Conducting Risk and Vulnerability Assessments
Risk management refers to the process of setting up various measures within an enterprise for the purpose of addressing any identified risks and thus, entails plans to avoid, reduce, spread transfer, eliminate, as well as accept risks. However, for effective risk management and vulnerability assessments, there are important elements to put into consideration (Garcia, 2011). For example, in the case of a large retail enterprise that has recently experienced an increase in customer volume, an increase in product theft, and an increase in work-related injuries, and workplace violence incidents, there would be a need for a risk and vulnerability assessment.
Some of the elements to look for include the possibility of a negative event occurring, the impacts of the event on the operations of the enterprise, as well as the identification of aspects within the enterprise which may some additional attention.
A number of questions would be important to identify and assess the enterprise-level risk and vulnerability issues such as what can has gone wrong, what is the probability that the risk will occur, as well as what are the expected consequences of the risks.
It is important for companies to conduct risk and vulnerability assessments. This can be attributed to the assessment of risks and a company’s level of vulnerability provides awareness of risks and hazards in any given organization. Secondly, such a process is important in that it identifies the target of any risks (Garcia, 2011). Thirdly, the risk and vulnerability assessment process is important in that it provides information on the adequacy of any control measures within a country as far as their efficiency in preventing and eliminating risks are concerned. As such, a company is able to prioritize hazards as well as control measures based on information from the assessment.
Reference
Garcia, M. (2011). Vulnerability assessment of physical protection systems. Boston, UK: Butterworth-Heinemann.
Defining a Threat
The definition of any threat is important during the vulnerability assessment process. Defining a threat provides the necessary information to site managers for the purpose of adopting appropriate measures to counter the occurrence as well as the impacts of the expected threat. In most of the cases, the effective definition of a specific threat for a community is based on the historical evidence of the area to prove that a threat is imminent (Garcia, 2011). If I were to analyze my community’s history of past events, some of the elements that I would still consider as imminent threats to my community today include climate change, cyber-attacks, bioengineered pandemic and nuclear war.
The increased release of harmful emissions to the atmosphere is a potential threat to global warming and subsequently, climatic change. Secondly, improved technology has brought with it adverse consequences such as cybercrimes as well as biological weapons that can have adverse effects on people and the environment. On the other hand, increase in political conflicts all over the world has increased the demand for more powerful weaponry. This has raised the fear that the occurrence of nuclear war is imminent. This is based on the fact that there have been two incidents where nuclear weapons were used-Nagasaki and Hiroshima during the World War II.
It is important to prove that threats are properly defined and identified. This is done through listing the necessary information regarding the concerned threat, the collection of the potential threat’s information, as well as ensuring that it is organized into a usable manner.
Reference
Garcia, M. (2011). Vulnerability assessment of physical protection systems. Boston, UK: Butterworth-Heinemann.
Physical Security
Physical security refers to the measures that are adopted for the purpose of preventing any unauthorized individuals from accessing resources, equipment, and facilities. Thus, this type of security is also aimed at ensuring that property and personnel are safe from harm or damage. Various approaches can be adopted to deal with any form of physical security. For example, several physical security measures are used in my community nowadays including the use of physical barriers, natural surveillance, security lighting, alarms and sensors, access control, as well as video surveillance.
The physical barriers used included vehicle barriers, walls, and fences which are considered to be the outermost layer of security (Fennelly, 2012). As such, they make intrusions a bit difficult through the definition of a facility’s perimeter. Natural surveillance refers to the incorporation of security concerns into the design of facilities. In this case, spaces are left during the construction of facilities such that it is possible to see any entry of unauthorized individuals.
Security lighting acts as a source of fear to intruders. On the other hand, alarm systems and sensors are used for the purpose of alerting security any unauthorized access. Similarly, surveillance cameras installed in visible areas are used for verifying incidents and analyzing incidents’ history.
All the outlined measures are effective in regards to crime control and prevention. In spite of this, with the increased crime cases despite the availability of physical security measures, there is still a need for the improvement of physical security within the community. To improve the physical security measures in the community, creating awareness of the need for better and operational security measures through security training. The access control is more efficient as the approach combines various security systems.
Reference
Fennelly, L. (2012). Handbook of loss prevention and crime prevention. Waltham, Mass.: Elsevier.
The 3D Approach
The 3D approach to human space assessment can be defined as a process that involves the design and use of a particular space for the purpose of ensuring that they are applied in the right manner. For this reason, it is important to base safety and security on the dimensions of human space since it ensures that measures are implemented prior to the occurrence of any criminal activities. Such an approach ensures that the opportunities for crime are reduced by designing and using human space appropriately.
There is a close relationship between environmental design and criminal behaviors. It is theoretically believed that different types of urban environments can lead to various criminal behaviors in a number of ways (Crowe, 2011). For example, the characteristics of urban environments have adverse impacts on the people living in them. These features include overcrowding, pollution, and noise, among others.
On the other hand, the environmental engineering formula has a lot of impacts on the social features of individuals within a community. This is based on the fact that the there are various features within a community triggered by the environmental design, which affect the social relationships of the people living in such environs. For example, the engineering formula can lead to characteristics such as dehumanization, anxiety, and loneliness that can trigger criminal behavior.
It is important for homeowners and businesses to focus on the appropriate development and management of environmental space as this reduces the probability of developing negative characteristics that might eventually lead to the adoption of various criminal behaviors among individuals.
Reference
Crowe, T. (2011). Crime prevention through environmental design in the twenty-first century. Boston, MA: Butterworth-Heinemann.
Situational Crime Prevention, Opportunity Blocking and the SARA Model
Community policing is considered to be a strategy in the form of a philosophy used in the promotion of organizational approaches for the purpose of supporting the adoption of partnerships as well as other problem-solving approaches aimed at proactively addressing community problems and conditions that might trigger criminal behaviors (Crowe, 2011). There are three main components of community policing, which include the establishment of community partners, organizational transformation, and problem solving.
Situational crime prevention refers to the process of focusing preventive measures on crime hotspots, while opportunity blocking is the strategy where organized crime activities are deliberately hampered.
The SARA problem-solving model is an approach used in community policing for the purpose of formulating the process to be followed whenever solving any problems within the community. In most of the cases, the SARA model is used by law enforcement agencies and it is divided into four stages including scanning, analysis, response, as well as assessment (Sorensen, 2009). It is very important as far as helping in overall mission of crime prevention and community policing is concerned in that its separate stages provide a proper sequence that is easy to follow to ensure that the set objectives are achieved easily.
For example, the scanning step ensures that problems within a community are identified and prioritized. The analysis stage on the other hand, provides more information about the identified problems through research. The response stage allows the concerned agency to develop solutions that can be adopted in reducing the occurrence as well as extent of the identified problems. The last stage is the assessment phase where the response provided is evaluated to determine whether or not it is successful.
It is important for law enforcement to work with the community in crime prevention efforts in order to get firsthand information about the problems the community has.
References
Crowe, T. (2011). Crime prevention through environmental design in the twenty-first century. Boston, MA: Butterworth-Heinemann.
Sorensen, L. (2009). Economic misery and crime waves. Rockville, MD: Sikyur Publication.
Regulatory Compliance
The safety of the workforce is a very important element that must be given consideration whenever designing any security programs within an organization. This is attributed to the fact that there are various needs and demands of the workforce in any company that ought to be complied with for all security programs for a chance of such programs to be successful. Some of the standards and regulations that security programs must follow in regards to security operations that affect life and workplace safety include the Gramm-Leach-Bliley, Sarbanes-Oxley, FISMA, credit card process, and HIPAA (Fennelly, 2012).
In addition, the success of any security program is tied to the available risk standards as well as any associated regulations. For this reason, it is important for security programs to have strictly defined risk standards and regulations. Such an approach ensures that there are platforms that can be used in the assessment of any security attacks within an organization. Having set standards and regulations ensures that the necessary measures to deal with any security can be developed and effectively implemented.
Therefore, it can be considered that the availability of such standards and regulations gives the company an opportunity to assess, identify, and respond to risky situation with regard to the set standards and regulations. Furthermore, such standards and regulations are important as far as organizational compliance to security management is concerned.
Security companies are audited to determine their compliance with life and workplace safety standards. However, there are cases where companies are found to be out of compliance with regard to the life and workplace safety standards. In such cases, the company is compelled to adopt a compliant security system.
Reference
Fennelly, L. (2012). Handbook of loss prevention and crime prevention. Waltham, Mass.: Elsevier.
S.O.X. The Sarbanes-Oxley Act of 2002
The Sarbanes-Oxley Act of 2002 administered by the United States Securities and Exchange Commission has significant implications for physical and information security programs. This is attributed to the fact that the Act sets out laws and regulations that govern the operations of any organization as far as their security programs are considered.
There are a number of strategies that are adopted to ensure that records and any other information stored does not get compromised (Fennelly, 2012). Some of these measures include the implementation of access control and the use of encrypting technology. The access control tools such as PIN numbers and passwords are used to ensure limited access to any information. The implication is that only authorized individuals can access such records and hence, minimizes cases of stored information being compromised. In addition, information encrypting is used to ensure that only specific individuals with the access key to decrypt such documents can access it. Such approach is effective in that unauthorized individuals cannot access the stored information.
There is no definite time for a security company to retain records although it is advisable to have such records permanently. This is because there is no certain time when risks might occur. There are instances when a security company is audited but does not provide all the requested documentation from a record. In such a scenario, penalties, fines, and disallowances are imposed, which could have adverse impacts as far as the reputation and financial position of the security company are concerned.
Reference
Fennelly, L. (2012). Handbook of loss prevention and crime prevention. Waltham, Mass.: Elsevier.
Access Control
In any organization, there is certain extent of control as well as security that ought to be maintained. However, achieving the needed control depends entirely on the significance of the security interest alongside its sensitivity and nature. A “restricted area” can be described as any area whose access is limited to a specific person or group of people (Fennelly, 2012). In most of the cases, restricting a given area is a security measure and it is done to ensure that only limited number of people have access to the restricted area. This is done to lower the cases of external security threats (Fennelly, 2012). For this reason, individuals with the access to “restricted area” are always accountable for any breach of security in such areas.
Restricted areas are classified as exclusion areas, limited areas, or even controlled areas (Fennelly, 2012). A controlled area refers to a part of a restricted area that is next to, or surrounds an exclusion or limited area. However, in such areas, there is no control of movement for unauthorized individuals. Secondly, limited areas refer to restricted areas that are next to the area of security interest. In such areas, movement of individuals is controlled. Lastly, the exclusion area represents a restricted area that hosts the security interest. Movement in such areas ought to be controlled since the lack of such control allows unauthorized people to access areas of security interest.
During the design and the development of a physical protection system within a company, the classification of restricted areas is important. This is based on the fact that such grouping makes it easy for security personnel to monitor the restricted areas for the purpose of ensuring that there are no unauthorized people to such areas.
Reference
Fennelly, L. (2012). Handbook of loss prevention and crime prevention. Waltham, Mass.: Elsevier.
Information Technology
Technology plays a significant role in enhancing security. One of the most important skills for a security systems designer is to understand TCP/IP (Transport Control Protocol/Internet Protocol). The Transport Control Protocol/Internet Protocol refers to an internet suite if protocol that is used in the provision of reliable, ordered as well as error-checked octets’ stream that operate on hosts and communicate through an internet protocol network. As such, the TCP/IP comprises of two layers whereby the higher layer is the Transport Control Protocol, while the lower layer is the Internet Protocol.
While the work of the TP layer is to ensure that a file or even a message is assembled in to smaller transmittable packets, the IP ensures that all the packets are send to the appropriate destination. This done by adding information regarding in packet’s address. For this reason, it is important to understand how TCP/IP works for development of security systems, as such knowledge is important for the assessment of the efficiency of any security measures adopted. On the other hand, a security program designer would not want to solely rely on the technology installer in regards to the understanding of how this system works as it does not provide clear details.
Understanding how the Transport Control Protocol/Internet Protocol works is very important to any security designer as well as generally for any security initiative. This is attributable to the fact that with such knowledge, it becomes easy to identify areas that are vulnerable to security attack (Fennelly, 2012). In addition, the knowledge about the operation of TCP/IP helps in effective design and development of strong security systems. As such, the lack of the understanding on how TCP/IP works puts any security system at risk of attack since all security measures adopted while developing such a system must be based on the operations of the Transport Control Protocol/Internet Protocol.
Reference
Fennelly, L. (2012). Handbook of loss prevention and crime prevention. Waltham, Mass.: Elsevier.
Categories of Information
Information cannot be categorized into standard units. In spite of this, there are logical groups which can be used to distinguish various forms of information. These groups include private and personal information, national security information (which is further divided into classified and unclassified information), and lastly the business information (Fennelly, 2012).
The personal and private information can be described as information that has a lot of significance to an individual, though it would have some level of importance to the business and the government as well. Some examples of private information include a person’s likes and dislikes, salary, phone number, address, weight, as well as age. In spite of the fact that such information is personal it is important to develop a security program aimed at ensuring that such information remains secure. This is attributable to the fact that there are individuals who are interested in such information for criminal action since it is valuable.
Business information on the other hand, refers to any information that pertains to business and may include aspects such as the number of employees, business transaction, returns, and losses. Such information can be further subdivided into corporation trade secret, corporation proprietary, corporation sensitive, corporation private, as well as corporation internal use (Fennelly, 2012). Based on the significance of business information, it is important to have security programs to protect it from individuals who would wish to use it for self-interests.
Government information refers to information about the operations of any government such as policies, and security details. Such information ought to be protected to prevent any internal and external attack. There are numerous risks of leaving information unprotected but the most significant one is that actions give potential unauthorized users of such information easy time to carry out their attacks.
Reference
Fennelly, L. (2012). Handbook of loss prevention and crime prevention. Waltham, Mass.: Elsevier.
The Role of the Corporate Security Manager
A Corporate Security Manager (CSM) refers to an individual put in charge of the overall security in any given corporate institution (Fennelly, 2012). As such, a corporate security manager plays significant role as far as enhancing the security of any given area is concerned. Some of the duties and responsibilities of a CSM include the management of the daily security operations in any institution, supervising the corporate security team, identifying and making recommendations regarding security measures to be adopted in any institution.
By managing the security operations, the CSM ensures that all activities within his jurisdiction are carried out according to the requirements of the corporate and that there are no cases of unauthorized access to restricted areas and classified information (Fennelly, 2012). As a supervisor, the corporate security manager ensures that the security team members are carrying out their daily tasks in line with the set standards and policies. On the other hand, an individual mandated with the role of the corporate security management ought to identify, assess, as well as recommend any appropriate security measures that ought to be implemented in a given institution to ensure that all company’s assets and information is protected.
A CSM is important in the development of information and physical protection systems and generally in the information protection industry. This is attributed to the fact that the CSM that all the necessary security measures and procedures are taken into consideration when developing any security systems.
Reference
Fennelly, L. (2012). Handbook of loss prevention and crime prevention. Waltham, Mass.: Elsevier.
Response Tactics
Security officers in any organization are mandated with the duty of responding to security incidents. As such, the efficiency with which such individuals respond to any security issues determines the success of the security initiative adopted. One of the major responsibilities of a security officer is incident response. According to Fennelly (2012), there are certain “standards of performance” which are likely to affect the security officer’s ability to successfully respond to incident.
First, security officers ought to be aware of various legal requirements as far as plant protection and industrial security are concerned. A security officer differs from a police officer in that they cannot enforce the law and hence, they are only mandated to protect goods and services within an organization (Fennelly, 2012). As such, their objective is to ensure that the operations of any organization are smooth as opposed to the enforcement of law. In spite of this, there are special cases when security officers can be required to arrests any offenders but such cases can only be applicable if the offense committed is a felony. In addition, the security officers must be authorized to make the arrests by a superior officer.
The standards of performance affect the security officer’s ability to successfully respond to incident in that they have to follow certain laws and regulation when responding to an incident. For example, they are not allowed to make any arrests unless it is within the set requirements of the standard performance.
There are a number of risks associated with the role of the security officer if the standards of performance are not adhered to, such as being dismissed from job, or prosecuted for failing to follow the required standards.
Reference
Fennelly, L. (2012). Handbook of loss prevention and crime prevention. Waltham, Mass.: Elsevier.
Security Threat Procedures
In any security attack, the involved security officers are exposed to a number of threats and security-related incidents. This is attributable to the fact that these individuals are in direct contact most of the time with perpetrators of criminal activities (Braga, 2010). As such, some of the threats a security officer may be exposed to include bodily harm, psychological harm, loss of property, as well as death. For this reason, there is a need for effective measures within an organization that ensure the protection of organization’s security personnel (Fennelly, 2012).
First, security officers ought to be aware of how to respond to alarms. As such, they ought to have basic knowledge regarding the strategy of protective as well as fire alarm systems as such circumstances are common in organizations. Being aware of how such systems function would help them respond effectively and avoid the consequences of such security risks.
Secondly, there ought to be the necessary training regarding the duty of care among the security officers. Such a duty describes reasonable actions that the officers can engage in when faces with various situations. As such, the duty of care ensures that the officers can secure and protect a crime scene as required. With such knowledge, the security officers are able to protect themselves to risk of bodily harm or even death.
On the other hand, the security officers ought to be aware of ways to identify and respond to emergency situations (Fennelly, 2012). For this reason, organizations should create and develop emergency response procedures and ensure that they are effectively used to reduce the risk of exposure to security threats among the security officers.
References
Braga, A. (2010). Gun violence among serious young offenders. Washington, DC: United States Department of Justice.
Fennelly, L. (2012). Handbook of loss prevention and crime prevention. Waltham, Mass.: Elsevier.
Domestic Violence Prevention
Legally, domestic violence refers to the psychological, sexual, as well as physical abuse on one’s spouse or child that can take the form of assault, bodily harm, physical harm, emotional abuse, threats, manipulation, as well as sexual abuse among other types of behaviors that are adopted by individuals as way to maintain power, intimidation, and fear. It can also be defined as the act of inflicting harm (bodily or otherwise) on family members.
Victims of domestic violence vary since such mistreatment is discriminatory in terms of age groups, sexual orientation, religion, race, and social class. In spite of this, the other immediate victims of domestic violence are friends, co-workers, employers, grandparents, parents, children, and family. Nevertheless, in most of the cases, women and children are the major victims of domestic violence.
Although there is no theoretical background on the reasons why domestic abusers engage in such acts, there is a common belief that the gender analysis of power plays a significant role to the occurrence of domestic violence (Fennelly, 2012). In spite of this, there are concerns that early traumatic life experiences, personality disorders, and having been abused during one’s growth can be instrumental in the development of emotional problems leading to domestic violence. In addition, insecurity and jealousy can fuel emotional behaviors whereby the violent tends to consider themselves being inferior or even inadequate to the victims.
On the other hand, there are concerns that changes within the society such as the advocacy for equal rights have led to rage and hostility among individuals who are different in terms of gender, race, social class, or even age groups. However, everybody is ultimately responsible for domestic violence prevention, and this can be done through spreading awareness of the consequences of domestic violence.
Fennelly, L. (2012). Handbook of loss prevention and crime prevention. Waltham, Mass.: Elsevier.
Identity Theft
Identity theft refers to the crime where an individual knowingly uses another person’s data to carry out criminal activities. There are numerous types of crimes that are associated with identity theft and in most of the cases such activities are aimed at deception, and fraud (Braga, 2010). Deception is whereby individuals use other people’s identity to get things that do not rightfully belong to them.
For example, mails are lost through when a certain person obtains custody, and remove contents of a given mail through false representation. On other instances, identity crime is carried out when dishonored checks are issued to an individual as a result of deception. Fraud cases resulting from identity theft are many. For example, forging of document to conceal one’s identity as well as assume another identity is common incident nowadays (Braga, 2010). As such, individuals tend to use identity as well as other documentation belonging to other people to defraud or to cause injury.
An individual’s identity can be stolen in a number of ways. For example, an individual’s identity can be stolen in public places through “shoulder surfing”, or even where the criminals get details from certain conversations that tend to reveal particular information about a person such as credit card number or calling card number.
Secondly, identity criminals obtain other people’s information from discarded “pre-approved” credit cards that are not disposed effectively. In other cases, people lose their identity to criminals through the use of public facilities such as through the interception of mail in scenarios where one’s mails are delivered in areas where other people can access. On the other hand, one’s identity can be stolen through phishing.
To prevent identity theft, people should exercise caution when using their details in public or even over the internet. People wishing to learn about identity theft can visit government and non-governmental sites addressing issues related to identity theft.
Reference
Braga, A. (2010). Gun violence among serious young offenders. Washington, DC: United States Department of Justice.
Terrorism
Understanding the fundamentals of terrorism plays a significant role in combating terrorism. This is attributed to the fact that measures adopted ought to align with the basics of terrorism. As such, the lack of the fundamental knowledge of terrorism makes it quite hard to develop effective measures of dealing with terror problems.
Defining the term terrorism is quite challenging since different people have different aspects of what terrorism entails. However, it is considered to be a type of violence that is motivated as well as premeditated by politics and is targeted on noncombatant targets (Hudson, 2011). In most of the cases, terrorism activities are meant to bring about a certain influence on a given audience. As such, international terrorism can be considered to be a terror activities carried out by individuals from more than one country. On the other hand, the domestic terrorism is defined as the terror activities involving citizens from one country.
Terrorism can be categorized into various groups such as transitional and international, domestic and international, social, religious, political, revolutionary, nationalistic, ethnocentric, and separatist. The various categories of terrorists are based on their general objectives and affiliation. For example, domestic category of terrorists operates within a country’s borders, as opposed to international ones who can carry out terror activities in any country of interest depending on their intended influence.
Some of the motives of terrorism include invoking fear, harm people, as well as cause some significant influence (Hudson, 2011). To achieve such motives, the terror groups often attack a given section of people, wound, as well as kill some individuals. A number of resources are used at the local, state, and federal levels to combat terrorism including creating awareness regarding terrorism and how to avoid be recruited to terror group, as well as having strict laws and regulation to prevent incidents of terrorism by blocking terror individuals from gaining access to restricted areas. Such measures are effective as awareness reduces the number of people joining terrorism, while having access controls reduces cases of terror attacks.
Reference
Hudson, R. (2011). The sociology and psychology of terrorism: Who becomes a terrorist and why. Charleston, SC: CreateSpace Publishers.
Crisis Management
A crisis management team refers to a team created in an organization for the purpose of responding to any warning signs regarding a potential crisis, as well as adopting the appropriate pans to deal with such problems. For this reason, this team is considered to be highly efficient as far as handling as well as de-escalating a crisis is concerned.
The functions of a crisis management team include to detect early signs regarding a potential crisis, identify any challenges anticipated in a given area, obtain feedback form employees regarding a given concern within an organization, preparing crisis management, as well as help organizations and employees to deal with any problems that they encounter courageously. Such approaches are often adopted to ensure that an organization and its employees are not adversely affected in terms of their productivity following the occurrence of a crisis (Coombs, 2007).
Crisis management differs from incident management in that, while crisis management focusses at the detection of potential crisis’ signs, the incident management process identifies, categories, investigates, corrects, and prevents recurrence of any potential incidents.
Incident management entails the plans that are adopted with regard to a disruption in the operations of an organization or region. As such, incident management focuses on returning activities to their normal state. On the other hand, crisis management involves the adoption of plans that are implemented as protective and defensive measures with regard to an organization’s reputation, products, services, and brand. As such, crisis management is strategic, communications-oriented, and reputation-focused, while incident management is tactical, action oriented, and operations-focused.
Reference
Coombs, W. T. (2007). Crisis management and communications. Institute for public relations, 4(5), 6.
Corporate Policy and Procedure
Corporate policy and procedure plays a significant role in the successful operations of any organization. Similarly, it is important for companies to have clearly defined security and safety policies and procedures for a number of reasons. This is attributable to the fact that such policies and procedures help to ensure that there is consistency, productivity, as well as efficiency of business administration. This is achieved easily since all the employees and the managers are aware of what is expected of them at any given time. Security and safety policies and procedures are very important in ensuring that all organization’s employees are vigilant as far as security attacks are concerned and hence, carry out activities in line with the security requirements within the company (Bulgurcu, Cavusoglu, & Benbasat, 2010).
There are several topics that are available in a safety and security policy. Some of these topics can include measures to adopt in case of a security attack, steps to follow in order to counter a given attack, as well as approaches used to identify and respond to a security threat. A policy is described as a predetermined course of action within an organization, that is used in the provision of guidance as far as the organization’s objectives and strategies are concerned. On the other hand, a procedure is a plan that contains the steps to be followed for the purpose of implementing an organization’s policy.
FEMA help companies and organizations develop emergency management plan by offering the necessary support and guide regarding the right approaches to emergency management. In the event of a man-made or natural disaster, FEMA provides various resources to the affected communities including material support such as food, shelter, and immaterial support such as funds.
Reference
Bulgurcu, B., Cavusoglu, H., & Benbasat, I. (2010). Information security policy compliance: An empirical study of rationality-based beliefs and information security awareness. MIS quarterly, 34(3), 523-548.
References
Braga, A. (2010). Gun violence among serious young offenders. Washington, DC: United States Department of Justice.
Bulgurcu, B., Cavusoglu, H., & Benbasat, I. (2010). Information security policy compliance: An empirical study of rationality-based beliefs and information security awareness. MIS quarterly, 34(3), 523-548.
Coombs, W. T. (2007). Crisis management and communications. Institute for public relations, 4(5), 6.
Crowe, T. (2011). Crime prevention through environmental design in the twenty-first century. Boston, MA: Butterworth-Heinemann.
Fennelly, L. (2012). Handbook of loss prevention and crime prevention. Waltham, Mass.: Elsevier.
Garcia, M. (2011). Vulnerability assessment of physical protection systems. Boston, UK: Butterworth-Heinemann.
Hudson, R. (2011). The sociology and psychology of terrorism: Who becomes a terrorist and why. Charleston, SC: CreateSpace Publishers.
Sorensen, L. (2009). Economic misery and crime waves. Rockville, MD: Sikyur Publication.