How to Develop and Implement a Security Master Plan

Engage Stakeholders with a Long-Term Solution

The goal: Convince executive management to “buy in” to your security program, support it, and provide the largest possible amount of funding.

The solution: Develop a meticulously detailed long-term plan that sells decision-makers on the dire need for your program, and then maps out its direction and required budget.

Assess and Outline Security Risks to Map Out Mitigation Strategies
This practical guide details how to construct a customized, comprehensive five-year corporate security plan that synchronizes with the strategies of any business or institution. The author explains how to develop a plan and implementation strategy that aligns with an organization’s particular philosophies, strategies, goals, programs, and processes. Readers learn how to outline risks and then formulate appropriate mitigation strategies. This guide provides tested, real-world solutions on how to:

Conduct an effective, efficient assessment of the site and security personnel, meticulously addressing the particular needs of many different environments

Make decisions about security philosophies, strategies, contract relationships, technology, and equipment replacement

Interview executive and security management to determine their concerns, educate them, and ensure that they buy in to your plan

Use all gathered data to construct and finalize the Security Master Plan and then implement it into the management of the business

Apply Insights from an Expert with Global Experience at the Highest Level
Author Tim Giles worked at IBM for 31 years serving as Director of Security for the company’s operations in the United States and Canada, as well as Latin America and Asia-Pacific. His immeasurable experience and insight provide readers with an extraordinarily comprehensive understanding that they can use to design and execute a highly effective, tailored security program.

Rating: (out of 3 reviews)

List Price: $ 79.95

Price:

This entry was posted by admin on October 6, 2010 at 3:08 pm, and is filed under House Plans. Follow any responses to this post through RSS 2.0.You can leave a response or trackback from your own site.

Comments (3)
Related Posts

#1 written by Ronald R. Baklarz Jr. 1 year ago

Review by Ronald R. Baklarz Jr. for How to Develop and Implement a Security Master Plan
Rating:
“How to Develop and Implement a Security Master Plan” by Timothy D. Giles CRC Press ISBN 978-1-4200-8625-6 2009 by Taylor & Francis Group, LLC

Purchased for a little over $70.00 with the intent that the content would assist in aspects of security planning and development, the book did not meet my expectations. To begin, I find the use of illustrations to be puzzling and inane. For example, Figure 1.2 depicts a lineup of faceless, suit-jacketed hands writing in notebooks as the writer apparently felt the need to describe `project teams’. For workplace violence, Figure 2.1 is a photograph of a mean-faced man shouting into a cell phone. Instead of supporting the content, these and other illustrations appear to be scattered throughout much like one would see in a bad Power Point presentation.

Chapter 6 attempts to provide “Security and Computer Use Standards for Employees”. The author advises users to activate power-on passwords for boot-up, hard disks access as well as encrypting files, etc. While these are certainly worthwhile goals, having a disparate user base responsible for setting and maintaining these features on their systems in any sizable organization is un-manageable even with IT department assistance. The chapter also discusses the evils of Napster file sharing. In a book as recent as this – 2009, there are a number of more heinous file sharing sites that should be referenced since Napster has now been legitimatized and deals primarily in music versus filesharing. And for some reason, the seemingly generic standards specifically identify that Norton anti-virus program be used. Overall, the information security section is lacking on many levels.

Chapter 12 lays out the typical contents of a “security master plan.” Interestingly, there is no mention of information security. All aspects of the master plan center around physical security including the “Security Technology Plan” section which touches on physical access control, CCTV, etc.

While the physical security aspects of the book are somewhat better than the information security content, the overall criticism is that the book tries to cover too much area and never drills down deep enough in any one topic to be of any real value in developing security plans.

Ron Baklarz CISSP, CISA, CISM, NSA-IAM/IEM

June 7, 2009

Quote
#2 written by John R. Ryan 1 year ago

Review by John R. Ryan for How to Develop and Implement a Security Master Plan
Rating:
I read this book from the perspective of a Physical Security professional with 25 years of experience at the Federal, private and contract levels of the security business. Overall, my opinion of the book is that it is an excellent tool for the Property Manager, Facilities Manager or even CEO or COO to become familiar with the structures, processes and nomenclature of the Security world that they will be dealing with. Even if the CEO or COO have an executive level Security Officer they need to read chapters one and two to be able to converse intelligently about what they want in their security programs and what the key risks are that they face and need to plan to avoid. This book is not written from the standpoint that so many companies today seem to be leaning toward that information technology security is important and physical security is a necessary cost that should be minimized. Most of us in the Physical Security business have good computer skills but we look to the IT experts to stay on top of the latest systems security methodologies and software. To have a myopic view on either side of that equation is dangerous. Mr. Giles puts this balance into perspective. His emphasis of the need to start with a thorough Site Security Assessment is right on the mark. He has broken that process down into the logical subdivisions of Administration, Physical Security, Electronics and Information Security without getting so deep into any of them that the reader becomes discouraged. This is the primer in Security Master Plan development but it is not meant to be a graduate course in any of the individual aspects of Security. I have purchased several copies and use them to help my clients to develop a perspective on what they really want in their Security programs and to help my managers devise a plan to help them get there. This book is an excellent tool and should be on the reading list for every Security Professional!

Quote
#3 written by Paul G. Wellborn 1 year ago

Review by Paul G. Wellborn for How to Develop and Implement a Security Master Plan
Rating:
Mr. Giles has taken decades of experience and knowledge and complied all that any manager or director would need to develop an excellent master plan. I have reviewed Mr. Giles book and found it to be informative and a great tool for my own organizaion. The book will become part of an extensive list of recommended reading for all staff members. I have made it available to not only the security staff but property management as well. My thanks for Mr. Giles for making the next revision of my master plan much easier to improve.

Paul G Wellborn, CPP

Quote
Comment Feed for this Post