MIDSTREAM SITE SECURITY PLAN | SERVICES Example
Security Plan Services
Analyze current Operations of Security Administration and Management Structure –Identify the person(s) primarily responsible for the corporate security program, enhance or create responsibilities and duties of personnel assigned to security functions.
Risk Analysis and Assessments – Utilize highly effective mathematical methodology used to conduct security risk analysis to include criticality assessments for the SSPPhysical Security and Access Control Measures –Conduct site surveys, PACS network analysis and current corporate policies and procedures employed, suggest recommendations as needed to reduce security risks throughout the facility.
Develop Corporate Security Plans
Personnel Screening – Create detailed steps within Operators policies and procedures for conducting employee background checks, including criteria for disqualification and process for appeal, in compliance with Federal and state laws. Collaborate with Operators IT/OT, Human Resources, Maintenance and Legal team members and establish company policies for contractor personnel background checks.
Communications – Create or enhance existing policies and procedures employed to ensure effective communication is maintained on both a routine and emergency basis. This includes types of equipment used, communication methods between personnel, facilities, off-site responders, and procedures for notification of government and law enforcement agencies.
Personnel Training – Develop custom security training requirements including training in security equipment operations, security awareness, and security incident recognition and reporting procedures for company personnel and contractors.
Equipment Maintenance and Testing – Create detailed preventative maintenance and testing formats and procedures for complete PACS, Digital Surveillance, IDS, Gates and Turnstiles, Power, and Fire Detection Systems. Create and submit detailed policies and procedures for ensuring
security systems and equipment are maintained and function properly.
Drills and Exercises – Enhance or create company policies and procedures for conducting security drills and exercises. Establish requirements for after-action reports,communication of lessons learned, and implementation of security improvement efforts based on exercise results.
Security Incident Procedures – Develop procedures for responding to security incidents and emergencies. Define the types of events that constitute a breach of security, describe the procedures for investigating security incidents, and who should be notified. In addition, the emergency response plan may be referenced in this section.
NTAS Response Procedures – After SVA enhance and submit operator SSP and protective measures for periods of heightened threat corresponding to the duration of Department of Homeland Security (DHS) NTAS Bulletins or Alerts.
Plan Reviews - Describe policies and procedures for the review, validation, and updating of the corporate security plan.
Recordkeeping – Develop and Automate procedures where feasible or process for security-related recordkeeping requirements, such as: criticality assessments, SVAs, and other company sensitive security information, as well as measures to prevent unauthorized disclosure.
Cyber/SCADA System Security Measures – After SVA, enhance or create corporate policies and procedures employed to reduce security risks to cyber/SCADA systems and assets throughout the company.
Essential Security Contact Listings – Create internal and external emergency contact information for reporting and responding to a security incident or suspicious activity.
Security Testing and Audits - Develop policies and procedures for auditing and testing of the effectiveness of the company's security plan and procedures, that includes documentation of test results.
Outreach – Collaborate with Client regarding recommendations of policies and procedures for company security awareness outreach efforts to neighbors, law enforcement, media, the public and make introductions as needed.
Security Plan Services
Analyze current Operations of Security Administration and Management Structure –Identify the person(s) primarily responsible for the corporate security program, enhance or create responsibilities and duties of personnel assigned to security functions.
Risk Analysis and Assessments – Utilize highly effective mathematical methodology used to conduct security risk analysis to include criticality assessments for the SSPPhysical Security and Access Control Measures –Conduct site surveys, PACS network analysis and current corporate policies and procedures employed, suggest recommendations as needed to reduce security risks throughout the facility.
Develop Corporate Security Plans
Personnel Screening – Create detailed steps within Operators policies and procedures for conducting employee background checks, including criteria for disqualification and process for appeal, in compliance with Federal and state laws. Collaborate with Operators IT/OT, Human Resources, Maintenance and Legal team members and establish company policies for contractor personnel background checks.
Communications – Create or enhance existing policies and procedures employed to ensure effective communication is maintained on both a routine and emergency basis. This includes types of equipment used, communication methods between personnel, facilities, off-site responders, and procedures for notification of government and law enforcement agencies.
Personnel Training – Develop custom security training requirements including training in security equipment operations, security awareness, and security incident recognition and reporting procedures for company personnel and contractors.
Equipment Maintenance and Testing – Create detailed preventative maintenance and testing formats and procedures for complete PACS, Digital Surveillance, IDS, Gates and Turnstiles, Power, and Fire Detection Systems. Create and submit detailed policies and procedures for ensuring
security systems and equipment are maintained and function properly.
Drills and Exercises – Enhance or create company policies and procedures for conducting security drills and exercises. Establish requirements for after-action reports,communication of lessons learned, and implementation of security improvement efforts based on exercise results.
Security Incident Procedures – Develop procedures for responding to security incidents and emergencies. Define the types of events that constitute a breach of security, describe the procedures for investigating security incidents, and who should be notified. In addition, the emergency response plan may be referenced in this section.
NTAS Response Procedures – After SVA enhance and submit operator SSP and protective measures for periods of heightened threat corresponding to the duration of Department of Homeland Security (DHS) NTAS Bulletins or Alerts.
Plan Reviews - Describe policies and procedures for the review, validation, and updating of the corporate security plan.
Recordkeeping – Develop and Automate procedures where feasible or process for security-related recordkeeping requirements, such as: criticality assessments, SVAs, and other company sensitive security information, as well as measures to prevent unauthorized disclosure.
Cyber/SCADA System Security Measures – After SVA, enhance or create corporate policies and procedures employed to reduce security risks to cyber/SCADA systems and assets throughout the company.
Essential Security Contact Listings – Create internal and external emergency contact information for reporting and responding to a security incident or suspicious activity.
Security Testing and Audits - Develop policies and procedures for auditing and testing of the effectiveness of the company's security plan and procedures, that includes documentation of test results.
Outreach – Collaborate with Client regarding recommendations of policies and procedures for company security awareness outreach efforts to neighbors, law enforcement, media, the public and make introductions as needed.
