Geoscience Reference
In-Depth Information
power supply and distribution, petroleum fuels supply and storage, natural gas sup-
ply, water and wastewater, and emergency services.
Sensitive Information
Protecting operating procedures and other sensitive information, the release of
which might jeopardize an energy facility and its assets, is the objective of OPSEC
programs. OPSEC programs utilize tools such as employee background checks,
trash handling procedures, telephone policies, and IT (computer) security to pro-
tect against both industrial espionage and deliberate disruption of critical assets
and functions.
The second set of questions is designed to guide the process of identifying the
existing components of the physical security system that protect the critical assets,
the critical infrastructure systems that support the critical assets, and the operating
procedures and sensitive information that must be protected to avoid jeopardizing
the critical assets.
Energy Facility and Critical Asset Protection (Physical Assets)
−
What department or person has overall responsibility for security or is
that responsibility spread over many departments or people with shared
responsibilities for security along with their other responsibilities?
−
What perimeter barriers (e.g., fences, gates, vehicle barriers) protect the
energy facility as a whole and the individual critical assets and what levels
of protection do they provide?
−
What building barriers (e.g., walls, roof/ceiling, windows, doors, locks)
protect each critical asset and what levels of protection do they provide?
−
What is the status of the intrusion detection that protects each critical
asset (e.g., intrusion sensors, alarm deployment, alarm assessment, alarm
maintenance) and what level of protection does it provide?
−
What is the status of the access control used at each critical asset (e.g., per-
sonnel access, vehicle access, contraband detection, access point illumina-
tion) and what level of protection does it provide?
−
What is the nature of the security force (both the protective force and
appropriate local law enforcement agencies) that protects each critical
asset (e.g., number, training, armament, communications) and what level
of protection does it provide?
−
What types of undesirable events (e.g., surreptitious forced entry, tech-
nical implant, theft of sensitive information or materials) are protected
against?
−
During which hours of the day and under what conditions are the various
components of the physical security system effective?
−
Over what areas do the various components of the physical security sys-
tem provide protection?
