Back to School Savings: Save up to 30% on print books and eBooks. No promo code needed.
Back to School Savings: Save up to 30%
The Manager's Handbook for Business Security
2nd Edition - March 7, 2014
Editor: George Campbell
Paperback ISBN:9780128000625
9 7 8 - 0 - 1 2 - 8 0 0 0 6 2 - 5
eBook ISBN:9780128002001
9 7 8 - 0 - 1 2 - 8 0 0 2 0 0 - 1
The Manager’s Handbook for Business Security is designed for new or current security managers who want build or enhance their business security programs. This book is not an… Read more
Purchase Options
Save 50% on book bundles
Immediately download your ebook while waiting for your print delivery. No promo code is needed.
The Manager’s Handbook for Business Security is designed for new or current security managers who want build or enhance their business security programs. This book is not an exhaustive textbook on the fundamentals of security; rather, it is a series of short, focused subjects that inspire the reader to lead and develop more effective security programs.Chapters are organized by topic so readers can easily—and quickly—find the information they need in concise, actionable, and practical terms. This book challenges readers to critically evaluate their programs and better engage their business leaders. It covers everything from risk assessment and mitigation to strategic security planning, information security, physical security and first response, business conduct, business resiliency, security measures and metrics, and much more.The Manager’s Handbook for Business Security is a part of Elsevier’s Security Executive Council Risk Management Portfolio, a collection of real world solutions and "how-to" guidelines that equip executives, practitioners, and educators with proven information for successful security and risk management programs.
Chapters are organized by short, focused topics for easy reference
Provides actionable ideas that experienced security executives and practitioners have shown will add value to the business and make the manager a more effective leader
Takes a strategic approach to managing the security program, including marketing the program to senior business leadership and aligning security with business objectives
New security managers, current security managers who are in transition from public to private or one corporate profile to another, and business executives with an interest in or responsibility for corporate security
Acknowledgments Introduction Our Vision for the Value of This Publication
1. Understanding the Business of Security Introduction The Security Program Review Build the Business Case for Crafting a Measurably Effective Security Program Highlights for Follow-Up
2. Security Leadership: Establishing Yourself and Moving the Program Forward Introduction Leadership Competencies Keys to Organizational Influence and Impact The Next Generation Security Leader Highlights for Follow-Up
3. Risk Assessment and Mitigation Introduction Assessing Viable Threats Vulnerability Assessment Board-Level Risk and Security Program Response Research A Risk Quantification Process A Risk Management-Based Concept of Operations Highlights for Follow-Up
4. Strategic Security Planning Introduction Strategic Security Program Focus Eight Key Strategic Issues The Security Planning and Program Development Process Business Alignment and Demonstrating Security’s Value Highlights for Follow-Up
5. Marketing the Security Program to the Business Introduction The Essentials A Marketing Strategy Brand Recognition The Mission Statement Policies and Business Practices Applying Standard Security Practices to Business Objectives Highlights for Follow-Up
6. Organizational Models Introduction Baseline Elements Program Characteristics What Organizational Model Works Best in Your Company Alternative Organizational Models Consolidated Service Model Seriously Explore the Potential Advantages of a Security Committee Unified Risk Oversight Access Is the Fundamental Essential Highlights for Follow-Up
7. Regulations, Guidelines, and Standards Introduction Typical Regulatory Elements How Many Security Regulations Apply to Your Company? The Legislation, Regulations, Voluntary Compliance, and Standards (LRVCS) Breakdown The Security Professional’s Role The Implications of Noncompliance Highlights for Follow-Up
8. Information Security Introduction Critical Importance of Information Security Core Information Assurance Requirements Information Has Value Information Moves at Warp Speed Key Assessment: What Is the State of Control? Organizing the Information Security Program Information Security Infrastructure and Architecture Day-to-Day Operational Security Cyber Incident Response Planning Highlights for Follow-Up
9. Physical Security and First Response Introduction Your Objective: An Integrated Solution Physical Security at a Glance Alignment with the Threat Security Operations The Quality of First Response All Space Is Not Created Equal Physical Security as a Force Multiplier Equipment Removal and Value of Risk Assessments Security Riding on the Corporate Network A Note on Convergence Highlights for Follow-Up
10. Security Training and Education Introduction Objectives of Security-Related Training and Education Training Options In-House Training Certificate Programs Academic Programs Development Plan Contractors and Vendors Training Business Units in Security-Related Responsibilities Tracking Training Administration Highlights for Follow-Up
11. Communication and Awareness Programs Introduction Strategies Tactics Security Awareness Approaches Tailoring the Message Highlights for Follow-Up
12. Safe and Secure Workplaces Introduction Predictability of Risk The Policy Framework Workplace Violence Policy Protecting Key Executives and Key Individuals Highlights for Follow-Up
13. Business Conduct Introduction Know Your Adversary Corporate Hygiene Learning from Business Conduct Cases High-Level Policy or Guideline Statement Checklist for Conduct of Internal Misconduct Investigations Highlights for Follow-Up
14. Business Resiliency Introduction Your Focus High-Level Policy or Guideline Statement Track Business Continuity Readiness NFPA Standard 1600 National Response Framework Regulatory Requirements Highlights for Follow-Up
15. Securing Your Supply Chain Introduction An Example of the Elements of Supply Chain Risk Oversight: Customs Trade Partnership Against Terrorism, Shipment Guard (C-TPAT) Security Criteria for Importers A Focus on Supply Chain Security Has Multiple Benefits Highlights for Follow-Up
16. Security Measures and Metrics Introduction What Are Measures and What Are Metrics? What Are the Key Objectives for Our Metrics? Why Measure? What Are the Benefits of Measures and Metrics? Roles and Responsibilities It’s about Communication and Risk Management Where Do I Find the Data for My Measures and Metrics? Business Alignment—Demonstrating Value to Management Pitfalls to Avoid Five Metrics You Might Consider Conclusion Highlights for Follow-Up
17. Continuous Learning: Addressing Risk with After-Action Reviews Introduction After-Action Review (AAR) and Incident Post-Mortem Know Your Audience Outline for the Incident Post-Mortem Management Plan and Briefing Highlight for Follow-Up
Appendix A. Risk Review Elements Business Risk Environment Policy Framework Threats Location Risk General Data Business Continuity Incidents Internal Risk Information Security Hazardous/Dangerous Material Issues Base Building Risks Owned Properties Contractors Background Investigation Data Management Business Continuity Planning Emergency and Crisis Management Security Awareness
Appendix B. Security Devices, Equipment, and Installation Labor Costs
Appendix C. Request for Proposals for Contract Security Services at [Specific Company Location(s)] Introduction Instructions to Bidders Proposal Contents Selection Criteria General Conditions of the RFP RFP Timeline
Appendix D. Workplace Violence Incident Response Guideline Introduction Workplace Violence Prevention Program Template Some Critical Elements to Consider In Determining Dangerousness
Appendix E. Code of Business Conduct and Ethics Template Company Assets Compliance with Laws and Regulations Confidential Information Conflict of Interest Dealing with Public Officials Environmental Protection Equal Employment Opportunity Financial Records Gifts, Gratuities, Favors: Giving and Receiving Insider Trading Intellectual Property Rights Political Contributions Workplace Safety Reporting Violations and Policy Enforcement Certification
Appendix F. Corporate Incident Reporting and Response Plan Planning Philosophy Corporate Emergency Plan Corporate Emergency Response Team Appendix G. Considering the Essentials: Questions for People and Program Development Focus A Suggested Approach About the Contributing Editor About Elsevier’s Security Executive Council Risk Management Portfolio Index
No. of pages: 296
Language: English
Published: March 7, 2014
Imprint: Elsevier
Paperback ISBN: 9780128000625
eBook ISBN: 9780128002001
GC
George Campbell
George Campbell served until 2002 as the chief security officer (CSO) at Fidelity Investments, the largest mutual fund company in the United States, with more than $2 trillion in customer assets and 32,500 employees. Under Campbell’s leadership, the global corporate security organization delivered a wide range of proprietary services including information security, disaster recovery planning and crisis management, criminal investigations, fraud prevention, property and executive protection, and proprietary security system design, engineering, and installation. Since leaving Fidelity, Campbell has served as a content expert for the Security Executive Council, of which he is a founding Emeritus Faculty member.
Prior to working at Fidelity Investments, Campbell owned a security and consulting firm, which specialized in risk assessment and security program management. He has also been group vice president at a system engineering firm that supported government security programs at high-threat sites around the world. Early on in his career, Campbell worked in the criminal justice system, and served in various line and senior management positions within federal, state, and local government agencies.
Campbell received his bachelor’s degree in police administration from American University in Washington, D.C. He served on the board of directors of the International Security Management Association (ISMA), and as ISMA’s president in 2003. Campbell is also a long-time member of ASIS International. He is a former member of the National Council on Crime Prevention, the High Technology Crime Investigation Association, and the Association of Certified Fraud Examiners, and is an alumnus of the U.S. State Department’s Overseas Security Advisory Council.