CPP Domain 7 Shepp

CERTIFIED PROTECTION PROFESSIONAL (CPP)
CERTIFIED PROTECTION
Certification PROFESSIONAL
Examination Review
(CPP)
Certification Examination Review
October 2017
October 2017 Dennis Dennis
Shepp, CPP
Shepp, CPP
(DOMAINS)
SUBJECTS
CERTIFIED PROTECTION PROFESSIONAL
CERTIFIED PROTECTION (CPP) (CPP)
PROFESSIONAL
Certification
Certification Examination Examination
Review Review
Security Principles
& Practices
DOMAIN 1 – Security Principles & Practices (21%)

Business Principles
DOMAIN 2 – Business Principles & Practices (13%)

& Practices
– Investigations
DOMAIN 3 – Investigations (10%)

Personnel Security
DOMAIN 4 – Personnel Security (12%)

Physical Security
DOMAIN 5 – Physical Security (25%)

DOMAIN 6 – Information Security (9%)
Information
Management Security
DOMAIN 7 – Crisis Management (10%)

Crisis
October 2017 Dennis Shepp, CPP

Certification PROFESSIONAL
Examination Review
(CPP)
7
DOMAIN DOMAIN 7 – CRISIS MANAGEMENT (10%)
October 2017
Shepp, CPP
Shepp, CPP
Task 07/01 Assess and prioritize threats to

mitigate potential consequences of incidents
Task 07/02 Prepare and plan how the organization
will respond to incidents
Task 07/03 Respond to and manage an incident
Task 07/04 Recover from incidents by managing
the recovery and resumption of operations

Task 07/01 Assess and prioritize threats to mitigate

potential consequences of incidents

Knowledge of:
7/01/01 Threats by type, likelihood of occurrence, and
consequences
07/01/02 “All hazards” approach to assessing threats
07/01/03 Cost-benefit analysis
07/01/04 Mitigation strategies
07/01/05 Risk management and business impact analysis
methodology
07/01/06 Business Continuity standards (e.g., ISO 22301)

Task 7.1.1 and 7.1.2 Explain the “All hazards” approach to assessing
threats. CERTIFIED PROTECTION PROFESSIONAL (CPP)
POA: Crisis Management; CHAPTER 1.5.1 TYPES OF

THREATS AND CONTINGENCIES
• Emergency or contingency plans: natural, human
(either internal or external), and accidental.
• Natural threats - include all weather-related
emergencies, such as hurricanes, tornadoes, floods,
winter storms, and fires caused by lightning, as well as
non-weather natural events, such as earthquakes and
volcanic eruptions.
• Human threats - are deliberate adverse actions and
events, such as terrorist activity, arson, civil disorder,
and barricade or hostage situations.
• Accidental threats - non-deliberate
CERTIFIED adverse actions
PROTECTION PROFESSIONAL and
(CPP)
events, such as hazardous material spillsExamination
Certification and Review
telecommunications and computer outages.

• Emergencies for which planning is appropriate:
o fire
o explosion
o water outage
o power outage
o computer system failure
o telecommunications failure
o fire
o explosion
o water outage
o power outage
o fuel leak CERTIFIED PROTECTION PROFESSIONAL (CPP)
o hazmat (hazardous materials) incident
o bomb incident
o civil disorder
o armed attack
o barricade/ hostage incident
o severe weather — tornado — hurricane — thunderstorm
— flood
o other natural occurrences — earthquake — volcano
CHAPTER 1.5.3 PLANNING FORMATS AND ALL-HAZARDS
PLANNING
• The specific emergency planning format used in a given
organization depends on the nature of the organization
and the organization’s policy.
• The all-hazardsCERTIFIED
approachPROTECTION
has been PROFESSIONAL
adopted by FEMA (CPP)
and can be used in business and organizational plans as
well as community plans.
• Approach provides for a basic emergency plan, or
emergency operations plan (EOP), with functional
annexes (such as emergency call lists) that apply to
multiple emergency situations, and threat-specific
annexes (such as procedures for bomb incidents).
• This approach recognizes that many planning
requirements are similar regardless of whether an
incident is a natural threat, a human threat, or an
accident.

Task 7.1.3 and 7.1.4 Assess and prioritize threats to mitigate potential
consequences of incidents, explaining cost-benefit analysis and
mitigations strategies. Certification Examination Review
POA: Crisis Management, CHAPTER 1.5.4 DEVELOPMENT OF

A PLAN (Kindle Locations 19893-19896).
• Emergency Plans – all-hazards approach, mitigation
strategies related to constructing or retrofitting facilities or
otherwise reducing the impact of potential emergency
events should be addressed in a separate mitigation plan.
• Business resumption/recovery plans and continuity of
operations plans should be separate from the
organization’s security operations plan.
CHAPTER 1.6.2 INCIDENT COMMAND/MANAGEMENT
• Provides command, operations, planning, logistics &
finance and administration.
• Crisis or emergency managementCertification
team – Examination
depending on the
Review
scope of the incident – cross-functional.

• Emergency operations center - command post (CP)
• Emergency notification and communications
• Mutual aid agreements
POA: Crisis Management, CHAPTER 1.7.10 EMERGENCY
SHUTDOWN AND RESTORATION (Kindle Locations 20352-
20356)
• The procurement or replacement cost of key assets should
be evaluated, as should the cost impacts of the absence of
those assets when attempting to restore normal
operations.
POA: Crisis Management, CHAPTER Certification
1.7.11 RESOURCES AND
Examination Review
LOGISTICS, (Kindle Location 20373)
• Costs of any required logistical support must be
considered.

Task 7.1.5 Explain risk management and business impact analysis
methodology. CERTIFIED PROTECTION PROFESSIONAL (CPP)
POA: CRISIS MANAGEMENT CHAPTER 1.8 BUSINESS

CONTINUITY & ORGANIZATIONAL RESILIENCE, page 33
• A business impact analysis (BIA) is an integral part of the
business continuity planning process.
• It is used to identify an entity’s critical functions, to
assess the impact of a disaster or other emergency on
those functions over time, to determine the other
elements of the business on which those critical
functions depend, and to help develop and prioritize
recovery strategies.

• Some references consider the BIA to beExamination
Certification hazard neutral;
Review
in other words, it does not matter what caused the

outage or disruption.
• Testing the business continuity (BC) plan is just as
important as testing the emergency operations plan.
• A realistic functional test in a controlled environment is
the best way to achieve this.

Task 7.1.6 Explain business continuity standards (ISO 22301 & others).
NOTE: ISO 22301:2012 NOT MENTIONED IN RESOURCES
ISO 22301:2012 specifies requirements:
• To plan, establish, implement, operate, monitor, review,
maintain and continually improve a documented
management system.
• To protect against, reduce the likelihood of occurrence,
prepare for, respond to, and recover from disruptive
incidents when they arise.
• The requirements are generic and intended to be
applicable to all organizations, or parts thereof,
regardless of type, size and nature of the organization.
• The extent of application of these requirements depends
on the organization's operating environment and
complexity.

POA: Crisis Management,
CERTIFIEDCHAPTER 1.3PROFESSIONAL
PROTECTION SCOPE (Kindle (CPP)
Locations 19715-20485).
• Many of the planning concepts and considerations
identified by ASIS International, FEMA, and the National
Fire Protection Association (NFPA) may be appropriate in
other countries.
• Emergency management and disaster preparedness/
response structures, capabilities, and requirements vary
from one country to another.
Emergency planning handbook (2nd ed.) ASIS International
(2003); Business Continuity Guideline; Organizational
resilience: Security, preparedness and continuity management
systems, ANSI/ASIS SPC. 1-2009.
• ASIS International & British
CERTIFIED Standards
PROTECTION Institution,(CPP)
PROFESSIONAL Inc.
(2010). Business continuity management systems,Review
Certification Examination
ANSI/ASIS/BSI BCM. 01- 2010.

• Federal Emergency Management Agency. (1993).
Emergency management guide for business and industry.
FEMA Publication 141.
• Federal Emergency Management Agency. (2007a).
National incident management system. FEMA Publication
501. http:/
/www.fema.gov/pdf/emergency/nrf/nrfnims.pdf

ComprehensiveCERTIFIED
planningPROTECTION PROFESSIONAL (CPP)
guide: ACertification
guide for all-hazard
Examination Review
emergency operations planning. FEMA Publication CPG
101, Version 2.0.
• Federal Emergency Management Agency. (2010b).
Guidance on planning for integration of functional needs
support services in general population shelters.
National Incident Management System Resource Center:
Glossary.
http://www.fema.gov/emergency/nims/Glossary.shtmGlos
sary.shtm

CERTIFIED
• Federal Emergency PROTECTION
Management PROFESSIONAL
Agency. (2007b).(CPP)
National Incident Management System Resource Center:
Glossary.
http://www.fema.gov/emergency/nims/Glossary.shtmGlos
sary.shtm

Comprehensive planning guide: A guide for all-hazard
emergency operations planning. FEMA Publication CPG
101, Version 2.0.
Guidance on planning for integration of functional needs
support services in general population shelters.
• National Fire Protection Association. (2010).
Certification Standard
Examination Reviewon
disaster/ emergency management and business continuity

programs. NFPA 1600. Quincy, MA: National Fire
Protection Association.

Task 07/02 Prepare and plan how the organization

will respond to incidents

Knowledge of:
07/02/01 Resource management techniques
07/02/02 Emergency planning techniques
07/02/03 Triage and damage assessment techniques
07/02/04 Communication techniques and notification
protocols
07/02/05 Training and exercise techniques
07/02/06 Emergency operations center (EOC) concepts and
design
07/02/07 Primary roles and duties in an incident command
structure
07/02/03 Triage and damage assessment
Certification techniques
Examination Review
POA: Crisis Management CHAPTER 1.5.9 PRIORITIES (Kindle
Location 19976)
• Protect human life.
• Prevent or minimize personal injury.
• Reduce the exposure of assets.
• Optimize loss control for assets whose exposure cannot
be reduced.
• Restore normal operations as quickly as possible.
Time tested principles:
• Evacuation and shelter
• Personal protection
• Rescue and relief

POA: Crisis Management, CHAPTER 1.7.6PROFESSIONAL
EMERGENCY (CPP)
MEDICAL SERVICES (EMS), (Kindle Location 20243)
• Immediate and short-term care of injured persons a
priority.
• Planners must consider: Availability of EMS personnel;
transportation of injured; onsite EMS facilities; trained
responders; triage (for mass casualty situations);
coordinate with off-site medical facilities (ingress/egress)
• Triage - where trained medical personnel evaluate the
injured and prioritize them for treatment.
• Post Incident medical care – Organization provided
support for victims/families.

07/02/05 Training and exercise techniques

POA Crisis Management; CHAPTER 1.5.6 Training, Drills
and Exercises; Page 12/13
• Training reinforced by exercises
• Various forms, table-top, walk-through emergency
plan, full exercise – involve outside agencies
• Test workability of the plan – if further training
needed.
• Identifies shortcomings
• See exercise planning template (CHAPTER 1-1 page 13)
07/02/06 Emergency operations
CERTIFIED center
PROTECTION (EOC) concepts
PROFESSIONAL (CPP)and
design Certification Examination Review
POA: Crisis Management, CHAPTER 1.6.4 EMERGENCY

OPERATIONS CENTERS AND COMMAND POSTS, (Kindle
Locations 20095-20105).
• A business should identify a location for use as an
emergency operations center (EOC) or crisis management
center (CMC).
• The size, nature, and location of the organization may
dictate the location and scope of its EOC/ CMC.
• Small organizations EOC/CMC - building manager’s office,
plant manager’s office, or other individual’s normal work
area.
• Larger organizations may use a conference room or
dedicated EOC/CMC that is used only in emergencies.
• During an emergency, the personnel managing the

response to the event need to maintain full concentration
on coordinating the response; therefore, access to the
EOC/ CMC should be controlled.
• Regardless of the arrangement, the organization should
also designate one or more alternate locations.
• The primary and alternate EOC/CMC locations should
accommodate the CMT and provide redundant
communications capabilities.
• The locations should have backup power and an
independent supply of potable water.
• Effective communications vital.
07/02/07 Primary roles and dutiesCertification
in an incident command
Examination Review
structure
POA: Crisis Management, CHAPTER 1.6.2 INCIDENT
COMMAND/ MANAGEMENT, (Kindle Locations 20037-
20049).
• The Incident Command System (ICS) is a command and
control mechanism used by many public safety agencies
and jurisdictions in the United States.
• ICS provides an expandable structure that can be used as
needed to manage emergency agencies.
• ICS normally consists of five primary elements: command,
operations, planning, logistics, finance & administration
• Several special CERTIFIED
staff positions, including
PROTECTION public affairs,
PROFESSIONAL (CPP)
safety, and liaison, report directlyCertification Examination Review
to the incident
commander (IC) when the emergency warrants
establishment of those positions.
• If an incident requires a public safety response, the
incident commander is normally the senior member of the
responding agency.
• The response may involve only one agency and one
jurisdiction.
• ICS is formally implemented based on size of the incident -
single-incident command.
• Incident involves multiple agencies or jurisdictions -
unified command (UC).
• Under UC, there is a collaborative approach to decision-
making and a single incident command
Certificationpost, withReview
Examination the
agencies involved in the incident participating in the
process through direct representation or through the ICS
liaison officer.
• Participating agencies may choose to operate with a single
IC, who would normally be the senior representative of
the lead agency or jurisdiction.

CERTIFIED
Task 7.2.1 and 7.2.2 PROTECTION
Prepare and planPROFESSIONAL
how the (CPP)
organization will respond to incidents explaining
resource management and emergency planning
techniques
POA: Crisis Management CHAPTER 1.5.5 PLANNING
PROCESS, (Kindle Location 19908).
• For an effective plan - it must reflect the requirements
of the organization to which it pertains.
• All persons tasked with responsibilities must clearly
understand their responsibilities and be trained to
fulfill them.
• The plan must be tested through practice, and it
should be revised in light of such testing.
• An exercise orCERTIFIED
an actualPROTECTION PROFESSIONAL
implementation of the (CPP)
plan
may point to the need for revisions, reassignment of
responsibilities, or retraining of personnel, after which
the plan should be retested.
• Most important- planning is a continuing process that
is never finished as long as the plan exists.
• Plan – All-Hazards - basic emergency plan, or
emergency operations plan (EOP), with functional
annexes (emergency call lists) that apply to multiple
emergency situations, and threat-specific annexes
(bomb threats) – Stand-alone Plan – plans for each
type of event – Hybrid Plan – combination of the
others.
Task 7.2.4 and 7.2.5 Prepare and plan how the organization
will respond to incidents explaining communication
techniques and notification protocols and training and

exercise techniques.
POA: Crisis Management CHAPTER 1.6.5 COMMUNICATIONS (Kindle
Locations 20112-20113)
• Interoperability, or the ability of different agencies and different
jurisdictions to communicate with one another via wireless
means, is a significant issue in the public safety community.
• Private line telephones (FX – Foreign Exchange) should be
acquired to replace existing switchboard systems – overloading
could occur in emergency.
POA: Crisis Management CHAPTER 1.7.8 ALERT AND WARNING
SYSTEM, (Kindle Locations 20288-20292)
• The emergency plan should provide a method of warning those
occupying
October 2017
the facility when an emergency exists. Dennis Shepp, CPP
• The method used should bePROTECTION
CERTIFIED sufficient toPROFESSIONAL
alert individuals(CPP)
as
quickly as possible so that appropriate action can
Certification be taken
Examination (for
Review
instance, evacuating an area of the facility).
• Many local building or fire and safety codes require emergency
warning and communications systems in high rises and other
specified types of structures.
• Existing communication systems— a public address system or the
telephone system— may be used for indoor warnings.
• All those occupying the facility should know what the warning
signals are and what actions they must take when a warning is
given.
• The warning system should be tested periodically when
employees are in the facility so they can experience and become
familiar with the warning.

Task 7.2.6 andCERTIFIED
7.2.7 PROTECTION PROFESSIONAL
PrepareCertification
and plan how(CPP)the
Examination Review
organization will respond to incidents explaining
emergency operations center (EOC) concepts and design
and primary roles and duties in an incident command
structure.
POA: Crisis Management; CHAPTER 1.6.4 EMERGENCY
OPERATIONS CENTERS AND COMMAND POSTS, (Kindle
Locations 20095-20101).
• A business should identify a location for use as an
emergency operations center (EOC) or crisis
management center (CMC) from which the emergency
response can be directed.
• During an emergency, PROFESSIONAL
the personnel managing (CPP)the
response to the event need to maintain full
concentration on coordinating the response
• Access to the EOC/ CMC should be controlled.
• One or more locations designated (redundancy)
• Crisis Management Center – “A specific room or facility
staffed by personnel charged with commanding,
controlling and coordinating the use of resources and
personnel in response to a crisis.” (ASIS BCG pge7)
POA: Crisis Management CHAPTER 1.6.2 INCIDENT
COMMAND/ MANAGEMENT, (Kindle Location 20037)
• Command – Operations – Planning – Logistics – Finance
& Administration
• If an incidentCERTIFIED
requiresPROTECTION
a public PROFESSIONAL
safety response,(CPP)the
incident commander (IC) is normally the senior
member of the responding agency.
• Collaborative approach to decision making and a single
incident-command post.
• Organizations encouraged to develop own incident-
command response plan, designate an IC and crisis
management team (CMT).
• CMT: senior management - plans and operations -
public affairs - human resources - facilities engineering -
security - safety and occupational health - legal counsel
- resource management- logistics – chaplain –
employee union
CMT: CERTIFIED PROTECTION PROFESSIONAL (CPP)
• coordinating implementation of appropriate
contingency plans
• coordinating resources and support needed by
responding agencies
• coordinating with internal and external agencies, as
required
• developing alternative courses of action for
presentation to decision makers
• developing a media management strategy and
preparing appropriate press releases
• maintaining contact with victims and family members,
as appropriate
CERTIFIEDCHAPTER
ASIS/SHRM WVPI.1-2011 PROTECTION PROFESSIONAL
5.2.7 CRISIS (CPP)
MANAGEMENT PERSONNEL and CHAPTER 11 POST INCIDENT
MANAGEMENT
• Role of the CMT personnel for workplace violence incident
• Crisis containment
• Coordination with Threat Management Team
• Communications
• Notifications
• Crisis mental health response
ASIS/SHRM WVPI.1-2011 CHAPTER 8.6 THREAT RESPONSE &
8.10 RESPONDING TO A VIOLENT WORKPLACE INCIDENT
• General considerations and response imperatives

Task 07/03 Respond to and manage an incident

Knowledge of:
07/03/02 EOC management principles and practices
07/03/03 Incident management systems and protocols

Task 7.3.1 Respond to andPROTECTION
CERTIFIED manage anPROFESSIONAL
incident describing
(CPP)
resource management techniques.Certification Examination Review
POA: Crisis Management: CHAPTER 1.6.3 Crisis
Management Teams; 1.6.4 Emergency Operation Centers
and Command Posts; 1.6.5 Communications; 1.7.2
Emergency Response Agencies; 1.7.6 EMS; 1.7.7 Security
and Fire Protection; 1.7.11 Resources and Logistics
• Above sections outline detailed resources required for
incident response.
• Some equipment/resources dedicated for emergencies.
• Procurement requirement at time of emergency.
• Mutual aid agreements may provide interagency support
arrangements.
• Key questionsCERTIFIED
when planning for logistical support
PROTECTION PROFESSIONAL (CPP)
(procured equipment and services fromExamination
Certification outsideReview
the
organization):
o Required equipment or services
o Quantity
o Time frame
o Duration required
o What sources are available?
o Is source capable of providing required resources?
o How long for source to respond?
o Costs
o Can source be contacted after normal hours?
o How will resources be delivered/transported?
o Maintenance of leased equipment
o Who has the authority to purchase/lease?
o What documentation is required?
o How often will resource list be reviewed and
amended?

Task 7.3.2 Respond to and manage an incident
describing EOC management principles and
Certification practices.
Examination Review

Task 7.3.2 Respond to and manage an incident
describing EOC management principles
Certificationand practices.
Examination Review
• These levels may aid organizations developing

response plans and implementing “triggers”.
• CMT determines progression from one level to next.
ASISOctober
Business
2017 Continuity Guideline, page 19 Dennis Shepp, CPP
Task 07/04 Recover from incidents by managing the

recovery and resumption of operations

Knowledge of:
07/04/02 Short and long-term recovery strategies
07/04/03 Recovery assistance resources
07/04/04 Mitigation opportunities in the recovery

process
Task 7.4.1 RecoverCERTIFIED
from incidents by managing
PROTECTION PROFESSIONAL the(CPP)
recovery
and resumption of operations describing resource
management techniques.
POA: Crisis Management CHAPTER 1.4.2 ELEMENTS OF
EMERGENCY MANAGEMENT, (Kindle Locations 19811-19814)
• Recovery - involves near-term and long-term actions taken
to return the organization to a pre-emergency level of
operation or, in some cases, to a new level of operation.
• Recovery efforts may include implementation of
continuity of operation or business resumption plans,
activation of emergency relocation sites, and
reconstitution or restoration at the original location or a
new permanent location.
• Business continuity (BC) private-sector version of
emergency management & includes business
Certification impact
Examination Review
analysis (BIA).
• Business impact analysis (BIA) is an integral part of the
business continuity planning process - used to identify
an entity’s critical functions, to assess the impact of a
disaster or other emergency on those functions over
time, to determine the other elements of the business
on which those critical functions depend, and to help
develop and prioritize recovery strategies.
• BC encompasses all actions taken by a business before,
during, or after an emergency to minimize the negative
impact on the organization’s operations.
• Timely response, resumption of critical business
functions, and recovery.
• Government entities can use BIA to reduce the impact on
their own critical functions.
• Continuity of operations (COOP) entails movement of
critical functions and personnel to an alternate operating
site or sites in accordance with a pre-established COOP
plan (US gov’t uses).
• Business continuity (BC) strategies may include –
resumption and recovery in place, contracting functions,
or relocation of critical functions & personnel to other
sites.
• Defining vital records and providing protection to
preserving, maintaining, and restoring (from back-up sites)
is critical part of BIA & BCP.
07/04/03 Recovery assistance resources.
POA: Crisis Management CHAPTER 1.7.11 RESOURCES
Certification AND
Examination Review
LOGISTICS, (Kindle Locations 20359-20366).

• Depending on the nature of the incident and the type of
organization, equipment and other logistical support may
be provided in a number of different ways.
• Organizations may have some equipment set aside for
emergency use only and other equipment that is in regular
use but also designated for use in emergencies.
• Other equipment may need to be procured either from
pre-identified commercial sources or from other
organizations through mutual aid or interagency support
arrangements.
Task 7.4.4 Recover from incidents by managing the
recovery and resumption of operations describing
mitigation opportunities in the recovery process.
ASIS POA: Crisis Management; CHAPTER 1.4.3
OBJECTIVES OF EMERGENCY MANAGEMENT,
• Emergency management has 3-objectives: Minimize
the probability (likelihood) of a threat or emergency –
Mitigate the impact if the event occurs – Recover from
the emergency and resume normal operations.
• Catastrophic events such as explosions from bombs, or
chemical accidents require special mitigation strategies
to minimize injuries/fatalities and serious property
damage.
PRACTICE EXAM QUESTIONS

The four elements of emergency management are which of

the following?
a. Planning, policies, preparedness, and response
b. Mitigation, policies, response, and recovery
c. Mitigation, preparedness, response, and recovery
d. Planning, preparedness, countermeasures, and
recovery

The four elements of emergency management are which of

the following?
a. Planning, policies, preparedness, and response
b. Mitigation, policies, response, and recovery
c. Mitigation, preparedness, response, and recovery
d. Planning, preparedness, countermeasures, and
recovery
POA: Crisis Management (Kindle Locations 19786-19787). ASIS

International. Kindle Edition.

“This aspect of emergency management encompasses

actions taken before an event to plan, organize, equip, train,
and exercise in order to deal with emergencies that cannot
be avoided or entirely mitigated.” This is called:
a. Mitigation
b. Preparedness
c. Response
d. Recovery

“This aspect of emergency management encompasses

actions taken before an event to plan, organize, equip, train,
and exercise in order to deal with emergencies that cannot
be avoided or entirely mitigated.” This is called:
a. Mitigation
b. Preparedness
c. Response
d. Recovery
POA: Crisis Management (Kindle Locations 19803-19804). ASIS International. Kindle
Edition.

“Activities providing a critical foundation in the effort to

reduce the loss of life and property from natural and/ or
manmade disasters by avoiding or lessening the impact of a
disaster and providing value to the public by creating safer
communities. This is referred to as:
a. Mitigation
b. Preparedness
c. Response
d. Recovery

“Activities providing a critical foundation in the effort to

reduce the loss of life and property from natural and/ or
manmade disasters by avoiding or lessening the impact of a
disaster and providing value to the public by creating safer
communities. This is referred to as:
a. Mitigation
b. Preparedness
c. Response
d. Recovery
Edition.
Which of the following statements is correct

concerning emergency management?
a. It can minimize the probability of natural
threats.
b. It can minimize the effects of human, accidental
and natural threats.
c. To mitigate the impact if the event occurs.
d. A risk analysis cannot help in emergency
planning.

Which of the following statements is correct

concerning emergency management?
a. It can minimize the probability of natural
threats.
b. It can minimize the effects of human, accidental
and natural threats.
c. To mitigate the impact if the event occurs.
d. A risk analysis cannot help in emergency
planning.
Edition.
“Non-deliberate adverse actions and events, such as

hazardous material spills and telecommunications
and computer outages, are considered which of the
following?
a. Natural threats
b. Human threats
c. Accidental threats
d. Organizational threats

“Non-deliberate adverse actions and events, such as

hazardous material spills and telecommunications
and computer outages, are considered which of the
following?
a. Natural threats
b. Human threats
c. Accidental threats
d. Organizational threats

Formal audits of emergency plans should be

conducted:
a. Annually
b. Every 2-years
c. Every 3-years
d. Every 5-years

Formal audits of emergency plans should be

conducted:
a. Annually
b. Every 2-years
c. Every 3-years
d. Every 5-years
POA: Crisis Management (Kindle Location 19880). ASIS


Which of the following is a correct statement

concerning all-hazard emergency operation plans?
a. Business continuity plans should be included in
in the organization’s security operations plan.
b. Business continuity plans should not be
included in in the organization’s security
operations plan.
c. Emergency operation plans should only be
developed by internal personnel.
d. Emergency operations plans should only be
stand-alone plans.
Which of the following is a correct statement concerning all-

hazard emergency operation plans?
a. Business continuity plans should be included in in the
organization’s security operations plan.
b. Business continuity plans should not be included in
in the organization’s security operations plan.
c. Emergency operation plans should only be developed
by internal personnel.
d. Emergency operations plans should only be stand-
alone plans.
POA: Crisis Management (Kindle Location 19892). ASIS International.
Kindle Edition.
In incident command management, when an

incident requires public safety response, who
becomes the incident commander?
a. The security manager.
b. The senior member of the organization’s
leadership.
c. The senior member of the responding agency.
d. The senior member of the responding security
team.

In incident command management, when an

incident requires public safety response, who
becomes the incident commander?
a. The security manager.
b. The senior member of the organization’s
leadership.
c. The senior member of the responding agency.
d. The senior member of the responding security
team.
POA: Crisis Management (Kindle Location 20044). ASIS International. Kindle Edition.

A collaborative approach to decision-making and a single

incident command post, with the agencies involved in the
incident participating in the process through direct
representation or through the ICS liaison officer, as
appropriate, is referred to as:
a. Incident command
b. Unified command
c. The command structure
d. Emergency coordination

A collaborative approach to decision-making and a single

incident command post, with the agencies involved in the
incident participating in the process through direct
representation or through the ICS liaison officer, as
appropriate, is referred to as:
a. Incident command
b. Unified command
c. The command structure
d. Emergency coordination

According to the ASIS International Emergency Planning

Handbook (2003, p. 46), “One of the most important
ingredients in effectively managing an emergency event is
___________.”
a. Communications
b. Leadership
c. Planning
d. Response

According to the ASIS International Emergency Planning

Handbook (2003, p. 46), “One of the most important
ingredients in effectively managing an emergency event is
___________.”
a. Communications
b. Leadership
c. Planning
d. Response

What is “interoperability”?
a. The ability of private security and the public
sector to work together.
b. The ability for the emergency responders to work
seamlessly with proprietary security forces.
c. The ability for security forces to communicate
with internal departments in an emergency.
d. The ability for different jurisdictions and
responding agencies to communicate with each
other wirelessly.

What is “interoperability”?
a. The ability of private security and the public
sector to work together.
b. The ability for the emergency responders to work
seamlessly with proprietary security forces.
c. The ability for security forces to communicate
with internal departments in an emergency.
d. The ability for different jurisdictions and
responding agencies to communicate with
each other wirelessly.
POA: Crisis Management (Kindle Location 20116). ASIS International.
Kindle Edition.

Implementation of the organization’s emergency

plan and control of the facility should be the
following person:
a. The Security Manager
b. The senior responding public safety person
c. The organization’s senior manager present on
site
d. The security officer

Implementation of the organization’s emergency

plan and control of the facility should be the
following person:
a. The Security Manager
b. The senior responding public safety person
c. The organization’s senior manager present on
site
d. The security officer
“The ability of an organization to resist being

affected by an event or the ability to return to an
acceptable level of performance in an acceptable
period of time after being affected by an event”, is
called:
a. Business continuity
b. Organizational resilience
c. Continuity of operations
d. Emergency operations plans

“The ability of an organization to resist being

affected by an event or the ability to return to an
acceptable level of performance in an acceptable
period of time after being affected by an event”, is
called:
a. Business continuity
b. Organizational resilience
c. Continuity of operations
d. Emergency operations plans
Edition.
In a bomb threat assessment, the threat evaluation

team (TET) is an important asset. Which of the
following statements is correct?
a. A large team is better than a smaller team.
b. The TET can manage several different sites.
c. The team’s final decisions are made by several
members.
d. A record keeper is an important part of the
team.

In a bomb threat assessment, the threat evaluation

team (TET) is an important asset. Which of the
following statements is correct?
a. A large team is better than a smaller team.
b. The TET can manage several different sites.
c. The team’s final decisions are made by several
members.
d. A record keeper is an important part of the
team.
Edition.
When dealing with suspected chemical or

biological agents that are released from a
suspicious package, what should be your FIRST
goal?
a. Limit distribution of the material
b. Call the police
c. Call security
d. Look after any staff exposed to the materials

When dealing with suspected chemical or

biological agents that are released from a
suspicious package, what should be your FIRST
goal?
a. Limit distribution of the material
b. Call the police
c. Call security
d. Look after any staff exposed to the materials
POA: Crisis Management (Kindle Location 21366). ASIS International. Kindle

Edition.
Who is BEST suited to conduct a preliminary search

for suspicious packages in the event of a bomb
threat?
a. People who work in that area
b. The responding fire department
c. The responding police
d. Responding security officers

Who is BEST suited to conduct a preliminary search

for suspicious packages in the event of a bomb
threat?
a. People who work in that area
b. The responding fire department
c. The responding police
d. Responding security officers

7
DOMAIN DOMAIN – CRISIS MANAGEMENT (10%)
October 2017
Shepp, CPP
Shepp, CPP

CPP Domain 7 Shepp

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CPP Domain 7 Shepp

Uploaded by

Copyright:

Available Formats

CERTIFIED PROTECTION PROFESSIONAL (CPP)

DOMAIN 1 – Security Principles & Practices (21%)

DOMAIN 2 – Business Principles & Practices (13%)

DOMAIN 3 – Investigations (10%)

DOMAIN 4 – Personnel Security (12%)

DOMAIN 5 – Physical Security (25%)

DOMAIN 7 – Crisis Management (10%)

October 2017 Dennis Shepp, CPP

Task 07/01 Assess and prioritize threats to

October 2017 Dennis Shepp, CPP

Task 07/01 Assess and prioritize threats to mitigate

October 2017 Dennis Shepp, CPP

October 2017 Dennis Shepp, CPP

POA: Crisis Management; CHAPTER 1.5.1 TYPES OF

telecommunications and computer outages.

October 2017 Dennis Shepp, CPP

POA: Crisis Management, CHAPTER 1.5.4 DEVELOPMENT OF

scope of the incident – cross-functional.

October 2017 Dennis Shepp, CPP

POA: CRISIS MANAGEMENT CHAPTER 1.8 BUSINESS

October 2017 Dennis Shepp, CPP

in other words, it does not matter what caused the

October 2017 Dennis Shepp, CPP

October 2017 Dennis Shepp, CPP

ANSI/ASIS/BSI BCM. 01- 2010.

October 2017 Dennis Shepp, CPP

October 2017 Dennis Shepp, CPP

• Federal Emergency Management Agency. (2010a).

disaster/ emergency management and business continuity

October 2017 Dennis Shepp, CPP

Task 07/02 Prepare and plan how the organization

October 2017 Dennis Shepp, CPP

October 2017 Dennis Shepp, CPP

October 2017 Dennis Shepp, CPP

07/02/05 Training and exercise techniques

POA: Crisis Management, CHAPTER 1.6.4 EMERGENCY

• During an emergency, the personnel managing the

October 2017 Dennis Shepp, CPP

techniques and notification protocols and training and

October 2017 Dennis Shepp, CPP

October 2017 Dennis Shepp, CPP

Task 07/03 Respond to and manage an incident

October 2017 Dennis Shepp, CPP

October 2017 Dennis Shepp, CPP

October 2017 Dennis Shepp, CPP

October 2017 Dennis Shepp, CPP

• These levels may aid organizations developing

Task 07/04 Recover from incidents by managing the

October 2017 Dennis Shepp, CPP

07/04/02 Short and long-term recovery strategies

07/04/03 Recovery assistance resources

07/04/04 Mitigation opportunities in the recovery

LOGISTICS, (Kindle Locations 20359-20366).

PRACTICE EXAM QUESTIONS

October 2017 Dennis Shepp, CPP

The four elements of emergency management are which of

October 2017 Dennis Shepp, CPP

The four elements of emergency management are which of

POA: Crisis Management (Kindle Locations 19786-19787). ASIS

October 2017 Dennis Shepp, CPP

“This aspect of emergency management encompasses

October 2017 Dennis Shepp, CPP

“This aspect of emergency management encompasses