You are on page 1of 75

Basic Training for Crime Prevention and Physical Security Planning

A Focus on the Physical Security Survey



By Randy Gonzalez

BASIC PLANNING REFERENCES FOR KEY COMPONENTS

THE PHYSICAL SECURITY PLANNING PROCESS

MODEL SURVEY FORMAT PHYSCIAL SECURITY SURVEY DEVELOPMENT

SYSTEMS APPROACH TO PHYSICAL SECURITY PLANNING TACTICS & STRATEGIES

LAW ENFORCEMF:NT

Basic Training For Crime Prevention and Physical Security With A Focus On The Physical Security Survey

CRIME PREVENTIO~

AND

PHYSICAL SECURITY PLANNING

A Ba.E'>ic PhYE3ic:::a.l C:r- :l :me-

Guide For CD~ducti~g Secu:r-ity Su:r-~eyE3 A~d

Pre~e~tiD~ Pl~~~i~g

CRIME PREVENTION ....

PHYSICAL

SECURITY

PLANNING.

A Sy:::st e Il1E3 App::r- oa..c:::h-- F::r- c:>c:::e du"r-a..l-

Ma..~iIl1UIl1 Utiliza..tio~ of Sec:::ur-ity Cc::>u~ter-Il1ea..~uT'e~----------~-----

Overview of Crime Prevention & Physical Security Planning:

Crime prevention is the anticipation, recognition and the appraisal of crime risk situations, and subsequent actions that are directed toward the reduction or removal of crime

risks.

The fourth key ingredient in the definition of crime

prevention is the initiation of action to reduce the opportunity for criminal activity. From this aspect of crime prevention, flow all the many programs and services an agency or

organization may be able to offer a community.

In the plan-

ning stages of crime prevention, one important tool critical to opportunity reduction is the physical security survey. It is the major feature of this basic training manual to present an overview of the model design for a practical and comprehensive physical security planning survey instrument. The survey instrument, whether utilized to identify problems of a residential neighborhood or a corporate facility, is an important

part of the practitioner's capabilities.

Later, as a result

of having developed and completed the survey, the practitioner will foster the development of programs and services designed to assist community members in reducing security risks and the opportunity for criminal activity. Each survey model should be adapted, modified and otherwise tailored to fit the specific target objective. To best serve the overall mission of crime 'prevention, the physical security survey must be relevant to the unique features of the intended target.

CONTENTS

Topi c Area:

Page:

Introduction & Overview: The Planning Process ••••••••••••••••••••• l

Mo de 1 S u rve y Forma t •••••••••• eo ••• It -0 • o [) 4

Developing the Physical Security Survey ••••••••••••••••••••••••••• 6

Developing a System's Approach to Physical Security Planning •••••• 16

Security Planning for Special Areas:

Computer Security Checklist •••••••••••••••••••••••••••••••••• l9

Property Security Checklist •• aa ••••• ~ •••••••••••• ~ ••••••••••• 24

Checklist for Robbery Preventive Measures •••••••••••••••••••• 27

Checklist for Protection Through Environmental Design •••••••• 34

Suggested Reading List and Reference Sources ••••• o •••••••••••••••• 36

Sample Model Formats I- •• I- It I- .. I- I- 37

Site Evaluation Form Security Audit

Crime Prevention Program Development Checklist Crime Prevention Planning Forms

Bomb Threat Planning Checklist

The Physical Security Planning Process

The Model Survey Format

Developing the Physical Security Survey

Developing a System's Approach to Physical Security

Introduction & Overview: The Planning Process

The purpose and intent of this manual is to provide a basic framework and guide for the crime prevention officer or security planner, in conducting physical security planning. It is a collection of general information with regard to crime prevention concepts. This manual is not intended to be an exhaustive work, but merely a brief overview of the basic physical security concepts.

The first part of the manual be~rtns wi th a suggested format for conducting a preliminary physical security survey. This reflects selections from predominan~ methods utiT ized by security and crime prevention specialists, which focuses on the traditional problems of risk identification and reduction.

To establ ish an economical and workable security program, at any gi~en facility, requires initially an in-depth survey of the site. The target facility must be cons i dered in terms of its uniqueness. No two operations are exactly similar, although the crime prevention concepts remain constant. Flexibility must be an important part of any security planning effort. A study is usually conducted to analyze and determine the degree of security that is required for the protection of personnel, property and other assets.

Initially, a number of assessments should be considered in developing an overall plan for enhanced security. In general, those considerations will relate to the following basic areas:

1. An- analysis of the surrounding landscape and terrain.

2. Evaluation of the economic climate Of the area.

3. Sociological conditions and psychological factors.

4. Personnel and labor conditions.

5. Location of pol ice, fire and other emergency services.

6. Repponse times of emergency services.

7. Personnel organization and operation, levels of super-

vision, authority, etc.

8. High risk functions and related vulnerability.

9. Vulnerabil ity of facility to natural phenomena.

10. Facility loss potential due to theft, pilferage, etc.

11. Personnel safety factors and high risk hazards.

12. Committment required to conduct a cost effective survey.

13. Interior and exterior lighting.

14. Ventilation and trash collection control areas.

15. Fire safety/prevention and hazardous materiaJs.

16. Emergency planning: floods, tornadoes, hurricanes, bomb

threats, power failures, etc.

17. Access controls and personnel identification.

18. Personnel training and education.

19. Sabotage and espionage.

20. Executive protection.

21. Major crime potential: embezzlement, extortion, fraud, hostages, kidnapping, robbery, terrorism, burglary, arid, sexual battery.

2

A general understanding of the basic planning process for a crime prevention project is' important to the eventual conclusion of the survey. The traditional steps in the security planning process typically include:

1. Recognition of need.

2. Stating goals and objectives.

3.< Gathering relevant research information.

4. Assessment of data and preparing alternative courses of

action.

S. Ana 1 ys is of capab il it i es.

6. Establishing the primary course of action.

7. Reviewing and evaluating the overall plan of action.

8. Conducting followup research.

9. Implementing the survey pl an of action"

10. Conducting followup research related to results & findings. 110 Evaluating final results.

12. Developing recommendations.

Important considerations or topics that the security planner should be aware of, during the course of developing the survey plan, include, but are not limited to, the following pre-planning needs:

1. Purpose of the security survey plan.

2. Responsibil ities of those involved in the project. 30 Duties to accomplish goals and objectives.

4. Policies and procedures related to the survey project.

These areas can be broken down into seve ra l key components for a more direct understanding of the process. The security planner has the responsibility to ensure that a proper balance occurs in each area. The following is a suggested outline for further definition of the planning process:

I. Purpose of the Security Survey Plan

A. Degree of Security Desired.

B. Physical Security Design, Environmental Conditions and Layout of the Facility.

C. Personnel background.

D. Information sources: files, documents, records, reports.

110 Responsibil ities of those involved in the Project

A. Administrative authority"for the survey.,

B. Budget and Schedul i ng Requi rements for the survey.

C. Extent and Scope of the survey.

D •. Facility Management Responsibility & Authorization.

J II.Duties to accomplish Goals and Objectives

A. Degree of emphas i sand pri or i ty for Su rvey Project.

B. Focus and Direction of Survey Project.

C. Understanding of Goals and Objectives for Survey Project.

3

IV. Policies and Procedures Related to the Survey Project

A. Legal Issues involved.

B. Education and Training needs.

C. Interaction with on-site security s t af f ,

D. Local law enforcement assistance.

E. Related written operating procedureso

F. Control and Dissemination of survey results.

A basic security survey program should be designed to identify the risk potential of the target site. Important to this understanding, including the previously mentioned areas of consideration, is:

I. The ability to recognize and be aware of problem areas. 2. An appreciation for problems that may exist.

30 An ability to direct action to rectify existing problems.

The security survey program must be directed toward the remedy of security deficiencies that may exist at the target fatility. In this effort, the surveyor should focus the mechanics of the survey format to:

I. Develop a cost effective approach.

2. Be results oriented in appl ication of concepts. 30 Establ ish a program for growth management and

planning at the target site.

40 Establish guidelines for assessing risks and achieving accountabil ity.

5. Provide a program of loss ,control and a system responsive to the needs of the facility.

6. Motivate and stimulate interest in security planning on the part of personnel at the target site.

7. Provide a basis for further analysis of critical areas and high risk locations, within the facility.

4

Model Survey Format

The following outline is suggested as a basic overall format for conducting an on-site security survey.of the target facility. Depending on

the location and function of the facility, modifications should be made when necessary to accomodate the needs of the facil ity's operationso Thfs outline presents a very basic approach to general security considerations. It is suggestive of the mechanics involved in this type of survey format.

I • Tit 1 e Page

A. Name & address of facilty.

B. Date of survey and time.

C. Name & address of agency conducting survey.

D. Satements of confidentiality & liability.

If. Introduct ion Page

A. Authority for surveyo Bo Location fo facility.

C. Description of fac l l l ty ,

D. Date survey requested.

E. Purpose & scope & I imitationso

r II. General Factors Relating to Loss Potential

IV. Exterior Security Considerations

V. Interior Security Considerations

Vlo Other Interior Security Considerations

VI I. Security Alarm Systems & Related Anti-Theft Devices

VI I I.Security Procedures & Internal Controls

IX. Security Education & Training for Personnel

X. Other Security & High Risk Factors

XI. Summary & Conclusions

XI I. Closing Statement & Signature(s) of Surveyo~(~)

The above H s ted out 1 i ne may span severa I pages of text and related notes compiled from the field at the target site. Also, in special cases, photographs may be attached to place stress on particular hazards or security problems that may exist. Again, this is only a basic approach to the structure and outline of the survey format. An outline may serve the purposes of the surveyor, without a detailed explanation. Others may desire

to use an open narrative form, with recommendations and alternatives listed for each section Depending on the style of the crime prevention special ist, the recommendations and alternatives may be placed at the end, under the "Sunmary" sect jon 0

5

Whatever approach is used, the surveyor should always strive to use the format in a manner that is comfortable and serves the needs of the project. The physical security survey can be simple or complex, depending on the uniqueness of the facilityo Sometimes, drawings and other special diagrams may be needed to further define the uniqueness of the target site. Drawings, diagrams and photos should be included in an appendix section

fo ll owi nq the page which contains the closing statements.

At the end of the physical security survey, the surveyor should include a brief overview of the major security problems determined in the course of the surveyo If needed, the surveyor may wish to add his or her concerns as to the condition of the target site, with regard to overall securityo The importance of implementing security precautions immediately should be stressedo

The following is a sample Statement of Confidentiality, which may be used on the title page:

"The information provided in this security survey is sensitive in nature. Loss factors or security weaknesses may be of interest or of advantage to unauthorized persons. Every effort should be made to safeguard this ln fo rmat l on ;!'

The following is a sample Statement of Liabil ity/Responsibility for the security survey:

"Th i s physical security survey, along with the recommendations and final report of findings, reflects the opinions of the survey team. Management personnel should note that no system of security is 100% foo1proofo The survey team and its agencyorganization, therefore, do not assume any responsibility or liability for any loss or damage in any manner arising out of the survey, or the changes made based on the recommendations. It has been the responsibility of the survey team to develop security recommendations for the owner/manager of:

- ......... -:-::--:----

It is now the responsibil ity

of the owner/manager of:

--~~----~-------------------------

to act upon those recorrmendat lon s.."

Following the completion of the survey, the crime prevention officer may wish to develop a final report of findings, based on the survey format. It this procedure is desired, then an open narrative format may be used, defining conditions at the facility based on the survey outline.

In the pages that follow, the previous outline format is further defined in terms of specific security considerations. This section has been double spaced to make it easier to follow and define the more specific topic areas for the crime prevention officer. Hopefully, this will enhance the training and study efforts of those desiring to change or otherwise modify their security survey procedureso This section broadens and expands the previous outlineo

6

Developing the Physical Security Survey

Within the realm of crime prevention and security planning, the single most important technique for recognizing los6 potential is the physical security survey. In the application of this basic process, the major ingredient is the practitioner's ability identify risks, assess the opportunity

for a crime to occur, and develop practical recommendations. Through

this approach, police crime prevention officers, private security personnel, and corporate security officers strive to alleviate crime risks by recognizing potential problem areas, appraising the current set of circumstances, anticipating loss potential, and initiating actions to solve prb&lems or prevent their occurence.

The security survey can be defined as in depth analysis of the potential for security risks at a particular facil ity or building. The on-site examination may be an office complex, an industrial plant, a private home, or a public institution, including a university. The crime prevention practitioner exercises his or her expertise, by virtue of training and education, to assess the current level of security already practiced at the target site. In addition, the surveyor s t r l ves to identi:fy de flc I en t conditions, in order to determine the level of protection needed. This may also include a determination that certain excesses may exist, with regard to security, and may mean a cost savings to the institution. Finally, the survey includes making practical and cost effective recommendations to enhanc~the overa1 security profile of the target site.

In the field of crime prevention and security planning, the survey can be further defined to encompass five basic aspects. They. become the foundation for the development of a working model security survey format.

7

These five aspects include: anticipation, recognition, appraisal, opportunity, and action planning. Anticipation relates to conducting a survey with the idea of preventing a crime before it occurs. The anticipatory phase is simply one of planning ahead, by developing an as~essernent of nurrent conditions. The crime prevention specialist also must be capable of recognizing and defining what constitutes a crime risk. This, in turn, leads to an appraisal of the situation, and being able to communicate recommendations for corrective action. Next, the surveyor evaluates security conditions with regard to crime risks. He or she addresses the situation by looking at opportunities for criminal activitYi potential security breaches and weaknesses in current operations. In rounding out the survey, the action planning phase begins. Effort focuses on the removal or reduction of a crime risk. Fo l l ow l nq the recommendations for action, the decision maker, who has requested the survey, begins to develop a course of action based on the suggestions of the crime prevention officer.

The rationale for a physical security survey is based on many factors within a particular environmental setting. At best, it is a somewhat difficult endeavor to plan for every possible situation at a given site. No tworfiacilities are exactly the same, and recommendations will vary depending on the unique features of the facil ity or building. There

will be various influences, both internal and external, which will limit the abi I l tv of the surveyor to a certain degree. Budgetary constraints, legal considerations, management desires and needs, and facility operations, will be some of the factors affecting the survey application. However, the crime prevention specialist must make every effort to

8

conduct his or her analysis in a well planned and orderly fashion. The survey format must strive to be well organized and results oriented. The format that follows is suggested, at best, as a basic guide in conducting a physical security survey.

Introductory Format

In setting up the actual format of the survey, one practice is to develop a basic outl ine. The beginning of the outline defines certain background information pertaining to the survey and the installation in question. Typically, a title page sets forth such information as:

I. Name and Address of the Facil ity to be surveyed.

2. Date of the survey and time conducted.

3. Name of person or persons conducting the survey.

4. Name and address of agency represented by surveyors.

5. Statement of confidential ity and liability for the

survey.

The above information would be more than I ikely best kept to one page, and serve as the cover sheet. A profess ional Iook i nq folder or binder, would greatly add to the overall completion of the survey format.

The second sheet would include an introduction to the survey, and define its direction and objectives. Items to be included in this section are as follow:

I. A brief statement as to the authority for the survey.

2. A summarization as to the actual location of the facility.

3. Brief description of the facility:

a. Function

b. Operations

9

4. The date the survey was requested.

5. A statement as to the purpose and scope of the survey and any I imitations, or restrictions.

General Factors Relating to Loss Potential

The next page, following the introductory format, begins a preI iminary assessment of general lost potential factors. Some of the basic considerations for this section of the survey include:

I. The relative importance of the facil ity to the surrounding neighborhood (e.g. a computer building on a college campus).

2. Location of the facility in relation to conditions within the neighborhood (i.e. high crime area, history of criminal activity, labor unrest, urban development, density, etc.).

3. The facil ity's location with regard to visibility and land-

scapeo

4. Visibility of access points and surveillance by pol ice or security personnel.

5. Pol ice and Security personnel response times to the facil ity, and locations within the facil ity. These should be considered along with:

a. Types of locking devices used.

b. Locations of safes and vaults.

c. High risk storage areas.

d. Alarm systems.

In Item Number 5, the surveyor should attempt to evaluate the current conditions, relative to how long an intruder would be delayed, prior to

10

the arrival of the pol ice or security forces.

6. Control of access points and levels of authorization for entry.

a. Hours of operation.

b. Access controls.

c. Opening and closing procedures.

d. Freedom of movement in and around the facil ity.

7. Initial Identification of high risk areas:

a. Computer operations.

b. High value property and inventory.

c. Cash handling operations.

d. Con f i den t i a I f i I es.

e. Mechanical equipment rooms and utilities.

8. General examination of factors related to the uniqueness of the particular facil ity, special features, etc.

External Factors and Security Considerations

The previous section may involve several pages of documentation, in addressing initial security factors. A surveyor must make every effort

to be brief and concise, yet capture essential data that will support management's needs. The next section investigates more specific factors, and moves toward a more direct analysis of the facility, whereas the preceding section viewed the site in general terms. The ~reas of consideration in this part include:

1. Symbolic and formal barriers

aQ Shrubs, hedges and walkways. b. Fenc i n9 and barri er control s ,

J1

2. Lighting

3. Obstructions to surveillance and visibility. 4 • C 1 i mb i n g aid s •

5. Noise generating equipment that may cover the sounds

of i nt rus ion.

6. Exterior doors.

7. Exterior windows.

8. Vents, roof hatches, etc.

9. Other exterior access points.

10. Parking areas and service drives.

11. Trash collection areas.

120 Other factors related to unique aspects of the facility.

Interior Factors and Security Considerations

The third major section of the physical security ~urvey takes the surveyor inside the facility or building. As with each section previously presented, the subtopic areas may involve individual analysis by themselves to fully define any security problems. Throughout the survey, the contents should remain to the point, in a brief narrative style.

In this section, aspects for close consideration include:

1. Lighting and lighting controls.

2. Interi or doo rs ,

3. Interior windows.

4. Vents, roof hatches, etc.

5. Ceiling and wall construction.

6. Vending machines, lounges and food service areas.

7. Locker rooms.

8. Mechanical equipment rooms
9. Cash handling operations:
a. Te 11 er windows.
b. Cash registrers.
c. Audit procedures.
d. Accoun t i ng an d financial control.
TO. High risk areas: a. Computers and electronic equipment.

b. Inventory control.

c. Property storage.

11. Safe and vault areas:

a. Description of safes and vaults.

b. Level of ratings appropriate to contents. c.- Control of access, keys and combinations.

12. Other lrrterl-or security considerations:

a. Removable panels and gratings.

b. Places of concealment: under drinking fountains, behind

lockers, under counters, etc.

c. Protection of electrical breaker panels.

d. Protection of primary lighting controls and backup.

e. Protection of portable property.

f. Other unique factors.

Facility Security Alarm System

In this section, the surveyor addresses the needs of the facility for the installation of an alarm, or other anti-theft devices. If a system or systems are present, the surveyor would investigate its use and operation.

Considerations with regard to an alarm system may include at least the following basic aspects:

1. Identification of the type and use of existing alarms.

2. Level of security provided and/or needs.

3. Determination of alarm system needs or useage with regard to personnel, money and property.

4. Nature of annunciation and response:

a. Local.

b. central station.

c. Proprietary.

d. Other.

5. Environmental conditions affecting alarm system.

6. History of alarm malfunctions and false alarm rate.

7. Consultation with alarm suppliers and companies.

8. Management needs, interests, and concerns.

9. Testing and maintenan~e intervals.

10. Employee education, training and usage •.

11. Alarm pol icies and procedures in written form.

12. Response to alarm activations by pol ice and security force.

Security Practices and Procedures

This section involves the surveyor in the internal control aspects of the organization. It addresses certain issues ~elating to personnel and their involvement in security planning. These include:

I. Key cont ro 1, us aqe , and issuance. a. Authorization levels.

r4

b. Restrictions and key inventory.

c. Checkout and logging procedures.

d. Rekeying procedures.

e. Key recovery when employees terminate, transfer, etc.

f. Key control accountabil ity and responsibil ity.

2. Assignment of duties for locking and unlocking facility, opening and closing procedures.

3. Responsibi 1 ity for lighting mailn tenance , and operation.

4. Procedures and measures for safeguarding of cash, checks, deposits, etc.

5. Policy and procedure for control of access points, reception areas, etc.

6. Shipping and receiving operations.

7. Notification and reporting for breaches of security, thefts,

and related situations.

8. Property identification, labeling, decal ing, etc.

9. Responsibility for storage and control of inventory.

10. Employee vigilance.

11. Procedures for access to facil ity by repairment, vendors, contractors, custodial services, etc.

12. Property loan and checkout procedureso

13. Employee education and training:

a. Employee supervision.

b. Regular training programs.

c. Employee involvement in the security process.

d. Use of security posters, signs and brochures.

lS

Summary and Conclusions·

In the final section of the survey format, the crime prevention officer undertakes an overview of what he or she encountered with regard to physical security. This section should provide an abstract of the major deficient conditions detected during the course of the survey. The surveyor may

wish at this point to provide his or her professional opinion of the

general security profile of the facility. In doing so, the more serious aspects of loss potential may include a synopsis of:

1. Robbery potential.

2. Burglary vulnerability.

3. Problems of shoplifting.

4. Vandal ism.

5. Fraudulent activity: credit cards, checks, etc.

6. Emergency and disaster planning, coordination, and

recovery.

70 Fire safety and other hazardso

8. Personal safety factors for both employees and customers.

This outl ine in developing a basic physical security survey has been presented to offer further assistance to the crime prevention practitioner. It is not intended to be an exhaustive approach to physical security planning. Instead, it is a suggested format, based upon basic crime prevention concepts, and should be considered as a flexible approach to conducting a physical security survey. The crime prevention surveyor should always strive to modify the survey format to meet the needs of the facility, and provide quality informationo

16

Developing a System's Approach to Physical Security Planning

The purpose of this section is to present a general overview for the development of a system's approach to physical security planning. The intent is to provide a brief outline of the basic elements for a further'consideration of physical security planning programso

10 A System's Approach - Basic Security Elements

A. Procedural Security - those aspects that allow for the detection of an intruder, or the reduction of losses through non-physical means.

Bo Electroril~ Seoufity- those aspects pertaining to electronic meithods that aid in the detection of an intrusion.

C. Physical Security - those aspects related to the placement of physical barriers in the path of an intruder.

II. Security Planning for Access Points & Control

A. Locks and hardware systems

B. Design & Construction of doors, mounting hardware, frames, etc.

C. The access point or door as a "svs tem" I. lock i ng mechan i sm

2. door des ign

3. frame

4. hinges

5. walls structures and supports

6. protection for the area where two doors meet.

7. center posts for two double doors.

80 closing devices, viewers, weather stripping and misc. hardware.

D. Review and consideration of various locking systems to maximize security of access points.

I. examination of lock parts: bolt, key mechanism, cyl i nde r , etc.

2. strike plates, etc.

3. latching and deadlocking features.

E. Maximize Security of Key Systems

1. Pick-drill resistent.

2. Prevent unauthorized duplicat)on of keys.

3. Security considerations:

a. adjustment of closing devices.

b. environmental conditions subject to change

affecting doors: expansion, friction, etc.

c. propping open doors by employees.

do poor maintenance of locks, doors, etc. eo hinge pins exposed to outside.

17

F. Door Viewers & Alarm Locks

1. Visibil ity to outside from inside - viewers

2. Visibil ity range to outside - 120, degree to 180 degree.

3. Alarm locks: sounds when egress is violated.

a. high traffic areas open to public

b. ensure adequate signage.

c. ensure AC power supply. do require monitoring.

G. Alarm Systems

I. Review necessary requirements and needs of the facility: foil sensors, magnetic contacts, heat sensors, plunger contacts, ionization smoke detectors, ultra-sonic (sound energy) detectors, microwave (radio frequency energy) detectors, passive infra-red (infra-red energy radiated by intruder's body heat).

20 Examine control functions - operation between the sensors and the annunciation units.

3. Annuciation requirements

a. local

b. propr ietary

c. central station

d. police department

4. Examine different types of access controls as needed by facility:

a. card reader system

b. push button - touch p~nels

c. telephonic/personal recognition

d. personal characteristics: fingerprints, hand geome t ry, etc.

II I. Assessment of High Risk Areas Such As Computer Operations

A. Secure perimeter location with alarm system(s}.

B. Establish levels of authorization - restrict entry.

C. Secure microcomputers and other high risk equipment to a fixed position within a secured area.

D. Avoid telephone links with other microcomputers unless additional safeguards are used.

E. Restrict copies of computerized master files to two copies if possible, one at the site and one at a secure off-site location.

F. Separate responsibil ities for system design, operations, programming, and data entry among different personnel.

Go Assign different passwords to these different personnel functions. Void individual passwords when an employee res i gns 0 r I eaves 0

H. Use programs that will flag accounting transactions if they do not follow established norms.

I. Install signal scramblers to prevent unauthorized entry if telephone lines are used.

18

J. Elements of System's Approach to Computer Security

1. Administrative Security Planning: supervision, accountabil ity, written procedures, authorization levels, etc.

2. Personnel Security Planning: selection, screening, operational assignments, access and authorization, continous safety and security education.

30 Physical Security Planning: physical location, access controls, general security precautions, separation of operations, alarm systems, power supply protection, auxiliary power supply, air conditioning, humidity control, heating equipment, fire control, peripheral openings, 1 ighting, water-supply, electrical conduits, etc.

40 Communications security planning: protection of connecting lines, electrical junction boxes, coding and input devices, protection of processing or telephone switchboard equipment.

5. Emanation Security planning: identification of users of equipment, surveillance of processing accesses, remote equipment rooms, isolation of hardware compon~ ents, maintenance of the integrity of the systemo

6. Computer Security Planning:

a. Security of all software systems: computer operating programs, file management, communications control programs, application: programs, and resource accounting programs.

bo Protection of all hardware components: fire, theft, vandal ims, etc.

c. Protection of terminals and other equipment: card readers, punches, printers, paper tapes, remote user rooms, etc.

d. Protection of all remotely located equipment.

This outline has presented a basic approach to developing an understanding for a systematic assessement of major security considerations.

It serves to further the concept of a "svs tem+s " approach to physical security planning, by viewing the basic components of a facil ity or target site.

The procedural, electronic and physical security, aspects of a given target location should all be considered when c6nducting the physical security survey. During the course of the survey project, the surveyor should strive to keep in mind his or her established objectives for the project. In this effort, the objectives should be classified according

to importance, given the time constraints or other factors involved. The crime prevention officer should be prepared to develop alternatives as the need arises.

Security Planning for Special Areas

Computer Security Checklist

Property Security Checklist

Checklist for Robbery Preventive Measures

Checklist for Protection Through Environmental Design

COMPUTER SECURITY CHECKLIST

I • General "Administrative Planning:

1. Has a management statement or commitment been made regarding security so all individuals are aware of management's concern and the consequences following security violations?

2. Has an overall security policy, emphasi zing the need to keep passwords and sensitive information secure, been developed?

3. Are employees familiar with the policy?

4. Is access to physical assets and data effectively restricted to authorized persons by electronic and/or physical controls?

5. Is there an inventory of data communications equipment, including lines, terminal s , modems, etc •.• ?

6. Have written job procedures been prepared for each major job ftmction and are these procedures updated when necessary?

7. Are there wri. tten policies and procedures regarding the security practices of the operating area?

8. Are the employees of the area periodically retrained to properly apply these security measures?

9. Is a background check made on all employees having access to sensitive assets?

10. Do you have a back-up facility for the on-line system which is able to respond in the event of an emergency?

11. Is there proper review of all transaction messages inputted to the system that are unaccounted for, distorted, duplicated or delayed?

12. Are periodic checks of the network made during normal operation to verify proper operation, detect line/modem errors, terminal operation, etc ••• ?

13. Are suspected security violations brought to the attention of the security personnel or police?

19

YES NO

() ()

() ()

() () () ()

() ()

() ()

() ()

() ()

() ()

() ()

() ()

() ()

() ()

14. Has management coordinated security problems/concerns with the security personnel or police?

15. Is there a regular inventory of all equipment?

16. Is there an established key control checklist/inventory?

17. Are all policies, procedures and guidelines consistent

with C?mpany policies?

18. Has management planned a staff crime prevention education training program with the security personnel or police?

19. If an alarm system is in use, are users educated in the proper operation of the alarm?

20. Ibesliseet.:WitY';QT'pO'liooi\ have a list of names of all persons authorized in sensitive areas after normal hours?

21. D:J the police personnel have the after hours phone numbers for the accountable officer(s) in the event of an emergency or security problem?

II. Authentication/Authorization: Computer Usage

1. Is there a dialogue between user and computer for the purpose of identification and authorization?

2. Are all users assigned unique user identification codes?

3. Are passwords assigned to verify users?

4. Are passwords changed with frequency relative to the sensitivity of application?

5. Are multiple levels of passwords used to restrict sensitive functions, similar to multiple levels of government security, (i.e. confidential, secret, top secret)?

6. Are secondary identifiers such as cardkey, or signature verification used to identify and authenticate terminal users in addition to, or instead of, passwords?

7. Are users sufficiently sensitive to security that passwords are appropriately protected?

8. Are passwords created using a random method?

20

() ()

() () () () () ()

() ()

() ()

() ()

() ()

YES NO

() ()

() () () () () ()

() ()

() ()

() ()

() ()

21
9. If users assign their own password, is there a computer ( ) ( )
program to review each password to ensure that it is not
a copy of the user's name, birthday, social security
number, or four or more similar characters?
10. Does the system prevent a user from selecting a new ( ) ( )
password that is the same as his old password?
11. Is there a well defined authority for the responsibility ( ) ( )
for password changes?
12. Are passwords printed and distributed in a secure ( ) ( )
fashion?
13. Is a staff member assigned security responsibilities ( ) ( )
for the issuance and maintenance of all passwords?
If not, who is responsible and are the controls adequate?
14. Are procedures for the issuance and maintenance of ( ) ( )
passwords well documented?
15. During sign-off, does the system ask the user when his ( ) ( )
next anticipated sign-on will be? Any sign-on before
that time period will be reported as a violation.
16. During sign-on, does the system Inform the user when he ( ) ( )
last signed off?
17. Does the personnel or user department notify the ( ) ( )
appropriate individual to remove an employee's ID
and password upon termination or transfer?
18. Is one-way encryption used to prevent password ( ) ( )
disclosure should the password table be compromised?
19. Are passwords masked on both CRT type terminals as well ( ) ( )
as printing terminals?
20. fu terminals automatically log-off (time-out) after no ( ) ( )
usage for several minutes?
21. Are all unsuccessful log-ons recorded, reviewed and ( ) ( )
monitored for threshold levels?
22. Does the system prohibit further log-on after three, ( ) ( )
unsuc;cessful attempts?
23. Does each message contain an identifying message header ( ) ( )
including:
YES NO
a. Message number? ( ) ( )
b. Te1TIlinal? ( ) ( )
c. User? ( ) ( )
d. Date? ( ) ( )
e. Transaction Code? ( ) ( )
L End-of-message? ( ). ( )
g. End-of-transmission? ( ) ( ) 22. Is there a method (sequence number on each message) to account for all messages and identify illegal messages?

"III. Tenninal Security: Computer Access

1. Do remote terminals contain lockable keyboards or physical locks on terminal on/off switch?

2. Are terminals located in a physically secure area?

3. Is access to the terminals limited to business hours?

4. Are there fire detection facilities in the terminal area?

5. Is a log maintained of personnel assigned keys or ID cards for terminal usage?

6. Are procedures established to ensure that users log-off before leaving a terminal and that they remove all paper, including carbons or ribbons, which should not be seen by other terminal users?

7. Are certain terminals restricted for input only, or output only, depending on nature of business? How is this restricted, enforced and established?

8. Is there a message audit trail so a terminal user can trace messages sent?

9. Are log-on, system commands, and on-line transaction documentation manuals labeled as confidential and placed in a secured area when not in use?

10. Are phone numbers removed from modems to prevent access to the dial-in telephone number?

11. Is supervisory approval needed to bring a terminal up outside of scheduled operating hours?

12. Are individual users restricted to specific functions ••• (separation of duties)?

13. Are terminals programmed to accept only certain specific transaction types?

14. In a dial-up network, is the telephone number changed periodically?

15. Are dial-up lines used in case of leased line failures?

16. Is the telephone equipment room secured?

22

() ()

YES NO

() ()

() () () () () ()

() ()

() ()

() ()-""

() ()

() ()

() ()

() ()

() ()

() ()

() ()

() () () ()

17.. ATe terminals hard wired - therefore el iminat ing the risk of unknown terminal s gaming access?

18. Are cables and video display screens electrically shielded to prevent electrical emanations or physical tampering?

19. Are all security files (password tables, authorization tables), stored in protected files on direct access storage devices and in the computer memory, and are they encrypted if necessary?

20. If encryption is being used, have controls over the encryption key been developed?

21. Has the principal of least privilege, i.e. granting the minimum access authorization necessary for performance of required tasks, been implemented?

22. Are access logs reviewed on a regular basis?

23. Are tenninals and related computer components secured to a fixed position to prevent unauthorized removal?

23

() ()

() ()

() ()

() ()

() ()

() ()

(.) C.)

No single checklist can serve the needs of every possible location or situation. TIle above listed·checlLlist is a representation of basic areas for consideration with regard to physical security measures. The listing has been abstracted from the 'Checldist For On-Line Systems Securf.ty ' J fran the MIS Training Institute, - Incorporated, 4 Brewster Road, Framingham, Massachusetts 01701. For additional .informat ion concerning this reference source; contact HIS at the address listed. Some rrodifications have been suggested in the above rnentioned list in order to keep the suggestions b~sic for the purposes of this manual.

24

PROPERTY SECURITY CHECKLIST

The purpose of this checklist is to alert the user to possible security problems within the office or work area. The intent is to assist your office in reducing the opportuni.ty for a theft to occur. You may wish to use this checklist as part of your internal property inventory program. Answer each question with a check mark in the appropriate co lumn provrded below. A check mark in colunm "2" may indicate that immediate attention is needed for an existing security problem ..

WPIC AREA

COLUMN 1

'mLUMN 2

Facilities

1. Can non-authorized persons enter & leave the building without contact with the

office personnel? •••• ~ ••• e~ ••••• ~ ••••••••••••

No

Yes

2. Is there access to the room where equip-

ment is stored that allows undetected entry?' .·_No

3. Are windows properly secured? •.••••.•••••••• ;_'_Yes

4. Are security signs located at all entrances indicating all equipment is marked and

traceable?~ •••.•••.•••.••• ~ •.•••••.••.•.••• ¥.· Yes

Yes

.. No·

... No

5. Are classrooms, labs and other work areas

locked after class to prevent entry?......... ,Yes

-'-

No

6. Is someone responsible for securing all doors

after normal business hours? •.•••••••••••• e ~ ~. Yes

No

Inventory

1. Is there an inventory of all equipment which includes the following: ••••.••••••..••••••••••

Yes

No

Model Brand Vendor Date of PUrchase ~ist or-Accessories' Cost Serial No.

~ocation Deca1-'- Date-Of last Inventory

Person/Department Assigned

2. Is a duplicate inventory list filed at another

: location and kept in a secure p1ace? ••• ~ •••.• _. _Yes

3. Is there a physical inventory of all property done at least once a year as required by Uni-

. 1·? Y

verslty po lcy .•••• ~ ••• e.o •• « ••••••••••••••••• es

No

No

4. Are appropriate records kept when property is

f . ? Y

sent out or repalr .•.•••••..•••••.••••••••••. _· __ es

No

25

5. Are photographs of equipment kept on

file for identification purposes? ••••••••••

6. Are there policies and procedures for

the loan of equipment which are consistent

. h . I' ?

Wl t •. " . .oorrpaIly. po ley- III eo _ " ••

Yes

No

Yes

No

Equipment_

1. Is equipment marked or engraved in at least

two locations with: ••••• "."'.o :.

Yes

No

. Decal Number Department Name

2. Is equipment loan procedure adequate and

consistent with •• CompanY ~ Policy? •••••••••• Ye~

No equipment is removed without being

-signed out.

No equipment is loaned from department to --department without appropriate records.

No

3. Is high risk equipment stored in a locked

storage area? " .. olio _ •• 00 "" 11'" •• " ~ T Yes

No

Calculators -Cameras

-Microphones

--Stereo Headsets

Slide Projectors

TV Sets -Speakers

--Cassette Recorders

-TV Portapacs

Film, Blank Cassettes

.~

.. 4. Is equipment physically

secured to a fixed location? u ••••• H •••••• ~. Yes

No

5. Is the photocopying machine accessible to individuals without proper supervision? ••••••• ~~~No

Personnel

1. Is a list of all personnel with keys to equipment storage areas kept on file? ••••••• 0 •• ~ ~_'_Yes

. 2. Is a staff member available at all times

when equipment is accessible by users?o.o~oo~_·_'_Yes

3. Are building staff pennitted to remove any equipment from the build:ing without

checking it out? 11- ••••••• II "' •••• (10 •• tJ • ~ e __ No

Yes

No

No

Yes

4. Are staff members aware of proper pro-

cedures for checking out equipment? •••••• ~~. __ ~Yes

No

26

50 Has a staff member been identified as responsible to check all areas for possible security problems after

normal daily operations?.~ •••••••••••••••••• yes

No

6. Do staff members responsible for fndividual equipment areas make periodic

security checks of all equipment locations?~. Yes

7. Are the police notified immediately upon .

the discovery of missing/stolen equipment?.o Yes

Comments and General Assessment of Loss ·Potential:

Vehicle Description:

Auto License, _

MakeNrr----

Colof'-- _

Addlitiorlal Remarks:

No

No

27

"rnE~IST FOR:

ROBBERY: PREVENTIVE MEASURES ~ CASH HANDLING AREAS;

In the order of magnitude of ordinary crimes, robbery represents the

smallest monetary loss, falling significantly below shoplifting, employee

theft? fraudulent checks, and burglary. The "one outstanding factor about robbeIY, however, is the personal danger the businessman and his employees

are likely to face from violence.

Because of the sudden, often violent action of a robbery, the victiTILS

are often taken by surprise and off their guard. The typical robbery

occurs in a very short period of time--lessthanaminute. The victim

generally finds it difficult to relate details of the robbery accurately and reliably to the police.

Almost universally, police departments "cotiriselagainstthevictim of a robbery taking any action which might "antagonizE; the robber. Instead, he is cautioned to cooperate fully with the robber's wishes, but, at the

same time, noting factors relating to the robbery that will be useful to

the police--description, escape route, property taken, etc.

All staff members handling cash in public areas need to prepare them-

selves in advance by reaching certain basic decisions about the P?ssibility of a robbery, in order to give maximum protection against the actual

occurrence. These include:

1. Admission that a tobbery is possible. Pew business areas are imrmme from the attention of the would-be robber. ,Business operations

that maintain cash and/or high value items on the premises are likely

targets for robbers. For this reason, all cash operations are advised to

maintain the least possible level of cash exposure, to make bank deposits often but not regularly, i.e., predictably, and to give merchandise

28

subject to robbery maximum protection. Any business with cash on the premises is a prospective target and the amount of cash does not necessarily have to be large.

2. The establishmentOofoadefiniteplanOtobeofollowed in the event of a robbery. The supervisor and employees should be prepared to make careful mental observations and to write them down as soon as possible. Provision needs to be made for relaying information the University Police will need~ particularly for suspicious °peisonsonotedOonoyOnear the premises.

In the final analysis, the staff member's best protection is to take no action that would provoke the robber. He should cooperate to the extent demanded, making a careful note of all details of the robbery and robber and reporting to the police at the first opportunity. There follows below an action plan for the businessman in establishing a program for dealing with robbery.

A. General Preventive Measures

The Problem. Robberies will occur because the situation has been made easy and convenient for the robber (i.e., poor housekeeping, poor cashhandling methods, and a general lack of planning toward the possibility of robbery). l~ile it is impossible to eliminate robberies completely, it is your responsibility to deter the WOUld-be robber as much as possible through good operational practices.

Preventive actions;

I. Keep the interior well lighted.

2. Keep the access doors to cash areas locked at all times.

3. Be sure alarms are in working order at all times.

29

4. Do not open the place of business before or after regular business hours, as far as possible ,"either too early or too "late.

5. Avoid routine procedures that can be observed and used to advantage by would-be robbers.

6. Keep cash exposure and cash on the premises at the lowest possible level.

7 . When making deposits;

a. Go directly to the depository.

b. Conceal the money, if possible.

c. Do not leave deposits or withdrawals unattended in an

automobile.

d. Do not go alone.

e. Vary time and routine of trips.

f. If possible, make deposits in daylight hours.

8. Do not keep large sums of money on the premises--ban1c as often as possible.

9. Do not keep large sums in the cash register or where it may be exposed to the view of others.

10. Beware of till tapping--the procedure whereby one person distracts the attention of the cashier while an accomplice steals from the cash register.

30

B. Anticipating a Possible Robbery

The Problem. The speed with which a robbery normal Iy takes place makes it difficult for the supervisor or his employees to give helpful information to the police. Be prepared for the possibility of a robbery by deci.ding in advance what is to be done and who is to do it.

Preventive actions:

1. Be alert for persons attempting to hide on the prernisesnear closing time.

2. Instruct all employees on the use of the alarm system.

3. Call the police quickly •••• if a suspicious person is observed on or near the premises. If he is driving a car, get the license number.

4. Make planS in advance as to who will take certain actions if a robbery occurs:

a. Who calls the police;

b. Who makes observations;

c. Who protects the evidence at the scene;

d. Who detains witnesses.

5. Some employees are gifted in the art of observation. These persons should be alerted to make observations during a holdup.

6. Practice identification with co-workers.

7. If possible, install height markers, e.g. black plastic tape, at varying heights on door frame to identify appromixate height. Use suspect ID charts.

8. Discuss with employees what they "rnight do if a robbery occurs.

31

C. What to Do if Robbed

The Problem. Most robberies take place in approximately one minute.

During that time, the victim must do the robber's bidding, yet be observant enough to give the po'l.ice officers useful information. To the average person, however, a robbery is a frightening experience. The robber is generally armed and should be considered capable of committing bodily ham.

Preventive actions:

1. Take no action which would jeopardize personal safety.

2. If the robber displays a fiream, consider it to be loaded.

3. If possible, activate the silent alamo

4. Attempt to alert other employees by use of prearranged signals.

5. Attempt to delay the robber if at all possible, but without sacrificing personal safety.

6. Try to maintain possession of the holdup note, if one is used.

D. Observation

The Problem. The chances of apprehending a robber are considerably enhanced if the victim is able to give an accurate description of the person or persons. The victim must be prepared to observe the robber, usually wi thin a minute or less. By remaining calm during a robbery, the victim's powers of obsersation will increase and danger of injury

. will be minimized.

Preventive actions:

1. Observe physical characteristics of the robber:

a. Race, age height;

b. Facial characteristics, complexsion, hair;

c. Clothing worn, head to foot;

d. Physical carriage;

32

e. Speech;'

f. ~1arks? scars, deformities;

g. Robber's method of operation.

2. Look for accomplices.

3. Note method of escape,

4. Describe escape car~ model, make, year,. license number.

5. Ascertain direction of travel.

6. Describe type of weapon used.

7. If more than one robber is involved, study the nearest one.

Don't try to observe all in detail.

8. Comparison of the robber with someone the victim knows aids in recalling details.

E. After the Robbery

The Problem. The ahi l i ty of the .pol.Lce officers to apprehendjthe robber is dependent on thespeedof'notification by the victim and the clarity with which he describes the circumStances of the robbery. It is essential that the victim remain calm and collected so that he can take positive and proper action in notifying the police.

Preventive actions:

1. Notify the .po'lf.ce agency

as soon as robbers leave the

premises, keep emergency - nunbers well posted.

2. Give the exact time the robbers left.

3. Protect the scene of the crime; stop others from disturbing the premises.

4. Hold all witnesses until the University Police arrive.

s. Lock the doors if possible--allow no one in except the University Police.

33

6. Dontt trust to memory; jot down all information immediately.

7. Do not discuss the holdup with anyone until questioned by the police.

,.

8. Do not touch any articles that may have been touched or left by the robber.

9. Once the tpdliceofficers are called, stay on the line so that other vital information can be obtained.

10. The following are kinds of infonnation generally asked by the police a.g.eriCY.)..~~\ .radio dispatcher:

a. Location of the armed robbery;

b. Whether anyone was injured;

c. When the robbery occurred;

d. The weapon used by the robber;

e. Direction in which the robber went;

f. Description of the vehicle;

g. Description of the robber;

h. Description of clothing;

i. Description of money or article taken;

j. How the robber carried the loot.

34

CHECKLIST: PROTECTION THROUGH ENVIRONMENTAL DESIGN

This particular checklist or outline has been developed to review some of the basic considerations for protect1on in consideration of environmental design features.

1. Territorially: This area is defined as that which suggests that physical spaces can foster feelings of safety or fear on the part of those who work or live in the setting. The level of safety or fear depends on the design of the particular setting. Crime prevention through environmental design should, in an ideal sense, strive to accomplish the following:

a. Create a sense of territoriality;

b. Feelings of control by residents/workers over neighborhood;

c. Promote security surveillance by encouraging residentsworkers to keep their eyes on the street and surrounding areas;

2. DefensibiLe Space: To foster territoriality on the part of workers/residents is to develop the concept of defensible space. This suggests:

a. Outside areas function as extensions of inside areas;

b. Design of buildings, common areas, lighting and landscaping, promote crime prevention if developed correctly;

c. Create physical and psychological barrLers that increase an intruder's perceived risk of apprehension

d. Security and safety must be designed into the environment;

e. Design spaces that are always under surveillance;

3. Building Heights: High-rise buildings provide .addi tional living and working space for residents/workers. However, they also can promote criminal activity. Indifference of residents toward their neighbors can be a result of the anonymity created by the building design. A lack of interest in common areas may promote opportunities for criminal activity.

a. Long hallways, concealed stairs, long elevator banks, and similar locations are susceptible to crime.

b. Manly researchers suggest that the ideal building

height is six (6) floors, for effective crime prevention planning. This may depend on useage.

c. Access controls at entrances should be examined, such as: reception personnel and electronic security systems.

do Public halls and elevator areas should not be used as recreational space for children. This may eventually lead to vandalism.

35

4. Landscaping: Well planned development of the exterior landscape can promote a crime-free environment. Shrubs, lawns and related features can serve as informal barriers. They also provide a basis to define the trterri tory" of the local setting. Lawns and shrubs, however, are only "symbolic" in the setting. They will not stop the determined intruder. Yet, to a great extent, these aspects can foster the overall security climate, as follows:

a. Plants should be trimmed low, to promote surveillance by workers/residents.

b. Landscaping should never restrict vision.

c. Shrubs and plants should never block windows, or be grouped around entrances or exits.

d. Landscaping should never provide places of concealment.

e. Landscaping should be designed to influence the feeling of territoriality. This can be done by:

(1) Assignment of specific areas to a particular house, apartment or group of units;

(2 ) Occupants should be encouraged to assume responsibility for certain areas.

(3) A sense of ownership over outside areas fosters surveill an ce ,

(4) Neighborhood surveillance is an effective weapon against crime.

5. Common Spaces: Common spaces within a complex often have a common problem, since everyone has ownership. When everyone shares the ownership, it is unclear as to whom has the responsibili ty for security. The following should be considered:

a. Unassigned and anonymous spaces should be kept to a minimum.

b. Space should be assigned according to the needs of the occupants.

c. Senior citizens would have a greater need for benches and garden areas.

d. Teenage facilities should be separated from senior citizen parks.

e. Children's recreational areas should be placed so parents can exercise supervision.

f., Commpn areas should not be in direct contact with public streets. They may be considered for placement between buildings to give residents more control.

g. Common areas should always be well lighted and free of any visual obstructions. Low picket fences, shrubs and grass may be used to define the space.

h. CuI de' sacs have been used in many project areas to reduce a criminal's escape route.

i. It is important to keep in mind that there is a relationship between resident's and worker's sense of control

over an area. If the neighborhood relates to common areas outside their homes, they will protect ito

36

Suggested Reading List and Reference Sources

For additional information on topics related to physical security planning and crime prevention, the crime prevention officer may wish to contact, the following, or research the references listed.

Introduction to Security and Crime Prevention Surveys: A book by Mr. Arthur A. Kingsbury; Charles C. Thomas Publishers, Springfield, Ill. (1973)

Crime Prevention Through Physical Security: A book by Mr. ""alter M. St rob-l; Marcel Dekke r., lnc , Publishers, New York, N.Y. (1978)

Fundamentals of Proteotive Systems: A book by Albert J. Mandlebaum; Charles C. Thomas Publ i shers, Spr ingfi el d , 111. (1973)

Operations Report: Safeguarding Your Business Against Theft and Vandal ism:

A book by the Research Institute of America, 589 Fifth Avenue, New York, N.Y. 10017.

The Computer Security Institute: 43 Boston Post Road, Northborough, Mass., 01532.

Crime Prevention Through Environmental Design: A book by Dr. C. Ray Jeffery; Sage Publications, Beverly Hills, CA;TI971)

Risk Analysis and the Security Survey: A book by James Fa Broder; Butterworth Publishers, Boston, Mass. (1984).

Security World Magazine: 1350 E. Touhy Avenue, P.O. Box 5080, Des Plaines, 111.,600180

The International Society of Crime Prevention Practitioners: P. O. Box 1284, Rockville, MD, 20850.

MIS-Trl1l1nlng'nst.ttute~ 'Inc .. 4-Brewster Road, Framingham, Mass. 01701 (Computer S~cur'ty and related InformatIon. etc.)

37

'. ~~' .

f IJ Ii 1\11 JlT~

CONFIDENTIAL SITE EVALUATION FORM

THIS INFORMATION WILL BE KEPT STRICTLY CONFIDENTIAL

This format is designed to assist in the planning process. It is a basic format, which serves as a guide to additional planning.

SECURITY PROFILE

PHYSICAL DIMENSIONS

ENVIRONMENTAL

SYSTEMS DESIGN

USER PROFILE

COMMENTS

SITE DRAWING

The Site Evaluation Form is a preliminary assessment designed to evaluate and determine the existence of security deficiencies prior to the development of a full-scale physical security survey. It may serve as the basis for surveys.

*SAHPLE FORMAT FOR SECURITY PLANNING*

CONnDENTIAL SITE EVALUATION FORM

THIS INFORMATION WILL BE KEPT STRICTLY CONFIDENTIAL

Purpose & Intent: The Police Department intends to offer quality professional police services. to assist students. staff and faculty in the process of crime prevention. This Site Evaluation Form is designed to aid in the identification of security pro~lems in a target building, and determine the need for a full-scale comprehensive physical security survey. It. is part of a periodic inspection of campus buildings, to ensure a high level 6f safety and security for all personnel and property. It is intended to assist the accountable officer in the ongoing process of review, ,evaluation and analysis of safety and security issues, to reduce personal vulnerablity, as well as

liability for the ~ __

Rating Criteria: Rating Criteria has been developed to assess risk levels, and evaluate crime potential. It is based on a point scale, from a to 3, as indicated by the following: EXCELLENT-3, GOOD-2, FAIR-I, POOR-O, NA ::: 0 or, NOT APPLICABLE. Points are assigned based on the surveyor's opinions; back;.. ground data, knowledge and experience, and related special circumstances regarding the target site.

Identification Data:

Building Name: ~~ _

Building Address:

Accountable Offic-e-r-:------------------------------------~P~h-o-n-e-:--------------

Date of Site Evaluatiori: Time:

~-------------

Previous 'Site Evaluation Conducted? ( ) Yes ( ) No Date: _

Previous Physical Security Survey? () Yes ( ) No Date:

--~~---------

Building Functions & General Description of Operations, Nature of Use: _

Previous History of Criminal Activity or Suspicious Incidents Requiring the

Involvement of Police? ( ) Yes ( ) No Explain: _

Related Police Case Numbers: __

(Note: Points are ass"igned as an overall rating for each section at the end of the section under discussion.)

SECURITY PROFILE

THREAT SCENARIO: ()Vandalism ()Theft ()Burglary ()Robbery ()Vehicle Theft

o Assault. DArson OOther:_' _.,......",:----:---:-_--:-;--:-;--:;- _

TRESPASS TPJrnAT ()Suspicious Persons ()Suspicious Vehicles

o Suspcious Incidents 0 Other: _....".."..,::--_....,...- __ ---;_

INTRUDER SOPHISTICATION ()Adult ()Juvenile ()Casual ()Experienced

()Other:~ __ ~ __

OPENING-CLOSING ()Times Secured:~ __ ~~~ __ -,~~.- __ ~~~~ _ ()Times of Operation: ()24-hour ()16-hour ()a-hour

RATING: .. (Po:hnts=_) ..... OHigh Risk ()Medium Risk OLow Risk: Rating, _

PHYSICAL DIMENSIONS

AREAS REQUIRING SECURITY

PROTECTION ..•... ".,.,., .•. '" o Bxt er-i.er {iarriers & Controls Rating: . . Points

PERIMETER OExterior Lighting & Controls ~ Rating:---'--'Points-

OObstructions to Visibility - Rating; Points

OExternal Climbing Aids - Rating :--~-'Points()Opportunity for Surveillance - Rating:---~-'Points-

()Parking Areas - Rating: Points-

FREEDOM OF ACCESS ()Ease of Movement in Areas - Rating: Points-

()Terrain and Landscape - Rating: Points-

()Points of Concealment - Rating: Points--

PHYSICAL SECURITY 0 Locking Devices - Rating: Points-

()Doors and Entrances - Rating: Points

()Hinge Pins - Hinge Plates - Rating:=======Points-

()Keys and Key Controls - Rating: Points--

()Glazing - Shatterproof Useage- Rating: Points--

()Gril1work - Wire Mesh - Bars - Rating: Points

OWindows - Other Openings - Rating :=======Points-

()Roof Areas -Skylites - Rating: Points--

()Walkway, Sidewalks. etc. - ~ating: Points-

OTHER ASPECTS'UNIQUE

TO FACILITy ()Special Areas & Equipment

-Rating: Points

-----

Overall General Rating: Total Points .

----------------------

ENVIRONMENftL

GENERAL SETTING ()Surrounding Neighborhood - Rating: Points

()Potential for Disturbances Rating:------~Points--

INTERNAL SETTING 0 Lighting Conditions - Rating: Points--

()Locking Devices & Hardware - Rating: Points

()Doors, Windows, etc. - Rating: Points

OCeiling/Wall Construction -, Rating: Points--

()Vending Machines - Rating: Points--

()Cash-Handling Operations - Rating: ~Points

()Alarm System - Use/Operation - Rating: Points--

()Property Control & 1.0. - Rating:------~Points--

()Power Supplies-Utilities Rating: Points--

()Safes & Vaults - Rating: Points--

()Personnel Vigilance - Rating: Points--

()Frequency - Unsecured Doors Rating: Points--

Overall General Rating: Total Points .

--------------------------------

SYSTEMS DESIGN

POLICIES ~ o Policies .Procedures , Safeguards

()Safe Practices - Alertness

PHYSICAL CONTROLS ()Key Use Authorization/Control ()Opening~Closing Security ()Reporting of Suspicious Persons

ELECTRONIC CONTROLS .... ()Appropriate Type of System ()User Experience and Knowledge ()Frequency of False Alarms ()Annunciation Capabilities ()High Risk Areas Protected ()Control of Codes, Combinations ()Intruder Detection Capabilities ()Effective Monitoring

- Rating: Points

- Rating:------·Points-

- Rating: Points-

- Rating: Points-

- Rating: Points--

- Rating: Points-

- Rating: Points--

- Rating: Points-

- Rating: Points--

- Rating: Points-

- Rating: Points--

- Rating: Points--

- Rating: Points--

Overall General Rating Total Points .

"------------------------------------

USER PROFILE

()Student users promote posltlve physical security-safety Rating: Points"

()Staff users promote positive physical security-safety - Rating:------~Points--

OVisitors, guests, etc. promote positive security-safety - Rating: Points--

()Frequency of use consistent with good security & safety- Rating: Points--

()Hours of operation consistent with good security-safety - Rating: Points--

()Police experience with users positive in nature - Rating: Points--

()Frequency of disturbances and calls for assistance - Rating: Points--

()Other User characteristics unique to facility - Rating: Points--

Overall General Rating Total Points .

. --------------------------~------------

Discussion of User Problems:

-----------------------------------------------

COMMENTS General Recommendations For Improvement : _

Rating and Point Scale:
lSI-points to l62-points = Excellent
lO8-points to 130-points = Good
54-points to lO7-points = Fair
Below - 54 points :::: Poor Total Number Of Points For This Site Evaluation:

----------~----

(Total Number for all Sections-

combined from above areas, and compared to Rating and PointScale at left.)

OVeral Rating Based On Above Scale:

---------------------

SITE DRAWING

The following sketch-diagram is presented to depict the overall layout and design of the fac i l i ty , with attention to special areas of consideration. Key points for consideration are indicated as follow

--------------------------------------------------

, H-+ -l-I-+--I-f-+--L-I--+--I--l-;iH-L.-i'-+-' .j.......j..-!--lc-+-+-+--+-'H-++-++--t-f-!-~-r-I·ct

.~_~-L.i. -H·-HH-++-H-t-t-i-++-!~-+++--+-l---I-+-+-+r--+-I-E~.,...· I , _.L..L I ._, i " I

- +-++--+--1-+-++-+-+-+-+1 -+' -+--1--++-+-+_. ~- -+-+-t--!-j'c-+-H-i t-.;-· ~-+--+-j.--l._ I-- ~t-++ t+t+t+t+tt . L.i.

-1-' """"'iT- ··t:'+- I -1-1-- -f--+-++I +-l-t-H-t+-H--W+

H-H-+++++.j.-H+-;I--+-t-+-++++++++-H-f.--;H--H··H-I-+t+-H-+++++++-t--+~, -I-l-++-+-+.--+-l-Hr-+-H-H-t-+-+-t-t-t-1

.l!

~~~~~~*~~~*~*~****~*****~**~

_____ POLICE DEPARTllENT

SECURITY AUDIT PROFILE FOR BUILDL6GS ************************************ ***************************************************************************

{Purpose & Intent)

The PlJ-Security Audit Profile For Buildings is designed to assist in the ongoing process of safety and security assessment of buildings, as well as related facilities. It is part of a periodic inspection tD ensure a high Level. of safety and security for personnel and property. The iDfor:ma.tion developed through this process is intended to assist accountable officers in a continuing process of review, evaluation and lJ.na.lysis of safety & security issues.

*************************************************************************** **********All Infor~tionSbDuld Be Raintained As eoniidential*************

***************************************************************************

Identification Data:

Building Kame} GED-Code} __

Case Number) Department Kame} ___

Accountable OfficerJ ~~--------

Date of security Audit} Time of security AuditJ _

Date of Last security Audit & Related Case Number} __

~~~~~Qfficer Conducting AuditJ I.D.NuBWerJ _

Building Function(s) & General Description

of pPerations) __

Rating Criteria:

Rating Criteria is based on a point scale from 0 to 3, as indicated by the following: EICELLEN1'=3, GOOD=2, FAIR=l, PCXJR==O, NOT APPLICALBE (XA) =0. Points are assigned based on Officer opinion, background data an the building, police case reports, and other related data, ..... , ., ..... ,.,." ..

Exterior Inspection:

1. Exterior Fencing, Barriers, ffa1ls, and other CDntrol Xec1w.niS111S that

enhance the overall security prOfile. Rating: Points: _

2. Exterior Lighting & Related Sources of IlluJllination which Deet or

exceed BctniBUm security standards. Rating: Points: _

3. JliniJllUJD Obstructions to Visibility' &- Police Surveillance, including

observation by ]Dbile & Foot Patrols. Rating: Points: _

4. Reduction of External Cli:mbing Aids that :may assist an Intruder in

gaining Access to the building. Rating:· Points: .,--

5. Use of Quality Locking Devices .t Security Hardware an All Exterior

Doors and Access Points. Rating: Points: _

6. Use of Solid Core Doors, Doors of Shatterproof Resistance, or Use of Appropriate Glazing lfaterials, Vire Xesh, Ketal Bars, Grating XateriQ,is,

etc., to ensure proper security. Rating: Points: _

7. Use of Security Locking Hard'Hlll'"'e, and other appropriate protecti ve

measures of E~erior Vindows. Rating: Paints: _

8. other Possible points of Entry and Protective Xeasures Used: _

________________________________________ Rating: PoiDtS:---------

9. Protective )(easures i ar Utility & Services a.reas located external to the building (Gas lfains, Telephone Lines, Electrical, Cable T-V, llechanical

Equip:ment RDDIIIS, Vater lfains, Etc.) RatiDg: Points: _

10. Locat Lon of Parking Areas convenience to building, lighting,

conducive to partrol & surveillance. Rating: Points:,

11. Reduction of Possible Areas of ConcealJll8nt that lEy benefit an

intruder or assailant, etc. Rating: Points: __

12. other Aspects Unique to the bui.Ldi.ng, and lfeasures taken to reduce

opportunity for criBdnal activity or safety hazards: __

__________________________________ ~Rati~: Points: __

Interior InspectiDn:

13. Lntiex-ior Lighting Conditions. Rating: Points: _

14. .Intiert or Doors & Locldng Devices. Rating: Points:_' _

15. Interior Vindows/Locldng Devices. Rating: Points: __

16. Ceiling and Vall Construction designed to prevent intrusioD froD Duter

areas into offices, labs, etc. Rating: Points: _

17. Vending Jlachines & Food Service areas protected by appropriate

security devices, etc. Rating: Points: _

18. Security of 1techanica1 Roo11lS. Rating: Points: _

19. Cash-Handling & Teller OperatiDns conducive tio positive security t11rough appropriate hardware, surveillance, practices, related,Bspects of

robbery/burglary prevention. Rating: Points: _

20. Appropriate Safeguards, Identification and Control of Uni verst ty

property, including access and usage. Rating: Points: _

21. Appropriate Use of Safe, consistent PI1th U. L. ratings, safeguarding Df

combinatiDn, etc. Rating: Points: _

22. Protection of Records/Files. Rating: Points: _

23. Security of Light Control systems. Rating: PDints: __

24. Appropriate Use Df security Alarm system, Anti-Theft system, Dr other

appropriate Electronic Counterne8sures. Rating: Points: _

25. other Interior Aspects Unique to building: __

_____________________________________ ~Rating: Points: __

Security Practices & Procedures:

26. Key Control & Proper Key Usage. Rating: Points: _

27. Safe/Secure Practices ..,hen personnel OpeD and close beginning and

ending of business day. Rating: Points: _

28. Procedures for ~feguardi~ cash, checks, and other related valuables

in offices, etc. Rating: Points: _

29. Policies concerning the Control of Access to the building, restricting

unauthorized access. Rating: Points: _

30. Practices regarding personnel reporting incidents, problems, theft and

other information to the Police. Rati~: Points: __

31. Property check-aut procedures. and practices regarding access and

authorization to use property. Rating: Points: ~~

32. Building occupants exercise positive crime prevention practices in

safegUarding building at all times. Rating: Points: -:-

33. Overall security Practices and Procedures and Crime Prevention

Measures taken in building areas. Rating: Points: __

*****~~*************************~****************************************** *************************************************~*************************

RatiIJE Scale:

Rating Scale is based on total points of all areas listed in Items 1

tbrougb 33. Total Points = { )

Total Points' compared as fDlloMs:

99 > 78 = ~ EXcellent to Good Overall Rating

77) 62 = Good to Fair Overall Rating

61 ) Below = Fair to PDor Overall Rating

As of this Audit, the Overall Rating- for this Building is: _

As of last Audit, Paints were: Overall Rating rms: _

lnprovenent Xoted: ----- ___

***************************************************************************

Officer's RecommendatioDs For IBprove~nt:

***************************************************************************

Officer Signature

Supervisor Sigzmture

[ J-AccDuntable Officer

[ J~ber Action: __

{ J-Attachments: __

DistributiDn:

[ J-Officer Copy

[ J-File CDpy

THE

CRIME PREVENTION PROGRAM DEVELOPMENT

OUTLINE AND CHECKLIST

This outline and checklist format is designed to offer basic information pertaining to the development of a comprehensive approach to crime prevention services. The intent is to offer the crime prevention practi tioner a basic framework, by which to provide quality professional services to the community. In the process of developing crime prevention programs, it is important to understand the basic traditional working definition of the term - 'crime prevention'. Then, from that point, the practitioner should move forward to redefine the meaning to the beat of his or her ability. The basic definition is: the anticipation, recognition, and appraisal of crime risks, and the initiation of actions designed to reduce or eliminate the opportunity for criminal activity. It will be one of the primary objectives of program planning that the crime prevention pr-act I tioner-incorporate that definition into his or her planning efforts. In addition, it is equally important to the understanding of the theory and practice of crime prevention, that crime prevention efforts will not be effective, unless the public and the police work together to reduce criminal activity. The police must maintain a highly visible profile within the community, and offer professional expertise where necessary." Jilodern crime prevention is one in which efforts to reduce crime are directed. toward positive and

proactive approaches, techniques, strategies, etc.

1

The Basic Ingredients for Effective Crime Prevention Programs:

1. Leadership and support from top to bottom within the organization of the police department, city hall, etc.

2. A clear recognition of the value and contributions crime prevention & related components will make to the community.

3. Development of a special unit or person to initiate the crime prevention programs and services, and with someone in charge, who will get things done.

4. Support in terms of trainingt fundingt personnel, materialst eqUipment and other needs to get the job done.

5. Development of the crime prevention unit as a major operational unit within the organizational structure.

6. Development of an extensive library of resources, literature, reference materials, publications, audio-visual materials, survey formats and related crime prevention information components.

7. Development of clearly defined goals and objectivest policy & mission statements, action plan, etc.

8. Effective crime analysis and research planning data development, for critical targeting of program efforts.

9. Crime Prevention information distribution systems, interagency liaison, professional association membershipst community organization networks, etc.

IO.Capable, professionalt qualified, competent, crime prevention officer or officers.

Basic Services and Programs for Community Action:

1. Personal Protection: Personal safety programs, sexual assault prevention, date-acquaintance rape prevention, self-defense issues and program development, safety escorts, etc.

2. Property Protection: Engraver loan program and distribution centers, Opertion I.D. and Marking services/programs, residential-businessinstitutional-property control programs; key-lock-alarm systems and anti-theft device consultations and expertise, etc.

3. Neighborhood Protection: Residential and Business Crime Watch Program

efforts - all maj or areas. '

4. Information Services: Brochurest flyerst posters, signs, pamphlets & related_visual materials; news media liaison, news releases, police - columns in the paper, TV & Radion spotSt interviews, self-help programst newsletters, etc.

5. Technical Services: Physical Security Surveys, crime analysis, LOS6- Risk Analysis Audits, Urban Planning and Growth Management Process & related technical consultations, etc.

2

6. Community Liaison: Community organizations and associations, and involvement in community activities; public meetings and forums, classpres~ntationst school/college programs, etc.

7. Crime Analysis & Technical Planning: Development of critical crime specific data to assist deployment of police personnel, and crime reduction efforts.

8. Awards & Recognition: Special programs to recognize community members who assisted crime prevention efforts, or otherwise assisted the department in crime resistance efforts.

9. Examples of the Range of Programs and Services: .

Assault Prevention & Domestic Violence Workshops Date - Acquaintance Rape Education Seminars Bicycle Engraving & Security-Safety Fairs

Office Security & Theft Prevention Programs Neighborhood Crime Watch Programs

Business Crime Wacth

Corporate Security Planning

Shoplifting - Armed Robbery - Burglary Prevention Security Countermeasures Education - Alarm System Physical Security Surveys & Prevention Planning Analysis Vehicle Security Techniques

Special Events Planning & Pre-Holiday Prevention Measures Executive Personnel Security Planning

Related Seminars, Workshops and Public Presentations

Types of Crime Prevention Program Services:

The following information continues the previous discussion of some of the examples of crime prevention programs and services, as well as some of the types of functions in which the crime prevention unit should be involved.

1. Crime Analysis - Data Collection - Distribution of Information:

Use of Target-Pin Maps , Displays & Drawings & Diagrams etc.

Crime specific Analysis Crime Alert Newsletters and Flyers

Special Crime Bulletins Uniform Crime 'Reporting Analysis

Dissemination Strategy Media Liaison & Community AWareness

News Conferences Targeted Releases Announcements

2. Crime Prevention Programs and Services:

Topic Related Brochures Flyers, Handouts, Pamphlets, etc.

Telephone Stickers ; .. Warning Decals, Posters, Signs etc.

3

Special Insert Flyers "."., ,Orientation Programs, Workshops,

Radio-TV Programs .. ,., ,.,', .. Cable TV Programs - Interviews etc.

Crime Prevention Awards,." Special Watch Services and Programs

Operation I.D, & Engraving .. , .. , . Street Sign Warning - Posters, etc.

Physical Security Surveys Technical Support ASSistance, etc.

Speakers Bureau, .... , ... , .. , , Anti-Theft Services & Alarm systems

Personal Safety Education, .. , Self-Defense Tactics and Awareness

Safety Escorts , , .. ,.Crime specific education -Awareness

Lighting Surveys , Employee Training and Education

Theft Prevention , , Robbery and Burglary Prevention

Cash-Handling Security Opening and Closing Procedures, etc

Special programs for: banks, retail stores, shopping malls, corporate and research parks, recreational areas, industrial parks, schools and COlleges, libraries, museums,airports, marinas, etc",. " ..

3, Major Anti-Theft Programs and Services:

Special emphasis programs for: motels, hotels, public and private business operations, food services, vending machines, building and office security, alarm-device consultations and services, physical security surveys, loss prevention audits, special selective enforcement programs, motor vehicle security, bicycle security programs, registration programs, and related workshops, seminars and events to promote safety and security in key target areas.

4, Personal Safety Education and Awareness:

Special emphasis for: stranger rape and general sexual· assault issues. date-acquaintance rape, child abuse. domestic violence, defensive tactics and self-defense issues, obscene phone calls, lighting and landscape considerations, escort and transportation services, assertiveness training and awareness strategies, counseling and victim rights, referral services, medical examination procedures and services, heal th care and followup couuse l Lng , 'safe-watch' programs to promote personal safety. etc.

5, Other Areas of Service Delivery:

Information Services: the entire range of those' avenues needed to get the message across to the public, Special ongOing TV, Radio, Cable and News Media promotions, releases, ads, inserts, etc.

Special Emphasis programs: targeting programs to meet the needs of the community, due to the unique nature of the community, surroundings, history, setting, etc:

4

Campus Crime Prevention Programs., ,School Security-Safety Projects

Drug-Alcohol Education-Awareness Suicide ands Crisis Intervention

Senior Citizen Crime Prevention Recreational Crime Prevention

Bookstores & Specialty Shops , Museums and Art Galleries

Library Security Planning .. , Condo-Apartment-Mobile Homes etc

Park and Open Space Areas " .. ,' . Other Special Areas., ,.," .

Technical Services: The crime prevention unit should be able to become actively involved in the comprehensive community planning process. CP officers should be able to offer expertise and professional services in the physical secur! ty planning and design of the urban environment. This would include providing physical security surveys, as well as information relative to the growth management and planning. It would also include the promotion and adoption of minimum security ordinances, late hour store operation requirements, and other special codes and ordinances related to crime prevention and physical security planning.

6. Promoting & Marketing Crime Prevention:

The crime prevention uni t or officer, has the responsi bi li ty for developing those strategies to effectively promote and market the services and programs of the crime prevention unit. This must be a total effort that will be designed to increase the awareness of the entire community. All keys organizations, associations, groups, etc., wi thin the community should be enlisted to assist in the promotion effort.

Efforts to recruit assistance and maintain liaison with the various community groups, must be an ongoing endeavor. Liaison efforts should also include other agenct ee , of both a law enforcement and non-law enforcement nature. Effective utilization of the news media will be very critical to the ongoing success of the crime prevention efforts. News coverage of all crime prevention activities and services must be effectively handled on a regular basis. News releases, articles, etc, should be offered periodically and timely, as may be appropriate t o current operations and activities.

Crime watch, safe watch, and similar established in as many locations as possible, interaction by the crime prevention officers. leaders, within the community, should be assistance and backing obtained.

organizations should be .wi th ongoing liaison and Where possible, certain identified, and their

Chambers of commerce, business organizations, and various other types of community groups, should be recruited and utilized in the promotion of a total crime prevention effort,

CRIME PREVENTION PROGRAM PLANNING FORMS

(1)

PROGRAM PLANNING OUTLINE:

I. PRELIMINARY PLANNING:

A. TARGET GROUP/AUDIENCE ASSESSMENT

B. DEVELOPING GOALS - OBJECTIVES OF PROGRAM

C. DESING PROGRAM CONTENT

I I. IMPLEMENTATION STRATEGY:

A. COMMUNICATION SKILLS - EXPERTISE

B. ORGANIZATION - INDIVIDUAL COMMITMENT

C. DEFINITION OF PROGRAM

D. INFORMATION - EDUCATION CONTENT

E. METHODOLOGY - MEANS TO EXPRESS MESSAGE

F. PROCEDURES - DELIVERY - TIMETABLE

I I I. INSTRUCT 1 ONAL TECHN I QUES :

A. LEARN I NG OBJ ECT I VES

B. ORGANIZATION OF MATERIALS AND CONTENT

C. DIRECTION OF PRESENTATION - INTENT

D. GROUP PARTICIPATION

E. INSTRUCTIONAL RESOURCES

IV. AUDIO-VISUAL AIDS:

CHALKBOARD OR BLACKBOARD FLI P CHARTS

POSTERS) HANDOUTS AND BROCHURES OVERHEAD PROJECTOR AND TRANSPARENCIES SLIDES

FILMS - VIDEO

V. PROGRAM TASKS:

PLANNING CALENDAR ... ~ ........• SUPPORT/SPONSORS TOPIC AREAS •................. ,SCHEDULE/AGENDA

FACILITY LOCATION ""'0' .SPEAKERS

RESOURCE DEVELOPMENT.· .......•.•. BUDGET-FUNDING

LEGAL CONSIDERATIONS. 111 .1 •• 1·.AUDIENCE DEVELOPMENT PUBLICITY/ADVERTISING .... ~ .... MATERIALS AND.DISPLAYS EVALUATION •. , ..... ," "",~, .. LETTERS OF APPRECIATION SUMMARY REPORT-FOLLOWUP, I "1' .FOLLOWUP ACTIVITIES

(2)

SAMPLE PROGRAM PLANNING FORM:

PROGRAM TITLE & PRESENTATION: _

PROGR~M DATES & TIMES: _

PROGRAM LOCATION & FACILITY: _

SPONSORS & SUPPORT: -

NUMBER OF PARTICIPANTS: __

AUDIENCE TYPE & COMPOSITION: _

CONTACT PERSONS & PHONE NUMBERS : _

MEETING ROOM NUMBERS: __

SEATING CAPACITY: FLOOR LEVEL __

TRANSPORTATION NEEDS: ~ __

PARKING NEEDS: _

LODGING REQUIREMENTS: -----------------------------------

EQUIPMENT & AV RESOURCES: ___

(3 )

SAMPLE PROGRAM PLANNING CHECKLIST OF TOPICS

AND PROJECTS:

1. PROJECT IDEAS FOR DEVELOPMENT:

----------------------------------

2. MAJOR PROJECT ITEMS FOR (Week, Month. Year) : _

3. PRIORITY PROJECT TOPICS: ___

Task Area:

Priority Number:

Person Assigned:

Date Date

Assigned: Completed:

Planning Calendar Support Groups Site-Facility Location Speakers

Resource Development Cost - Funding

Legal Ls su e s Invitations

Publicity Arrangements

Support Personnel Refreshments

Clean-up Literature/Displays Materials-Equipment Evaluation Recognition

Summary Report Topic/Issues Research Films/Video/Slides Other

Remarks:

-------------------------------------------------------------------

SAMPLE SITE SELECTION CHECKLIST:

(4 )

1. Space Sufficient for Program Needs ••.....•• ( )-Yes ( )-No

2. Transportation Needs Adequate •..•........•. ( )-Yes ( )-No

3. Parking Adequate for Program needs ..•...... ( )-Yes ( )-No

4. Sufficient Information Available as to the location, times and dates, etc ....•..••..•. (

5. Lighting arrangements inside site (

6. Sound equipment adequate & acoustics .....•. (

7. Adequate temperature control ...•..•••...... (

8. Weather conditions projected (

9. External noise control adequate .•.........• (

10. Facility safety features adequate for needs such as walkways, handrails, stairs, etc ... (

11. Food services sufficient in neighborhood of

facility ........•...........•.............. (

12. Lodgings convenient to site location (

13. Food services & refreshments adequate on

the site ;, 111 (

14. AV resources available and adequate for the

site in question .•.........•.•......•.....• (

)-Yes ( )-No
)-Yes ( )-No
)-Yes ( )-No
)-Yes ( )-No
)-Yes ( )-No
1 ( )':"No
)-Yes
)-Yes ( )-No
)-Yes ( )-No
)-Yes ( )-No
) -Yes ( )-No
)-Yes ( )-No 15. Other/Remarks: __

PROGRAM PUBLICITY CHECKLIST:

1. Publicity:

1. News release prepared for local news media? 2. ,Radio spot announcements prepared and ready?

3. Television spot announcements prepared and ready?

4. Media interviews planned, scheduled. prepared?

5. Ads placed/ready for neighborhood papers?

6. Flyers ready for distribution?

7. News1etter(s) prepared, information placed?

8. Club/organization bulletins-information ready?

9. Announcements posted in key locations?

10. Support groups contacted-information distributed?

11. Other preparations made:

-------------------------

( 5)

( )-Yes ( )-No ( )-Yes ( )-No ( ) -Yes ( )-No ( )-Yes ( )-No ( )-Yes ( )-No ( )-Yes ( )-No ( )-Yes ( ) -No ( )-Yes ( )-No ( )-Yes ( )-No ( )-Yes ( )-No ( )-Yes ( )-No

2. Promotion:
l. Elected officials given presentation/information? ( )-Yes ( )-No
2. Key administrators briefed - given information? ( )-Yes ( )-No
3. Announcements made at organization/club meetings? ( )-Yes ( )-No
4. Business and professional groups contacted? ( )-Yes ( )-No
5. Television, radio, press coverage arranged, and
information packets provided? ( )-Yes ( )-No
6. Speaking engagements arranged, planned schedu+es
set? ( )-Yes ( )-No
7. Telephone contacts es tab lished, phone network
arranged? ( )-Yes ( )-No
8. Neighborhood Watch coordinators briefed? ( )-Yes ( )-No
9. Business Watch coordinators briefed? ( )-Yes ( )-No
10. Fo11owup contacts established? ( )-Ye8 ( )-No
11. Other promotional arrangements made: ( )-Yes ( )-No Remarks & Notations:

----------------------------------------------~--------

LITERATURE & MATERIALS CHECKLIST:

1. Literature:

l. 2.

3. s;

4 .

Mailing list developed for distribution? Materials/literature inventory prepared? Sufficient materials on hand for program? Materials/literature prepared and assembled - ready for program date? Distributed prior to start of program and support personnel identified?

Table display ready for placement of the materials?

Literature shipped in sufficient time for program?

Review/evaluation of all materials prior to program to ensure completeness, appropriate nature, errors, etc?

After program, materials inventory?

5 •

6.

7 •

8 .

9 •

2. Displays:

1. Inventory of displays?

2. Displays appropriate to program?

3. DisFlays up-to-date, good condition, and information adequate?

4. Displays quality in nature?

5. Adequate personnel staffing to assist in answering questions, etc.?

6. After program, display inventory?

3. Other Aspects of Literature & Display Materials:

(6)

( )-Yes ( )-No ( )-Yes ( )-No ( )-Yes ( )-No

( )-Yes ( )-No ( )-Yes ( )-No ( )-Yes ( )-No ( )-Yes ( )-No

( )-Yes ( )-No ( )-Yes ( )-No

( )-Yes ( )-No ( )-Yes ( )-No

( )-Yes ( )-No ( )-Yes ( )-No

( )-Yes ( )-No ( )-Yes ( )-No

BOMB THREAT PLANNING CHECKLIST

A Basic Guide To Prevention Planning and Response

1

Introduction:

According to the Bureau of Justice Statisticsf Report To The Nation On Crime And Justice (March, 1988, U.S. Department of Justice), bomb incidents declined by some 59%, between 1975 and 1985, with 2,074 reported incidents in 1975, and 847 in 1985. Eventhough there was a decline in the number of actual incidents during this ten year period, the potential for a bombing or a thre~t of a bombing is a serious matter. Aside from actual bombings, for example, the number of incidents involving explosives offers a somewhat different picture. When bombings, recoveries of explosives, attempted and threatened bombings, etc., are added together, the period from 1976 to 1986 indicates about a 10% decline (U.S. Department of Justice, Bureau of Justice Statistics, Sourcebook of Criminal Justice Statistics - 1987). However, the data continues to change,and the aforementioned information pertains only to the United States. It is interesting to note, from the same source of data, international acts of terrorism involving U.S. citizens or property, from 1981 to 1986, showed an approximate increase of 32% in the numbers of incidents. Bombing incidents, in terms of terrorist attacks, reflected the most frequent type of attack. In terms of targets in the U.S., some of the most frequent targets included: residences, commercial buildings, motor vehicles, school buildings, government property, individual persons as well as other types of property. The three most indicated motives for non-terrorist bombings were: animosity, mischief and revenge.

All bomb threats should be taken seriously. Increased violence within the U.S. is more than likely to continue in the years to come, with special emphasis for actual or threatened bombings of educational institutions, the industrial and business community, law enforcement, and the public in general. Planning and preparation are critical in. response to incidents, regardless of whether or not they are real or hoaxes. Good organization and response plans must be implemented in advance, so that an effective course of action can be followed. Precise levels of authority must be established so that each person involved in the response takes direction from a central source. All persons responding to a bombing incident, real or threat, must know his or her role. Policies and procedures should be established in some written form, and supported by ongoing training and education in the proper handling of bomb threats. These fstandard operating proceduresf should be reviewed periodically and kept up-to-date as situations require, since the external environment is always subject to change. Policies and procedures should be appropriate to the local setting, and meet the needs of the local environment in an effective and efficient manner. Again, every threat of a bombing is a serious matter, and requires a professional level of response, including a thorough followup investigation fcir every incident. Complete documentation of the incident is important, and as much'information as possible should be gathered.

The following checklist is offered only as a rough guide to assist the development of more comprehensive response procedures. Research and evaluation should be conducted with regard to materials available on the subject of bombings and bomb threat incidents from various governmental agencies & resources.

2

Bomb Threat Planning Checklist:

I. Preliminary Planning - Overview:

A. Are there written procedures and policies regarding bomb threats, and the potential for a bombing incident?

B. Are bomb threats taken seriously, and is there immediate followup action when a threat is received?

C. 'Is there a designated chain of command. and control/command center as a focal point for bomb threat operations?

D. Has a decision been made with regard to what communications will be used during the operations?

E. Has a decision been established as to whom will decide whether or not a building will be evacuated?

F. Is there an ongoing program of physical security planning for the high risk locations and buildings within a given area? Such as:

1. Access control and screening mechanisms?

2. Use of barriers, fencing, effective lighting, etc.?

3. Employee I.D.'s and visitor control at reception points?

4. Restrictions on parking areas, parking close to buildings?

5. Landscaping and. reduction of points of concealment?

6. Protection of electrical and utility areas?

7. Use of security systems, surveillance equipment, etc.?

8. Use of maximum security locking devices on doors, etc.?

9. Special protection for computer rooms, communication centers, mail rooms, mechanical/equipment rooms, elevators, etc.?

10. Other security countermeasures for special areas?

G. Is there an inter-agency coordination effort, including coordination with local, state and federal agencies? Is the fire department and medical service part of this coordination effort? Is a plan established for early notification of appropriate agencies & services? Are there coordination planning meetings? Do meetings include training response sessions?

H. Do all personnel know what procedures to follow? How and by whom will the bomb threat be evaluated and action implemented?

1. What procedures will be followed for the search, detection of the device, evacuation plan, etc.?

J. Who will designate search teams, areas to be searched, techniques and tactics to be used, etc.?

L. How will coordination be handled in getting bomb technicians to a suspected device?

M. How does ongoing security planning effort iriterfacewith the bomb threat plan?

N. What contingency plans are prepared in the event a device is set off and an explosion occurs?

O. What instructions are given to persons handling dispatcher operations? How are they trained to handle threat calls?

P. What kinds of response times can be expected by personnel in responding to the location?

Q. Is there a means to gather ongoing intelligence information? Can a threat assessment be made from the external/internal setting in order to evaluate the potential for bomb threats?

R. What is the history of bomb threats in general? By location? Or, by specific facility? Crime analysis study? Trends? Other data or information?

3

II. Preparation & Implementation:

A. Has a bomb incident plan, with appropriate contingencies, been designed? Under what conditions will a bomb disposal unit respond to the scene? How long will it take?

B. How will personnel be deployed? will'there be an alternate location? C. Is there a list of high risk locations and potential targets bomb threat? Are blueprints and diagrams of buildings available, can these be obtained on short notice?

Where will the command post be, &

for a and

D. What are the primary and secondary means of communications, keeping in mind that a two-way radio could activate a device?

E. Are emergency phone numbers available at all times for all .critical services?

F. Does the security plan include ongoing analysis of means to reduce the potential for a bomb incident? Such as:

1. Periodic security surveys and security inspections?

2. Procedures for screening of personnel and packages?

3. Control of access to high risk/critical areas?

4. Security considerations for areas such as:

Elevator shafts Restrooms Access doors Basements Closets

Storage areas

'Removable panels

Ceiling areas Lockers

Crawl spaces

Utilities, Plumbing, Electrical Stairwells

Milil rooms

Others

5. Alarm devices and sensors?

G. Are telephone personnel trained in handling calls? If so, have they been instructed to:

1. Keep calm and get as much information as possible?

2. Do they use a checklist to get information on callers?

3. Do they know the emergency numbers to use?

4. Evacuation procedures?

H. Are response personnel trained in evacuation and search methods?

1. What is the priority of evacuation by floor or area level for a given location?

J. Are personnel advised not to tamper or touch a suspected device, until qualified personnel.arrive on the scene?

K. Will safe distances from buildings be maintained from the building or location at all times during a threat incident, after an evacuation has been completed?

M. What plans have been made for handling: bomb threat calls by use of 'the telephone , written threat, bomb search techniques, room & area searches, team assignments, use of persons who know the layout and floor plans, etc.?

N. Have special plans been made for outside areas, school buildings, auditoriums, convention halls, office buildings, aircraft, etc.?

O. What procedures will be used for handling the media? Is there a designated spokesperson, or media relations person? Will he or she be on the scene?

4

P. Has special attention been given to the location of sensitive or otherwise classified documents for their protection and security? This would likewise apply to information systems as well. What procedures have been devised to safeguard these areas in the event of a potential threat from a bombing?

Q. What other planning and implementation strategies are there?

III. Bomb Threats In General - Response to Information:

A. What procedures are in force when a bomb threat is received? Such

as:

1. Attempting to keep the caller on the line and recording data as provided by the caller? Exact words, voice/speech patterns?

2. Will the operator attempt to gain further information such as time of detonation, location of device, etc.?

3. Are there forms available to the dispatcher or the telephoneope rat.o r to record information? Are phone lines recorded?

4. Will an effort be made to pay attention to background noises, such as motors, music, etc.?

5. Descriptive information on the caller?

6. Immediate notification of response teams, agencies, medical'& fire services, etc.?

B. If a written threat is received, what procedures are in force for the appropriate documentation? Such as:

1. Safeguarding all materials, including envelope, containers or other items used to convey message about bombing?

2. Protection from contamination of physical evidence, mishandling of materials, etc.?

3. Saving physical evidence for examination, fingerprints, handwriting, typewriting, type of paper, postal marks, etc.?

4. Other techniques?

C. In setting up bomb search techniques, what plans are in force for immediate action, including education and training of personnel? Such as: 1. Prevention of touching suspected devices by untrained persons until trained personnel arrive? Reporting location of suspected device to trained personnel and guiding them to the scene?

2. Removal strategy to be used by trained personnel for suspected device at scene?

3. Establishment of 'danger zones' around the area, location, or building to protect public, personnel, etc., during search operations, and after search is completed?

4. Prearranged signals and communications means once searching & evacuation are underway?

5. Controls to prevent re-entry to building or location once the search and evacuation are underway? Proper coordination with building management and police personnel and other agencies involved?

6. Alternative sites and temporary relocation of building occupants until determination is made building is safe to re-enter?

7. Other critical tactics to be used, including room-by-room and floor-by-floor search teams, etc.?

8. Immediate actions to be taken when suspected device scene is identified? Security of danger zones - persons kept at least 300 feet from building areas, above, below and around area?

5

IV. Operating Procedures for Response of Personnel:

A. When a bomb threat is called in, who does what, and who responds to the scene?

1. Dispatcher or telephone operator gathers initial information, using appropriate forms, checklist, etc.?

'2. Notification of police services, management personnel, coordination of action plan?

3. Emergency call list activated, including local, state &. federal agencies as appropriate?

B. Actions to be taken upon arrival on the scene by police services, management personnel, etc.? Designation of ldanger zones'?

1. Consideration of evacuation? Risk assessment and policy considerations? Command post, communications, authority for search, etc.?

2. Chain of command, decision-:-making mechanisms?

3. Designation of search team and search techniques?

C. Search actions to be taken?

1. Coordination of search efforts among police. personnel? coordination with management personnel and others?

2. Designation of critical areas, locations, levels, etc. to be searched in order of priority?

3. Identification of accessible areas by the public as a focus?

4. Location, identification, reporting and securing of suspected

devices?

5. Time element involved in discontinuing search if no device is found, and approximate detonation time is known or esitmated? (e.g. at 15 minutes prior to threatened detonation time; search is discontinued and all personnel evacuate the building; no earlier than 30 minutes after the time of threatened detonation is entry permitted into the building).

6. Prior to re-entry of building, determination must be made as to the possible safety factors involved? Has 'danger zone' been maintained around building - at least 300 feet, etc?

7. Notification of bomb disposal unit if device found and procedures to be followed?

D. Followup investigation procedures?

1. Securing physical evidence and materials related to the inci-

dent?

2.

information? 3. 4. 5.

Interviewing witnesses and persons involved in the receipt of

Safeguarding materials for analysis? Followup investigative efforts? Documentation and report writing?

For additional information on bomb threat materials write or contact an ATF field office; or write: The Bureau of Alcohol, Tobacco and Firearms (ATF) , Washington, D.C. 20226

6

V. Sample Model Questionnaire for Bomb Threat:

Department or Agency Handling Incident :,_, _

Complaint Number - Case Number: __

Type of Target of Bomb Threat:

Time and Date of Bomb Threat: -------------------------

Name/Address/Data of Complainant: __

How Threat was Reported:

Name of Person Who Talke~d~t-o~C~a~I~I~e-r--:----------------------

Telephone Number Call was Received On:

---------------------------------

Exact Words of the Caller:

---------------------------------------------

Description - Background Noises:

--------------------------------

When is the bomb going to explode?

-------

Where is the bomb located?

~--~--~--~~~~~----------------------

How is it constructed and what does it look like?

------------------------

Why did you place the bomb?

----------------~----------

Where are you calling from?

-----------------------------

Description of Caller if possible from conversation: (General)

-------

Male

Female Age Race Accent

- ------- ------~ '-----------------

Educational Level

~-----------~-~-~-~-------------

Tone of Voice, ~Attitude- _

Voice sound familiar?

,~---~-~------------------------------

Speech Impediments, Characteris tics, etc • -----.:- __

Possible Suspects? ~----------------------------

Explain other details/descriptions

--~-~-----------------------

Time Caller Hung Up: Remarks:

--------~------------

Previous calls to this location?

~--~------------------------~-------

Suspected Device Located/Disposition? __

Persons/Agencies Notified: ()-Police ()~Federal Agency ~~

( )-Fire Department ( )-Emergency Medical Service ( )-Bomb Disposal Unit(s)

( )-Other _

Followup Investigative Assignment: _