Sec Prin and Mgmt Flashcards

Question

The risk assessment should identify activities, operations, and process that need to be managed. What are the elements should be included from the outputs of risk assessment?

Answer 1

a) A prioritized risk register identifying treatments to manage risk b) Justification for risk acceptance c) Identification of critical control points (CCP);and d) Requirements for supplier, distributor, outsourcing and subcontractor controls

Answer 2

a) Consistency with the ORMS policy b) Significant risk c) Brand, reputation and human right impacts d) Integrity of information e) Financial, operational, and business requirements g) Legal, regulatory, contractual and other requirements

Answer 3

By rendering them securely backed‐up, accessible only to authorized personnel and protected from unauthorized disclosure, modification, deletion, damage, deterioration or loss

Answer 4

The organization shall establish planning, security incident management, response and or recovery team(s) with defined roles, appropriate authority, adequate resources and rehearsed operational plans and procedures

Answer 5

Identify incident indicators and impact thresholds that justify initiation of a formal response; Assess the natural and extent of a potential undesirable or disruptive event and its impacts; Initiate an appropriate response to avoid, protect, mitigate or manage a potential undesirable or disruptive event

Answer 6

a) Consistency with legal, regulatory and contractual requirements b) Education and employment history review c) Personal references d) Military and security services records check e) Review of possible criminal records and others

Answer 7

An organization shall investigate allegations expeditiously and impartially with due consideration to confidentially and restrictions imposed by jurisdictional law.

Answer 8

a) Safeguard life and assure the safety of internal and external stakeholders b)Protect assets c) Prevent further escalation of the incident d) Minimize disruption to operations e) Restore critical operational continuity and others

Answer 9

The organization shall adopt a “protection in depth” or layered protection strategy to develop a cost effective and robust approach to deter, detect, delay and respond from risk and threats to the organization and its assets

Answer 10

The associated risks before their implementation and the potential to create new or modify existing risks.

Answer 11

(a) Supply and demand requirements (demand signals) are comprehended incapacity planning (b) Contingencies and appropriate redundancies provide protection in depth and address single point failures (c) Processes are in place to validate supply chain responses (d) There is a feedback loop to know if past risk control and countermeasures are changing as part of design, engineering or process changes, or a decision to outsource certain activities (e) That planned changes are controlled and the unintended charges reviewed and appropriate action is taken

Answer 12

The organization shall assess the performance and effectiveness of the ORMS by evaluating plans, procedures, and capabilities through periodic assessments, testing, posts incident reports, lessons learned, performance evaluations and exercises

Answer 13

The report shall assess the appropriateness and efficacy of the organization’s ORMS plans, processes, and procedures including nonconformities and should propose corrective and preventative action

Answer 14

To confirm its continuing suitability, adequacy and effectiveness

Answer 15

Through use of ORMS policy, objectives, results, analysis of monitored events, corrective and preventive actions and management review

Answer 16

A gap analysis will enable the organization to compare its actual performance with the potential performance needed to meet its objective. The gap analysis should cover five key areas: a) Identification of risks b) The capacity to identify and pursuer opportunities c) Identification of applicable legal, regulatory, contractual and other requirements to which organization subscribe d) Evaluation of existing risk management practices and procedures e) Evaluating previous emergency situations and disruptive events.

Answer 17

Checklists, conducting interviews, direct inspection and measurement, benchmark against best practices, or result of previous audits or other reviews

Answer 18

The management systems approach is characterized by: a) Understanding the context and environment within which the system operates b) Identifying the core elements of system, as well as the system boundary c) Understanding the role or function of each element in the system; and d) Understanding the dynamic interaction between elements of the system

Answer 19

Value of an asset and service should be considered within the context of how the assets contribute the organization’s achievement of its objectives. In addition, to considering the monetary value of assets, valuation should consider how the assets fits within the value chair of the organization and its relative value in achieving strategic, tactical, operational and reputational objectives

Answer 20

The risk assessment provides a basis for evaluating the adequacy and effectiveness of current controls in place, as well as decisions on the most appropriate approaches to be used in managing and treating risks. It identifies those risks that should be addressed as a priority by the organization’s ORMS. The risk assessment provides the foundation for setting objectives, targets and programs within the management system, as well as measuring the efficacy of the ORMS.

Answer 21

(a) Outcomes of the risk assessment change; (b) Objectives and targets are modified or added (c) Relevant legal requirements are introduced or changed; (d) Substantial progress in achieving the objectives and targets has been made (or has not been made) (e) Activities, products, services, processes, or facilities change or other issues arise

Answer 22

The most appropriate strategy or strategies should depend on a range of factors such as: (a) Results of the organization’s risk assessment; (b) Costs of implementing a strategy or strategies; and (c) Consequences of inaction

Answer 23

a) The policies and limits to be held by the organization should be specified in the contract; b) The jurisdiction of the policy and in the event of a dispute; c) The territorial limitations; d) Limitations of indemnity; e) Coverage of all activities, including use of weapons; f) Activities of subcontractors, and g) Contractual obligations

Answer 24

Problem assessment is an evaluative process of decision making that will determine the nature of the issue to be addressed and severity assessment is the process of determining the severity of the disruption and what any associated consequences

Answer 25

Functional exercise is walk through or specialized exercise simulating a scenario as realistically as possible in a controlled environment and full scale exercise is live or real life exercise simulating a real time, real life scenario

Answer 26

A business impact analysis provides a structure approach to gaining information about the critical activities, functions, and processes of the organization and associated resources necessary for an organization to mitigate the impacts of undesirable and disruptive events

Answer 27

The purpose of BIA is to determine criticality of business function, estimate maximum downtime that can be tolerated while maintaining viability as well as determine resource requirement to resume critical operations

Answer 28

Crime prevention design solutions should be integrated into the design and function of the buildings, or at least the location where they are being implemented. CPTED relies on an awareness of how people use space for legitimate and illegitimate purpose.

Answer 29

To choose the right physical security measures and apply them appropriately, it important to first conduct a risk assessment

Answer 30

Building envelope: The separation between the interior and the exterior environments of a building. It serves as the outer shell to protect the indoor environment as well as to facilitate its climate control

Answer 31

Risk assessment: The process of assessing security‐related risks from internal and external threats‐to an entity, its assets, or personnel

Answer 32

Risk management: A business discipline consisting of three major functions: loss prevention, loss control and loss indemnificatory

Answer 33

Routinely activity theory suggests that a suitable guardian will prevent criminal activity from occurring. Criminals will generally avoid targets or victims when police, security, door staff, neighbours or others are in position to observe and react

Answer 34

CCT rating: Corrected Colour Temperature (CCT) is a measure of the warmth or coolness of a light. It is measured in degrees Kelvin which is the Centigrade (Celsius) absolute temperature scale where 0OK is approximately 272OC

Answer 35

Security survey: A thorough physical examination of a facility and its systems and procedures, conducted to assess the current level of security, locate deficiencies and gauge of protection needed.

Answer 36

Stand‐off distance/ set back: The distance between the asset and the threat, typically regarding an explosive threat.

Answer 37

Tailgating: To follow closely. In access control, the attempt by more than one individual to enter a controlled area by immediately follows an individual with proper access. Also called piggybacking

Answer 38

Natural or Architectural measures Designing of space to ensure the overall environment works more effectively for the intended users; while at the same time deterring crime. A space will naturally have less opportunity for criminal activity when it is effectively used. Poor layout reduces the ability of intended users to apply appropriate measures

Answer 39

Progressive collapse: Occurs when the failure of a primary structural element results in the failure of adjoining structural elements, which in turn causes further structural failure. The resulting damage progresses to other parts of the structure, resulting in a partial or total collapse of the building

Answer 40

Risk: The likelihood of loss resulting from a threat, security incident, or event

Answer 41

Threat: An action or event that could result in a loss; an indication that such an action or event might take place

Answer 42

Throughput: The average rate of flow of people or vehicles through an access point

Answer 43

Token: An electronically encoded device (i.e. a card, key‐fob, etc.) that contains information being read by electronic devices placed within or at the entry and exit points of a protected facility

Answer 44

Organizational measures: Focus on policies activities that encourage observation, reporting and where appropriate intervention this would include education for individuals and groups of strategies they can take to protect themselves and the space they occupy. It would also entail routine patrol and enforcement by security, law enforcement or others.

Answer 45

Natural territorial reinforcement boundary definition: Establishing a sense of ownership by facility owners or building occupants to define territory to potential aggressors and to assist legitimate occupants or users to increase vigilance in identifying who belongs on the property and who does not. The theory holds that people will pay more attention to and defend a particular space or territory from trespass if they feel a form of "psychological ownership" in the area. Thus, it is possible‐through real or symbolic markers‐to encourage tenants or employees to defend property from incursion

Answer 46

a) low‐security applications, (b) barbed wire, razor wire, or metal spikes, (c) no wider than 1‐3/4 inches, (d) 50 inches apart (e) protected side of the building.

Answer 47

Wherever possible and practical, a clear zone should separate a perimeter barrier from structures inside the protected area. The width of the clear zone will depend upon the threat that is being protected against. An exception can be made when a building wall constitutes part of the perimeter barrier

Answer 48

The following are some design features that enhance security(Chain Link Fence Manufactures Institute, 1997): 1‐Height: The higher the barrier, the more difficult and time‐ consuming it is to breach. For low security requirements, a 5‐6 ft. (1.5‐1.8 meter) fence may be sufficient; for medium security, a 7 ft. (2.1meter) fence may be appropriate; and for high security (such as a prison), an 18‐20 ft. (5.4‐6.0 meter) fence maybe required, 2-Barbed wire: Barbed wires vary in gauge, coating weight, number of barbs, and spacing of barbs. If chain link or expanded metal fences are intended to discourage human trespassing, barbed wire should be installed atop the fence on an outward facing top guard at a45 degree angle, 3‐Bottom rail: Properly anchored, this prevents an intruder from forcing the mesh up to crawl under it, 4‐ Top rail: A horizontal member of a fence top to which fabric is attached with ties or clips at intervals not exceeding two feet. A top rail generally improves the appearance of a fence, but it also offers a handhold to those installed.

Answer 49

The “broken windows” theory suggests that an abandoned building or car can remain Unmolested indefinitely, but once the first window is broken, the building or car is quickly vandalized. Maintenance of building and its physical elements (such as lighting, landscaping, paint, signage, fencing and walkways) is critical for defining territoriality

Answer 50

Burying / Mow strip: Burying or installing a mow strip (concrete), in addition to a chain‐ link fabric 1 ft. (0.3 meters) or more, prevents an intruder from forcing the mesh up

Answer 51

Fence or wall can do the following: 1‐Give notice of the legal boundary of the premises, 2 Help channel entry through a secured area by deterring entry elsewhere along the boundary, 3‐Provide a zone for installing intrusion detection equipment and video surveillance system, 4‐Deter casual intruders from penetrating a secured area, 5‐'Force an intruder to demonstrate his or her intent to enter the property, 6‐ Cause a delay in access, thereby increasing the possibility of detection, 7‐Create a psychological deterrent, 8‐ Reduce the number of security officers required, 9‐Demonstrate a facility's concern for security

Answer 52

Compartmentalization: One of the basic CPTED strategies is to design multiple or concentric layers of security measures so that highly protected assets are behind multiple barriers. Layers of security strategies or elements start from the outer perimeter and move inward to the area of the building with the greatest need for protection. Each layer is designed to delay an attacker as much as possible. This strategy is also known as protection‐in‐depth (Fay, 1993, p672). If properly planned, the delay should either discourage a penetration or assist in controlling it by providing time for an adequate response

Answer 53

Double fence: An additional line of security fencing a minimum of10 ft. to 20 ft. (3 meters to 6 meters) inside the perimeter fence creates a controlled area and room for sensors or a perimeter patrol road between the fences

Answer 54

Welded wire fabric, which is cheaper than expanded metal, is generally used for lower risk applications.

Answer 55

The value of an asset being protected affects the amount of protection required.

Answer 56

A threat basis design strategy should be used when selecting physical barriers and the barriers designed to address the specific threats.

Answer 57

The most common perimeter barriers are fencing and walls. However, fences and walls usually only deter or delay entry‐they do not prevent it entirely

Answer 58

Chain‐link fences are quick to install, can be effective against pedestrian trespassers and animals and provide visibility to both sides of the fence.

Answer 59

Chain‐link fence fabric is made from steel or aluminum wire (which may be coated), which is wound and interwoven to provide a continuous mesh. It can be breached easily with a blanket, wire cutter, or bolt cutter.

Answer 60

Window film can be designed, tested, and applied to: 1‐Providevarying degrees of protection from intrusion or "smash and grab". It can generally be defeated with repeated attacks, 2‐Reduce injury from projectile shards of glass in case of an explosion or blast force, 3‐Reduceinjury from projectile penetration in case of extreme weather (i.e., hurricane or tornado

Answer 61

(a) a close wire grid, (b) simple 5 wire systems, (c) multi‐zoned systems with up to 50 wires, (d) 20 wires and are fitted to the inside of the chain link perimeter fence.

Answer 62

Electric security fences come in two forms: 1) the all live wire "deterrent" fence that relies on the human fear of electric shock; or more commonly 2) the "monitored" fence, where in addition to the fear factor, the fence will detect cutting or climbing of the wires and trigger an alarm. Monitored fences are usually integrated with intruder alarm or access control systems and‐increasingly‐with surveillance cameras.

Answer 63

Most building intrusions are effected through doors and windows

Answer 64

a) residual stresses (b) annealed glass. (c) serious injury, (d) there is a high risk of breakage and injury

Answer 65

Measures can be taken to strengthen the doors by adding steel plate for reinforcement anchoring frames, and adding kick plates, using set screws in hinges or spot welding hinges

Answer 66

a) Laminated glass, (b) for mitigating blast forces, (c) glass shattering

Answer 67

(a) Bullet‐resistant (b) many levels of ballistic resistance

Answer 68

Credential‐operated locks rely on a unique card or other device being presented to a card reader at a location where the access is being controlled. The system electronically checks the information (including the identification of the cardholder and the time period when access is permitted) on the card and compares it with the information already entry or denies access.

Answer 69

Key factors in hardening a facility include: 1‐ stand‐off distance, 2‐structural integrity of the premises against attack, 3‐ prevention of progressive collapse,4‐ redundancy of operating systems.

Answer 70

In a master key system

Answer 71

Blast curtains are made of reinforced fabrics that provide protection from flying materials in an explosion

Answer 72

Measures such as: 1‐Tokens or other items in the person’s possession(such as a metal key; a proximity, insertion, or swipe card or a photo identification card), 2‐Private information known by the individual (such as a password or personal identification number, 3‐ Biometric features of the person (such as fingerprint, hand geometry, iris and retinal patterns, signatures or speech patterns)

Answer 73

An adversary may use several types of attacks to defeat an access control point: 1‐Deceit: employee to permit entry, 2‐ Direct physical attack: The adversary uses tools to force entry into an area, 3‐Technicalattack: The adversary forges a credential, guesses a personal identification number, or obtains another person's credential.

Answer 74

Typically, the purposes of security lighting‐discouraging unauthorized entry, protecting employees and visitors on site, and detecting intruders‐are served both outdoor and indoor.

Answer 75

(a) one or more credentials (b) something that is inherent to you, (c) communication cabling distributed processor, (d) applications for request‐to‐exit devices for applicable doors.

Answer 76

Prevention of progressive collapse, accomplished by structural design that prevents the loss a primary structural member from causing the further failure of primary structural members beyond the local damage zone.

Answer 77

coded mechanism and the fastening device

Answer 78

(a) architecturally significant (b) mechanical latching otherwise (c) with safety codes.

Answer 79

Incandescent: These lamps are the least efficient, the most expensive to operate, and have a short life span

Answer 80

The quality of IDS and its components greatly affects its usefulness. Deficiencies can harm a security program by causing the system to: 1‐Fail to detect an intruder, 2‐Falsely report breaches(nuisance and unintentional) which generate costly and repeated deployment of security or law enforcement and maintenancepersonnel, 3‐Create excessive false activations so that alarms are ignored or security and law enforcement officers are called unnecessarily. (Many jurisdictions levy fines for excessive numbers of false alarm calls to police, 4‐Provide a false sense of security

Answer 81

How intensity of lighting can be measured? The right level or intensity of lighting depends on a site’s overall security requirements. Lighting intensity can be measured within instruments in lux and foot‐candles.

Answer 82

Streetlight: This projects a downward circular pattern illumination

Answer 83

Floodlight: This projects a medium to wide beam on a larger area. It is used in a variety of setting including the perimeters of commercial, industrial, and residential areas

Answer 84

Dual technology motion detectors are selectable to employ or both micro waves and inferred technologies in a single package. Selecting both technologies reduces the false alarm rate and detection sensitivity

Answer 85

High‐pressure sodium: These lamps are energy efficient and have a long life span, but poor colour rendition for video surveillance system. They are often applied on streets and parking lots, and their particular quality of light enables people to see more detail at greater distances in fog.

Answer 86

(a) illuminate potential intruders (b) at the perimeters of industrial sites

Answer 87

Capacitance devices: Often used with various metallic products such as safes and vaults, these devices detect changes in electrical capacitance) low voltage is applied to the protected items. If an object or person approaches or touched the protected item, the voltage (non‐harmful) discharges, altering the capacitance level and causing an alarm

Answer 88

Fluorescent: Fluorescent lamps are more efficient than incandescent lamps but are not used extensively outdoors, except for underpasses, tunnels, and signs.

Answer 89

Mercury Vapor Lamp

Answer 90

Metal halide: They are often used at sports stadium because they imitate daylight; for the same reason they work well with video surveillance system by providing accurate color rendition

Answer 91

Induction: Induction lamps have a long life and, similar to fluorescent lamps, are utilized mainly indoors, except for parking structures underpasses, and tunnels.

Answer 92

Duress/Panic alarms: Wired switches, person‐down devices, wireless pushbutton transmitters, “Lack of Motion" devices, emergency notification call boxes, etc., are some of the device types which are employed to protect personnel by transmitting assistance alarms. These alarms should be of the highest priority level

Answer 93

Different functions require different fields of view. For camera functional requirement one most considers three factors: 1‐ target, 2‐activity, 3‐ purpose

Answer 94

Network Video Recorders (NVR): A NVR is an internet protocol based device that sits on a network. Because they are IP based, NVR scan be managed remotely via a LAN WAN, GAN, or over the Internet.

Answer 95

A motorized vari‐focal lens is used to expand or narrow the field of view providing enhanced viewing flexibility.

Answer 96

Time‐lapse (analog) recorder: These recorders are designed to make a two‐hour cassette record up to 900 hours by allowing‐time to lapse between recorded images. Instead of a full 25 frames (FAL) or 30frames (NTSC) of video information being recorded each second, a time‐lapse recorder may capture only a fraction as many frames. The strongest market for the time‐lapse machine is retail, industrial, and long-term surveillance.

Answer 97

A potential drawback to PTZ camera applications is that the camera is out of position, unable to capture an event as it is happening. Most PTZ camera applications are used for assessment or video patrol purpose

Answer 98

a) for analog cameras b) without media transformer

Answer 99

Intelligent video analytics: Uses can include the recognition of certain events and conditions, such as an unattended package or vehicle, or movement by an animal versus a human being.

Answer 100

Approach as opposed to a components approach. A systems approach examines how equipment will work with other elements of the video surveillance system, with other workplace systems, and with the environment in which it is needed. This approach results in a video surveillance system that operates effectively and satisfies a facility's needs

Answer 101

Image quality is also affected by excessive shadows (light to dark ratio), lens glare and backlighting

Answer 102

Keys: A fundamental tool to most security officer positions. Care should be taken to ensure that all keys are accounted for at the beginning and end of shift. Additionally, proper care should be taken so that damage to keys does not occur

Answer 103

Frames per Seconds (FPS): Recorders may discard image frames to save storage space. If too many are discarded – that is, if the system records only one or two frames per second then fast moving action may not be captured or items in the scene may seem simply to appear or disappear.

Answer 104

The focal length of the lens determines the size (width and height) of the scene viewed measured in millimeters and are characterized as telephoto standard or wide angle Varifocal lenses are often used in applications that require a zoom capability. The lens’s iris, which opens and close to controls the quantity of light that reaches the camera’s sensing element, may be manual or automatic.

Answer 105

The major types of video surveillance cameras are: 1‐ analog, 2‐IP (Internet protocol), 3‐ Infrared, 4‐ thermal

Answer 106

The availability of power can greatly affect a video surveillance system budget

Answer 107

Security Convergence: However, it is recognized that many security systems are increasingly being equipped with network connectivity to enable them to share a facility's network infrastructure. Planning for, implementation, and management of converged security solutions often requires partnerships between physical security, IT security, IT, and other corporate or organizational stakeholders.

Answer 108

due‐diligence

Answer 109

(a) every employee (b) security awareness program

Answer 110

Post orders: Post orders, which are sometimes called standard operating procedures, state the essential elements of security officers' work assignment

Answer 111

Policies and procedures can also form the basis for corrective action in the event of inappropriate behaviour or underperformance.

Answer 112

(a) at the executive level (b) overall business objectives

Answer 113

Mixed standard

Answer 114

Management-buy-in

Answer 115

Redundant security scheme

Answer 116

Cost-effectiveness

Answer 117

Planning, Management, Evaluation

Answer 118

Risk avoidance

Answer 119

By demonstrating that consequences to the enterprise in real cost is greater if the level of support for the security program is reduced

Answer 120

Evidence of losses avoided through security countermeasures

Answer 121

Private police Civilian employees of police agencies Auxiliary (Volunteer) officer

Answer 122

Organization’s culture

Answer 123

Efficiency VS cost

Answer 124

Organizational strategy

Answer 125

Work closely with the manager whose team will be most affected by the policies

Answer 126

Specific description of where the business will be in the long-term

Answer 127

Conformance to customer requirement

Answer 128

Who is the customer

Answer 129

For hiring skilled, technical and non-entry managerial level personnel

Answer 130

Hire external recruiters

Answer 131

Policies cover items the organization monitors and expects employees to confirm Some policies are driven by government regulations Not all policies have written procedures Policies should be useful and simple and should not over load employee

Answer 132

Understanding the relationship between asset protection and successful operation

Answer 133

Threat mutation Technology advances Transformation of business around the world

Answer 134

Identifying and analysing the organization problems

Answer 135

Taking into account adult learning style and current instructional design modules

Answer 136

Tracking and analyzing incidents

Answer 137

Likelihood of preventing losses Cost of implementation Value of avoided losses

Answer 138

Human factor

Answer 139

ISO/TC 223 societal security

Answer 140

Quality management systems Environment management system

Answer 141

Objectives

Answer 142

When the appropriate mix of physical, procedural and electronics security measures are in place in relation to the value of the assets being protected

Answer 143

People Property Information

Answer 144

Convergence

Answer 145

Manage risk by balancing the cost and benefits of protection

Answer 146

The principle of risk management

Answer 147

Surveillance technology Public/private partnership Convergence

Answer 148

Decreasing

Answer 149

Applied ethics

Answer 150

An incident reporting system

Answer 151

Pattern of shared basic assumption that the group learned

Answer 152

Serves as guideline for ethical conduct of all non members of a professional group

Answer 153

Information collection

Answer 154

Behavioural theories

Answer 155

Security manager at the headquarters

Answer 156

Planning, Organizing, Directing, Coordinating Controlling

Answer 157

Span of control

Answer 158

Demonstrate that the real cost to the enterprise would be greater if the level of support for security activities is reduced.

Answer 159

Make operational decision

Answer 160

Risk spreading

Answer 161

Ensure that software aggregates the data for analysis

Answer 162

Age of equipment Lack of training and familiarity with fire alarm system Lack of communication between staff and contractor working in the building

Answer 163

Provides a basis for professional efforts at asset recapture, recovery or incident reduction or termination

Answer 164

Forming an asset protection committee to develop an asset protection committee to developing an asset protection plan

Answer 165

Cost-effectiveness

Answer 166

Avoided losses plus recoveries made divided by the cost of the security program

Answer 167

Cost-effectiveness of the asset protection program

Answer 168

Cost-justification

Answer 169

Security metrics

Answer 170

Cost-effectiveness

Answer 171

Procedural controls

Answer 172

Return-on-investment

Answer 173

Salaries Operational Capital

Answer 174

Establishing that the probable real looses would not occur if the proposed asset protection measures were adopted

Answer 175

Risk analysis

Answer 176

Plan-Do-Check-Act

Answer 177

Ensure security budget expenditures are aligned with budget implementation plans

Answer 178

Preventing losses

Answer 179

Portfolio theory

Answer 180

Endorsements Riders

Answer 181

Set the directions Establish a professional setting Establish open exchange of information with subordinates

Answer 182

When employees can relate to the information presented and the way it is presented

Answer 183

Performance

Answer 184

Physiological

Answer 185

Risk assessment

Answer 186

Criticality

Answer 187

Financial terms (Currency)

Answer 188

Moderately serious

Answer 189

Risk spreading

Answer 190

First line managers

Answer 191

Implement its strategies

Answer 192

Key metrics and performance indicators

Answer 193

Organizational strategy

Answer 194

Business partners

Answer 195

Products offered Financial results Markets targeted

Answer 196

Source of authority

Answer 197

The person to whom the service is intended

Answer 198

Human resource requirement Knowledge management Corporate structure

Answer 199

Delivery system

Answer 200

Negligence

Answer 201

More flexible use Richer array of incentives and penalties More precise allocation of accountability Less constraint on process and more focus on results

Answer 202

3-5 years ahead

Answer 203

The five avenues to address risk Balancing security and legal consideration The five D’s

Answer 204

Technical expertise, management ability, the ability to deal with people

Answer 205

Making periodic cumulative reports, to senior management on avoided cost

Answer 206

The opportunities it creates for avoiding future incident, events and losses

Answer 207

Incident reports

Answer 208

The organizational strategy

Answer 209

Job requirement analysis