documenting

issues and decisions, and managing the overall work Plan.

 The Control Effort consumes the greatest amount of the Project

Managers Time day in and day out.

Status Meetings

 The project should conduct status meetings on a weekly basis

© Hazard 360 Ltd 2020 27 MP

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 3: P 43, 45
Key Points - Change Control Procedures

During Stage 1 (project feasibility) and Stage 2 (project development),

changes to the project can be made freely. When Stage 2 is complete, a
project baseline is created, establishing the approved project scope,
deliverables, and activities.

 “Once the project moves into Stage 3 (Execution) , any changes to the
project scope, deliverables, or activities must be subjected to a more
systematic change process and submitted to a change review board
(CRB)”.

© Hazard 360 Ltd 2020 28 MA

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 3: P 47
Key Points - When is a Project Complete?

Completion requires the project to be closed down!

• All project knowledge transferred to the operating personnel

• All project personnel returned to their home organizations

Close Down Pitfall – 99.9 % Syndrome

• It is a mistake to let the project catch the 99.9% percent completion

syndrome, the Project Manager should do what ever it takes to close the
project with 100% percent completion upon which the project team can
be disbanded

© Hazard 360 Ltd 2020 29 CKA

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 3: P 36
Project should be divide into Four (4) stages

 This is good practice for project managers in ensuring the

comprehensiveness and appropriateness of the physical protection
system (PSP)

 Project Feasibility
 Project Development
 Project Execution
 Project Closeout

© Hazard 360 Ltd 2020 30 CKA

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 3: P 36, 37
Stage (1) Feasibility

 Organise Project Team

 Develop project description
 Conduct Physical Security Survey
 Establish Business Objects PSP Requirements
 Identify alternative approaches
 Estimate preliminary costs of work
 Write a justification for the system overview of work to be accomplished

Key Output

 “Project Scope Document” – Description of Project is written

© Hazard 360 Ltd 2020 31 MR

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 3: P 36, 37
Stage (2) Project Development

 Define the deliverables

 Define activities
 Determine the Work Breakdown Structure (WBS)
 Create The Network Diagram (e.g. Microsoft Project Manager Software)
 Planning for contingencies
 Completing parallel tasks
 Review resources available

Key Output

 Work Breakdown Structure (WBS)

© Hazard 360 Ltd 2020 32 MT

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 3: P 36, 37
Stage (3) Project Execution

 Accomplish the work and provide deliverables according to the activities

and schedule.
 Complete all parallel activities (training, testing, documentation)
involving stakeholders.
 Tie all contract payments to specific deliverables.
 Track completion of activities and report deviations.
 Process project change orders if any).

Key Output

 “Implementation Completed”

© Hazard 360 Ltd 2020 33 CKA

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 3: P 36, 37
Stage (4) Project Closeout

 The deliverables are formally accepted and project is closed out

 The team prepare lessons-learned report about project experience.

What are Lessons Learned ?

Lessons learned are the documented
information that reflects both the positive and
negative experiences of a project.

They represent the organization's commitment

to project management excellence and the
project manager's opportunity to learn from the
actual experiences of others.

© Hazard 360 Ltd 2020 34 OY

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 3: P 37
Project Stage . Life Cycle Phase Correlation - Relationships

Project Stages Life Cycle Phases

Stage 1: Feasibility Phase 1: Planning and Assessment

Stage 2: Development Phase 2: Design and Estimation

Stage 3: Execution Phase 3: Procurement

Phase 4: Installation, Operation, Training
Phase 5: Commissioning and Warranty

Stage 4: Closeout Phase 6: Maintenance Evaluation Replacement

© Hazard 360 Ltd 2020 35 OM

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 2: P 20

© Hazard 360 Ltd 2020 36 OO

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 2: P 27
Phase (1) Planning Deliverables
 Threat assessment vulnerability analysis
 Recommended Safeguards
 PSP Requirements document
 Procurement Method Planning Stage Deliverables
 Sole Source Justification Risk Assessment Report
 Business Objectives Procurement Method
Budgetary Estimate
 Design Requirements
Selection of Project Manager
 Performance Requirements Selection of Project Team
Design Criteria
 Capacity Requirements
Contracting and Legal
 Operational and economic justification Requirements
 Design Criteria

© Hazard 360 Ltd 2020 37

PSP® Physical Security Principles

ASIS PSP 2015 CH 14: P 466, 467

Cost Estimates

Cost estimates are broken down into three categories

 Budgetary - Estimate

 Preliminary Design - Estimate

 Final Design - Estimate

© Hazard 360 Ltd 2020 38

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 4: P 63, 66
Phase 1: Requirements Document

 A major result of the Planning Phase is the Requirements Document

which identifies the main reasons for implementing new measures or
upgrading older systems

 A Requirements Documents identifies the primary reasons for

implementing new measures or upgrading an old system. It is closely tied
to the Risk Assessment by identifying the specific security measures to
mitigate threats and reduce vulnerabilities

Two important criteria to be met in developing the objectives for

implementing or upgrading the Physical Protection System (PSP) (66)

1. The objective must be clearly stated

2. The Object must meet the requirements of (SMART)

© Hazard 360 Ltd 2020 39

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 4: P 67
Phase 1: Budgetary Estimates Are:

Are an approximation of the cost of each alternative security solution

prepared for budgeting and planning purposes.

© Hazard 360 Ltd 2020 40

PSP® Physical Security Principles
We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 41

PSP® Physical Security Principles

Polling Group (15) Questions 1 - 22 (Thirty Minute Duration)

© Hazard 360 Ltd 2020 42

 PSP® Physical Security Principles
We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 43

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 5: P 85, 86
Phase 1: Three types of Budgetary Estimates Are:

Budgetary
Budgetary estimates are prepared during the initial planning phase for a new
PSP. The goal is to arrive at a cost figure that can be used for getting the new
PSP into the budget cycle
Preliminary Design
If the PSP project is part of a larger construction project, the process may
require a preliminary design estimate. This estimate should be developed at
the 50 percent design review stage and normally has a “Contingency of plus
or minus 10 percent”. (+10%. or – 10%)
Life Cycle Costs
Is a very important estimate that should be developed during the design
phase.

© Hazard 360 Ltd 2020 44 M

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 5: P 88,89
Seven Elements of Detailed Estimating Procedures

 Identify PSP Subsystems – “Fences and Barriers etc”

 Identify other Installation Activities
 Develop List of Components
 Establish Component Prices
 Formulate installation crews and establish productivity
 Identify required special equipment and rates
 Use Spreadsheet Format

© Hazard 360 Ltd 2020 45 O

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 5: P 70
Phase 1: Statement of Work Process Specification

Another deliverable is the statement of work, which details what work

should be included in the contract.

 This document defines the removal of any old equipment and the
supply, installation, and connection of new equipment and software.

The document also contains instructions on coordination with other

contractors; attendance at project meetings; testing of systems;
commissioning activities; training of operators, systems managers and
maintenance personnel, warranty requirements; and follow-on maintenance
requirement

© Hazard 360 Ltd 2020 46 D

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 5: P 75, 76
Hardware Schedules
Schedules are included to aid in understanding the specific components to
be provided.

 Data Panel Schedule: This schedule lists the types, locations, and
communications aspects of the various panels used throughout the
facility.

 Door Hardware Schedule: This schedule list all doors in the facility and
notes their types, locations, devices used for access (such as Card
Readers), types of locks, method of egress and other information that
describes the door functions.

 CCTV Camera Schedule: This schedule lists all the security cameras in the
system, showing the camera number, its location and view, type of
camera, type of lens, type of enclosure, mounting method and alarm
interface.
© Hazard 360 Ltd 2020 47 E

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 5: P 75

Phase 2: Design and Estimation

Key Points
In this phase, security staff and other stakeholders of the project team will
develop all the necessary documentation to support the procurement of the
PPS.

What is the name given to documents produced from the output design
stage?
Bid package or Construction Documents

Security staff and the project team will also make the following?
Budgetary, Preliminary Design, Life Cycle Cost, and other estimates to
support the project.

© Hazard 360 Ltd 2020 48 L

 PSP® Physical Security Principles
ASIS PSP 2015 CH 12: P 427

Design Format
The design specifications document the security systems requirements in
sufficient detail that potential bidders get a common understanding of the
functions required of the system and what has to be done to install it.
The Construction Specifications Institute (CSI) has established a standard
format for construction projects. The CSI Master Format- currently has 50
divisions with security requirements being defined under division 28.
Electronic Safety and Security. Within each division the sections are
presented in a standard format consisting of three parts

1. General
2. Products
3. Execution

© Hazard 360 Ltd 2020 49 P

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 2: P 22

© Hazard 360 Ltd 2020 50 A

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 2: P 27
Phase 2:
 Bidders' instructions
 System Specifications
 Contract Information Criteria
 Evaluation Criteria
 Implementation Schedule
 Equipment Lists
 Security Device Schedules Phase 2:
 Door Hardware Schedules  Preliminary Design Cost Estimate
 CCTV Camera Schedule  Final Design Estimate
 Drawings  Life Cycle Cost Estimate
 Budgetary Estimate  Schedule Time Frames

© Hazard 360 Ltd 2020 51 CKA

PSP® Physical Security Principles

ASIS PSP 2015 CH 14: P 449 5 452

Nine Important Factors that Influence “Initial Design Criteria”

1. Codes and Standards

2. Quality
3. Capacity
4. Performance
5. Features
6. Cost
7. Operations
8. Culture and Image
9. Monitoring and Response

© Hazard 360 Ltd 2020 52 R

 PSP® Physical Security Principles
ASIS PSP 2015 CH 14: P 458

Terminology

 CADD – Stands for Computer Aided Design

 Hardware Schedule – Related to a table of Security Devices

© Hazard 360 Ltd 2020 53

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 4: P 66, 67
Phase 2: System Design
The next step of the planning process is to decide who will design the
system there are two possibilities.
Customer or end User:
If the customer or end user knows exactly what functions the system is to
perform. The next step is to prepare a detailed specification for
procurement using one of two methods: Invitation for Bid (IFB) or Sole
Source (SS)
Contractor or Integrator
Sometimes the customer or end user knows the problems to be solved but
does not know how best to solve them, the normal approach is to describe
the requirements and obtain proposals from several contractors or
integrators through a formal procurement.
This process is known as: Request For Proposal (RFP) and it the most
common form of procurement.

© Hazard 360 Ltd 2020 54 T

 PSP® Physical Security Principles
ASIS PSP 2015 CH 14: P 446

Design

Design Basis

 Is the term used to describe the outcome of the overall planning phase
through a set of security requirements or objectives that is used as a
basis of the eventual design.

© Hazard 360 Ltd 2020 55

PSP® Physical Security Principles

ASIS PSP 2015 CH 14: P 449

Design

Design Criteria

 Constitutes the Ground Rules and Guidelines for the Design

© Hazard 360 Ltd 2020 56

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 5: P 69 - 74
The Design Criteria covers eleven elements
1. System Performance -
2. Capacity
3. Special Features
4. Codes and Standards
5. Quality and Reliability
6. Critical Operations
7. Company Culture
8. Budget
9. Monitoring, Assessment and Response Procedures
10. Maintenance
11. Life Cycle Costs

© Hazard 360 Ltd 2020 57

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 2: P 23

Identify
Qualified Bidders

Project Manager should

Methods of Procurement schedule Bidders
Conference two weeks
1. Sole Source
after RFP is issued
2. Request for Proposal
3. Invitation for Bid

© Hazard 360 Ltd 2020 58 MY,MM,MO

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 2: P 27
Phase 3:

 Sole Source (SS)

 Request for Proposal (RFP)
 Invitation for Bid (IFB) Components of the Bid
 Bidders' Conference schedule and agenda Package Are:
 Technical Evaluations  Bidders Instructions
 Cost Evaluations  Specifications
 Interview Results  Drawings and Schedules
 Due Diligence Results
 Hardware Schedules
 Contract

© Hazard 360 Ltd 2020 59

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 2: P 23, 64
Phase 3: Procurement
Three major Components of the physical protection system (PSP)
procurement phase deliverables are:

1. Form a Procurement committee

2. Prepare Bid Package

3. Prequalify Contractors

Planning Process

 The planning process is the collection, review, and data analysis of data
relative to the facility where the system will be implemented.

© Hazard 360 Ltd 2020 60 MD

 PSP® Physical Security Principles
We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 61

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 5: P 75
Phase 3: Procurement
Bidder Instructions

 This document describes the company’s requirements for qualification

of the bidders, such as licences, labour affiliations experience and
bonds.

Specifications

 This component of the bid package supplies the security system

requirements in sufficient detail that bidders have a common
understanding of what is needed

© Hazard 360 Ltd 2020 62 ME

 PSP® Physical Security Principles
ASIS PSP 2015 CH 14: P 455

Procurement

There are three sections of the procurement documents that are also known
as Contract or Bid documents:

1. Contractual Details

2. Construction Specifications

3. Construction Drawings

© Hazard 360 Ltd 2020 63 ML

PSP® Physical Security Principles

ASIS PSP 2015 CH 14: P 456

Procurement

The Construction document (CD) phase include what five items

1. CD Drawings

2. Specifications

3. Bill of Quantities

4. Refined System Budget

5. Contract Term and Conditions

© Hazard 360 Ltd 2020 64 MP

 PSP® Physical Security Principles
ASIS PSP 2015 CH 14: P 456, 457

Specification

The detailed specification should result in!

1. Final Implementation reflects what was intended

2. All Bidders get the same complete understanding of requirements

© Hazard 360 Ltd 2020 65 MA

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 6: P 93
Risks involved in Security System Procurement

 System may be delivered late or over budget

 The system may not work as required
 The system may be adversely affect existing systems or processes
 The organisation may be unable to recover losses after contract breach
 Third Party Contractors may make claims against the company

How can you circumvent all of the above points?

By following the correct procurement process ensuring that the appropriate

contracts are in place and have been signed off by the organisation’s Legal
Department.

© Hazard 360 Ltd 2020 66

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 6: P 94
Steps in the Procurement System Process

 Forming a Procurement Committee (Carries out the security system

procurement activities)
 Specifying hardware and software requirements
 Identifying potential Integrators
 Launching a competitive tender program
 Selecting a successful bidder
 Issuing a purchase order
 Receiving and installing the products and services

© Hazard 360 Ltd 2020 67

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 6: P 97
The Purpose of the Bidders Conference

 Is to bring all potential bidders together in a room so that the Project

Manager can explain the procurement requirements to all bidders at
the same time.

Advisory Note

 By conducting the bidders conference provides transparency and

integrity to the procurement process.

© Hazard 360 Ltd 2020 68 CKA

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 6: P 97
Bidders Conference – Key Points

1) The bidders conference establishes that the Project Manager is in

control of the procurement process.
2) It strengthens the purchasers negotiating power by showing potential
bidders that they have competition.
3) Bidders conference to be held two weeks after RFP is issued.
4) Allows potential contractors to view facility and ask questions.
5) Allows potential contractors to identify possible installation problems.
6) Bring all bidders into one room where the RFP can be explained.
7) It allows the project manager to communicate what the organisation
wishes to accomplish.
8) It enables the potential contractors to see each other

© Hazard 360 Ltd 2020 69 CKA

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 6: P 97
Bidder Conference Methodology

1. Opening Remarks
2. Introduction of evaluation team and bidders
3. Overview of project and key objectives
4. Explanation of Procurement Process
5. Discussion of purpose, time line, evaluation criteria
6. Tour of Site
7. Opportunity for Vendors to submit questions

The Bidders Conference should be scheduled for two weeks after the
Request for Proposal (RFP) has been issued.

© Hazard 360 Ltd 2020 70

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 6: P 98 , 99
Purchasing Organization (99)

The purchase should clearly state what the evaluation criteria are, how
each criteria is weighed, and what the method of evaluating proposal will
be.

Purpose of Invitation for Bid (IFB) (98)

 When a system is already designed (I.e. the organisation provides the

specification) the IFB method is used to obtain the lowest cost for the
equipment, software and installation.

© Hazard 360 Ltd 2020 71 CKA

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 6: P 101, 102
Before selecting contractors the following should be reviewed

 Qualifications reviewed
 References checked
 Interviews with the people who will perform the work

What should an company be prepared to use to defend its selection of

qualified contractors?

 Written selection criteria and results documentation

© Hazard 360 Ltd 2020 72 MT

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 6: P 104
Bidders Minor Informalities
The company should consider giving a bidder an opportunity to resolve
minor informality or irregularity in the bid, minor deficiencies may include:

 Missing Information or attachments

 Wrong number of copies
 Missing Signatures

© Hazard 360 Ltd 2020 73

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 2: P 27
The Procurement Phase Actions

Conducting Bidders Conference, reviewing technical and cost evaluations,

and interview and due diligence results as part of which physical protection
system (PSP) life cycle phase.

 The Procurement Phase

© Hazard 360 Ltd 2020 74

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 2: P 22 & CH 6: 94, 95
Three Methods of Procurement Are:

© Hazard 360 Ltd 2020 75 OY, OM, OO,

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 2: P 94
Sole Source Procurement

This type of procurement involves

only one vendor and is used when
the customer has intimate
knowledge of the requirements
defined and the systems available
on the market.

In some cases, the vendor has the

only product on the market that
can fulfil the organisation's
requirements.
The customer and the vendor then
enter into negotiations on the
costs for time and materials.

© Hazard 360 Ltd 2020 76 OD

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 2: P 94
Request for Proposal
An RFP is the most common method
of procurement in the security field.
The customer issues an RFP containing
functional requirements of the security
system.

Prospective vendors prepare proposals

regarding how they will meet the
requirements, spelling out the
equipment and software they will
supply, installation methods, and a cost
breakdown.

© Hazard 360 Ltd 2020 77 OE

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 2: P 94
Invitation For Bid
An IFB procurement is used when
the customer has completed its own
security system design, including the
selection of hardware and software.

The IFB ask vendors to state the cost

of materials and installation. Usually ,
the qualified bidder with the lowest
price is awarded the contract.

This type of procurement is also

known as a ‘Request for Quotation’.
(RFQ)

© Hazard 360 Ltd 2020 78 OL

PSP® Physical Security Principles
We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 79

PSP® Physical Security Principles

Polling Group (16) Questions 1 - 23 (Thirty Minute Duration)

© Hazard 360 Ltd 2020 80

 PSP® Physical Security Principles
Welcome to ASIS PSP Webinar (9) of Training Programme

PSP

© Hazard 360 Ltd 2020 1

PSP® Physical Security Principles

ASIS PSP 2015
Module (7) Agenda

 Chapter 14: Project Planning and Preparation (Include Patterson ED 2)

 Chapter 15: Project Implementation

© Hazard 360 Ltd 2020 2

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 2: P 24

Punch List used to ensure that Key points

all snagging problems are 1. Preparation of the site for installation
closed out 2. Inspecting installation to develop punch list
3. Commissioning
4. Training

© Hazard 360 Ltd 2020 3 M

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 2: P 27
Phase 4:

 Troubleshooting Guides
 Hardware Maintenance Guides
 As Built Drawings
 Operating Procedures Phase 4
 Alarm Assessment Procedures
 Project Completion Certificate
 Response Procedures
 Training Syllabus
 Product Data  Instructors Manuals
 Commissioning Plan  Training Schedules
 Training Audio Visuals
 Acceptance Test Results
 Lessons Plans
 Testing Punch List  Agenda and Schedules
 Factory Acceptance Test  Training Class Evaluations

© Hazard 360 Ltd 2020 4

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 2: P 24
Phase 4: Commissioning

 Is the process of ensuring that all systems and components of a system

are designed, installed, tested, operated, and maintained according to
the operational requirement of the owner

 All personnel involved in operating, updating, and maintaining the PPS

Must receive end user training of the physical protection system (PPS)

© Hazard 360 Ltd 2020 5 O

PSP® Physical Security Principles

ASIS PSP 2015 CH 15: P 510
Certification - Qualifications

Personnel Conducting Training

 All personnel giving instruction should be certified by the equipment

manufacturer for the applicable hardware and software.

 The trainers should have experience in conducting the training at other

installations and should be approved by the customer.

© Hazard 360 Ltd 2020 6 D

 PSP® Physical Security Principles
ASIS PSP 2015 CH 15: P 511
New System – Training Topics

1. System Administration
2. System Monitoring
3. Alarm Assessment and Dispatch
4. Incident Response
5. System Troubleshooting and Maintenance
6. IT Functions
7. System Overview

© Hazard 360 Ltd 2020 7

PSP® Physical Security Principles

ASIS PSP 2015 CH 15: P 511
System Administration

This training focuses on determining and implementing system operational

parameters and making any necessary operational adjustments

By completing this training, system administrators will learn to use all system
functions, including:

 ID badge design and production

 Cardholder setup and access level assignment
 Access door programming
 Alarm setup and implementation
 Data storage and retrieval through reports
 System database backups.

© Hazard 360 Ltd 2020 8

 PSP® Physical Security Principles
ASIS PSP 2015 CH 15: P 512
The Goal of Alarm and Assessment Dispatch Training

 The security system operator will learn to assess the cause of different
alarm conditions and properly deal with them

© Hazard 360 Ltd 2020 9 E

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 2: P 23, 24
Phase 4: Installation Operation and Training

Physical Protection Systems (PSP) life cycle phase include developing a

“Punch List” and taking necessary actions to formally accept and
commission the system, this resides in “Phase Four (4)” The Installation,
Operation and Training

A punch list is part of the project closeout portion of the

construction process in which a contractor prepares a document
that lists any work that has not been completed, or not been completed
correctly

Punch List

 Is the contract document used in the architecture and building trades to

organise the completion of a construction project

© Hazard 360 Ltd 2020 10

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 7: P 113
Installation Activities

Key Points

 Installation contractors, including all sub-contractors must have

appropriate qualifications to do the work (i.e. AHJ Authority having
Jurisdiction)

 The customer should provide commissioning plans and installation

guidelines for installing all system components

 Working together, the customer and contractor should prepare

documentation for operation and maintenance.

© Hazard 360 Ltd 2020 11 L

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 7: P 140
Key Points – Software Installation

The integrator should install the operating system and application system
software on the applicable PSP components, and demonstrate the proper
operation of all functions.

The Integrator should maintain a record of installed software version

numbers at the location of the PPS. All software should be protected with
authorised changes. Different levels of software access can be given to
different people as follows:- (Generally there are Four Levels)

Access level 1:
For persons who have a general responsibility for security supervision and
who might be expected to investigate and initially respond to a security
alarm or trouble signal.

© Hazard 360 Ltd 2020 12 P

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 7: P 140
Key Points – Software Installation
Access level 2:
For persons who have a specific responsibility for security and who are
trying to operate the security systems.
Access level 3:
For trained and authorised persons to do the following:
• Reconfigure the site specific data held within the security system or
controlled by it
• Maintain the security systems in accordance with the manufacturer’s
published instructions and data
Access level 4:
For the person who is trained and authorised to repair the security system
or alter the site specific data programme or operating system thereby
changing the basic mode of operation.

© Hazard 360 Ltd 2020 13 A

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 7: P 153, 154
Evaluation Tests (153)
Periodic independent tests of PSP to validate the Vulnerability Analysis and
ensure that the overall effectiveness is maintained.

 An evaluation test should be performed at least once a year

Stress Tests (153)

 This test checks peoples or objects tolerance to abuse or misuse under

deliberately introduced stress.

Regression Test (154)

 This type of testing applies to subsystems or procedures that have been

altered to perform a new function and must still perform some of their
original functions

© Hazard 360 Ltd 2020 14 R

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 7: P 154
Components - PSP Training Manual for Physical Protection Systems

Customers Approval – Training Content

 Approval for the planned training content and schedule should be

obtained from the customer at least thirty (30) days before training

 “Training manuals and Visual Aids should be provide to each trainee”

Content:

 An Agenda
 Defines objective for each lesson
 A detailed description of the subject matter for each lesson

© Hazard 360 Ltd 2020 15 T

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 7: P 154

General Training Requirements

Technological and procedural precautions are ineffective if not executed

properly. Through well conceived, satisfactorily executed security training
programmes, personnel can be better prepared to prevent incidents from
happening, respond to interceptor rise and contribute to recovery efforts.

• The customer should require the installation contract or systems integrator

submit a proposal to conduct training courses for the designated personnel in
the operation and maintenance of the PPS. The training should address all
systems being installed. For example, the CCTV system is installed alongwith
other systems therefore the CCTV training should be concurrent with the
guidance for the other systems.

• Training manuals and aids should be provided for each trainee and several
additional copies should be available for archiving at the project site. The
training manuals should include an agenda defining objectives for each
lesson and a detailed description of the subject matter for each lesson.

© Hazard 360 Ltd 2020 16

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 7: P 155

System Administration

The first training class: should be scheduled so that it is “Completed thirty

(30) days before the factory acceptance testing (if conducted) or site
acceptance testing. Upon completion of this course, each operator, using
appropriate documentation, should be able to perform elementary
operations with guidance and describe the general hardware architecture
and system functionality.

A second training class should be conducted “One (1) week before the start
of acceptance testing and system administrators should participate in the
acceptance tests and reliability testing. The course should include
instruction on the specific hardware configuration of the installed sub-
systems and should teach students how to operate the installed system.
Upon completion of the course, each student should be able to start the
system, operate it, recover the system after a failure, and describe the
specific hardware architecture and operation of the system.

© Hazard 360 Ltd 2020 17 MY, MM

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 7: P 156, 157
Elements of system troubleshooting and Maintenance

 Physical layout of each piece of hardware

 Troubleshooting and diagnostic procedures
 Repair Instructions
 Preventative Maintenance and schedules
 Calibration procedures

© Hazard 360 Ltd 2020 18

 PSP® Physical Security Principles
We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 19

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 2: P 25

Testing and Commissioning

When should A Certificate of
completion be issued and a
contract considered complete?
 After successful completion
of all prescribed testing

© Hazard 360 Ltd 2020 20 MO, MD

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 2: P 27
Phase 5:
Commissioning and Warranty
 Factory Acceptance Test Plan Phase Deliverables

 Site Acceptance Test Plan

 Pre-delivery or Factory Acceptance Test Data
 Site Acceptance Test Data
 Factory Acceptance Punch List
 Site Acceptance Test Punch List
 Reliability or Availability Test Data Punch List
 After Acceptance Test Data
 Warranty Plan
 Warranty Reports
 Warranty Records
 Upgrades
© Hazard 360 Ltd 2020 21

PSP® Physical Security Principles

ASIS PSP 2015 CH 15: P 509
Phase 5: Commissioning and Warranty

The purpose of equipment warranty is to:

 To repair, correct, or replace any defect for a specific period of time

which is generally 12 months from the date of issue of the certificate of
practical completion.

Advisory Note

 Warranty will be void if the equipment has not been maintained as

stipulated by the manufacturer specifications

© Hazard 360 Ltd 2020 22 ME

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 8: P 174

Phase 5: Commissioning and Warranty

Warranty Issues
The contractor should be required to repair, correct, or replace any defect
for a period of 12 months from the date of issue of the certificate of
practical completion.
Advisory Note
Certificate is not issued until the components are commissioned and
accepted by the customer that is when the Warranty begins
Warranty Response Times
The common time for the contractor to report to the job site to address a
warranty issue is within four hours of the problem report.
Moreover, the contractor should hold a sufficient stock of spares to allow
speedy repair or replacement of equipment. Waiting for manufacturers to
replace or repair equipment is not acceptable.

© Hazard 360 Ltd 2020 23 ML

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 8: P 175

Phase 5: Commissioning and Warranty

Repair Logs
PPS problem and repairs are extremely important during the Warranty
period. The customer should provide the contractor with an automated
method of initiating repairs (i.e. Help Desk)
The systems should record all service visits in a database and provide
detailed reports on demand
Information Required
• Date and Time fault was reported
• The nature of the fault
• Date and Time of Engineers visit (Start time and Finish time)
• Type of remedial work carried out (in detail)
• Spare Parts Used
• Repairs verified and signed off by customer

© Hazard 360 Ltd 2020 24 MP

 PSP® Physical Security Principles
ASIS PSP 2015 CH 15: P 509
Testing and Warranty

Service- Warranty Report

The contractor should record all service visits in a database and provide
report forms to the customer.

The report form should record:

 Date and time the fault was reported

 Nature of the reported fault
 Date and time of the visit,
 Actual fault identified
 Remedial work carried out.

© Hazard 360 Ltd 2020 25

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 8: P 174

Phase 5: Commissioning and Warranty

A few questions to consider about warranties are as follows:
• Will the PPS supplier provide the warranty service, or will a third party do
so?
• Are the service levels of the warranty service consistent with the system
maintenance service levels?
• If items under warranty fail, what will happen with respect to the
maintenance services any other parties are providing?

© Hazard 360 Ltd 2020 26

 PSP® Physical Security Principles
ASIS PSP 2015 CH 15: P 506

Testing and Warranty

How does the contractor perform site acceptance testing?

The customer should require the contractor to!

1. “Develop a plan to calibrate and test all components”

2. Verify data transmission system operation
3. Install the system
4. Place the system in service
5. Test the system.

© Hazard 360 Ltd 2020 27 MA

PSP® Physical Security Principles

ASIS PSP 2015 CH 15: P 505

Phase 5: Commissioning and Warranty

How does the contractor perform pre-delivery or factory acceptance

testing?

1. Assemble a test system including some or all of the system

components

2. Conduct tests to demonstrate that system performance complies with

specified requirements in accordance with approved factory test
procedures.

© Hazard 360 Ltd 2020 28

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 2: P 25
Phase 5: Commissioning and Warranty
Four types of tests used in the commissioning of the (PSP)

 Factory Acceptance Testing (FAT)

 Site Acceptance Testing (SAT)

 Reliability or Availability Testing (RAT) also known as Operational

Availability Test (OAT) – Conducted over 30 Day Period

 After Acceptance Testing (AAT)

What should testing simulate in the physical protection system
commissioning process?

 Realistic Conditions

© Hazard 360 Ltd 2020 29 MR, MT

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 8: P 166, 173

(OAT)

© Hazard 360 Ltd 2020 30 OY

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 8: P 164, 170
Phase 5: Commissioning and Warranty
Standard Compliance Testing (SCT) (164)

 Is the methodology use to evaluate system compliance with both in-

house company standards and industry standards.

Site Acceptance Tests (SAT) (170)

 One test is normally conducted for each physical location where system
components are being installed

© Hazard 360 Ltd 2020 31 OM, OO

PSP® Physical Security Principles

ASIS PSP 2015 CH 15: P 508

Testing and Warranty

Reliability testing is conducted in four phases!

The customer should require the contractor to carry out the following.

1. Phase I Testing
2. Phase I Assessment
3. Phase II Testing
4. Phase II Assessment

 Reliability testing is conducted 24 hours per day for 15 consecutive

calendar days including holidays.

© Hazard 360 Ltd 2020 32 OD

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 8: P 171
Phase 5: Commissioning and Warranty

Phase I Testing
The reliability test should be conducted 24 hours per day for 15 consecutive
calendar days, including holidays, and the system should operate as
specified.
The contractor should make no repairs during this phase of testing unless
authorized by the customer in writing.
If the system experiences no failures during Phase I testing, the contractor
may proceed directly to Phase II testing after receipt of written permission
from the customer.

© Hazard 360 Ltd 2020 33 OE, OL

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 8: P 171
Phase 5: Commissioning and Warranty

Phase I Assessment
After the Phase I testing, the contractor should identify all failures
determine causes of all failures, repair all failures, and deliver a written
report to the customer.
The report should explain in detail the nature of each failure, corrective
action taken, and the results of tests performed; it should also recommend
when to resume testing.
About a week after receiving the report, the customer should convene a
test review meeting at the job site to discuss the results and
recommendations.
At the meeting, the contractor should demonstrate that all failures have
been corrected by performing appropriate portions of the acceptance tests.
Based on the contractor's report and the test review meeting, the customer
may set a restart date or may require that Phase I be repeated.

© Hazard 360 Ltd 2020 34

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 8: P 172
Phase 5: Commissioning and Warranty

Phase II Testing
Phase II testing should be conducted 24 hours per day for 15 consecutive
calendar days, including holidays, and the system should operate as
specified.
The contractor should make no repairs during this phase of testing unless
authorized by the customer in writing.

© Hazard 360 Ltd 2020 35

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 8: P 172

Phase 5: Commissioning and Warranty

Phase II Assessment
After the conclusion of Phase II testing, the contractor should identify all
failures, determine causes of failures, repair failures, and deliver a written
report to the customer. The report should explain in detail the nature of each
failure, corrective action taken, and results of tests performed; it should also
recommend when to resume testing.
About a week after receiving the report, the customer should convene a test
review meeting at the job site to discuss the results and recommendations.
At the meeting, the contractor should demonstrate that all failures have been
corrected by repeating any appropriate portions of the site acceptance test.
Based on the contractor's report and the test review meeting, the customer may
set a restart date or may require that Phase II testing be repeated.
The contractor should not commence any required retesting before receiving
written notification from the customer.
After the conclusion of any retesting, the Phase II assessment should be
repeated.

© Hazard 360 Ltd 2020 36

 PSP® Physical Security Principles
ASIS PSP 2015 CH 15: P 504

Phase 5: Commissioning and Warranty

Testing

Equipment Testing Determines the following:

 Whether equipment is functional

 Whether it has adequate sensitivity

 Whether its meets design and performance objectives

© Hazard 360 Ltd 2020 37 OP

PSP® Physical Security Principles

ASIS PSP 2015 CH 15: P 504

Phase 5: Commissioning and Warranty

Testing

Performance Testing Determines the following:

 Whether procedures are effective

 Whether personnel know and follow procedures

 Whether personnel and equipment interact effectively

© Hazard 360 Ltd 2020 38 OA

 PSP® Physical Security Principles
ASIS PSP 2015 CH 15: P 509

Phase 5: Commissioning and Warranty

After Implementation Testing

There are six types of Tests after Implementation of the systems

1. Operational Tests
2. Performance Tests
3. Post Maintenance Tests
4. Sub-System Test
5. Limited Scope Tests
6. Evaluation Tests

© Hazard 360 Ltd 2020 39

PSP® Physical Security Principles

We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 40

PSP® Physical Security Principles
Polling Group (17) Questions 1 - 27 (Thirty Minute Duration)

© Hazard 360 Ltd 2020 41

PSP® Physical Security Principles

We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 42

 PSP® Physical Security Principles
ASIS PSP 2015 CH 15: P 509
After Implementation Testing
Operational Test!
 Is a post implementation test performed periodically to prove correct
system operation but does not involve verification of equipment
operating specifications

Performance Test!
 Is a post implementation test which verifies that equipment conforms
with equipment or system specifications, thereby demonstrating
effectiveness
Post Maintenance Test!
 Is a post implementation test that is conducted after preventative or
remedial maintenance has been performed on a security system to
make sure the systems are working correctly

© Hazard 360 Ltd 2020 43

PSP® Physical Security Principles

ASIS PSP 2015 CH 15: P 509
After Implementation Testing
Sub-System Test!

 Is a post implementation test that ensures that large parts of the

system are all working together as originally designed
Limited Scope Test!

 Is a post implementation test used to test a complex system that is

broken down into several sub-systems or segments that are tested
separately
Evaluation Test!
 Is a post implementation test and is a periodic independent test of the
security system to validate the vulnerability analysis and ensure that
overall effectiveness is being maintained. An evaluation test should be
performed at least once a year.

© Hazard 360 Ltd 2020 44 M

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 8: P 171, 174

After Implementation Testing

Evaluation Tests
Evaluation tests are periodic, independent tests of the PPS to validate the
vulnerability analysis and ensure that overall effectiveness is being
maintained.
An evaluation test should be performed at least once a year.

© Hazard 360 Ltd 2020 45

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 2: P 26

Three components of Stage

Four – Closeout Are:

1. Maintenance
2. Evaluation
3. Replacement

© Hazard 360 Ltd 2020 46 O

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 2: P 27
Phase 6

 Maintenance Records
 Trouble Reports
 Review of operations logs and records
 Upgrades
 Operating Costs and maintenance records
 Replacement Study
 Activities – A list of activities or work to be accomplished is derived from
PSP

© Hazard 360 Ltd 2020 47

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 9: P 177
Phase 6: Maintenance, Evaluation, and Replacement

A PSP consists of hardware, software, networks, and services. It is the

combination of all components working together correctly that provides the
service to the users of the system.

Failure of a single component may have no significant impact, or it may take

the system down.

 A maintenance agreement should therefore be structured to resolve

non-critical problems as well as issues that could cause major
disruption to the organization and its business processes.

© Hazard 360 Ltd 2020 48

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 9: P 177
Phase 6: Maintenance, Evaluation, and Replacement

Life Cycle Costs

Organizations' increasing reliance on physical protection systems, coupled

with the increasing scale and complexity of these systems, requires careful
consideration of maintenance requirements.

 Software is never error-free, nor is hardware immune to electrical or

mechanical failure. An organization's investment in security must
therefore include maintenance services and a plan to minimize the
potential for and impact of failures.

© Hazard 360 Ltd 2020 49

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 9: P 178
Goals of Preventative Maintenance Are (178)

 Keep equipment and software operating efficiently

 Extend the operational life of equipment
 Identify equipment issues before failure occurs

© Hazard 360 Ltd 2020 50

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 9: P 179
Expected Results of preventative Maintenance

 Correct operation of electromechanical equipment

 Replacement of hardware to keep equipment updated
 Update of system and application software
 Problem detection through testing and analysis of system reports
 Maintenance of system documentation

© Hazard 360 Ltd 2020 51

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 9: P 178
Maintenance Classifications

Preventive maintenance
This consists of scheduled maintenance to keep the hardware and software
in good operating condition to provide operability and reliability of the
system.

Checklists
Checklists should be developed to ensure that Preventative Maintenance
tasks are performed adequately, and checklists should incorporate any
guidelines from the equipment manufacturers

© Hazard 360 Ltd 2020 52 D

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 9: P 177, 179
Roles and Responsibilities – Preventative Maintenance

• The major goal of system maintenance agreements is to ensure that the

security system operates at its optimum capability with minimum
downtime.
• Another goal is to minimize the number of different parties involved in
managing the maintenance program.
• Roles and responsibilities of all of the parties providing services must be
clearly defined, documented, and agreed upon with the system
maintenance supplier.

 Checklist should be developed to ensure that preventative maintenance

tasks are performed adequately, and the checklist should incorporate
any guidelines from the equipment manufacturers.

© Hazard 360 Ltd 2020 53

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 8: P 181
Maintenance Classifications

Remedial Maintenance

Is the type of maintenance that corrects faults and returns the system to
operation after hardware of software components fail.

© Hazard 360 Ltd 2020 54 E

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 9: P 182, 185
Security System Life Expectancy

 Generally most security systems have a life span of ten years if properly
maintained.

System Failures

 Most system failures occur in the first year due to infant mortality of
system components or due to improper installation

The goal of system maintenance agreements are: (185)

 To ensure that the security system operates at its optimum capability

with minimum downtime

© Hazard 360 Ltd 2020 55 L, P

PSP® Physical Security Principles

Paterson ED 2 IPPS CH 8: P 188
Verification of Maintenance

 On a quarterly basis maintenance logs should be provided to the

security department for analysis

System Operator Records

 Provide and identify problems that system operators have with certain
subsystems or components.

© Hazard 360 Ltd 2020 56 R

 PSP® Physical Security Principles
Paterson ED 2 IPPS CH 8: P 189
Spare Parts

“Five (5) percent” of the capitol cost of the physical protection system
(PSP) equipment for a location should be allocated for spare parts
purchases.

© Hazard 360 Ltd 2020 57 T

PSP® Physical Security Principles

ASIS PSP 2015 CH 14: P 455

Design

There are two elements in design and documentation these are:

1. Design Development Stage

2. Construction Document Phase

© Hazard 360 Ltd 2020 58 CKA

PSP® Physical Security Principles

PSP – Chapter 15
Project Implementation

© Hazard 360 Ltd 2020 59

PSP® Physical Security Principles

We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 60

 PSP® Physical Security Principles
ASIS BC GDL 2005 Page 10

5 Stages of BC?

1 2 3 4 5

© Hazard 360 Ltd 2020 61 MY

PSP® Physical Security Principles

ASIS BC GDL 2005 Page 7

“Business Continuity Plan (BCP)”

An ongoing process supported by “Senior Management” and funded to ensure
that the necessary steps are taken to identify the impact of potential losses,
maintain viable recovery strategies and plans, and ensure the continuity of
operations through personnel training, plan testing, and maintenance.
Business Impact Analysis (BIA)
“A management level financial analysis that identifies the impacts of losing an
organization’s resources”. The analysis measures the effect of resource loss and
escalating losses over time in order to provide reliable data upon which to base
decisions on mitigation, recovery, and business continuity strategies.
Crisis Management Planning
A properly funded ongoing process supported by senior management to ensure
that the necessary steps are taken to identify and analyse the adverse impact of
crisis events, maintain viable recovery strategies, and provide overall
coordination of the organization’s timely and effective response to a crisis.

© Hazard 360 Ltd 2020 62

MM,MO,MD
 PSP® Physical Security Principles
ASIS BC GDL 2005 Page 11, 12

Perform Risk Assessment (11)

Step two in the creation of a comprehensive BCP is completion of a Risk
Assessment, designed to identify and analyse the types of risk that may
impact the organization. Assessment should be performed by a group
representing various organizational functions and support groups. More
detailed information on Risk Assessments can be found in the ASIS General
Security Risk Assessment Guideline, available at www.asisonline.org/
guidelines/guidelines.htm.

Identify Critical Processes (12)

Business critical processes should be identified and documented. They could
include purchasing, manufacturing, supply chain, sales, distribution,
accounts receivable, accounts payable, payroll, IT, and research and
development. “Once the critical processes are identified, an analysis of
each can be made using the evaluation criteria described below. Processes
should be ranked as a High, Medium, or Low”.

© Hazard 360 Ltd 2020 63

ME, ML

PSP® Physical Security Principles

ASIS BC GDL 2005 Page 14, 19,22

Crisis Management and Response Team Development

It is necessary that an appropriate “Administrative Structure” be put in
place to effectively deal with crisis management. Clear definitions must exist
for a management structure, authority for decisions, and responsibility for
implementation. An organization should have a Crisis Management Team to
lead incident/event response
Execute the Plan (19)
BCPs should be developed around a ‘‘worst case scenario,’’ with the
understanding that the response can be scaled appropriately to match the
actual crisis.
Logistics (22)
“Logistical decisions” made in advance will impact the success or failure of
a good BCP.

© Hazard 360 Ltd 2020 64

MP, MA, MR
 PSP® Physical Security Principles
ASIS BC GDL 2005 Page 10

Senior Leadership and

organization sponsors

Impact= Human Cost, Financial Cost, Corporate Image Cost

© Hazard 360 Ltd 2020 65 MT,OY,OM,

PSP® Physical Security Principles

ASIS BC GDL 2005 Page 15

Employees
Should Support

Compliance with Corporate Policy

© Hazard 360 Ltd 2020 66 OO, OD

 PSP® Physical Security Principles
ASIS BC GDL 2005 Page 17

In order to respond: Specific notification criteria should be established & documented

© Hazard 360 Ltd 2020 67 OE, OL, OP,

PSP® Physical Security Principles

ASIS BC GDL 2005 Page 24

What must happen before the

business can return to normal
operations?

Crisis must officially be declared over in order to return to Normal Operations

© Hazard 360 Ltd 2020 68 OA, OR, OT

 PSP® Physical Security Principles
ASIS BC GDL 2005 Page 26

 “Validate BCP”
 Check lists of Critical Actions
 Check List of Critical Information
 Annual Training Required

Appropriate Training is Required to Deal with Next of Kin – In Crisis Management

© Hazard 360 Ltd 2020 69 DY, DM, DO

PSP® Physical Security Principles

ASIS BC GDL 2005 Page 31

Review of BCP and its Relevance

to the Organization

Lesson Learned

© Hazard 360 Ltd 2020 70 DD, DE, DL

PSP® Physical Security Principles

Please can you email me with the name that you wish to
appear on your attendance certificate.

[email protected]

© Hazard 360 Ltd 2020 71

PSP® Physical Security Principles

We will now break for a 10 Minute Break

© Hazard 360 Ltd 2020 72

PSP® Physical Security Principles
Polling Group (18) Questions 1 - 36 (Thirty Minute Duration)

© Hazard 360 Ltd 2020 73