This document is prepared and presented as a basic overview of contemporary best practices for writing data – mainly security – needs within an effective security program. It is general in that it is developed without a specific application or factory in mind. As such, all or part of this information may not be appropriate for each building or facility. The intention is to provide basic information for non-technical and non-security readers.
Security data written material is used to manage all aspects of the safety program. Such documents would contain at least the following;
• emergency plans
• Training Materials
It can be said that there are – in fact – only 3 reasons for performance failures in the security program inception,
(1 ) The is no policy and procedures to address the issue;
(2) It is the policy and procedure dealing with the issue, but it was not followed;
(3) The policy and procedures to address the issue was followed, but the content was inadequate to properly deal with the circumstances of a particular situation.
The triad architectural, technical and operational, policies and procedures are the basis of the latest and most easily overlooked as an important element in a comprehensive and effective security program.
policies and procedures of an organization are dynamic in that they must be constantly updated and constantly improved. Perhaps no other single factor units better reflects the culture and philosophy of the body of written policies and procedures that it controls.
starting at the top
easily the most common barrier in any effort to develop security policies and procedures is the failure to have the full support of senior management. At the very least, direct approval of top positions is necessary. Ideally, policies and procedures should be reviewed and approved by the school board – such as the board – or a committee thereof. This support from the top of the organization will also clearly reflected in the document itself.
In addition, managers must support the effort through the “example”. This means that policies and procedures must apply to all, regardless of their position within the organization. If granted be allowed, exceptions should be provided for in the policy and procedure document.
If “perfect” policy and procedure document can always at hand, even that would be of no value if he is subject to its content and is responsible for its implementation and enforcement are not aware of information. Traditionally binder of printed documents were reproduced and distributed widely so that it is accessible labor. Today, fewer printed copies are ready and there is greater confidence in the electronic media. A best practice is for the security department to have her own website on the intranet. Among the many benefits of this is the ability to make security policies and procedures available for review and downloading, preferably Adobe.PDF format.
The essential content of policies and procedures should also be placed on employee attitudes and included in the employee handbook
Typical security documents can be summarized as follows :.
STRATEGY Organization of the objectives and safety requirements in general terms. Policy also sets departmental responsibility and cooperation relations where issues may overlap. Most importantly, it conveys power. Policies addressing specific issues, however, are usually very broad statements and no detail
Standards :. Standards set minimum performance parameters. These are statements that are usually “actionable”, “measurable” and / or “visible”. Standards are accurate aim, and can often be the same as or similar to the technical specifications
Guidelines :. Rules and Standards require write very detailed and specific way that avoids misunderstanding. Because it is not a narrative style that most people are accustomed to reading some good explanations can help in understanding. Instructions for this purpose but are not “requirements” in itself
AUCTION :. Jobs are directly responsible for taking action under various circumstances and conditions or in response to certain events. These are very specific and step-by-step, to the extent practical and reasonable. Since rules and standards can apply for the enterprise-wide basis, there will always be a big part of the procedure that has to be specific to any place or facility
emergency plans :. Generally based facility will be required for some emergency plans each specific event. Emergency plans are constructed – in part – that they may be referenced in real time at the event. The most common are emergency plans to respond to such things as fire or bomb threat. The plans may be needed for other events, such as assault or the threat of attack is increased. Procedures in emergency plans tell people “because” they want to go and “what” they want to do when you get there.
A key element to a good guide is that it is relatively easy for the user to find the information they are seeking. Because of the policy and procedure document is constantly revised standard, a single document with sequential page numbers would be less than optimal. In addition, it is desirable to numerate contents other than through recruitment page numbers, as these tend to change the review. It is also highly desirable to facilitate later reference individual “provisions” in the document, similar to the manner in which the government tracks are numerated. Example structure could be something similar to the following:
1 = Section
1.01 = Section
1:01:01 = Section
= 1.01.01.01 Subsection
It is advisable to create a standard format or template pages to facilitate the exchange of pages of the audit, and for readability. Templates should incorporate a place for the title of the chapter and place the date of the latest version. The document must contain a table of contents and index words is a great enhancement.
Usually institution would have a general or master a body of policies and procedures that are generally applicable to the entire global enterprise. Parties with many facilities will likely have to reserve specific targets for further individualization for various places as different cities, states or countries in order to cater for variations in the applicable law.
Other policies and procedures generally required based on the specific nature of the organization, such as a business or industry in which it falls. Government regulatory compliance can be a big factor in the document in some applications
When the policy manual is separate from the procedure manual -. As generally recommended -. Relative methods should refer to the corresponding policy
There are a myriad of subjects that might be addressed in a comprehensive set of policies and procedures. Many of the most common subjects overlap the area commonly addressed by field workers, and sometimes with other units as well. It is strongly recommended that legal review and approve all policies for distribution.
Usually the policy is written in narrative and semi-public model and the only “rule” is that the message be clear and unambiguous. What strategy would generally describe the Agency’s opinion on the subject, and last but not least, it should include the necessary authority and responsibility to develop corresponding procedures for implementation and enforcement.
Procedures are usually written in “step- -step” format. As a guide, the procedures for security should be developed with the new guard on his first day of work in mind.
If the rules are important, but to follow the strategy will be equally important. Policy must set appropriate consequences for violations of the policy, in the form of sanctions. Failure to consistently enforce policies might tend to have a negative impact on the legal enforceability of any policy. If an agency lacks the collective will to act to enforce the policy, the policy should be changed or eliminated. No policy should always continue to be that enforcement action is not initiated continuously.
No policy and procedures manual can be completely written in advance that will be applicable to any organization without customization and modification. The following is a list of the main subjects – not anything on – that should be considered for participation in security policies and procedures manual;
1.0 Statement by the Commission
2.0 Security Department Mission, aims and objectives
3.0 Security Department – General
3.1. Organizational Structure
3.2. Policy Enforcement
3.5. Background Investigations
4.0 Security Department – Management
4.3. Communication with public
4.4. Regular Departments Reports
4.5. Security Awareness Training Non-security guards
4.7. Staff performance evaluation
5.0 Security Department – Staffing
5.5. Post Orders
6.0 Security Department – duties and responsibilities
6.1. Policy Enforcement
6.3. Response to offense
6.4. Suspicious persons
6.5. Emergency Situations
7.0 Information Protection
7.1. Document Storage for continuity
7.2. Document Destruction
7.3. “Clean Desk” Program
7.4. Trash Removal
8.0 Lost and Found
9.0 Courtesy Escorts
10.0 Cash Handling
11.0 Parking Traffic Control
11.1. Registration fees
11.3. Vehicle Performance
12.0 Security responsibility of all employees
12.1. Reporting Suspicious Incidents & Situations
12.2. Cooperation in research
12.3. Privacy and consent to search
12.4. Contact by public bodies
12.5. Contacts for media
12.6. Cooperation with emergency
12.7. Protection of property
12.8. Prohibited items
12.9. False Reporting Prohibited
13.0 Lock and Key Control
14.0 Material Passes
15.0 i.d. Credentials
15.3. Vendors / Contractors
16.0 Workplace Violence
19.0 Fire and Life Safety
19.1. Systems Inspection & Testing
19.2. Unsafe conditions
20.0 audits of the security Department
21.0 Access Control
22.1. Overt Surveillance
22.2. Covert Surveillance
23.0 Security search
23.3. Parcels and Packages
24.1. Preparation of emergency plans
24.2. Incident Command
24.3. Training and exercises