Chapter 4: Measuring Effectiveness: Concepts in Physical Security Metrics Flashcards
What is the definition of Metric?
A measure based on a refence that involves at least two points.
What is the primary goal of metrics?
to facilitate insight into performance and operations.
What is the definition of Security?
protection from or absence of danger.
What should security metrics tell us?
The state or degree of safety relative to a reference point and what to do to avoid danger.
What do metrics measure?
The effectiveness and efficiency of an organization’s operations over time.
What 10 things does an effective metrics program do for security professionals?
- Better understand performance
- Identify potential risk within the program.
- identify problems and discover broken internal processes.
- Measure internal compliance with organizational policy
- Better leverage current security system capabilities.
- Measure how their program performs against established benchmarks.
- Improve accountability
- Communicate program performance
- Drive performance improvement
- Justify resource allocation.
What is the main tool in designing metrics?
The measurement framework
What are 3 useful products that ASIS developed to better assess metrics?
- The Security Metrics Evaluation Tool
- A library of metric descriptions
- guidelines for effective use of security metrics.
What is Security MET
The Security Metrics Evaluation Tool.
What is the purpose of security metrics?
To inform and persuade senior management, with an emphasis on organizational risk and return on investment.
Why was the Security MET designed?
to help a user identify a metrics strengths and weaknesses so that the weaknesses can be corrected.
What are the technical criteria that the Security MET helps security professionals evaluate any metric?
- Reliability
- Validity
- Generalizability
What are the Operational (Security) criteria that the Security MET helps security professionals evaluate any metric?
- Cost
2, Timeliness - Manipulation
What are the Strategic (Corporate) criteria that the Security MET helps security professionals evaluate any metric?
- Return on Investment
- Organizational Relevance
- Communication.
What three ideas are the Enterprise Performance Framework based on?
- Effectiveness: How well are the security systems and programs operating, for example in detecting, delaying, or annunciating
- Efficiency: How quickly are the organizations programs responding to security alarms, incidents, and customer requests.
- Strategic Improvement: How well are the objectives of the security program aligned with the overall objectives of the organization.
What are examples of elements in a security program?
physical security
personnel security
information protection
emergency management
What two questions should be answered for each element?
- What are the primary and secondary functions performed within that element? These are often articulated in a unit or program mission statement.
- What procedures, processes, tools, and resources are used to execute those functions?
What does SMART stand for?
Specific
Measurable
Attainable
Repeatable
Time-Dependant
What does PACS stand for?
Physical Access Control System
What does SOC stand for?
Security Operations Center
What types of alarms can be measured?
Forced Door
Door Held Open
Unauthorized Access Attempt
Expired Card
Card MIsread
User Defined Actions/Alarms
Communications Failure
weekly Forced Opens
Weekly HEld Opens
What types of Physical Security Personnel metrics can be measured?
Response to an alarm or incident
Guard Force Response
Security System Integrator Response
Response to customer requests
What types of training metrcis can be measured?
Inward facing training
Outward Facing Training
What is the formula that identifies how many facilities have been assessed?
Total NUmber of facilities with a current security assessment/ Total number of facilities
