I. The Setting: As a new aspiring professional with PLP Security Solutions, an upstart consulting firm specializing in conducting risk assessments and developing effective management strategies for mitigating threats and protecting assets from harm or loss, you have been assigned your first project after completing your initial company orientation and on-the-job-training. Your supervisor offers you the opportunity to select any one of the following enterprises from a list of clients who have just contracted with PLP Security Solutions to conduct risk assessments of their facilities and operations that include a security plan designed to effectively protect their assets:
QUESTION
Final Project: Case Study
Risk Assessment/Security and Safety Plan
I. The Setting: As a new aspiring professional with PLP Security Solutions, an upstart consulting firm specializing in conducting risk assessments and developing effective management strategies for mitigating threats and protecting assets from harm or loss, you have been assigned your first project after completing your initial company orientation and on-the-job-training. Your supervisor offers you the opportunity to select any one of the following enterprises from a list of clients who have just contracted with PLP Security Solutions to conduct risk assessments of their facilities and operations that include a security plan designed to effectively protect their assets:
I plan to do an onsite security assessment and develop a security plan for the University of Maryland Shady Grove – The Camille Kendall Academic Center (Building III)
https://shadygrove.umd.edu/conference-center/amenities/building-iii
Building three is a five-story building the building that currently accommodates
The Priddy library on the first floor and the green grove café as well. The site is surrounded by a mix of development types consisting of commercial offices, retail premises, residential accommodation and serviced apartments
III. Project Background and Requirements: According to the Department of Homeland Security, “risk management is the process for identifying, analyzing, and communicating risk and accepting, avoiding, transferring, or controlling it to an acceptable level considering associated costs and benefits of any actions taken” (DHS Risk Lexicon, September, 2010, p. 31). As result of your academic study at UMUC and your military and civilian work experiences, you know that enterprise risk assessment and management are key job responsibilities for security practitioners. More significantly, you recognize that assessing and managing risk are actually critical competencies required of a security practitioner, such as yourself, and proficiency in completing these tasks must be demonstrated consistently throughout one’s security career to be fully successful as a bona fide security professional (Enterprise Security Risks and Workforce Competencies: Findings from an Industry Roundtable on Security Talent, Summer 2013, p. 8).
As a part of any risk management process, PLP Security Solutions requires you to employ your knowledge, skills, and abilities in applying the risk assessment and management principles and methodology outlined by ASIS International’s “General Security Risk Assessment Guideline,” which includes the following: identifying all the assets requiring protection at the site you have selected and “understanding” the organization you are evaluating; determining all the possible criminal and non-criminal risk events confronting the organization; establishing the probability and impact of loss risk events; identifying physical, procedural, and virtual security control options for mitigating risks; assessing the feasibility of implementing those security options; and conducting a cost-benefit analysis of the security options under consideration or specifically recommended.
Within the context of protecting a client’s assets from harm or loss, PLP also expects you to address the following general topics in the Risk Assessment/Security and Safety Plan:
• Cyber/communications security
• Workplace violence prevention and response, including active shooter threats
• Crisis (emergency) management and response (natural disasters, fire, terrorism, lone wolf attacks, etc.); business continuity planning
• Employee selection, screening, rescreening (insider threats)
• Physical plant intrusion (e.g., burglary)
• Property damage, interior and exterior (e.g., vandalism, theft, etc.)
• Personal security (e.g., assault, personal property loss/damage, robbery, etc.)
• Information/records physical security
• Litigation for inadequate security, including negligent hiring/supervision/retention, and other legal issues unique to the site
• OSHA safety standards potentially applicable at the site and violations
• Training practices
• Unethical business practices
• Liaison activities with first responders, security professional organizations
These topics were discussed throughout the course of study and include, in broad terms, the various risks to assets; security and safety control operating standards, guidelines, and procedures; and management and operational issues and challenges confronting security practitioners. You will incorporate into the Risk Assessment/Security and Safety Plan a succinct discussion for each of the topics as they relate to the organization and the site under review.
PLP also expects that you include in the project “deliverable” (paper) specific recommendations for enhancing security and protecting the organization’s assets from harm or loss. As the consultant on site, you understand the client is entitled to the results of any
ANSWER
Risk Assessment/Security and Safety Plan for the University of Maryland Shady Grove – The Camille Kendall Academic Center (Building III)
Introduction
As a consultant from PLP Security Solutions, I have been assigned the task of conducting a risk assessment and developing a security plan for the University of Maryland Shady Grove – The Camille Kendall Academic Center (Building III). This plan aims to effectively protect the assets of the university from harm or loss. The following sections will address the key areas of concern and provide recommendations for enhancing security and safety at the facility.
Site Description
Building III of the University of Maryland Shady Grove is a five-story building that currently houses the Priddy Library on the first floor, as well as the Green Grove Café. The site is surrounded by a mix of development types, including commercial offices, retail premises, residential accommodations, and serviced apartments.
Risk Assessment Methodology
To conduct a comprehensive risk assessment, I will follow the risk assessment and management principles and methodology outlined by ASIS International’s “General Security Risk Assessment Guideline.” This methodology involves the following steps:
Asset Identification: Identify all the assets requiring protection at the University of Maryland Shady Grove, including physical assets, information assets, and personnel.
Organizational Understanding: Gain a deep understanding of the organization, its mission, and its operations to assess the potential risks and vulnerabilities.
Risk Event Identification: Determine all possible criminal and non-criminal risk events that could threaten the facility and its assets, such as theft, vandalism, cyber-attacks, workplace violence, and natural disasters.
Risk Probability and Impact Assessment: Evaluate the probability and potential impact of each identified risk event to prioritize them based on their likelihood and potential consequences.
Security Control Options: Identify physical, procedural, and virtual security control options that can mitigate the identified risks. These may include access control systems, surveillance cameras, security personnel, cybersecurity measures, and emergency response protocols.
Feasibility Assessment: Assess the feasibility of implementing the identified security control options considering factors such as cost, resources, and operational impact.
Cost-Benefit Analysis: Conduct a cost-benefit analysis of the security control options to determine their effectiveness and the value they bring in relation to the potential losses they can prevent.
Risk Assessment and Security Plan Topics
Cyber/Communications Security
Address the potential risks and vulnerabilities related to the university’s information systems, networks, and data. Develop recommendations for implementing robust cybersecurity measures, such as firewalls, intrusion detection systems, regular patching, employee awareness training, and incident response protocols.
Workplace Violence Prevention and Response
Assess the risks of workplace violence, including the threat of active shooters. Develop a comprehensive workplace violence prevention program that includes threat assessments, employee training, incident reporting procedures, and emergency response protocols.
Crisis (Emergency) Management and Response
Evaluate the university’s current crisis management and response capabilities for natural disasters, fire incidents, terrorism, and lone wolf attacks. Develop an integrated crisis management plan that includes emergency evacuation procedures, communication protocols, and coordination with local first responders.
Employee Selection, Screening, Rescreening (Insider Threats)
Review the university’s current practices for employee selection, screening, and rescreening. Develop recommendations for implementing robust background checks, reference verifications, and ongoing monitoring to mitigate the risk of insider threats (Alsowail & Al-Shehari, 2022).
Physical Plant Intrusion
Assess the vulnerabilities of the facility to physical intrusion, such as burglary. Recommend physical security measures, including access control systems, video surveillance, alarm systems, and physical barriers, to prevent unauthorized access and protect valuable assets.
Property Damage (Interior and Exterior)
Identify potential risks of property damage, including vandalism and theft. Develop recommendations for improving physical security measures such as adequate lighting, secure fencing, security patrols, and alarms to deter and detect property damage incidents.
Personal Security
Evaluate the risks associated with personal security, including assault, personal property loss/damage, and robbery. Develop recommendations for implementing measures such as increased lighting in parking areas, security escorts, and awareness campaigns to enhance personal safety.
Information/Records Physical Security
Assess the physical security measures in place to protect sensitive information and records. Recommend measures such as secure document storage, access control, and encryption to ensure the confidentiality and integrity of important information (Chapter 6 — Information Security, From Safeguarding Your Technology, NCES Publication 98-297 (National Center for Education Statistics), n.d.).
Litigation for Inadequate Security and Legal Issues
Examine the legal implications of inadequate security measures and develop recommendations to mitigate the risk of litigation. This includes addressing negligent hiring, supervision, and retention practices to minimize legal liabilities.
OSHA Safety Standards
Review the facility’s compliance with relevant OSHA safety standards and identify any potential violations. Develop recommendations to ensure adherence to safety protocols, including regular safety inspections, employee training, and hazard identification and mitigation.
Training Practices
Evaluate the current training practices related to security and safety. Develop recommendations for comprehensive training programs that cover topics such as emergency response, cybersecurity awareness, workplace violence prevention, and physical security.
Unethical Business Practices
Assess the risks of unethical business practices within the organization. Develop recommendations for implementing strong ethical guidelines, whistleblower programs, and regular ethics training to promote an ethical work environment.
Liaison Activities with First Responders and Security Professional Organizations:
Develop a plan for establishing effective liaison activities with local first responders, such as police and fire departments, and security professional organizations (Emergency Preparedness and Response: Getting Started | Occupational Safety and Health Administration, n.d.). This includes regular communication, coordination of emergency response plans, and sharing best practices.
Specific Recommendations
Based on the findings of the risk assessment, provide specific recommendations for enhancing security and protecting the University of Maryland Shady Grove’s assets. These recommendations should be prioritized based on their impact and feasibility, considering factors such as cost, resources, and operational implications.
Conclusion
In conclusion, this Risk Assessment/Security and Safety Plan aims to provide the University of Maryland Shady Grove with a comprehensive understanding of the risks and vulnerabilities associated with its facilities and operations. By implementing the recommended security measures and practices, the university can mitigate potential threats and protect its assets from harm or loss.
References
Alsowail, R., & Al-Shehari, T. (2022). Techniques and countermeasures for preventing insider threats. Techniques and Countermeasures for Preventing Insider Threats, 8, e938. https://doi.org/10.7717/peerj-cs.938
Chapter 6 — Information Security, from Safeguarding Your Technology, NCES Publication 98-297 (National Center for Education Statistics). (n.d.). https://nces.ed.gov/pubs98/safetech/chapter6.asp
Emergency Preparedness and Response: Getting Started | Occupational Safety and Health Administration. (n.d.). https://www.osha.gov/emergency-preparedness/getting-started
We've got everything to become your favourite writing service
Money back guarantee
Your money is safe. Even if we fail to satisfy your expectations, you can always request a refund and get your money back.
Confidentiality
We don’t share your private information with anyone. What happens on our website stays on our website.
Our service is legit
We provide you with a sample paper on the topic you need, and this kind of academic assistance is perfectly legitimate.
Get a plagiarism-free paper
We check every paper with our plagiarism-detection software, so you get a unique paper written for your particular purposes.
We can help with urgent tasks
Need a paper tomorrow? We can write it even while you’re sleeping. Place an order now and get your paper in 8 hours.
Pay a fair price
Our prices depend on urgency. If you want a cheap essay, place your order in advance. Our prices start from $11 per page.