BESTLINK COLLEGE OF THE PHILIPPINES

BRGY. San Agustin Susano Road, Novaliches, Quezon City

VISION
Bestlink College of the Philippines is committed to provide and promote quality education with a
unique, modern and research-based curriculum with delivery systems geared towards
excellence.
MISSION
To produce self-motivated and self-directed individual who aims for academic excellence, God-
fearing, peaceful, healthy and productive successful citizens.
CRIMINOLOGY DEPARTMENT
SECOND SEMESTER: A.Y. 2021-2022
LEA 3 – INDUSTRIAL SECURITY
WEEK 7 - 11

VII. Document and Information Security

This module introduces the information that has value and should be protected. These include the
propriety business and technical information as well as personal data concerning applicants, employees,
and former employees. Sensitive information is data that must be guarded from unauthorized access
and unwarranted disclosure in order to maintain the information security of an individual or
organization.

Information Security is that aspect or means of security that prevents the destruction, loss, distortion or
disclosure of classified, critical and sensitive proprietary information to unauthorized individuals

Standard Rules for Document Security

1. Classification of classified matter rest exclusively to the origiating office.
2. It should be classified according to their content.
3. Classification should be made upon its creation by placing appropriate marks.
4. Need to know principle must be consider at all times.

Basic Principles of Information Security

1. Confidentiality - is the requisite for maintaining the privacy of the people whose personal
information the organization holds.
2. Integrity - it means that data stored in one part of data base system can not be created, changed
or deleted without authorization.
3. Availability - means that the computing system used to process the information are functioning
correctly when the information is needed.

Propriety information
This is an information that in some special way related to the status or activities of the posessor
and over which the possessor asserts ownership.
Information is considered propriety when it is not readily accessible to others; it was created by
the owner through the expenditure of considerable resources; or the owner actively protects the
information from disclosure ( Fay, 2006 ). This can include secret formulas, processes, and method used
in production; or it could be the company’s business and marketing plans, salary structure, customer
lists, and contracts and detail of its computer system.

1
JUAN PAOLO A. AGUIRRE Rcrim
 BESTLINK COLLEGE OF THE PHILIPPINES

BRGY. San Agustin Susano Road, Novaliches, Quezon City

Propriety information includes intellectual properties that are recognized and granted varying
degrees of protections by governments such as the following:
1. Patents – grant issued by a national government conferring the right to exclude others from making,
using, selling the invention within the country. Patents may be given for new products or processes.
Violation of patent right are known as infringement or piracy.
2. Trademarks – words, names, symbols, device, or combination thereof used by the manufacturers or
merchants to differentiate their goods and distinguish them from the products that are
manufactured or sold by others. Counterfeiting and infringement constitute violations of trademark
rights.
3. Copyright - protection given by the government to creators of original literary, dramatic, musical,
and certain other intellectual works. The owner of a copyright has the exclusive right to reproduce
the copyrighted work, prepare derivative works based on it, distribute copies, and perform or
display it publicly. Copyright violations are also known as infringement and piracy.
4. Trade Secret – is a process or device for continuous use in the protection of the business. Formulas,
patterns, compilations, programs, devices, methods, techniques, and processes that derive
economic value from not being generally known and not ascertainable except by illegal means. A
trade secret violation I the vocabulary of the law is a misappropriation resulting from improper
acquisitions or disclosure. The key elements in a trade secret are the owner’s maintenance of
confidentiality, limited distribution, and the absence of a patent.

Information Security Measures

It was already demonstrated in the previous chapter on personnel security that organizations
face a wide spectrum of risks to protect information assets. Sensitive information such as those
illustrated above can be vulnerable to threats to others not only from individual’s external to the
organizations, but from socalled insiders as well. Some of the recommended mitigation measures
include screening of both applicants an existing employee, restricting access to sensitive areas, or using
IT security measures such as firewalls, restricted site accessing policies, and virus checks. Below are
example of risks mitigation that an organization’s can implement as part of their information security
measures (Blyth, 2008)

Security Screening
Job applicants, current employee’s contactors and other individuals who could be sharing
sensitive information with the organizations may have their backgrounds checked for affiliation with
known activist or dissident groups or for any potential for insider activity. For individuals in posts that
are considered critical or vulnerable within the company structure, screening may involve an
investigation of their criminal history or interviews with the family, friends and works colleagues in order
to identify any possible concerns. In some cases, covert methods of security clearance may be
employed.

Restricted Areas and Identification

Physical barriers that control access to restricted areas can serve as a deterrent and increase the
likelihood identifying unauthorized individuals. The organization can employ a series of identification
methods from photographic identification cards, bar codes, voice analysis, and retinal scan to enhance
entry restrictions within high security areas inside the facility.

2
JUAN PAOLO A. AGUIRRE Rcrim
 BESTLINK COLLEGE OF THE PHILIPPINES

BRGY. San Agustin Susano Road, Novaliches, Quezon City

Technology Security Measures

The organizations may use technological security measures to prevent individuals from
accessing communications or data storage media from eternal sources. In addition, security personnel
can enforce restrictions against t electronic devices such as mobile phones, cameras and voice recorders
that could record or access sensitive information within certain areas inside the facility.
Countermeasures should also include protection against high –tech surveillance devices that involve
tapping land lines and mobile telephone calls, remote accessing computer terminals or viruses that
damage IT equipment. Magnetic shielding, encrypted communications, virus checks, stand-alone
computers, and magnetic interference equipment as well as secondary communication backups,
alternative data storage system, and power generations should also always be in place as part of
redundancy policy.

Pilferage - Act of stealing small things or items of little value, especially habitually.

TYPES OF PILFERAGE
1) Casual pilferer - one who steals due to his inability to resist the unexpected opportunity and
has little fear of detection.
2) Systematic pilferer - one who steals with preconceived plan and takes away any or all types of
items or supplies for economic gain.

VIII. Technical Security Management

The Security Survey

The security survey is a fact-finding process whereby the assessment team gathers data that
reflects the who, what, how, where, when, and why of an organizations existing operation and facility.
The purpose of a security survey is to identify and measure the vulnerabilities to the facility or to specific
assets by determining what opportunities exist to exploit current security policies and procedures,
physical security equipment, and security personnel (Vellani , 2007),
Security survey includes checklist, audits or inventories of security conditions. Some expert
includes the risk analysis, but the process should instead begin with a needs assessment. It identifies
people, things, process that are necessary to the continuation of the business or work before the focus
is directed to the potential threats that may interrupt operations.
On-site inspection and analysis are necessary in order to determine if there is existing security,
to identify deficiencies, to determine level of protection needed, and to recommend measures to
enhance overall security (Hess & Wrobleski, 1996).
The identification of anomalies implies that the surveyor is able to pinpoint a certain level of
security and that the existing conditions fall short of that. Sequentially, it require the need of the
enterprise to be recognized as they will determine what actually requires protection. In this stage, the
needs assessment is no longer implicit but explicit. It is in fact the foundation for the survey.
Importance of Security Survey
Some managers do not realize the huge loss that result security-related problems in their
organization. Most think that security concerns should be directed against external threats like
burglaries and robberies. They need to be more aware of their security needs because they can possibly
incur more losses from fraud, abuse and other crimes that from other security concerns that they have
previous prioritized, like fire or industrial accidents.

3
JUAN PAOLO A. AGUIRRE Rcrim
 BESTLINK COLLEGE OF THE PHILIPPINES

BRGY. San Agustin Susano Road, Novaliches, Quezon City

An organization can consult with the security expert to determine if a security survey is
necessary. They can also seek information about their crime related losses. They can use the security
survey to determine if they need to be concerned about certain security issues such as theft , fraud,
forgery , arson, burglary , robbery, malicious , damage, personnel screening and investigation , theft of
trade secrets industrial espionage , executive protection , kidnap, extortion , bomb threats, bombing and
emergency/ disaster planning.
If there were security no plan, the security survey will be useful in determining the need for it,
as well as determine the security measures that should be included in the plan. A comprehensive survey
of the facility’s entire operations and procedures will enable the organization’s decision-makers to
identify critical security factors in the facility. The survey will also be useful in analyzing vulnerabilities
and evaluating cost-effective countermeasures for protection of assets. The survey should also
recommend the establishment of policies and procedures regarding the following security services
(Sennewald, 2003)
 Protection against internal and external, theft, including embezzlement, fraud, burglary, robbery,
industrial espionage, and the theft of trade secrets and property information.
 Development of access control procedures to protect the facility perimeter as well as the
computer facilities and executive offices located inside.
 Establishment of lock and key-control procedures.
 Installation of anti-intrusion and detection systems.
 Establishment of a workplace violence program to help corporate personnel deal with internal
and external threats.
 Control over the movement and identification of employees, customers and visitors on company
property
 Selection, training, and deployment of security personnel .
 Establishment of emergency and disaster plans and guidelines.
 Identification of internal resources available and needed for the establishment of an effective
security program.
 Development and presentation of instructional seminars for management and operations
personnel.

The above lists includes the most frequently encountered programs and systems reviewed or
developed as a result of a security survey, but security expert may add to it depending on the needs of
the facility.
The Value of a Security Professional
Organization face huge due to security elated concerns that a security survey could have
eliminated, prevented, or controlled. Security professional are equipped with expertise to handle such
matters. Cherles A. Sennewald the value of the security professional in preventing such loss (Sennewald,
2003).
By employing services of security professionals who can facilitate the installations of appropriate
installation of security measures in a facility’s an organization will be able to reduce disruption in the
facility operations, minimize loss and, ultimately, improve net profits.
Security Inspections
Security inspection is a tool determines the possible risk in a facility in order to control or
prevent possible loss or damage of company assets. This through assessment of what assessment of

4
JUAN PAOLO A. AGUIRRE Rcrim
 BESTLINK COLLEGE OF THE PHILIPPINES

BRGY. San Agustin Susano Road, Novaliches, Quezon City

what is happening from a security point of view ensures that the risk is recognized and cost effective
countermeasure are in place.
Security inspection deals with the protection any person, facility material, information, activity
and other assets that have a positive value to the organization. These assets may also have value to an
adversary, possibly in a different nature and magnitude to how the owners value them.
Security inspection also deals with the prevention of risk by taking action or using physical
entities to reduce or eliminate one or more vulnerabilities. Vulnerabilities are weakness that can be
exploited by an adversary to gain an asset. They include structural, procedural electronic, human, and
other elements that provide opportunities to attack assets
Purpose Security Inspection
1. To determine compliance of security policies.
2. To detect weaknesses in the existing security measures
3. To assess assets and the probability of risk or the likelihood that loss will take place.

Phases of Security Inspection:

1. Detection of company policy violations – The act or practices of employees that are contrary to
policy. For example, tampering on employee time cards or bringing out company property for
unknown reasons.
2. Detection of Possible defects in protective device and other security aids – For example, empty
fire extinguishers, destroyed perimeter fences, busted perimeter lights, and alarm system
defects.
3. Detection of the condition of properties being protected - For example, when the property
being protected is exposed to rain and sunlight.
4. Detection of Security hazards – For example, improper storage of waste materials.

Importance of Security Inspection:

1. It can help determine the effectiveness of a risk appraisal.
2. It can identify weaknesses in security countermeasures.
3. It can prevent possible loss of company assets.

Steps in Security Inspection

1. Preparation
a. Review the management policy
b. Review the loss appraisal
c. Use equipment needed in this activity.
2. Plan route
a. Identify priority areas.
b. Identify the Sequence

Safety Inspection
Safety is generally defined as the state of being certain that adverse effects will not be caused by
some agent under fined conditions. It means freedom from danger, risk or injury. It involves measure
(people, procedures or equipment) used to prevent or defect an abnormal condition that can endanger
people, property, or the enterprise. These abnormal conditions include accidents caused by human
carelessness, alternativeness, and lack of training or other unintentional events.
Purpose of Safety Inspection

5
JUAN PAOLO A. AGUIRRE Rcrim
 BESTLINK COLLEGE OF THE PHILIPPINES

BRGY. San Agustin Susano Road, Novaliches, Quezon City

1. Detection of defects such as materials, equipment, lightning and ventilation.

2. Detection of sub-standard conditions such as poor housekeeping, poor ventilation, poor
lightning, noise, poor maintenance and poor training of workers.

Phases of Safety Inspection

1. Detection of what might be called obvious hazards- actual unsafe condition created either by
the action of people or physical deterioration; for exampl , blocked exist and tripping hazards.
2. Detection of conditions, which, of themselves, may not be the direct cause of an accident
would be contributory factors – for example, soapy water spilled on the floor.
3. Detection of conditions wherein employees’ performance is deviating from the standard
practice or established policy, which in themselves, are wrong and safe – for example, not
wearing personal protective equipment (PPE).
4. Detection of employee performance, which, by themselves, are not hazardous but can create
hazards either directly or in contributory manner- for example, storing old documents in a
corner

Importance of Safety Inspection

1. It determines effective methods of hazards appraisal.
2. It corrects deficiencies to bring both safety and operation to minimum accepted standards.
3. It is an unequal medium to determine potential accident source.
4. It recognizes defects for future necessary corrective actions.
5. It demonstrate management‘s sincerity regarding accident prevention.
6. It increase efficiency and promotes better relationship with employees.
7. IT cultivates goodwill and moral value.
8. It determines the required emphasis of operations

Steps in Safety Inspection

1. Preparation
a. Plan
b. Review
c. Study
d. Outline
2. Equipment
a. Hard hat
b. Pencil/ball pen
c. Goggles etc.
3. Plan Route
a. have a definite objective
b. Follow the pattern
4. Inspection Pattern
a. General conditions (lighting, work, output, buildings flashlight materials, etc.
b. Specific hazards
c. Work practices
d. How work is done (tools, machines, equipment)

IX. Security Risk Analysis

6
JUAN PAOLO A. AGUIRRE Rcrim
 BESTLINK COLLEGE OF THE PHILIPPINES

BRGY. San Agustin Susano Road, Novaliches, Quezon City

This module of Security and risk analyses are the reasons for all security activities whatever
problems are involved, be it cash, negotiable instruments, permanent assets and fixture or even
intangible assets like trade secrets.
Unless actual assessment of threats to assets is dine, precautions and countermeasures cannot
be presumed. The significance of a security program depends not only upon the excellence of the
resources, but upon their appropriateness and relevance. In this process, determination of the problem
must be initially done followed by formulation of countermeasures.

Security Analysis
Risk Assessment – this is the process of determining and rating the degree of risk that threatens the
organizations’ resources
When an organization makes a decision to protect its assets, it is necessary to clearly
understand the actual threats to assets through effective security plan. Without the security plan,
decision-makers will have to rely on guesswork in choosing the precautions and countermeasures
against threats.
Defining the Problem
Defining a security problem involves an accurate assessment of three factors (POA Publishing
LLC, 2003)
1. Loss Event Profile - the kinds of threats or risk affecting the assets to be safeguarded.
This is the first step dealing with asset vulnerability. it requires recognizing individual
loss events that might occur by conditions, circumstances, objects, activities and relationships
that can produce the loss events.
2. Loss Event Probability- the probability of those threats becoming actual loss events.

P= f/n
Where:
P- is the probability that a given event will occur
f – is the number of outcomes or results favorable to the occurrence of that event.
N – is the total number of equally possible outcomes or result.

To make effective assessment of probability of security of loss events as many as possible of

those circumstances that could produce lost must know and recognized. There is a need to emphasize
the earlier statement that common sense alone is not an adequate basis or yardstick risks. Specific
knowledge is required. Remember, the more complex the enterprise or loss environment, the greater
the need for such expertise.
Factors of loss event probability
There are certain conditions that could worsen risk of loss and they are categorized as follows:
a.Physical Environment- climate, geography, location, composition.
b.Social Environment- age groups, ethnicity, neighborhoods, income levels, social history, crime.
c. Political environment – government unit, general tone, attitudes, political areas.

Probability Ratings
Upon gathering of available data and factual circumstances in each risk, it is right to assign a
probability rating. Ratings will not consider any precaution or countermeasures that may be taken later
to reduce or eliminate the risk.

7
JUAN PAOLO A. AGUIRRE Rcrim
 BESTLINK COLLEGE OF THE PHILIPPINES

BRGY. San Agustin Susano Road, Novaliches, Quezon City

Usually, five categories of probability are established to indicate the probability rating. With the
amount of information available concerning each risk, plus the skill on the protection specialist in
assessing the probability impact of the factual circumstances surrounding it. The ratings may be given as
follows:
a.Virtual Certain- given no changes, the event will occur.
b.Very Probable- The likelihood of occurrence
c. Average Probability- the event is more likely to occur than not to occur.
d.Less Probable – The event is less likely to occur than not to occur.
e.Very Improbable- Insufficient data are available for an evaluation.

3. Loss Event Criticality – the effect in the assets or on the enterprise responsible for the assets if the
loss occurs.

Loss event criticality is the impact of a loss as measured in financial terms. How important it is in
terms of the survival or survival or existence of the organization.
High probable risks may not require countermeasures if the overall damage is little. However,
moderately probable risks will require attention if the size of the loss they produce is great.
Assessing the criticality is the third step vulnerability assessment. It is first considered on occurrence
basis. For events with high recurrence probability, cumulative considerations must also be done.
Criticality includes the following cost considerations:
K= (Cp +Ct + Cd) – (I- a)
Where:
K = critically cost of the loss
Cp = Cost of permanent replacement
Ct = Cost of temporary replacement
Cr = Related cost
Cd = Discounted cash
I = Insurance a =allocable insurance premium
Critically Known or Unknown Percentage of Impact
100% = Fatal
75% = Very Serious
50% = Average
25% = Less Serious
0% = Unimportant

Security Hazards
Every organization has the responsibility of protecting lives and property by means of disaster
preparedness and emergency management. It helps minimize loss and ensure the continuity of
production that is vital to the recovery of an area after the occurrence of disaster. A disaster may be in
the form of destructive storm, fire, explosion, sabotage, civil disturbances, nuclear incident or even an
earthquake.
In this kind of scenario, managers should do planning coordination with the local authorities to
make certain that corporate and community resources would be used to their fullest advantage in an
emergency

8
JUAN PAOLO A. AGUIRRE Rcrim
 BESTLINK COLLEGE OF THE PHILIPPINES

BRGY. San Agustin Susano Road, Novaliches, Quezon City

Types of Hazards
1. Natural Hazards

These are risk arising from natural phenomena. Nobody can do anything to prevent this
kind of occurrences, but there are measures that can placed or installed to minimize the
damage or destruction of property, injury, or loss of life . Since it is part of physical
security, security plans must be coordinated with the installation’s emergency and disaster
plans.in the design of security plan, emergency situations and disasters must be fully
considered so that in the event of their occurrences, immediate course of action can be
made thus preventing or minimizing the loss of property and lives.
- Flash floods cause by typhoons and monsoon rains - Earthquakes - Fires - Storms -
Volcanic eruptions - Lightning storms - Extreme temperature and humidity - Landslides

2. Man-made Hazards

It is the result of a state of mind, attitude, and weakness of character traits. One can be
due to an act of omission or commission, either overt or covert, which can disrupt the
operation of an organization.
- Carelessness - Accidents - Sabotage - Espionage - Pilferage - Theft - Disloyalty –
Vandalism

Risk refer to the degree of loss in a threat. A probability or threat of damage, injury, liability, loss, or any
other negative occurrence that is caused by external or internal vulnerabilities, and that may be avoided
through preemptive action. It is also defined the potential damage or loss of an asset. It is in fact a
combination of two factors:
1. The value placed on that asset by its owner and the consequence, impact adverse effect of loss
or damage to that asset.
2. The livelihood that a certain weakness will be exploited by particular threat.
Risk analysis involves the security of specific vulnerability, probability and significance of potential
threats including natural and man-made.

Risk Management – this is a function of security that provides the guidelines to identify all the possible
risk that may threaten the organization, assess the impact of these risks to the business and determine
the likelihood of their occurring and their impact

Major Risks
Some of the major categories or risk s are arranged according to its seriousness:
- Nuclear attack - Natural catastrophe - Industrial disaster - Civil disturbances and malicious destruction -
Other crimes

Risk Assessment is a thorough look at your workplace to identify those things, situations, processes that
may cause harm, particularly to people. After identification is made, you evaluate how likely and severe
the risk is, and then decides what measures should be in place to effectively prevent or control the harm
from happening. The aim of the risk assessment process is to remove a hazard or reduce the level of its
risk by adding precautions or control measures, as necessary. By doing so, you have created a safer and
healthier workplace. Assessments should be done by a competent team of individuals who have a good

9
JUAN PAOLO A. AGUIRRE Rcrim
 BESTLINK COLLEGE OF THE PHILIPPINES

BRGY. San Agustin Susano Road, Novaliches, Quezon City

working knowledge of the workplace. Staff should be involved always include supervisors and workers
who work with the process under review as they are the most familiar with the operation.
In general, to do an assessment, you should:
• Identify hazards.
• Evaluate the likelihood of an injury or illness occurring, and its severity.
• Consider normal operational situations as well as non-standard events such as shutdowns,
power outages, emergencies, etc.
• Review all available health and safety information about the hazard such as MSDSs,
manufacturers literature, information from reputable organizations, results of testing, etc.
• Identify actions necessary to eliminate or control the risk.
• Monitor and evaluate to confirm the risk is controlled.
• Keep any documentation or records that may be necessary. Documentation may include
detailing the process used to assess the risk, outlining any evaluations, or detailing how
conclusions were made.

When doing an assessment, you must take into account:

• The methods and procedures used in the processing, use, handling or storage of the substance,
etc.
• The actual and the potential exposure of workers.
• The measures and procedures necessary to control such exposure by means of engineering
controls, work practices, and hygiene practices and facilities.

By determining the level of risk associated with the hazard, the employer and the joint health and
safety committee can decide whether a control program is required.
It is important to remember that the assessment must take into account not only the current state of
the workplace but any potential situations as well.

Risk Management Alternatives and Strategies

1. Risk Avoidance – This is the most effective risk management strategy in that, by avoiding an
activity or risk, any chance of a loss is eliminated. Complete elimination or eradication of the risk
from the business, government, or industrial environment for which the risk manager has the
responsibility.
2. Risk reduction - This is the process of actually managing the risk – taking proactive steps to
reduce the identified risks where possible and putting steps, rules or procedures in place to
minimize the residual risk to reduce the chance of a loss or the severity of such a loss.
Decreasing of the risks by minimizing the probability of the potential loss. This reduction for
criminal opportunity is often accomplished by situational crime prevention strategies to
discourage, deny or deter criminal incidents.
3. Risks spreading – This strategy involves maintaining back-up facilities or having a contingency
plan in place in case an unexpected situation interrupts the normal flow of operations. The
distribution of a risk through compartmentalization or decentralization to limit the impact
(criticality) of the potential loss.
4. Risks transfer – This is the proactive process of transferring unwanted risk away from your
organization to another person or organization. The movement of the financial impact of the

10
JUAN PAOLO A. AGUIRRE Rcrim
 BESTLINK COLLEGE OF THE PHILIPPINES

BRGY. San Agustin Susano Road, Novaliches, Quezon City

potential loss over to an insurance company.

5. Risks Self Assumption – This strategy is applied to manage risks that are either uninsurable due
to high risk factors, or for small, infrequent losses that can be better managed internally than by
claiming through an insurance policy. This is a planned assumption and acceptance of the
potential risk by making a deliberate managerial decision of:
 Doing nothing about the threat; or
 Setting aside resources for use in case of a specific loss incident.
6. Combination of the above – making use of two or more of the above given strategies to manage
potential risk and threats

X. Security Investigation
This module of security investigation is one of the major functions of a security
organization. Most security officers and supervisors are called upon is conduct preliminary
investigation on theft, injury or any other kind of incident. This investigation is usually non-
criminal in nature but still important since they may result in civil litigation

Qualities of a Good Detective

Top 3 qualities are observation, problem solving and persistence. According to science, you cannot jump
into conclusion without observation. A good detective knows how to keenly observe specially when
he/she is in the crime scene. Next is problem-solving. Crime is more likely a math problem that needs to
be solved and it requires a step by-step process. Lastly, a good detective needs to be persistent in
everything that he does
Security Investigation
Security investigation is one of the major functions of a security organization. Most security
officers and supervisors are called upon is conduct preliminary investigation on theft, injury or any other
kind of incident. These investigations are usually non- criminal in nature but still important since they
may result in civil litigation.
The term investigation means a planned and organized determination of facts concerning
specific events, occurrences or conditions for a particular purpose. Security, on the other hand, means
the protection of property from loss through theft, fraud, fires, threats or hazards. While security
investigation is a planned and organized determination of facts concerning specific loss or damage of
assets due to threats, hazards or unsecured condition.

Investigation
• Process of discovering, collecting, preparing, identifying and presenting evidence to determine
what happened and who is responsible.
• An art or process which deals with the identity, location and arrest of a person who commits a
crime and simultaneously identify, collect, preserve and evaluate evidence for the purpose of
bringing criminal offender to justice.
• It is an art, which deals with the identity and location of the criminal offender and the
gathering and providing evidence of his guilt in criminal proceedings.

The 3 I’s of Investigation

1. Information – the knowledge which the investigator gathers from different sources. – it is the

11
JUAN PAOLO A. AGUIRRE Rcrim
 BESTLINK COLLEGE OF THE PHILIPPINES

BRGY. San Agustin Susano Road, Novaliches, Quezon City

knowledge or facts which an investigator acquired from records or persons, which are pertinent
or relevant concerning the commission of a criminal activity.
Sources of Information
a. Regular Sources – is acquired from open sources, records, files.
b. Cultivated Course are information furnished by informants/informers.
c. Grapevine Source – are information given by the underworld characters such as prisoners
or criminals.
2. Interrogation – The skillful questioning of witnesses as well as suspect.
a. Interview Defined – it is the simple and systematic questioning of a person who
cooperates with the investigator
b. Interrogation defined – is the process of obtaining and admission or confession from
those suspects to have committed a crime. It is forceful and confrontational in nature.
c. Field Inquiry defined – it is the general questioning of all persons at the crime scene
conducted by the investigator
3. Instrumentation – it is the application of instruments and methods of physical sciences to the
detection of crimes. In other words, the summation of the application of all sciences in crime
detection known as criminalistics.

Purpose of Investigation
1. To identify the offender
2. To locate the offender
3. To provide evidence of his guilt

Primary Job of an Investigator

The primary job of the investigator is to answer the Cardinal points of Investigation;

1. What – what specific offense has been committed

2. Where – where the crime was committed
3. When – when was the crime committed
4. Who – who committed it
5. Why – why it was committed
6. How – how it was committed

Qualities of Effective Investigation

The following are attributes the characterize an effective and reliable investigation, as outlined
in the Asset Protection and Security Management Handbook (POA Publishing LLC, 2003)
1. Objectivity
The investigator must accept any fact, regardless of its significance to preconceived
ideas. Objectivity is achieved by recognizing the investigators personal prejudices and
compensating for, or neutralizing, his effects of investigation. An investigator who cannot sort
out and identify personal prejudices about people, places and outlooks is likely to miss the mark
2. Thoroughness
A thorough investigator checks all leads and checks key leads more than once to assure
consistency in result. When the statement of an interviewee is critical, the facts should be
reviewed several times if at all possible without compromising the investigation. Corroborating

12
JUAN PAOLO A. AGUIRRE Rcrim
 BESTLINK COLLEGE OF THE PHILIPPINES

BRGY. San Agustin Susano Road, Novaliches, Quezon City

important aspects through different sources is a proven means of achieving thoroughness.

3. Relevance
Relevance means that the information developed pertains to the subject of the
investigation. Another aspect of relevance is cause and effect. Is a developed fact the result of
some other fact under investigation, or is it the cause of that other fact? If a relationship can
provide a direction for the investigative effort, or working hypothesis, establishing the
relationship may materially assists in resolving the entire investigative problem.
4. Accuracy
The mental processes that collect and sort data from the physical senses often produce
errors. Sound investigative techniques dictate frequent test for verification. If data is subject to
physical measurement, it must be measured. If an informant is the only source of key data, the
informant should be tested at least for consistency in telling the version. All information must be
tested for inherent contradictions.
5. Timeliness
Timeliness is an extension of thoroughness .it requires that the investigation be carried
to the latest possible point at which information relevant to the investigation might be found.

Characteristics of an Effective Investigator

1. Able to obtain and retain information, apply technical knowledge and remain open minded,
objective and logical. Also culturally adroit, i.e. skilled in interacting across gender, ethnic,
generational, social and political group lines.
2. Emotionally well-balance, detached, inquisitive, suspecting, discerning, self disciplined and
preserving.
3. Physically fit and have good vision and hearing.

XI. Security Investigation II

Systematic Approach to an Investigation

1. Define the investigative problem. Identify the requirement:
a. The reason for the investigation
b. The particular phases or elements of investigation assigned to the investigator.
c. Discern whether the investigation is to be handled overtly or discreetly
d. The priority and suspense date assigned to the investigation
e. The origin of information
2. Collection of relevant data
a. Prepare a written investigative plan that includes:
o Information needed
o Methods used in gathering information
o Location of sources to furnish this information
b. Methods and sources to be used by the investigator:
o Personal observation
o Undercover /use of agent
o Surveillance
o Raids and seizure
o Direct visit to the scene

13
JUAN PAOLO A. AGUIRRE Rcrim
 BESTLINK COLLEGE OF THE PHILIPPINES

BRGY. San Agustin Susano Road, Novaliches, Quezon City

o Study of documents or records

o operational files
o Identity of documents
o Newspapers, books, periodical, etc.
o Correspondence, letter malls, telegrams, etc. Use of Interrogation and Interview
o Use of Recruited Informants
o Liaison with agencies that possess the Information
3. Analysis and verification of the information gathered
a. Analysis involves a study of the information in terms of questions set out to answer.
o Data collected should be complete
o Supplied information must be based on facts
b. Verification methods include the following:
o Personal observation of the agent
o Secure reliable statements from individuals making personal observation through
experience.
4. Drawing the conclusion is the functions and responsibility of the person requesting the
investigation. Guidelines in Investigation
a) Preliminary Investigation – a criminal investigation begins as soon as the first police officer
who responds to a call for police assistance or who discovers that a crime has been
committed, arrives at the scene of the crime. Looking for the criminal, identifying witnesses
and protecting evidence are all forms of investigative action.
b) Investigation Proper
a. Search of the crime scene
Methods of Crime Scene Search
a) Strip Method – the researchers (A, B, C) proceed slowly at the same place along the
parallel to one side of the rectangle. At the end of the rectangle, the searchers turn
and proceed back along new lanes but parallel to the first movement
b) Spiral or Circular Method – the searchers follow each other in the path of a spiral
beginning on the outside and spiraling in towards the center.
c) Zone/Sector Method – the area to be searched in divided into quadrant and each
searchers is assigned in each quadrant.
d) Wheel/Radial/ Spoke Method – if the are to be searched is approximately circular
or oval, the wheel method may be used. The searchers gather at the center and
proceed outward along radius or spokes.
b. Taking of photographs of the crime scene
c. Care of evidence - In order to introduce physical evidence in trial, three important
factors may be considered:
i. The Article must be properly identified.
ii. Continuity of Chain of Custody. Chain of Custody refers to the chronological
documentation of the seizure, custody, control, transfer, analysis and
disposition of evidence from the time it was seized up to the time it is offered
in evidence in court.
iii. Competency must be proved that the evidence is material and relevant.
c) Methods of Investigation
a. Information

14
JUAN PAOLO A. AGUIRRE Rcrim
 BESTLINK COLLEGE OF THE PHILIPPINES

BRGY. San Agustin Susano Road, Novaliches, Quezon City

b. Interrogation
c. Instrumentation

Investigation Report
Reporting writing is a crucial part of the investigation. The most diligent and professionally
conducted investigation loses its value if the effort is not properly reported. An investigative report is a
written document in which the investigator records the activity in the investigation and the evidence
gathered. A competent investigator writes a report so that a reader can readily understand what the
investigator did, why it was done and the results of the action.
Purpose of Investigation Report
The following are the rationale of an investigation report.
1. To provide a permanent official record of the investigation.
2. To provide other investigators with information necessary to further advance the
investigation.
3. To uphold the statements as facts on which designated authorities may base a
criminal corrective or disciplinary action.

Qualities of Investigation Report

1. The report serves as an objectives statement of the investigation findings.
2. The report is an official record of the information relevant to the investigation which the
investigator submits to his superior.
3. The report is clear, brief, accurate, impartial but complete.
4. The report is sans of investigator’s opinion or other irrelevant facts foreign to the case.
5. The report is accurate and is a true representation of the facts of the case.
6. The report is clear and is logically and chronologically developed.

15
JUAN PAOLO A. AGUIRRE Rcrim
 BESTLINK COLLEGE OF THE PHILIPPINES

BRGY. San Agustin Susano Road, Novaliches, Quezon City

Incident - Type Investigation / Complaint - Type Investigation

A. General Facts
1. The incident type investigation is also known as a complaint type of investigation.
2. An investigation might begin with a personal observation. Usually, a report made by someone,
stating the facts and conditions, actual or alleged, from which an investigation shall be
conducted. There is a basis of complaint or report about an event or a condition.
B. Investigative Process
1. The investigative process begins with the acquisition of the initial information in which the

16
JUAN PAOLO A. AGUIRRE Rcrim
 BESTLINK COLLEGE OF THE PHILIPPINES

BRGY. San Agustin Susano Road, Novaliches, Quezon City

investigation is based on. It ends when the last piece of physical, testimonial or directly
observed date has been collected. The investigative process then moves to analysis and report
writing process.
2. A systematic approach to investigation applied.
C. The Investigative Analysis
Preliminary analysis of the investigative steps to be taken is made by someone who assigns and
reviews investigation as well as by the investigator. This results to a note or list of the investigative
steps to be taken and some instances the sequences. The investigator determines in advance the
precise location and availability of persons or premises to be interviewed or viewed. Other
preliminary observations include:
1. Is the prime or another informant a member of the bargaining unit? If so, what is the policy
should the informant request representation during the investigative interview?
2. Have all the persons, events and locations mentioned in the complaint been checked through
security investigative indexes and the results noted?
3. Should any operating or executive management personnel be notified of the initiation of this
investigation before further steps are taken?
4. Does it appear that recording or photographic equipment will be needed? If so, is it in
serviceable condition?
5. Is there a need for more than one security investigator for the case?

17
JUAN PAOLO A. AGUIRRE Rcrim