security agencies (sas) grading exercise 2018

SECURITY AGENCIES (SAs) GRADING EXERCISE 2018 DOCUMENTATION CHECKLIST

1

Name of Security Agency

Number of DVDs/CDs Submitted by Agency

Number of Full-time/Part-time Security Officers Declared by

Agency

Full-time SOs:

Part-time SOs:

Number of Deployment Sites Declared by Agency

Number of Clients Declared by Agency

Name of Assessor(s)


2

Processes Category

Areas of Audit Remarks/Observations

(To tick or circle where appropriate) Points

Awarded

1.1.1 Is there a systematic process to ensure that Security Officers are aware of the functional duty they are employed for (pre-employment)? Documentation of pre-employment discussion on job descriptions and responsibilities. The numbers required are as follows:

Number of Security Officers

Number of Documentation for submission

1 – 100 1 or 10% of total Security

Officers (whichever is higher)

101 - 500 11 or 8% of total Security




> 2001 121 or 4% of total Security


Document must include at least the followings:

Name of Security Officer

Acknowledgment by the Security Officer

Job description detailing the functions of a security officer as prescribed in the Private Security Industry Act (PSIA) and Progressive Wage Model (PWM).

Past JDs outside the period of assessment are acceptable.

Score System (max 10 pts) pt

85% and above of the required number of 10

60% to <85% of the required number of Documentation.

7.5


5

>0% to <35% of the required number of Documentation.

2.5

0% 0

Assessor’s Observation Total


3



Awarded

1.1.2 Is there a systematic process to ensure that Security Officers are aware of the functional duty they are employed for (pre-promotion)? Documentation of pre-promotion briefing on expanded job descriptions and additional responsibilities. The numbers required are as follows:

Number of Security Officers

Number of Documentation for submission

1 – 100 1 or 4% of total Security






> 2001 41 or 1% of total Security


Document must include at least the followings:



Job description for the next higher grade as prescribed under the PWM.

Past JDs outside the period of assessment are acceptable.


85% and above of the required number of Documentation.

10


7.5


5

>0% to <35% of the required number of Documentation.

2.5

0% 0



4



Awarded

1.1.3 Is there a systematic process to ensure that Security Officers are aware of their functional duties at the sites they are deployed? Past induction checklists for specific deployment sites. The numbers required are as follows:

Number of Deployment

Sites

Number of Induction Checklist for submission

1 – 100 1 or 20% of total sites (whichever is higher)

> 100 21 or 20% of total sites (whichever is higher)

Checklist must include at least the followings:


Date of induction

Name of deployment site

Site orientation for the purpose of terrain awareness

Site vulnerabilities

Briefing on the specific roles expected of the security officers

Contact details of the relevant personnel and the authorities

Location of the relevant SOPs

Location of fire-fighting equipment



At least 70% of the required submission 10

<70% of the required submission 5

No submission 0

Assessor’s Observation

Total


5



Awarded

1.1.4 Is there a Standard Operating Procedure (SOP) on Bomb Threat? The SOP should have the following components:

Checklist for gathering of more information about the threat

Search to confirm presence of bomb

Calling the Police if a bomb or a suspicious item is found

Evacuation procedures


SOP with all components including checklist 5

SOP with all components without checklist 4

SOP with at least the components for Search and Evacuation

3

No SOP or submitted SOP does not fit the above permutation

0


Total


6



Awarded

1.1.5 Is there a Standard Operating Procedure (SOP) on Fire Emergency? The SOP should have the following components:

Procedure to confirm presence of fire

Calling 995

Activation of fire alarm to warn others

Procedure to fight the fire

Procedure for evacuation


For each component included in the SOP 1

None of the components included in the SOP or no SOP

0


1.1.6 Is there a Standard Operating Procedure (SOP) to deal with suspicious person, vehicles or activities? SOP on Dealing with Suspicious Person, Vehicle or Activity. The SOP should have the following components:

Assessment of whether there is a real threat (e.g. presence of bomb)

Recording the description of the suspicious person or vehicle

Calling 999 to report


SOP with all the components 5

SOP with any 2 of the components 3

SOP without any of the component or no SOP 0



7



Awarded

1.1.7 Does the SA have an SOP for After Action Review (AAR)? SOP for carrying out an AAR. The SOP should have the following components:

What was supposed to happen

What actually happened

Why did it happen

How to prevent it from recurring


SOP with “What was supposed to happen” component

1

SOP with “What actually happened” component 1

SOP with “Why did it happen” component 1

SOP with “How to prevent it from recurring” component

5

SOP without any of the component or no SOP 0


1.1.8 Did the SA conduct AAR for the deployed sites during the period of assessment? Past AAR reports from actual incidents conducted based on the following:

Number of Deployment

Sites

Number of AAR for submission




75% or more of the required submission 8

50% to <75% of the required submission 6



No submission 0


The submitted AARs must at least comprise of the components:

What actually happened

How to prevent it from recurring (SAs with no deployment site may be awarded ‘NA’)


8



Awarded

1.1.9 Were the lessons learnt from the AAR shared with its officers during the period of assessment? Evidence of lessons being shared may include the availability of AAR reports on e-learning portal, or in-service training programs plus attendance list of Security Officers present. SA must be able to prove that the AAR was shared with their SOs through any platform. For AAR reports shared on e-learning portal, SAs should submit a screenshot of the e-learning platform

For sharing through in-service, SAs should submit a copy of the AAR report together with the attendance list of security officers present.


Evidence that lessons learnt from AAR were shared with Security Officers

4

No evidence 0


Total


9



Awarded

1.1.10 Does the SA have an established process for conducting exercises to test the Security Officer’s response pursuant to the Bomb Threat SOP? SOP for Planning a Bomb Threat Exercise. The SOP should include the following key components:

Guidelines for different type of exercise (discussion-based or deployment-based)

Developing an exercise scenario

Planning and preparation (detailing the roles, responsibilities, logistics and set up)

Exercise safety Exercise evaluation (AAR)


SOP with all key components 8

SOP with at least these 3 key components:

Planning & preparation

Exercise safety

Exercise evaluation (AAR)

4

SOP with <3 key components or no SOP 0


1.1.11 Does the SA have an established format for reporting of exercises conducted pursuant to the Bomb Threat SOP? Past Exercise Report should be made available for verification. The report should contain the following key components:

Introduction

Date/Time/Place of the exercise

Participants involved

Exercise Objectives

Key Observations

Lessons Learnt


Exercise Report with all key components 4

Exercise Report with at least these 3 key components:


Exercise Objectives

Lessons learnt

2

Exercise Report with <3 key components or no Exercise Report

0


Total


10



Awarded

1.1.12 Does the SA have an established process for conducting exercises to test the Security Officers’ response pursuant to the Fire Emergency SOP? SOP for Planning a Fire Emergency Exercise. The SOP should include the following key components:




Exercise safety





Planning & preparation

Exercise safety


4



1.1.13 Does the SA have an established format for reporting of exercises conducted pursuant to the Fire Emergency SOP? Past Exercise Report should be made available for verification. The report should contain the following key components:

Introduction



Exercise Objectives

Key Observations

Lessons Learnt





Exercise Objectives

Lessons learnt

2



Total


11



Awarded

1.1.14 Does the SA have an established process for conducting exercises to test the Security Officers’ response pursuant to the Suspicious Person, Vehicle or Activities SOP? SOP for Planning a Suspicious Person, Vehicle or Activities Exercise. The SOP should include the following key components:




Exercise safety





Planning & Preparation

Exercise Safety

Exercise Evaluation (AAR)

4



1.1.15 Does the SA have an established format for reporting of exercises conducted pursuant to the Suspicious Person, Vehicle or Activities SOP? Past Exercise Report should be made available for verification. The report should contain the following key components:

Introduction



Exercise Objectives

Key Observations

Lessons Learnt





Exercise Objectives

Lessons learnt

2


0


Total


12



Awarded

1.1.16 Is there an established process to conduct Red Teaming exercises? SOP for Planning a Red Teaming Exercise. The SOP should include the following key components:

Guideline for different type of exercise (e.g. suspicious items, access control)

Execution of exercise (red teamer’s approach)

Exercise safety

Contingency plan for real incident occurring during exercise





Execution of exercise (red teamer’s approach)

Exercise safety

Contingency plan for real incident occurring during exercise

5



1.1.17 Does the SA have an established format for reporting of Red Teaming exercises conducted during the period of assessment? Past Red Teaming Exercise Report should be made available for verification. The report should contain the following key components:

Type of exercise

Objective of the exercise

Date/Time of the exercise

Conducting personnel

Personnel to be tested

Exercise location

Observations

Lessons learnt


Report with all key components 5

Report with at least these 5 key components:

Objective of exercise


Exercise location

Observations

Lesson learnt

3


0


Total


13



Awarded

1.1.18 Were the lessons learnt from the Red Teaming Exercise AAR shared with its officers? Evidence of lessons being shared may include the availability of Red Teaming Exercise AAR Reports on e-learning portal, or in-service training programs plus attendance list of Security Officers present. SA must be able to prove that the AAR was shared with their SOs through any platform. For AAR reports shared on e-learning portal, SAs should submit a screenshot of the e-learning platform

For sharing through in-service, SAs should submit a copy of the AAR report together with the attendance list of security officers present.


Evidence that lessons learnt from Red Teaming Exercise AAR were shared with Security Officers

2

No evidence of lesson learnt from Red Teaming Exercise AAR

0


1.1.19 Does the SA have an established process to manage incident reporting? SOP on Incident Reporting. The SOP should have guidelines to establish a range of severity of incident and include a matrix to stipulate the corresponding persons or parties to be informed. The reporting format should include the information below:

What happened?

When did it happen?

Where did it happen?

Who was involved?

How did it happen?

Why did it happen?

Is there any security implication due to the incident?

Past incident report should be made available for verification.


SOP with the guidelines to establish a range of severity of incident and include a matrix to stipulate the corresponding persons or parties to be informed including a reporting format with the required information: • What happened? • When did it happen? • Where did it happen? • Who was involved? • How did it happen? • Why did it happen? • Is there any security implication due to the incident?

5

Evidence of past incident report with all the required information

2

No SOP or submitted SOP does not have all the requirements

0


Total


14



Awarded

1.1.20 Is there a program for continuous training to update Security Officers on security-related and/or terrorism information (local/overseas incidents)? Evidence of this program should include:

Dedicated personnel who is responsible for monitoring incident of interest locally and overseas and identifying the lessons learnt

Process of converting the lessons learnt into training curriculum

Delivery of the curriculum via classroom or e-learning portal

Past training material should be made available for verification. Assessor may verify the program during main office assessment.


Established training program with all the requirements indicated and evidence of past/current training material

20

No training program or no evidence of training material

0


1.1.21 Is there a mechanism to assess and validate the effectiveness of the training program (ref s/n 1.1.20)? Can the mechanism identify weaknesses for remedial actions? Evidence of this mechanism should include:

Assessment via quiz/test

Identification of Security Officers who have fared badly for remedial training or additional coaching

Data analysis to identify specific areas where the majority of Security Officers have fared badly

Review of the training curriculum to determine whether there are weaknesses which may have led to the poor performance by the majority

Re-design of the training curriculum where appropriate

The SA is free to use any platform or system to conduct this assessment but must be able to show all requirements indicated in the evidence column. The assessor may verify the mechanism during main office assessment.


Established mechanism to assess and validate effectiveness of the training program with all the requirements indicated

20

No evidence of such mechanism 0


Total


15



Awarded

1.1.22 Are supervisory checks carried out on Security Officers? Past duty rosters for supervisory checks showing at least 1 supervisory check per month planned for all sites. Assessors will verify the roster against the supervisory check book/occurrence book at the deployment sites. Full points will be awarded if the monthly roster is planned for January to May 2018.


Roster tallied with records in supervisory check book/occurrence book from Jan to May 2018 and evidence of at least 1 supervisory check per month was conducted between June and Dec 2017, at the deployment sites checked by the assessors.

8

Roster tallied with records in supervisory check book/occurrence book from Jan to May 2018 but one or more of the months between June and Dec 2017 was not checked by the supervisors.

4

Roster tallied with records in supervisory check book/occurrence book for 3 to 4 months from Jan to May 2018 and 1 supervisory check per month was conducted for at least 3 months between Jun and Dec 2017, at the deployment sites checked by the assessors.

2

All other situations that do not meet the requirement above.

0


1.1.23 Does the SA have a process to conduct a security risk survey? SOP for conducting security risk survey. SOP should include the following key components:

General survey of the premises

Identification of all entry and exit points

Identification of critical assets within the premises

Identification of risk areas

Recommendations to address or mitigate the identified risk areas






4

SOP without these 2 components or no SOP 0


Total


16



Awarded

1.1.24 Was there any security risk survey conducted during the period of assessment? Past survey reports should be made available for verification. The numbers required are as follows:

No. of Deployment Sites

Number of risk survey for submission


51 to 100 6 or 10% of total sites (whichever is higher)


For the risk surveys submitted, SAs must ensure that they contain at least these 2 components:



If 100% of SA’s service buyers refused to conduct the security risk surveys and the SA is able to provide evidence to support the refusal, the SA may be awarded with ‘NA’ for this criterion.

For deployment sites that are not supported with evidence of service buyer’s refusal to conduct security risk surveys, the number of such deployment sites shall determine the number of deployment sites which the SA is required to submit for this criterion. Example: Out of 80 deployments sites, 50 refused to conduct security risk surveys. We will take 30 as the number of deployment sites which the SA has. Therefore, based on the requirement of this criterion, the SA is required to submit 3 risk surveys.


75% or more of the required submission 4




No submission 0


Points Awarded for Processes Category /185 pts


17

Systems Category



Awarded

3.1.1 Does the SA deploy security technology to reduce its reliance on Security Officer manpower? (To be assessed by PLRD) Evidence of the security technology. Some examples of the technology are:

Remote surveillance system (CCTV with live feed) with video analytics to detect intrusion and other suspicious activities

Robots to carry out perimeter patrol in permissible areas

SA should submit a write-up to elaborate on the technology and show the reduction in manpower after implementing technology. The assessors and/or PLRD may ask for a demonstration. SA must provide their own write-up in the submission and not based on supplementary materials. Qualitative assessment of the submission and demonstration (if any).


What was the desired security outcome before implementing the technology and how was it achieved?

5

How is the technology implemented at the deployment site (s)?

5

What was the desired security outcome after implementing the technology and how was it achieved?

5

What are the manpower savings derived from the adoption of this technology?

5

No evidence submitted 0


Points Awarded for System Category /20 pts

security agencies (sas) grading exercise 2018

Documents