Professional Documents
Culture Documents
Enforcement
Compliance
2
What is the differences
between
Security & Safety
3
SECURITY SAFETY
• Something that secures: protection • The condition of being safe from undergoing or causing
hurt, injury, or loss of life.
• That which secures or makes safe; protection; • Freedom from unacceptable danger, risk or harm
guard; defense.
• An incident is most often a result of one person • An incident is most often a result of human behavior in
or a group’s of people combination with the environment
• Causes often planned actions • Causes often unplanned actions
• Related to criminal acts • Often related to OSHA and other working
environmental acts
• Mainly malicious acts • Seldom, if ever malicious
• Mainly deliberate acts with a wish of a wanted • Mainly deliberate acts without a wish of a wanted
output/consequence of the act output and accidental incidents
• More difficult and subjective to identify hazard • Hazard easily identified
• More to External and Internal human threats • More to Internal human threats
• Threats are not always observable, tangible • Hazards are observable, tangible and proximate
and proximate
• Loss is mainly related to physical assets and • Loss is related to human injuries/death and reliability
information of industrial assets
• Reflects the state of society through its • Includes physical and environmental conditions – not
structures, economical situation, law only humans and society
abidingness and moral
• Relevant for a wide range and borderless • More relevant in the working environment 4
• Modus operandi applicable to any organization • May differ with different industry
CULTURE
SECURITY CULTURE
- The Malaysian Experience
MAXIMUM / MINIMUM
?
CRIME
THREAT WEAKNESS RISK
JUSTIFICATION
―Everyone’s doing it‖
OPPORTUNITY
―nobody really checks‖
EVOLUTION OF SECURITY
4 1
Preemptive Reactive
Taken as a measure against
something possible * * tending to react
Predictive Proactive
3 2
* from Dictionary.com
4D Concept in Security
D – Deny
D – Deter
D – Delay
D – Detect
Ultimate Aim is……
PEACE OF MIND
Introduction
11
What Is Security?
12
What Is Security?
13
Security Spectrum
Physical Security
Crisis Management and Business Continuity
Fraud Management
Risk Management
Investigation
Information Security
Security Design (CPTED – Crime Prevention Through Environmental Design)
Security Technology 14
Generic Areas of Security
Active security
Security guard
Electronic security system
Passive security
Basic mitigation measure i.e fence
Operations security
SOP, SOG etc
15
Generic Areas of Security
(continue)
16
Holistic Business Security Management
17
Business Security Management
Theft
Pilferage
Sabotage
Losses to Business
and Disruptions to
Operations
Robbery
Security Objective
19
Active Security
Physical Security – Security Guard
and Electronic Surveillance &
Monitoring System.
Information Security
(INFOSEC)
20
Office Security (OFSEC)
Protected with alarm system
CCTV is located at the cashier area, admin office and at the point of
entry and exit
Access card to enter the office, cashier working area and admin
office
Cash and cheques is keep in the safe box. Mandatory for cashier
to comply with Finance SOP on cash handling procedure
22
Operational Security
23
Security Awareness & Training
Internal
External
Online
24
Engagement with Stakeholder
PDRM
SPRM
Local Enforcement Authority
Security Association
Networking
25
Introduction:
Information Security (INFOSEC)
InfoSec includes information security
management, computer security,
data security, and network security
26
Communities of Interest
InfoSec community: protect
information assets from threats
28
Accountability
Authorization
Confidentiality
Authentication
Key Concepts of
Information Security
Integrity
Identification
Availability
Privacy
Key Concepts of Information
Security
Confidentiality
– Confidentiality of information ensures
that only those with sufficient privileges
may access certain information
– To protect confidentiality of information,
a number of measures may be used
including:
Information classification
Secure document storage
Application of general security policies
Education of information custodians and end
users 30
Key Concepts of Information
Integrity
Security
35
Key Concepts of Information
Security
Authorization
37
38
What Is Management?
39
Management is…..
A process consisting of planning,
organizing, actuating and controlling,
performed to determine and
accomplish the objectives by the use
of people and resources - George R. Terry (1953)
Boss… ―GO!!!!....‖
41
Differences Between
Leadership and Management
42
A Manager administer the resources
of the organization by
– Creating budgets
– Authorizes expenditures
– Hires employees
43
Characteristics of Management
Two well-known approaches to
management:
45
Planning
Planning: process that develops,
creates, and implements strategies
for the accomplishment of objectives
Three levels of planning:
47
Organizing
Organizing: is a principle of management
dedicated to structuring of resources to support
the accomplishment of objectives
Organizing tasks requires determining:
– What is to be done
– In what order
– By whom
– By which methods
– When
48
Controlling
Control:
1. Bearing 8. Integrity
2. Courage 9. Judgment
3. Decisiveness 10. Justice
4. Dependability 11. Knowledge
5. Endurance 12. Loyalty
6. Enthusiasm 13. Tact
7. Initiative 14. Unselfishness
53
Behavioral Types of Leaders
– Laissez-faire – laid-back.
54
Managerial Roles
Informational role: Collecting,
processing, and using information to
achieve the objective
60
Protection
63
SECURITY AWARENESS/EDUCATION PROGRAM