Académique Documents
Professionnel Documents
Culture Documents
JANUARY / 2012
XBST2103
MATRICULATION NO
TELEPHONE NO.
LEARNING CENTRE
(COVER PAGE)
Table of Contents
1) Overview ..................................................................................................................... 2
2) The role of security in an organization ........................................................................ 2
i. Protect people ............................................................................................................ 2
ii. Protect asset ............................................................................................................... 3
iii. Protect information .................................................................................................... 3
iv. Protect reputation....................................................................................................... 4
3) Differences between the traditional and modern security operations management .... 5
4) Advantages and disadvantages of traditional and modern security operations
management ........................................................................................................................ 6
i. Advantages of traditional security operations management ...................................... 6
ii. Disadvantages of traditional security operations management ................................. 7
iii. Advantages of modern security management ............................................................ 7
iv. Disadvantages of modern security management ....................................................... 7
5) Recommendations for the organization ....................................................................... 7
i. Organization background .......................................................................................... 7
ii. Security risk assessment ............................................................................................ 8
iii. Recommendation for improvement ........................................................................... 9
6) Conclusion ................................................................................................................... 9
7) References ................................................................................................................. 10
1)
Overview
2)
i. Protect people
Organization consists of people - the owner or employer and the staff or worker.
These are people who involve with the organization activities. Thus it is important to
ensure that all these people feel secure. The unsecure feeling can affect the effectiveness
of the overall operation and also can cause people leaving the organization. It will be a
big loss to organization when a competence member left.
Besides protecting people in the organization, security also has to protect other
people that have relationship with the organization either directly or indirectly. The
protection level to people outside the organization is depends on the organization policy.
Generally, it is more relevant to visitor to the organizations premises such as supplier,
customer or sometimes the government servant.
camporealelaw.com
visualphotos.com
Assets are the organization property either in tangible form or intangible form.
Tangible form of asset is physical properties such as cash, building, equipment, vehicles
and so on while intellectual property is one of the examples of intangible property.
Most of the organization has important and confidential data or records that need to
be kept concealed from unauthorized party. Example is the business strategy or secret
formulation which must be kept secure especially from the competitor. Besides protecting
3
the classified information from unauthorized party, security also has to ensure the
information in not lost or damaged.
3)
The most significant differences between traditional and modern security is in the
aspect of technology. The vast development in technology enables a lot of invention for
security sector such as closed-circuit television (CCTV) for surveillance and biometric
recognition for identification. With CCTV and remote communication gadget, the
security personnel have no longer to be face to face with visitor. It can be done from
control room.
(Source: freefoto.com)
(Source: digital-slrcameras.info)
In the past, security was not an important division in an organization. The security
office was very poor condition since the division has very limited budgetary and there
were no security position at the higher level management in the organization. Due to the
increase of threat and the perception change on the significant of security to reduce
further loss to the organization, the security operation management also has gone through
a transition. At present, security division has becoming an important division of the
organization and the security office has no longer at the backyard or basement of the
facility. With security person at the higher level of management who reports directly to
the top management, better decision making on security budgetary can be achieved.
In the past, education level of security is not crucial since the security system was
more to the physical requirements. At present, new technology and new threats requires
higher level or competency of security personnel. The old requirement, recruitment and
training programme are no longer suitable. More educated persons are joining security to
fill up certain special function.
4)
Since traditional security operations are more to physical system, the advantage is
less training required and can be considered as less investment.
Traditional security operations may not able to prevent the new threat. Technology
not only improves security but also increase threat. For example, criminal also
New technology allowing more tasks can be done effectively and efficiently.
Monitoring process become easier and also contribute to evidence recording such as
recording from the closed-circuit television (CCTV). Besides, the modern security
management system has adopting periodical assessment of the threat level such as audit
program. This allows the discovery of new potential threats and preventive action plan
can be prepare.
Investing in technology for security purposes could be quite high. Thus it is important
to do security risk assessment to identify the risk level before deciding to invest in
technology. The investment is not only on the equipment, but also inclusive of training to
the available personnel and also to hirer specialties.
No system is 100% secure. Relying 100% on any technology is actually a risk too.
For example, in a plant that has CCTV installed, the security personnel or the owner may
make assumption that there will be no violation happened. In-fact, CCTV is not
prevention equipment.
5)
i. Organization background
7
Headquarter is located at Shah Alam, Selangor which consists of main office and
warehouses. Headquarter handles most of the administration processes and logistics.
Basically headquarter will handle all customers in Kelang Valley to the south of
Peninsular. For customers located at north Peninsular, there are small warehouse located
at Bukit Minyak, Penang. While at east coast, there are manufacturing plants located at
Kemaman, Terengganu and Gebeng, Pahang.
All NOSB office, warehouse and manufacturing plants are located either within
customers or suppliers territory. The manufacturing plant in Kemaman is built within
Perwaja Steel Sdn. Bhd. (PSSB) area. This is because besides producing for bulk selling,
the main business is actually to supply the gases directly to PSSB through pipeline.
Another manufacturing plant at Gebeng is located within Petronas BASF area where
NOSB recovering carbon dioxide from their waste. While headquarter and warehouse at
Bukit Minyak are located in customer premises.
Reviewing the overall NOSB operation, safety risk analysis has summarized below
threats exist:
8
No
1
Threat
(T)
Bad behaviour of staff.
Never happened before.
(Low)(2)
Loss of parts on road
tanker.
A case of stolen battery.
(High)(4)
Entertainment or gifts
from contractor/ supplier.
Reported there were
contractor giving angpow.
Few occasions of
breakdown in past year.
(Very High)(4)
Impact
(I)
Reputation
(Very high) (5)
Tanker breakdown. Miss a
delivery.
(High)(4)
Vulnerability
(V)
No clear written
policy
(High)(4)
Road tanker are
exposed to the
threat during
parking at public
area at night
(High)(4)
No clear written
policy
(High)(4)
(High)(4)
Risk Level
(T x I x V)
Lower (1), Low (2), Medium (3), High (4), Higher (5)
40
64
64
< 40 = Low
40 = High
6)
Conclusion
Basically, there is no clear time border to differentiate between traditional era and
modern era of security management. In fact, some of the so-called traditional ways of
security still being practices in some organization such as dog unit and watch tower.
7)
References
C & A Security Risk Analysis Group. (2005). Introduction to Risk Analysis. Retrieved
from The Security Risk Analysis Directory: http://www.security-risk-analysis.com
Serguei, B., Vlad, K., & Barry, R. (2005). Communications of the Association for
Information Systems. Future Security Approaches and Biometrics, pp. 937-966.
10