Protection of Federal Office Buildings Against Terrorism (1988)

Chapter: Guidelines for Security Management

Visit NAP.edu/10766 to get more information about this book, to buy it in print, or to download it as a free PDF.
Previous Chapter: Federal Office Buildings and the Threat of Terrorism
Page 7 Cite Bookmark
Suggested Citation: "Guidelines for Security Management." National Research Council. 1988. Protection of Federal Office Buildings Against Terrorism. Washington, DC: The National Academies Press. doi: 10.17226/9808.
Save
Cancel

Page 7

2

Guidelines for Security Management

INTRODUCTION

The committee believes strongly that each federal office building should have an ongoing building security program as part of its facility management function. It should be adopted and administered by the appropriate management element in the organization. The building security program should encompass basic building security matters (i.e., routine protection of persons, property, and information) as well as protection strategies against extraordinary events such as a terrorist act. A security program can be defined as a combination of systems, elements and people joined together to meet the specific needs of any business, industry, institution, or organization for protection, prevention, detection, enforcement, investigation, emergency service, or public service (Post and Schachtsiek, 1986).

MANAGEMENT OF A BUILDING SECURITY PROGRAM

The overall security of a federal office building and the persons and information housed within it is the responsibility of the organization that owns and occupies the building. With new buildings, the top management of organizations should insure that security

Page 8 Cite Bookmark
Suggested Citation: "Guidelines for Security Management." National Research Council. 1988. Protection of Federal Office Buildings Against Terrorism. Washington, DC: The National Academies Press. doi: 10.17226/9808.
Save
Cancel

Page 8

issues are addressed in the architectural programming and design phases. With all buildings, whether new or existing, management should ensure that appropriate procedures are developed to address all levels of terrorist threat.

Responsibility for security activities should be assigned to a security planning group and a security management team, established by top management. The security planning group should establish overall policy in terms of security issues, develop a building security program, and serve as the liaison entity with individuals or groups outside the organization such as the local police or the FBI. Membership in the security planning group should include those best able to assess the following: (1) mission criticality of the building or organizations within the building, (2) the likelihood that the building or organizations within the building would be a terrorist target, (3) requirements for the safety of employees, (4) requirements for classified material and other critical assets, and (5) legal and financial considerations of security measures.

The security management team should manage the day-to-day operation of a building security program. A security management team should consist of security specialists, the facility manager (or representative), and others deemed appropriate by the facility manager. In some cases, non-government tenants such as those that hold valuable assets on the premises (e.g., banks and jewelry stores) or government contractors that require certain mandatory security measures, may participate on the security management team.

The building security program should be prepared in collaboration with the building owner (even for non-government owned buildings), local law enforcement agencies, and outside consultants as needed. Since security programs frequently include modifications to the building (such as restrictions when and where people can enter and leave the building) life safety requirements should also be coordinated with the local fire department or other appropriate organizations.

A BUILDING SECURITY PROGRAM

Elements

A building security program consists of four major elements: (1) policies and procedures, (2) personnel, (3) facilities, and (4)

Page 9 Cite Bookmark
Suggested Citation: "Guidelines for Security Management." National Research Council. 1988. Protection of Federal Office Buildings Against Terrorism. Washington, DC: The National Academies Press. doi: 10.17226/9808.
Save
Cancel

Page 9

systems and equipment. The effectiveness of the program depends upon the interaction of these elements; relying on any one element to the exclusion of the others will compromise the program.

Policies and procedures, the formalized ways in which various security functions are carried out, are key to the entire security effort. They include security plans, threat analyses, instructions and manuals, standards of performance, and criteria for facilities and systems. For example, Table 2-1 shows a recommended table of contents for an office building security manual.

Retaining a team of personnel that is well equipped and highly motivated is essential to the success of a building security program. Personnel must be knowledgeable about potential adversaries and, most importantly, must be able to respond to surprises. Important considerations include recruitment, selection, training, and support.

The building itself is a key element of a security program, including the degree to which the building is hardened (physically strengthened to withstand greater levels of attack, such as bomb blasts), the designated entry and exit points, and the existence and location of vaults, secure rooms, response force facilities, barriers, and structures designed to withstand ballistic attacks.

Security technology in the form of systems and equipment is employed primarily to complement the capability of the human security force. Systems and equipment include personal security equipment (such as arms and munitions, vehicles, and communications equipment) and electronic security systems (such as intrusion detection systems, automated entry and access control systems, and surveillance and assessment equipment). Security systems and equipment can allow for more comprehensive coverage, earlier indication of an intrusion, quicker assessment of the nature of the attack, and a more tailored and focused response. Electronic security systems can also provide the opportunity for fewer individuals to be assigned to traditional guard duty activities. While security technology enhances the capability of the security force, it places greater demands on the alertness, judgment and training of security force personnel. The building security program should include a plan for continuous maintenance of the systems and equipment.

When selecting security systems and equipment for a particular building, it is important that the security force and the maintenance personnel be provided with adequate training to operate and maintain the systems and equipment. It is also important that

Page 10 Cite Bookmark
Suggested Citation: "Guidelines for Security Management." National Research Council. 1988. Protection of Federal Office Buildings Against Terrorism. Washington, DC: The National Academies Press. doi: 10.17226/9808.
Save
Cancel

Page 10

the ergonomic design—the design of the workplace—encourage an alert and active security force.

TABLE 2-1 Example of a Table of Contents for an Office Building Security Manual

GENERAL OFFICE BUILDING COMPLEX SECURITY MANUAL

Foreword

Introduction

Part I:

General office complex: Its buildings, its people

Organization chart: General office complex

Organization chart: Security department

Map of building locations

Part II:

Organization of security services

Responsibilities of director of security, security sergeant, security officer

Part III:

General duties of the security force

General outline of duties of members of security force

Part IV:

Authority as a special deputy

Right to arrest

Right to detain and question

Part V:

Deportment and general appearance

Code of ethics

Deportment

Personal appearance

Part VI:

Special police equipment

Use of baton, handcuffs, chemical mace, walkie-talkies

Part VII:

Preventive patrolling

Preventive patrol, building patrol

Aggressive patrol

Part VIII:

The things security officers must keep in mind

Increasing your powers of observation

Part IX:

General orders for security officers General orders: How they are given and how they are to be carried out

Part X

Investigation report

Daily security report

Who, what, when, where, how

Index to sample reports

Sample reports

Part XI:

Special emergencies

Fires

Disasters, internal and external

Bomb threats

Summary

Source: Post and Schachtsiek, 1986.
Page 11 Cite Bookmark
Suggested Citation: "Guidelines for Security Management." National Research Council. 1988. Protection of Federal Office Buildings Against Terrorism. Washington, DC: The National Academies Press. doi: 10.17226/9808.
Save
Cancel

Page 11

Functions

A building security program has at least six functions: (1) deterrence, (2) delay, (3) detection, (4) alerting, (5) response, and (6) neutralization.

Deterrence is the ultimate goal of any building security program in that it discourages potential attacks because the building is so well protected. The delay function comes into play when an attack is launched and involves the combination of the security force and physical attributes such as barriers, locks, and traffic flow systems that will slow an attack in order to provide more response time.

The building security program should include a detection capability so that, as soon as possible after an attack is launched, the security force can be activated. Once an attack is detected, a fourth function, alerting, comes into play. This involves communicating the nature and location of the attack using clear and quick methods.

The fifth function of a building security program is the response itself, the purpose of which is to interdict the adversary. Neutralization involves controlling the adversary, thus eliminating the immediate threat.

DEVELOPING, EVALUATING AND IMPLEMENTING A BUILDING SECURITY PROGRAM

The committee recognizes that all federal office buildings are not equally threatened. Highly visible or symbolic buildings (such as courthouses) and office buildings housing controversial agencies are subject to higher levels of threat. Office buildings can contain information (such as intelligence or military records) that may be a target. Buildings may house high ranking political or military leaders that could be targeted by terrorist groups. The level of threat against a particular building may change over time as conditions change. Because of this, agencies should develop a building security program that is frequently reviewed and revised to keep current with changes in the agency's mission, functions, personnel and facilities, and with changes in the the nature of the threat.

Page 12 Cite Bookmark
Suggested Citation: "Guidelines for Security Management." National Research Council. 1988. Protection of Federal Office Buildings Against Terrorism. Washington, DC: The National Academies Press. doi: 10.17226/9808.
Save
Cancel

Page 12

Developing a Building Security Program

A building security program should be developed by the security planning group. The planning group should consider calling on physical security specialists to assist in the development of the program. Regardless of the composition of the security planning group, the major steps in developing and maintaining an effective building security program follow:

1. Identify potential targets (people, information, the building itself) and evaluate their relative attractiveness to terrorists.

2. Establish priorities for protecting the targets identified.

3. Assess the vulnerabilities of the potential targets.

4. Evaluate the building security program in light of the nature of the threat, under routine security conditions as well as under actual threat (threat alert) conditions. Evaluate the program with respect to the four elements of the program (policies and procedures, personnel, facilities, and systems and equipment).

5. Implement regular training of security personnel and sensitize the security planning group to changes in the field.

6. Conduct periodic operational testing of the building security program (at least twice a year). The testing should involve the entire building, as well as outside support personnel who would be needed in the event of a hostile incident. Such testing should emphasize the internal and external communication networks involved in the security program.

7. Modify the building security program and renovate the building as needed.

Evaluating the Building Security Program

Evaluation of the building security program should determine the program's effectiveness with respect to the four major security program elements. In order to be effective, the security program should clearly describe how to identify potential terrorist targets, how to establish priorities for protection, how to assess the vulnerability of targets, and how to revise and maintain the building security program. The specific responsibilities of personnel should be clearly defined and the individuals responsible should be named, with telephone numbers provided. In addition, a building security program should be evaluated in terms of the training materials, programs and schedules that are provided to educate personnel on

Page 13 Cite Bookmark
Suggested Citation: "Guidelines for Security Management." National Research Council. 1988. Protection of Federal Office Buildings Against Terrorism. Washington, DC: The National Academies Press. doi: 10.17226/9808.
Save
Cancel

Page 13

the nature of the threat, and the security policies and procedures of the program.

Implementing the Building Security Program

Successful implementation of a building security program requires visibility, which is only possible through the active participation of the top management of the organization. In addition, effective implementation and execution of the program depend on everyone knowing his or her role and being able to execute it as a normal part of the daily routine. The smooth operation of a security program results from frequent training and rehearsal sessions organized by the security management team.

TEMPORARY SECURITY MEASURES

Changes in the nature and level of threats require that the security management team maintain a program of temporary security measures. These temporary responses are contingency plans for increased levels of security that are imposed when external conditions warrant. Examples of such temporary actions include closing non-essential access points, reducing the number of individuals granted access to critical areas of the building, increasing the number of personnel in the security force, and, if appropriate, establishing temporary barriers. When advised of a reduction in threat levels, measures put into place on a temporary basis should be reviewed. Those that substantially inhibit the functioning of the organization or the operation of the building should be removed. Temporary measures that enhance security without hindering individual or organizational performance should be considered for permanent incorporation in the building.

ROLES AND RESPONSIBILITIES OF A SECURITY MANAGEMENT TEAM DURING AND AFTER A HOSTILE ATTACK

Crisis management is essentially the management of surprise. It attempts to limit the damage from a surprise occurrence and to resume normal operations. Surprise occurrences include earthquakes, floods, industrial accidents, and fires as well as terrorist acts. The success of the response in each case is the direct result of

Page 14 Cite Bookmark
Suggested Citation: "Guidelines for Security Management." National Research Council. 1988. Protection of Federal Office Buildings Against Terrorism. Washington, DC: The National Academies Press. doi: 10.17226/9808.
Save
Cancel

Page 14

the thoroughness of prior contingency planning and training. The most critical requirement is to identify which agencies and individuals in those agencies are required to handle the consequences of these events. Quick communication between the security management team and these individuals, even in situations where conventional telephone and power systems are out of action, is essential.

The roles of each internal and external group (such as fire fighters, utility people, food service personnel, first aid and emergency medical teams) must be established in advance to insure quick and effective action. Operational testing of the building security program should be conducted and modified until the functions are clearly understood and major problems eliminated. Such operational tests are justified not only by the threat of a terrorist attack, but by the chance of any surprise occurrence or disaster which would require the same plans and resources.

TARGETS, PRIORITIES, AND VULNERABILITIES

Because terrorists use violence to further political or social objectives, targets are often selected to create a sense of outrage and shock. The publicity accompanying such acts provides the terrorist with an image of invincibility and impunity. As a symbolic act, it generates a greater sense of outrage when perpetrated against a national symbol, an activity of the government, or a popular or highly-placed citizen. Shock value increases if the target appears to the public as innocent in the political struggle and if the act is executed in a very violent fashion.

Terrorist methods include hostage taking, or assaults on personnel (including assassination), destroying or stealing records or valuable information, and damaging or destroying property, such as public buildings. Potential targets should be considered for their symbolic value, their functional value, the terrorists' accessibility to the targets, and the nature and location of protective measures.

A building security program should be organized in consideration of protection of persons in or around the building as the highest priority. It should also recognize that the terrorists may target a critical operational function for destruction (including destroying the building itself) to demonstrate that a government can

Page 15 Cite Bookmark
Suggested Citation: "Guidelines for Security Management." National Research Council. 1988. Protection of Federal Office Buildings Against Terrorism. Washington, DC: The National Academies Press. doi: 10.17226/9808.
Save
Cancel

Page 15

be crippled by not protecting a vital part of its operations. Priorities for protection must consider the importance of protecting human life and critical federal functions, as well as the accessibility of the building and the practicality of affording protection at a reasonable cost.

NOTE

Post, R.S. and D.A. Schachtsiek. 1986. Security Manager's Desk Reference. London: Butterworth Publishers.

Page 16 Cite Bookmark
Suggested Citation: "Guidelines for Security Management." National Research Council. 1988. Protection of Federal Office Buildings Against Terrorism. Washington, DC: The National Academies Press. doi: 10.17226/9808.
Save
Cancel

Page 16

Page 7 Cite Bookmark
Suggested Citation: "Guidelines for Security Management." National Research Council. 1988. Protection of Federal Office Buildings Against Terrorism. Washington, DC: The National Academies Press. doi: 10.17226/9808.
Save
Cancel
Page 7
Page 8 Cite Bookmark
Suggested Citation: "Guidelines for Security Management." National Research Council. 1988. Protection of Federal Office Buildings Against Terrorism. Washington, DC: The National Academies Press. doi: 10.17226/9808.
Save
Cancel
Page 8
Page 9 Cite Bookmark
Suggested Citation: "Guidelines for Security Management." National Research Council. 1988. Protection of Federal Office Buildings Against Terrorism. Washington, DC: The National Academies Press. doi: 10.17226/9808.
Save
Cancel
Page 9
Page 10 Cite Bookmark
Suggested Citation: "Guidelines for Security Management." National Research Council. 1988. Protection of Federal Office Buildings Against Terrorism. Washington, DC: The National Academies Press. doi: 10.17226/9808.
Save
Cancel
Page 10
Page 11 Cite Bookmark
Suggested Citation: "Guidelines for Security Management." National Research Council. 1988. Protection of Federal Office Buildings Against Terrorism. Washington, DC: The National Academies Press. doi: 10.17226/9808.
Save
Cancel
Page 11
Page 12 Cite Bookmark
Suggested Citation: "Guidelines for Security Management." National Research Council. 1988. Protection of Federal Office Buildings Against Terrorism. Washington, DC: The National Academies Press. doi: 10.17226/9808.
Save
Cancel
Page 12
Page 13 Cite Bookmark
Suggested Citation: "Guidelines for Security Management." National Research Council. 1988. Protection of Federal Office Buildings Against Terrorism. Washington, DC: The National Academies Press. doi: 10.17226/9808.
Save
Cancel
Page 13
Page 14 Cite Bookmark
Suggested Citation: "Guidelines for Security Management." National Research Council. 1988. Protection of Federal Office Buildings Against Terrorism. Washington, DC: The National Academies Press. doi: 10.17226/9808.
Save
Cancel
Page 14
Page 15 Cite Bookmark
Suggested Citation: "Guidelines for Security Management." National Research Council. 1988. Protection of Federal Office Buildings Against Terrorism. Washington, DC: The National Academies Press. doi: 10.17226/9808.
Save
Cancel
Page 15
Page 16 Cite Bookmark
Suggested Citation: "Guidelines for Security Management." National Research Council. 1988. Protection of Federal Office Buildings Against Terrorism. Washington, DC: The National Academies Press. doi: 10.17226/9808.
Save
Cancel
Page 16
Next Chapter: Threat Assessment and Vulnerability Analysis
Subscribe to Emails from the National Academies
Stay up to date on activities, publications, and events by subscribing to email updates.