MODULE 1

THE CONCEPT OF SECURITY

INTRODUCTION

Security is important to everyone. It is important to individuals such as a

homeowner, who wants to protect valuable items in his house, a parent who does not
want her/his child to be harmed while in school, an employee who want to save for a
comfortable retirement, or am online shopper who wants to purchase a gadget via the
internet. It is also important to private companies such as jewelry store, that kept
diamonds in storage, a law firm that holds incriminating evidence against drug lord, or an
internet company that requires personal information and passwords from its users. Of
course, it is also very important to governments that maintain military forces, use
intelligence services, legislate civil defense policies, and implement emergency
preparedness measure to serve and protect its citizens.

LEARNING OBJECTIVE

At the end of the module, the student will be able to:

1. Define security
2. Explained the concepts of assets, risks, threats and vulnerabilities.
3. Enumerate the categories of security.
4. Discuss the importance of private security in organization.

LEARNING CONTENT

Definition of Security

The word secure is derived from the Latin word secures which means “safe” of “with
care” or from word se cura, wherein se means “free from” and cura means “care”.

To be secure could mean many different things. It could mean being free from danger,
risk, injury, fear, trouble, doubt, or anxiety. Being secure could also refer to being
dependable, strong, good, impregnable or inviolable. Or simply, it could mean having
peace of mind.

Security can be defined as the degree of protection or resistance against harm,

danger, loss and criminals. As a form of protection, it includes structure and processes
that provide or improve security as a condition.

Related Concept

Understanding the concept of security requires further definition of other relate

concepts such as asset, risk, threat and vulnerability.

An asset is anything tangible or intangible that is capable of being owned or

controlled to produce value. If it has positive economic value, it is considered an asset.
Or more simply, if its value can be converted into cash, it is an asset.

Risk is the uncertainty of financial loss, the probability that a loss has occurred or
will occur, the variations between actual and expected results, or the possible occurrence
of an undesirable event. The end result of risk is loss or a decrease in value.

Threat and vulnerability are sometimes interchangeably used with risk. A threat is
anything that could adversary affect assets; it can be classified into natural hazards (such
as floods), accidents (chemical spills), or intentional acts (domestic or international
terrorism).

Vulnerability means weakness, flaw, or virtually anything that may conceivably be

exploited by a threat; examples are hole in a fence, an out-of-date key system or the
introduction of a computer virus.

Categories of Security

The concept of security is so wide that categorization is necessary for better

understanding and analysis. The three main categories in this book include:

Physical Security – Pertains to all physical barriers employed or installed to

secure assets.
 Personnel Security – Refers to the procedure followed, inquiries conducted, and
determine the work suitability of a particular applicant or the retention of particular
employee.

Document and Information Security – refer to the policies, regulations,

doctrines, and practices enforced to safeguard the content and integrity of any classified
information or document from compromise or loss.

Political security is another category that relate to social relationships involving

government or entities that hold authority or power. This includes issues of security in the
public, national of international level, as enumerated below

1. Public security refers to the way government are ensuring the protection of its
citizens, organization and institutions against threats to their well-being, as well as
maintaining the general security and peace in public places. This includes security
against problems that have a direct impact on people’s lives, such as gang
violence, cybercrime, or trafficking of illegal drugs and firearms.
2. National Security in the requirement to maintain the survival of a state through the
use of economic power, diplomacy, and political power. Security threats include
military foes from other nations, big drug cartels, or even national disasters that
cause severe environmental damage.
3. International security consists of the measures taken by nations and international
organizations to ensure mutual survival and safety. Example of measure are
military actions and diplomatic agreements.

In the private sphere, security can be even further categorized as shown below.

Industrial Security – A form of physical involving industrial plants and business

enterprise. This involves the safeguarding of personnel, processes, properties and
operation.

Bank Security – Is the protection resulting from the application of various measures
which safeguards cash and assets which in storage, in transit and during transaction.

Hotel Security – involves using various measures of protection for the guest, personnel
properties and functions in hotels, restaurants, bars and clubs.

V.I.P. Security – Involves the protection of top – ranking officials of the government,
visiting persons of illustrious standing and foreign dignitaries.
Operation Security – This involves the protection of processes, formulas, patents, and
industrial and manufacturing activities from espionage, infiltration, loss compromise of
photo copying.

Communication Security – The protection resulting from the application of various

measures which prevent or delay the enemy or unauthorized person in gaining
information through communication. This includes transmission, cryptographic and
physical security.

Mall/ Commercial Security – Is the degree of protection against danger, loss, and crime
inside the malls. As a form of protection, it refers to systems, structures and processes
the provide or improve mall security as a condition.

Security Management in Organization

Security management has become an essential feature of corporate activity; there

is almost no organization without a team dedicated to managing issues of security. We
usually see shopping malls, entertainment venues and banks policed by private armies
which we call security guards. These presences of these uniformed staff represent the
company’s ability to respond to or deter threats. This however, is only part of the security
measures employed by companies against threat posed by opportunistic criminals, its
rival organizations, or even its own saboteur employees. Other security measures may
include the installation of CCTV’s sophisticated alarm system, policies against workplace
bullying and harassment, employee screening emergency planning, and other measure
that enable individuals and organizations to carry on with their business free form danger.

Indeed, security has a policing function in organizations. In fact, illegal practices in

the workplace have become an established theme in criminology studies. These crimes
involve not only robberies and shootouts inside malls or kidnappings in school that we
hear in the news. It involves high stakes corporate crimes such as tax invasion and money
laundering, fraud, bribery, workplace harassment or even those similar to street crimes
such as thieves sneaking inside offices.
 MODULE 2

History of Security

INTRODUCTION

Security by its own definition is the state of being free from danger or threat. A
concept that is I feel sometimes forgotten in the hustle and bustle of daily life in this
modern world.

We can go back in time to see early examples in the Ancient Egyptian Pharaohs
who hired private security guards for personal protection. Or to Ancient Rome where
emperors had security guards for personal, family and property security.

LEARNING OBJECTIVE

At the end of the module, the student will be able to:

1. Trace the historical roots of security during the prehistoric times, the ancient period
and the Middle Ages.
2. Describe the evolution of security in England and the United States.
3. Discuss the history of security in the Philippines setting.
4. Identify current issues in security.

LEARNING CONTENT

The historical roots of private security agencies can be traced back to thousands
of years when the protection of the life and personal property were up to the individual,
and later on passed to the tribes, and then to cities.

In pre historic times, recognized the need to keep himself safe from both known
and unknown enemies such as animals, other inhabitants and the environment itself. He
used different methods to keep himself safe such as crafting weapons out of stone and
metal, building fire to ward off animals, staying in caves or tree houses, and even staying
int the middle of the lake for protection.

The Greeks of the ancient period were the ones who organized the first police force
in city states which they termed polis The Romans, on the other hand, established the
Praetorian Guards known as vigils who were tasked to be fire fighter.
 In the Middle Ages during their invasion of England, the French formed a group of
carefully selected men called shires or sheriff to look after the peace and order of the
different regions.

The greatest influence in the history of the security came from England. In 1655,
Oliver Cromwell set up in England and Wales a police force that operated to capture and
punish criminals. In 1748, London magistrate Henry Feilding introduces the concept of
crime prevention by organizing citizen patrol or watchmen that not only chase criminals
for felony and misdemeanor but also served Feilding’s purpose of preventing crime ahead
of time with their patrolling function. Fifty years later, English Home Secretary Sir Robert
Peel formed the formal police department.

During the colonial period in the United States, immigrants from England, Ireland
and Scotland came to America shores bringing with them this British approach to policing.
At the time, law enforcement officers had to deal with rampant crime in U.S cities and had
little time and resources left to deal with the protection for their private property. Hence,
citizens who wanted protection for their private properties had to depend on the armed
immigrants who were prepared to deal with criminals. This watchman form of security
was to become the early version of private security practices that endure to this day.

Security in Philippine History

During the pre-colonial period in the Philippines, the sovereign monarchs called
datu or lakan, had servants called aliping namamahay who acted their watchman or
protector.

The Spanish colonial government introduced the Guardia Civil in the Philippines
in 1868 to serve as the police force based on the Civil Guard of Spain. They performed
patrol functions in cities and towns, organized operations for the suppression of bandits
groups, and imposed penalties for infringement of laws and local ordinances.

The constanble of the American colonial period in the Philippines became the
forebear of the present national police. During that time, a couple of constable officers
were adequate to maintain the peace and order in the town or sitio.

After World War II, the Indian national or the Bombay pioneered as the watchman
who protected a specific building or commercial establishment.

Today, private security has a major role in the preservation and protection of peace
and order in the country. It complements police efforts by providing additional security
during emergency responses and public events as well as safety precaution and
protection of property and assets.
Security in the Present Time

History shows how public law enforcement and private security evolved from the
same roots but eventually took different directions. The police served the public’s interest
while the security force served private interests. As crime became a bigger problem
especially in urban areas, police departments who previously looked down at private
security are now beginning to see the benefits of building a partnership with them. Now,
police functions that did not involve enforcement, arrests or the use of force inside work
spaces are turned over to security. Traffic control around large commercial properties and
patrol functions around private neighborhoods are also now often provided by security
officers.

With the advent of terrorism in the countries around the globe, it becomes more
important to build a strong partnership between the police who respond to terrorist acts
and security officers who respond on the private premises that they protect. This
collaboration should also involve leaders and enforcers in other fields such as firefighting,
disaster management, emergency medical treatment and public health. This, of course,
entails a strong support and commitment from the national government.

Fast – paced technology, especially in the field of computer and information

technology in another issue affecting the security industry. Although such technology has
become very helpful in the security officer’s work, it also has the negative effect of
replacing people. Just as human labor has been displaced by machines in other
industries, it also affects individual security personnel who might become obsolete in the
face computer assisted technologies.

With the combination of rising technology and the security industry’s growth and
recognition in organizations comes the necessary improvement in the professionalism
among security officers.
 MODULE 3

PHYSICAL SECURITY

INTRODUCTION

Every day, in every installation and within the facilities, the security practitioner
protects a wide variety of assets from various types of threats. One way they do this
through the use of physical security to deter and detect intruders. In this module, you will
learn about physical security concepts and roles, as well as physical security planning
and implementation, including a review of the various types of physical security
countermeasures employed to deter, delay, detect, or prevent threats.

LEARNING OBJECTIVE

At the end of the module, the student will be able to:

1. Define physical security.

2. Explain the purpose and advantages of physical barriers.
3. Explain the three line of defense and enumerate examples.
4. Illustrate protective alarm sensors.
5. Characterize protective lighting and enumerate examples.

LEARNING CONTENT

Physical Security

Physical security describes security measures that are designed to deny

unauthorized access to facilities, equipment and resources and to protect personnel and
property from damage or harm (such as espionage, theft, or terrorist attacks).

Physical security involves the use of multiple layers of interdependent systems that
can include CCTV surveillance, security guards, protective barriers, locks, access control,
perimeter intrusion detection, deterrent systems, fire protection, and other systems
designed to protect persons and property.
 Physical security refers to a logical set of tangible elements and measures adopted
to prevent unauthorized access to equipment's, facilities, materials, documents and
personnel. The purpose is to protect these assets from damage, compromise and loss.
In short, it is a system of barrier place between the potential intruder and the object to be
protected.

Principles Of Physical Security

In considering the appropriate security measures, the following principle should be

considered.

1. The type of access necessary will defend upon a number of variable factors and
therefor may be achieve in a number of ways.
2. There is no impenetrable barrier.
3. Defense is depth-barriers after barrier.
4. Delay provided against surreptitious and non-surreptitious entry
5. Each installation is different.

Factor In Selecting Security Safeguard

The following factor are factor that should be considered in determining the physical
security needs of a security facilities.

Site Characteristics

➢ Selection of safeguards can be influenced by the nature of the site such as the
size, layout, utilizes, internal activities and assets in the site. Other factor may
include company philosophy and workforce culture.

Environment

➢ This refers to the area, surrounding, and facilities. A bank inside a large
commercial complex in Makati City require safeguards different from those
required for an exclusive beach resort in an island in Cebu or a factory of fireworks
in an isolated area in Bulacan. For example, the bank may operate for electronic
locks and sensors, the resort may require a especially secure boat access, and
the fireworks factory may go with a perimeter fence.

Forces of Nature

➢ Also, at play in the selection of safeguards are the environment’s climate, weather,
and natural forces. Certain detection sensor devices may not work well in extreme
temperatures and are vulnerable to floods and earthquakes.
Crime

➢ Crime patterns must be considered in selecting the necessary countermeasures.

Decisions should be preceded by a risk assessment that includes a study on the
nature, intensity, and repetitiveness of criminal acts that have occurred in or near
the facility during the recent past.

Terrorism is also an important factor for certain facilities that may be considered
target of terrorist groups such as airport, tourist destinations, research laboratories and
government building.

Physical Barrier

Barriers are used in physical security to define boundaries, delay or prevent

access, restrict movement to a particular area, obscure visual observation into or from an
area, and prevent technical penetration of an area. When barriers are selected and
installed properly, they can represent not only a physical impediment but also a
psychological deterrent to an attacker.

Manmade structural barriers and natural barriers are two general types of barriers.
Often, both types are used to secure Forest Service facilities. Other types of barriers
(human barriers, such as guards; animal barriers, such as dogs).

Natural barriers include berms, rocks, trees and other foliage, water features, sand
and gravel, and other natural terrain features that are difficult to traverse or that expose
an attacker.

Barriers, whether natural or manmade, must be tested regularly and maintained.

Barring any unusual occurrences, an inspection every week or two generally is adequate.

Advantages Of Physical Barriers

1. Physical barriers become a psychological deterrence when a potential intruder is

discouraged from accessing facility because the barrier appear to present building.
2. Actual difficulty in getting through physical barriers.
3. Reducing the cost of security staffing by substituting barriers for people, and
placing security posts in locations that complement barriers.
Purpose of Physical Barrier

1. To control the movement of people and vehicle into, out of and within the facilities.
2. To segregate or compartmentalize sensitive areas.
3. To provide physical protection to object, materials, and processes of critical nature.

Element of Physical Barrier

1. Natural Barrier – It include bodies of water, mountains, marshes, ravines, deserts

or other terrain that are difficult to cross.
2. Structural Barrier – Are man-made barriers such as fences, walls, floors, roofs,
grills, bars, roadblocks or other physical means. A structural barrier physically and
psychologically deter or discourages the undetermined, delays the determined and
channels the flow of authorized traffic through entrances.
3. Human Barrier – The guard force as a human barrier is the key element in any
security system. Without it, all other protective devices, mechanical, electrical or
electronic would useless. The electronic devices may sound the alarm, the CCTV
may spot the culprit, or the micro computer may trigger a red button as a sign of
intrusion, but it is the guard who will respond and initiate the needed security
action.
4. Animal Barrier – The most common of animal barriers are dogs, known as the K-
9 team. The number of dogs to be used relies on the size and kind of installation
being secured.
5. Energy Barrier – Is the employement of mechanical, electrical, electrical energy
to impose a deterrent to entry by the potential intruder or to provide
advertisement of his presence.

Types of Fencing

1. Solid Fence – (Walls, Bricks and Concrete)

2. Full view – (Chain Link, Barbed wire and Concertina)

FIRST LINE OF DEFENSE: Perimeter barrier/fences - a medium or structure which

defines the physical limits of an installation or area to restrict or impede access thereto.
Purpose Of the Perimeter Barrier

1. To define the boundary of the property to be secured.

2. To create a physical and psychological deterrent to unauthorized entry.
3. To delay intrusion, thus facilitating the apprehension of intruders.
4. To assist in a more efficient and economical employment of guards.
5. To facilitate and improve the control of pedestrian and vehicular traffic.

Types Of Perimeter Barriers

1. Wire Fences (Solid or Full view) - wire fencing can be barbed wire, chain link or
concertina. Chain link are for permanent structure, barbed wire is for semi-
permanent and concertina for the least permanent, and also can be used as a
temporary road block or impediment during strikes and crowd control. Wire fences
are attractive and low in maintenance cost: they offer less hazard to people
because of the absence of barbs and the openings are small to prevent passage
of pilfered article.

i. Chain Link Fence

➢ Must be constructed of 7-foot material excluding the top guard.
➢ Must be of 9 gauge or heavier.
➢ Mesh opening are not to be larger than 2 inched per side.
➢ Should be twisted and barbed selvage at the top and bottom.
➢ Must be securely fastened to rigid metal or reinforced concrete.
➢ Must be reached within 2 inches of hard ground or paving.
➢ On soft ground, must reach below surface deep enough to compensate for
shifting soil or sand.

ii. Barbed Wire Fence

➢ Standard barbed wire is twisted, double strand, 12-gauge wire with 4-point
barbs space at an equal distance apart.
➢ Must be less than seven feet high, excluding top guard.
➢ Must be firmly affixed to post not more than six feet apart.
➢ The distance between strands must not exceed 6 inches and at least one
wire will be interlaced vertically and midway between posts.

iii. Concertina Wire Fence

➢ Standard concertina barbed wire is a commercially manufactured wire coil
of high strength steel barbed wire clipped together at intervals to the
cylinder.
➢ Opened concertina wire is 50 feet long and 3 feet in diameter.
 iv. The Top-Guard
➢ A top guard is an overhead of barbed wire along the top of the fence, facing
outward and upward at approximately 45-degree angle.
➢ Top guard supporting arm will be permanently affixed to the top of the fence
post to increase the overall height of the fence at least one foot.
➢ Three standards of barbed wire, space 6 inches apart must be installed on
the supporting arms.

Second Line of Defense - Doors, floors, windows, walls, roofs and grills.

Concrete Structure (Building walls) – An ordinary concrete building wall, because of

its rugged and formidable appearance, may give the impression that it offers good
protection against penetration, but may not. Standard poured concrete or concrete block
walls are utilized to support structural loads, or are used a curtains wall to enclose space
between load-bearing walls, but are not normally designed to prevent or delay penetration
with hand tools and small amounts of explosives.

Walls, floors, roofs or their combination serve also as barriers and they should be
of such construction to provide uniform protection just like the wire fencing.

Masonry walls as perimeter barrier should have the same height as the chain-link
and surmounted at the barbed wire top guard: if the height of the Masonry is less than
the prescribed, additional chain-link as “topping” is place to attain the minimum height
requirement.

Third Line of Defense: Interior Controls - Storage system like steel cabinets, safes,
vaults and interior files.

Establishing interior controls not only maximizes the efforts of security guards.
Such measures also allow or deny access to facilities or areas within the facility, as well
as track the identity and times of entry and exit.

There are variety of techniques to control access to the interiors of a high-security

facility. These may include identification systems, commercial telephone services, inter-
communications, two-way radios, call boxes, paging and recall systems, or even the more
sophisticated coded card system access. Other examples are enumerated below.

Locks

➢ Installing locks on door is the easiest line of defense inside a facility. It is the
simplest way to impose a physical restraint as well as grant entry. It is the most
widely used physical security device, yet it is hardly foolproof. However, locks can
be also being vulnerable to physical force. A key-operated lock can be picked, or
its keys can be duplicated illegitimately.
 ➢ It is the only as good as the door, jambs, and walls around them. A look is therefore
useless if an intruder can simply kick a weak door to access a facility.
➢ Key management is important when dealing with a complete lock system. It is
important to make sure that only authorized personnel can obtain or make a key
to the lock.
➢ All locks ca be compromised by an expert in a very short period of time. It is
therefore wise to use locks together with other security measures and as part of
an overall physical protection system.

Telephone Entry Systems

Telephone entry system are commonly used in apartment buildings and

condominiums. They are typically located outside the building, with a panel, handset and
touchpad. Each tenant has a special entry code that a visitor dial. The tenant may then
release the door lock by pressing a designated key on the residence phone. For added
security, some system and a CCTV camera in the entry lobby with small provided to each
occupant.

Identification Systems

Controlled entry into business facility usually begins with the identification of the
person entering. The identity of employees or visitors can be determined through the
following types of identification verification access control.

Guard can be personally recognizing or inspect the identification of employees or

visitors, and then formulated a judgment of that person’s validity.

Biometric reader can be using a person’s physical property (such as retinal pattern
or fingerprint) to gain entry.

Protective Alarm System

Different types of protective alarms installed indoor or outdoor complement and

supplement physical barrier. These systems are designed to alert security personnel to
completed or attempted intrusion into an area, building or compound.

Types of protective alarm systems include local alarm system, auxiliary system,
central station system and proprietary system. These can serve the purpose of either
substituting other security measures for economic reasons or supplement these security
measures to provide additional controls.
PROTECTIVE LIGHTINGS

Protective lightings are designed to illuminate the perimeter barrier and the outside
approaches of an area. A threat cannot be detected, either by camera or in person, if
there is no light. Lightings can be also served as deterrence since a threat is more likely
to attack an asset in relative darkness than in bright lights.

Purpose of Protective Lightings

➢ To provide sufficient illumination to an area during hours of darkness.

➢ To improve visibility in order to easily spot, identify and even apprehend intruders.
➢ To present psychological fear.
➢ To serve as deterrent to thieves, pilferer, trespasser, and saboteurs.

General Characteristics of Protective Lightings

➢ It is relatively inexpensive to maintain

➢ It may reduce the need for security forces
➢ It may provide personal protection for security forces by reducing the element of
surprise by the intruder.
➢ It requires less intensity than working light.

Types of Protective Lightings

1. Stationary Luminary – This is common type consisting of series of fixed

luminaries to flood given area continuously overlap.

➢ Glare-projection type- The intensity is focused to the intruder while the

observer or guard remain in the comparative darkness. Lighting is toward of
the approach of an entrance to an installation.
➢ Controlled lightning- The lighting is focused say on the pile of items, rather
than the background. The width of the lighted strip can be controlled and
adjusted to suit the security needs.
2. Standby Lighting- This system is similar to continuous lighting but us turn on
manually or by special device or other automatic means.
3. Movable Lighting – this consist of stationary or portable, manually operated
searchlights may be lighted continuously during the hours of darkness or only as
needed, and are usually supplementary to other types of security lighting.
4. Emergency lighting- This type maybe duplicative of existing system. This a
Standby which can be utilized in the event of electric failure, either due to llocal
equipment or commercial power failure.
 MODULE 4

PERSONNEL SECURITY

INTRODUCTION

This module introduces the management, practices, and procedures required to

Personnel Security. The module provides an overview of the elements of the personnel
security: designation of sensitive duties, investigative and adjudicative practices, security
officer responsibilities special security program requirements, and due process
procedures.

LEARNING OBJECTIVE

At the end of the module, the student will be able to:

1. Define personnel security.

2. Identify the purpose of personnel security
3. Identify the procedure of personnel security

LEARNING CONTENT

Of the three key security processes, personnel security in considered the most
important simply because security involves people, both as assets to be protected and as
sources of security threats.

Key Function of Personnel Security

➢ It serves as screening device to assist the organization in hiring suitable

employees.
➢ It is responsible for handling background investigation of prospective employees.
➢ It is responsible for the investigation of current employees suspected of violations
of company rules and regulations.
➢ To assist employees in protecting themselves through security awareness and
educational programs.
 ➢ It attempts to ensure the protection of employees from discriminatory hiring or
terminating procedures as well as unfounded allegation of illegal or unethical
activities and conduct.

Purpose of Personnel Security

➢ To identify the security measures in proportion to the risk.

➢ To reduce the risk of employing personnel likely to present a security concern.
➢ To establish that applicant and contractors are who they claim to be.
➢ To close down opportunities for abuse of the organization’s assets.

Elements of a Comprehensive Personnel Security Program

➢ Adequate job specifications and performance standards.

➢ Appropriate recruitment and selection criteria.
➢ Background investigative standards.
➢ Criteria for employee conduct.
➢ Investigation of questionable employees conduct
➢ Disciplinary procedures
➢ Termination procedures.

Pre-Employment Screening

Personnel Security measures are usually undertaking during the recruitment

process. This is because companies believe that it is better to spot dangerous or
dishonest individuals before they are hired. This means that the human resources
department should not simply trust the correctness of information written in a very
impressive resume. Hence, a proper background employment screening on job
applicants must be carried out.

The pre-employment screening should include checks on the following:

1. Proof of identity and address

2. Details of education and employment
3. Criminal records check
4. Financial check
5. Checking of at least two-character references.
Application Form

Using a standardized application form to be completed by job application required

them to provide all relevant information and confirm its correctness with signature. The
form should include a provision that pre-employment screening will be carried out. By
signing the form, the applicant provides consent for background checks to be undertaken.
It should also include the clear statement that lies or omission are grounds to terminate
the hiring process or employment even if it is discovered when the applicant is already
hired. Such statements in the standardized application form not only protect the
organization legally; they also serve as deterrent to the applicant signing the document.

Interviews

The job interview portion of the application also help in the screening process
because it provides an opportunity to discuss the candidate’s suitability for employment.
This interview is important because:

1. A face-to-face discussion encourages applicant to be honest.

2. It allows the employer to clarify information in the application form, ask for other
information not covered in the application form, and prove candidates about their
responses.
3. It also provides a good opportunity to add to the overall assessment of the
applicant’s reliability and integrity.

Pointers in Screening Process

➢ Application form not signed

➢ Application date filled up
➢ Applicant’s name and possible aliases
➢ Gaps in employment history or use of term” self-employed”
➢ Inability to remember names of former colleagues or bosses.
➢ Gaps in residence
➢ Inadequate references
➢ Lack of job stability
➢ Sign of instability of personal relations
➢ Indications of over-qualifications
 ➢ Declining salary history
➢ Signatures stamped
➢ Criminal record left blank
➢ Military service left blank

PERSONNEL SECURITY INVESTIGATION

➢ Is an inquiry into the character, reputation, discretion, integrity, morals and loyalty
of an individual in order to determine a person’s suitability for appointment or
access to classified matter.

3 General Techniques of Personnel Security Investigation

➢ Background Investigation (BI)

➢ Positive Vetting
➢ Profiling

Background Investigation

The BI serve to:

➢ Verify information on the application form;

➢ Ascertain past employment experiences; and
➢ Obtain other information pertinent to the decision to employ

Factor to be consider in a BI

➢ Loyalty – Quality of faithfulness to the organization, superiors, subordinates and

peers.
➢ Integrity – Uprightness of character, soundness of moral principles and
truthfulness.
➢ Discretion – Ability to act or decide with prudence; habit of wise judgement
➢ Moral – Distinctive identifying qualities that serve as index to the essential nature
of a person.
➢ Character – Sum traits impressed by nature, education and habit of a person.
➢ Reputation – Opinion which one is generally held.
Motives That Cause People to be Disloyal

➢ Revenge
➢ Material Gain
➢ Personal Prestige
➢ Friendship
➢ Ideological Beliefs

Weakness that Makes People Susceptible to Pressure

➢ Close relatives in foreign lands

➢ Heavy investments in foreign lands
➢ Jealousy
➢ Gullibility
➢ Weakness of Character
➢ Heavy indebtedness
➢ Addiction to narcotics and drugs
➢ Guilty Past
➢ Moral depravity

Components of a Complete Background Investigation

➢ Application’s Name
➢ Date of Birth
➢ Present Residence Address
➢ Local Agency Check
➢ National Agency Check
➢ Personal History
➢ Marital History
➢ Residence History
➢ Citizenship History
➢ Physical Data
➢ Educational History
➢ Organization Membership
➢ Neighborhood Investigation
➢ Character References
➢ Employment History
➢ Military History
➢ Residence History
➢ Citizenship History
 ➢ Physical Data
➢ Education History
➢ Organization Membership
➢ Neighbor Investigation
➢ Character References
➢ Employment History
➢ Foreign Travel & Connection History
➢ Criminal Records
➢ Credit Records
➢ Applicant’s Signature
➢ Date of Application

Investigative Coverage

➢ Prior to employment for at least 7 years should be verified.

➢ Claimed education should be checked.
➢ Claimed residence should be verified
➢ If the candidate indicates a criminal record, the details should be checked.

Investigative Standard

➢ Information sought should be relevant to the hiring decision.

➢ Information should be reliable.
➢ Unfavorable information should be confirmed by at least to sources.

Investigative Review

All completed investigations should be reviewed by a responsible supervisor so

that all applicants are measure according to the same standard.

Positive Vetting

It is a personal interview conducted under stress. Vetting is defined by Webster

Dictionary as the process of inspecting or examining with careful thoroughness.

Essence of Vetting

1. A personal interview
2. Conducted under stress
3. The interview is based upon answers previously by the applicant
4. Other information is used during the interview which confirms or denies that given
by the applicant
Basic Reasons for An Interview During Vetting

1. Challenge the applicant on the basis of any false statements.

2. To observe the applicant’s behavior under stress.
3. To open areas for explorations which until now remain hidden.
4. To prove new, investigate.

Profiling

The process whereby a subject’s reactions in a future critical situation is predicated

by observing his behavior, by interviewing him or by analyzing his response to a
questionnaire.

Deception Detection Techniques

1. The Polygraph
2. The Psychological Stress Evaluator
3. The Voice Analyzer

Financial and Lifestyle Inquiry

This type of investigation seeks to gather information on income and mode of living.

This is done when the employee:

➢ In to be promoted
➢ Is to be assigned to more sensitive duties; and
➢ When it is already part of SOP for those assigned to sensitive positions

Undercover Investigations

The placement of an agent in a role where his true identity is unknown, in order to
obtain information for criminal prosecution or for recovery or limitation of asset losses.

Exit interview as a Loss Prevention Technique

➢ It gives departing employees an opportunity to list grievances

➢ It offers security managers an opportunity to learn of problems
➢ Utilizing a checklist has resulted in reducing losses
➢ Allows for debriefing of departing employees.

How to Conduct an Adequate Security Exit Interview

➢ The interview should be conducted face-to-face, impersonal and objectively.

 ➢ Questions should be specific
➢ Interview should be conducted on the last day of employment
➢ Must have adequate preparation by the questioner
➢ It should be conducted regardless of rank if the departing employee
➢ It should be periodically evaluated, at least once a year.
➢ Interview should be structured and standardized so that generally all employees
are asked the same questions.
➢ Procedure should be established for the analysis, interpretation and feedback of
information in the appropriate manner.

Anti – Competitive Clause

An Effective method to prevent former employees from competing against

company

Security Education is Conducted to:

➢ Develop security awareness among employees of the company

➢ To emphasize the importance and role of security in achieving the company’s
goals among the top brass.

Security Awareness Results in:

➢ Better understanding of the relationship between security and successful

operations;
➢ Knowledge of one’s personal obligation under the security program;
➢ Understanding between security objective and measures’
➢ Familiarity with sources of help in carrying out personal and departmental
responsibilities under the security program; and
➢ Compliance with statutory and regulatory requirements and contractual
obligations.

Objectives of Security Education Program

➢ Guidance for all supervisory and executive levels of the organization;

➢ A mandatory indoctrination on security for all new personnel before their
assignment to their respective jobs.
➢ Develop of a high degree of security consciousness among the selected
supervisors and other key personnel in a program that should be continuing and
supported by top management.
➢ A down line security program aimed at instilling consciousness and dedication
through demonstrations, lectures, motivations, and suggestions.
 ➢ To let all the employees force be informed that they all belong to the organization
and the non-awareness and non-concern to the security program is tantamount to
disloyalty.
➢ That the program is also to develop discipline, loyalty and belongingness.

Security Education may be conducted during:

➢ Initial Interview – The initial interview will be the individual’s first contact should
be formal and professional in nature. The interview should be made by the
installation security officer or his representative.
➢ Training Conference - The training conference should be held during the initial
processing or training period of the individual.
➢ Refreshal Conference – Should be conducted semi-annually and at least
annually. It designed to serve three purposes:
➢ Security Reminders – Another phase in security education program is concerned
with security reminders. This is a Direct or passable approach. The most common
and obvious approach is through the use of poster.
➢ Security Promotions – The fifth phase of security education is security promotion.
If the security reminder phase is considered to be a passive phase, then security
promotion must be considered active. Security promotion is a positive effort to sell
security.
➢ Special Interviews – The sixth phase is the special interview. One good element
of any approach is an appeal for help in overcoming a problem that is common to
the both security officer and the supervisors, that of the safeguarding of classified
information. This interview is important but it could develop into a delicate situation.
Therefore, the interview should be conducted by the most mature and experienced
individuals in the security organization.

Debriefing

Is required whenever a person who has access to classified information leaving

the company or is assigned to other duties

How to Conduct Debriefing

➢ Debriefing should be established as a formally conducted procedure

➢ Procedures must be established for the analysis, interpretation and feedback of
information.
➢ Obtain a signed statement indicating that he is aware of his continuing security
responsibility.
 MODULE 5

DOCUMENT AND INFORMATION SECURITY

INTRODUCTION

Document Security is a major issue faced by almost all businesses operating

worldwide. When a business uploads its documents onto the internet through cloud
storage devices and platforms, they are at a very high risk of falling prey to malicious
viruses and dangerous hackers. When placed in a physical form, there is a very high
chance that they can be lost or damaged due to consequence like fire or theft.

Many businesses around the world have had to face severe situations of data theft
and security breaches, forcing them to pay a heavy price. It is, therefore, a wise and
important decision to take security measures seriously when uploading important
documents of a business such as bookkeeping records and financial transactions.

LEARNING OBJECTIVE

At the end of the module, the student will be able to:

1. Enumerate factors to consider in document and information security.

2. Illustrate the information cycle
3. Enumerate the characteristics of information.
4. Define and classify sensitive information.
5. Define proprietary information and enumerate the types of intellectual properties.
6. Enumerate some information security measures.

LEARNING CONTENT

Protecting vital secrets from competitors and foes has become increasingly critical
in this high tech, nuclear age. The loss of document and information cost government,
Business, and Industry alike, billions of pesos. Business competitive badge and national
security have been jeopardized because the proper security precautions were not taken.
All too often the importance of document and information security is not realized until after
a loss have been discovered. In many instances one that has already cause irreparable
damage. For these reasons comprehensive document and information security program
is vital to operating and competing in our modern society.
Document and Information Security

To protect document and information, an administrator must also understand the

capabilities and use of document and information technologies. Technology had a
tremendous impact on how document and information can now be created, used, stored,
transmitted, and disposed of, as well as how it can be stolen, manipulated, or maliciously
destroyed. Understanding how technology can be used and abused is therefore critical
to implementing an effective defense.

Definition of Documents

Are any materials that contain marks, symbols or signs either visible, partially
visible or invisible that may presently or ultimately convey a meaning or message to
someone Pencil or ink writing, typewriting or printing on paper is its most usual form.

Kinds of Documents

Class I – Vital Documents – An irreplaceable record, reproduction of which does not

have the same value as the original.

Class II – Important Documents – A record, reproduction of which will involve

considerable expense and labor or considerable delay.

Class III – Useful Documents – A records, the loss of which may cause inconvenience
but could be readily replace and may not present an insurmountable obstacle to the
prompt restoration of the business.

Class IV – Non-essential Documents - A records that may include daily files, routine in
nature, the loss of which will not affect the organization’s operation. This class represents
the bulk of the records which can be kept in ordinary files ready for reference if needed
and usually discarded after some period of time.

Factors to Consider

➢ Documents and information security is based on the premise that the government
has the right and duty to protect official papers form unwarranted and
indiscriminate disclosure.
➢ The authority and responsibility for the preparation and classification of classified
matters rest exclusively with the originating.
➢ Classified matter shall be categorized according to their content and not to the
classification of file in which they are held or other documents to which they are
referred.
➢ Classification shall be made as soon as possible by placing appropriate marks on
the matter to be referred.
 ➢ Each individual whose duties allow access to classified matter while it is in his
possession shall ensure the distribution of such matter on the “need to know” basis
only and to properly cleared person only.

Definition of Information

In its most restricted technical sense is an ordered sequence of symbols that

record or transmit a message. It can be recorded as signs, or conveyed as signals by
waves. Information is any kind of event that affects the state of a dynamic system. As a
concept, however, information has numerous meanings.

Stages of Information Cycle

Information occurs through various stages. Familiarization of the different stages can
provide significant analysis on how it can be protected.

1. Creation - During this stage, information is discovered and developed. Information

can take the form of handwritten notes, discussion, dictated script, or electronic
data. It is commonly concentrated in laboratories, offices, word processing units
and computer centers.
2. Use – Undoubtedly in created for use. This stage involves a process wherein
people based on the information, soliciting support or informing others. When
information is used, it usually includes duplication as well as distribution.
Duplication can be in the form of photocopying, printing or sending through
electronic mail.
3. Storage and retrieval – Used information should be put away for future use.
Storage and retrieval methods must ensure the integrity of the information, its
timely accessibility to authorized users, and its protection form criminal intervention
and disastrous circumstances.

The security measures that must be taken depend on the type of storage center,
the storage means and the storage technologies used, more importantly, the
experience and dependability of the personnel who will handle the storage and
retrieval of information must be considered.

4. Transfer - This involves the transfer of information from active to inactive storage.
Inactive records are usually located in remote areas less accessible to users.
Special security precautions should be taken at the time of transfer and when
records are on the way from one place to another.
5. Disposition - This is the last stage of the cycle of information. During this stage,
a decision can be made to retain the information indefinitely at either an active or
 inactive storage center or to dispose of it. The method of disposal should depend
on the amount of information and the type of media used.

Characteristics of Information

Information is Expansive - It is unlike other business resources because it can easily

expand to cover a wider scope. Information may age, but it tends not to diminish; today’s
breaking news, for instance will be an event in history after a few years. Information tends
to accumulate; a discovery on the healing benefits for numerous diseases. Information is
compressible and transportable at very high speeds, and can impart advantages to the
holder as demonstrated be single memory card that can save hundreds of photos.

Information requires Barriers - Just a decade ago, information assets were stored in
computer systems with electronic barriers inside centrally controlled equipment and
located within the protected confines of a computer room. Nowadays, computer have
become widely dispersed through computer network protected through firewalls. The
future trend seems to rely on cloud-based information and data exchange (called internet
networks) protected by hosts through passwords and other computer security measures.

Information is costly and important - Organizations should protect information assets

because it is costly to acquire and maintain, and it is important to the success of the
business enterprise. In industries like research and development, education and
publishing, information fuel their business. It has significant value in much the same sense
that people, physical property and financial assets have value.

Information is coveted - When something has a value, someone will want an opportunity
to take it away. A new cellular phone technology being developed by a big
telecommunications company might not be accessible to the pickpocket who preys in
public places, but it can be vulnerable to an intelligent, clever and professional spy who
can steal the information and sell it to the company’s competition.

Information has a limited life - At some point in time certain information can lose all or
most of its value. If a business owner is in possession of valuable information, he will want
to extract from it the maximum worth possible by making it available only to those whose
talents can exploit it. When news of this information spreads to more and more people,
its value can diminish.

Information is difficult to protect - In a word of advanced information technology,

several employees may hold and share sensitive corporate information on their laptop,
memory drives and emails. Oftentimes, confidential information such as prices, designs
and production schedules need to be shared with supplies, costumers and shippers.
Protecting information is difficult but it should be a significant concern for every
organization.
Information is voluminous - Another reality is that companies are dealing in larger
volumes of information than ever before. Great amounts of raw data are needed to make
fully developed analyses. From customer information to critical business strategies,
financial operational data and intellectual property, not only is there more information but
it is high-impact information. All of these have serious security vulnerabilities.

Sensitive Information

Sensitive information refers to information that has value and should be protected,
including the following:

➢ Proprietary business and technical information.

➢ Personal data concerning applicants, employees and former employees.
➢ Proprietary information owned by partners and obtained through an agreement.

Classification of Sensitive Information

Sensitive information is generally classified into three.

1. Secret – This is information the unauthorized disclosure of which could cause serious
damage to the organization’s business. Its use and access to it are strictly limited.

➢ Trade Secret
➢ Plans to merge, divest, acquire, sell or reorganize
➢ Information that could affect the price of shares
➢ Information with high political or legal sensitivity
➢ Information prejudicial to the interests or reputation of the organization.

2. Restricted – This is information of such value or sensitivity that its unauthorized

disclosure could have a substantially detrimental effect on the organization’s business.

➢ Marketing Strategies
➢ Customer files
➢ Agreement and contracts
➢ Contentious or litigable matters

3. Private – This is information relating to employees.

➢ Salaries, bonuses and wages

➢ Health and medical matters
➢ Disciplinary actions
➢ Job performance

Trade Secret
 A trade secret may consist of any formula, pattern, device or compilation of
information which is used on one’s business and which gives one an opportunity to gain
advantage over competitors who do not know or use it.

To be secret, information must generally meet the following test

➢ It must be identifiable
➢ It must not be already available in any public sources.
➢ It must be disclosed by the owner only to persons who are under some duty to
protect its secrecy.
➢ Persons to whom it is disclose must know it is a secret
➢ There must be some objective indication that the owner is attempting to prevent
its unauthorized disclosure.

The Essential Element of a Trade Secret

➢ It is not being generally known too other and

➢ Some advantages are gained by the user from its use or possession

Patent

It is grant made by the government to an inventor, conveying and securing to him

exclusive rights to make, use and sell his/her invention for a term of 20 years.

The main differences between Trade Secret and Patent

➢ The requirement for obtaining a patent are specific to qualify for a patent, the
invention has to represent a positive contribution beyond the skill of the average
person, whereas the trade secret needs a much lower novelty.
➢ A trade secret can remain a secret for as long as it continues to meet the “trade
secret test”, whereas an exclusive right patent after a period of 20 years.
➢ Since anyone can purchase a patent, they are not industrial espionage target
where trade secret is.