Chapter 4: Measuring Effectiveness: Concepts in Physical Security Metrics

Question 1

What is the definition of Metric?

Answer 1

A measure based on a refence that involves at least two points.

Question 2

What is the primary goal of metrics?

Answer 2

to facilitate insight into performance and operations.

Question 3

What is the definition of Security?

Answer 3

protection from or absence of danger.

Question 4

What should security metrics tell us?

Answer 4

The state or degree of safety relative to a reference point and what to do to avoid danger.

Question 5

What do metrics measure?

Answer 5

The effectiveness and efficiency of an organization’s operations over time.

Question 6

What 10 things does an effective metrics program do for security professionals?

Answer 6

1. Better understand performance
2. Identify potential risk within the program.
3. identify problems and discover broken internal processes.
4. Measure internal compliance with organizational policy
5. Better leverage current security system capabilities.
6. Measure how their program performs against established benchmarks.
7. Improve accountability
8. Communicate program performance
9. Drive performance improvement
10. Justify resource allocation.

Question 7

What is the main tool in designing metrics?

Answer 7

The measurement framework

Question 8

What are 3 useful products that ASIS developed to better assess metrics?

Answer 8

1. The Security Metrics Evaluation Tool
2. A library of metric descriptions
3. guidelines for effective use of security metrics.

Question 9

What is Security MET

Answer 9

The Security Metrics Evaluation Tool.

Question 10

What is the purpose of security metrics?

Answer 10

To inform and persuade senior management, with an emphasis on organizational risk and return on investment.

Question 11

Why was the Security MET designed?

Answer 11

to help a user identify a metrics strengths and weaknesses so that the weaknesses can be corrected.

Question 12

What are the technical criteria that the Security MET helps security professionals evaluate any metric?

Answer 12

1. Reliability
2. Validity
3. Generalizability

Question 13

What are the Operational (Security) criteria that the Security MET helps security professionals evaluate any metric?

Answer 13

1. Cost
   2, Timeliness
2. Manipulation

Question 14

What are the Strategic (Corporate) criteria that the Security MET helps security professionals evaluate any metric?

Answer 14

1. Return on Investment
2. Organizational Relevance
3. Communication.

Question 15

What three ideas are the Enterprise Performance Framework based on?

Answer 15

1. Effectiveness: How well are the security systems and programs operating, for example in detecting, delaying, or annunciating
2. Efficiency: How quickly are the organizations programs responding to security alarms, incidents, and customer requests.
3. Strategic Improvement: How well are the objectives of the security program aligned with the overall objectives of the organization.

Question 16

What are examples of elements in a security program?

Answer 16

physical security
personnel security
information protection
emergency management

Question 17

What two questions should be answered for each element?

Answer 17

1. What are the primary and secondary functions performed within that element? These are often articulated in a unit or program mission statement.
2. What procedures, processes, tools, and resources are used to execute those functions?

Question 18

What does SMART stand for?

Answer 18

Specific
Measurable
Attainable
Repeatable
Time-Dependant

Question 19

What does PACS stand for?

Answer 19

Physical Access Control System

Question 20

What does SOC stand for?

Answer 20

Security Operations Center

Question 21

What types of alarms can be measured?

Answer 21

Forced Door
Door Held Open
Unauthorized Access Attempt
Expired Card
Card MIsread
User Defined Actions/Alarms
Communications Failure
weekly Forced Opens
Weekly HEld Opens

Question 22

What types of Physical Security Personnel metrics can be measured?

Answer 22

Response to an alarm or incident
Guard Force Response
Security System Integrator Response
Response to customer requests

Question 23

What types of training metrcis can be measured?

Answer 23

Inward facing training
Outward Facing Training

Question 24

What is the formula that identifies how many facilities have been assessed?

Answer 24

Total NUmber of facilities with a current security assessment/ Total number of facilities