necessary; however, the security department employees should not be the
people taking the corrective action.
The remainder of this chapter discusses two major types of policies and pro-
cedures: the security manual and the emergency management plan. While other
policies and procedures are important, these two are universal among all types
The security plan is a written document that deﬁnes the organization’s secu-
rity mission, provides an overview of the complete security program, and iden-
tiﬁes all methods in use for the protection of organizational assets. The security
plan documents the organization’s security policies, procedures, functions,
measures, and strategies for providing a safe and secure environment and pre-
venting crime and other security incidents. It is a living document in that it
adapts as the organization’s security needs change and serves as a training aid
for security awareness across the organization. The security plan articulates
how the security program is usually organized through personnel and function
organizational charts, ﬂowcharts, and descriptions of speciﬁc countermeasures.
Security plans also describe the common security measures utilized through-
out the facility or facilities, as the case may be, and how these measures operate
on a daily, routine basis. Security responsibilities are clearly delineated, and reg-
ulatory compliance measures are described in detail. As described in the pre-
ceding section, the security awareness component should also be articulated in
the security plan. Threat-dependent measures and activities are enumerated in
the security plan. The security plan also sets forth guidelines for quality control,
benchmarking against industry best practices, and metric development and
As a written document, the organization’s security plan deﬁnes the security
mission. What is a security mission? In its most basic form, the mission of any
security program is the protection of assets. Depending on the nature of the
organization or facility in need of protection, the mission may be more
complex or unique. For example, a hospital’s mission statement may encom-
pass not only security for the facility, but also the maintenance of a safe envi-
ronment for patients and their families. The security plan, as an overview of
the complete security program, identiﬁes the many and various ways in which
security is provided. These methods include policies and procedures, physical
security measures, and security personnel. While a proper balance is ideal, some
organizations may rely more heavily on one of these general security measures,
and thus the security plan will focus on that measure.
176 Strategic Security Management
Get Strategic Security Management now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.