Certified Protection Professional (CPP) Certification Examination Review

certified protection professional n.w
1 / 89
Embed
Share

This certification examination review covers crucial domains including Security Principles & Practices, Business Investigations, Personnel Security, Physical Security, Information Security, and Crisis Management. Tasks involve assessing threats, incident response planning, incident management, and recovery operations. Knowledge areas include threat assessment, all hazards approach, cost-benefit analysis, mitigation strategies, risk management, and business continuity standards.

  • Security
  • Certification
  • Examination
  • Threat Assessment
  • Crisis Management
rayaanacharya
narl Follow

Uploaded on | 1 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. CERTIFIED PROTECTION PROFESSIONAL (CPP) Certification Examination Review Dennis Shepp, CPP October 2017

  2. (DOMAINS) SUBJECTS CERTIFIED PROTECTION PROFESSIONAL (CPP) Certification Examination Review Security Principles Practices Security Principles & Practices DOMAIN 1 Security Principles & Practices (21%) Principles & DOMAIN 2 Business Principles & Practices (13%) Practices Business Investigations DOMAIN 3 Investigations (10%) Personnel Security DOMAIN 4 Personnel Security (12%) SecurityPhysical Security DOMAIN 5 Physical Security (25%) DOMAIN 6 Information Security (9%) Information Management DOMAIN 7 Crisis Management (10%) Crisis

  3. CERTIFIED PROTECTION PROFESSIONAL (CPP) Certification Examination Review 7 7 DOMAIN 7 CRISIS MANAGEMENT (10%) DOMAIN DOMAIN Dennis Shepp, CPP October 2017

  4. CERTIFIED PROTECTION PROFESSIONAL (CPP) Certification Examination Review Task 07/01 Assess and prioritize threats to mitigate potential consequences of incidents Task 07/02 Prepare and plan how the organization will respond to incidents Task 07/03 Respond to and manage an incident Task 07/04 Recover from incidents by managing the recovery and resumption of operations October 2017 Dennis Shepp, CPP

  5. CERTIFIED PROTECTION PROFESSIONAL (CPP) Certification Examination Review Certification Examination Review CERTIFIED PROTECTION PROFESSIONAL (CPP) Task 07/01 Assess and prioritize threats to mitigate potential consequences of incidents October 2017 Dennis Shepp, CPP

  6. CERTIFIED PROTECTION PROFESSIONAL (CPP) Certification Examination Review Knowledge of: 7/01/01 Threats by type, likelihood of occurrence, and consequences 07/01/02 All hazards approach to assessing threats 07/01/03 Cost-benefit analysis 07/01/04 Mitigation strategies 07/01/05 Risk management and business impact analysis methodology 07/01/06 Business Continuity standards (e.g., ISO 22301) October 2017 Dennis Shepp, CPP

  7. Task 7.1.1 and 7.1.2 Explain the Allhazards approach to assessing threats. POA: Crisis Management; CHAPTER 1.5.1 TYPES OF THREATS AND CONTINGENCIES Emergency or contingency plans: natural, human (either internal or external), and accidental. Natural threats - include all weather-related emergencies, such as hurricanes, tornadoes, floods, winter storms, and fires caused by lightning, as well as non-weather natural events, such as earthquakes and volcanic eruptions. Human threats - are deliberate adverse actions and events, such as terrorist activity, arson, civil disorder, and barricade or hostage situations.

  8. Accidental threats - non-deliberate adverse actions and events, such as hazardous material spills and telecommunications and computer outages. Emergencies for which planning is appropriate: o fire o explosion o water outage o power outage o computer system failure o telecommunications failure o fire o explosion o water outage o power outage

  9. o fuel leak o hazmat (hazardous materials) incident o bomb incident o civil disorder o armed attack o barricade/ hostage incident o severe weather tornado hurricane thunderstorm flood o other natural occurrences earthquake volcano CHAPTER 1.5.3 PLANNING FORMATS AND ALL-HAZARDS PLANNING The specific emergency planning format used in a given organization depends on the nature of the organization and the organization s policy.

  10. The all-hazards approach has been adopted by FEMA and can be used in business and organizational plans as well as community plans. Approach provides for a basic emergency plan, or emergency operations plan (EOP), with functional annexes (such as emergency call lists) that apply to multiple emergency situations, and threat-specific annexes (such as procedures for bomb incidents). This approach recognizes that many planning requirements are similar regardless of whether an incident is a natural threat, a human threat, or an accident.

  11. Task 7.1.3 and 7.1.4 Assess and prioritize threats to mitigate potential consequences of incidents, explaining cost-benefit analysis and mitigations strategies. POA: Crisis Management, CHAPTER 1.5.4 DEVELOPMENT OF A PLAN (Kindle Locations 19893-19896). Emergency Plans all-hazards approach, mitigation strategies related to constructing or retrofitting facilities or otherwise reducing the impact of potential emergency events should be addressed in a separate mitigation plan. Business resumption/recovery plans and continuity of operations plans should be separate from the organization s security operations plan. CHAPTER 1.6.2 INCIDENT COMMAND/MANAGEMENT Provides command, operations, planning, logistics & finance and administration.

  12. Crisis or emergency management team depending on the scope of the incident cross-functional. Emergency operations center - command post (CP) Emergency notification and communications Mutual aid agreements POA: Crisis Management, CHAPTER 1.7.10 EMERGENCY SHUTDOWN AND RESTORATION (Kindle Locations 20352- 20356) The procurement or replacement cost of key assets should be evaluated, as should the cost impacts of the absence of those assets when attempting to restore normal operations.

  13. POA: Crisis Management, CHAPTER 1.7.11 RESOURCES AND LOGISTICS, (Kindle Location 20373) Costs of any required logistical support must be considered.

  14. Task 7.1.5 Explain risk management and business impact analysis methodology. POA: CRISIS MANAGEMENT CHAPTER 1.8 BUSINESS CONTINUITY & ORGANIZATIONAL RESILIENCE, page 33 A business impact analysis (BIA) is an integral part of the business continuity planning process. It is used to identify an entity s critical functions, to assess the impact of a disaster or other emergency on those functions over time, to determine the other elements of the business on which those critical functions depend, and to help develop and prioritize recovery strategies.

  15. Some references consider the BIA to be hazard neutral; in other words, it does not matter what caused the outage or disruption. Testing the business continuity (BC) plan is just as important as testing the emergency operations plan. A realistic functional test in a controlled environment is the best way to achieve this.

  16. Task 7.1.6 Explain business continuity standards (ISO 22301 & others). NOTE: ISO 22301:2012 NOT MENTIONED IN RESOURCES ISO 22301:2012 specifies requirements: To plan, establish, implement, operate, monitor, review, maintain and continually improve a documented management system. To protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incidents when they arise. The requirements are generic and intended to be applicable to all organizations, or parts thereof, regardless of type, size and nature of the organization. The extent of application of these requirements depends on the organization's operating environment and complexity.

  17. POA: Crisis Management, CHAPTER 1.3 SCOPE (Kindle Locations 19715-20485). Many of the planning concepts and considerations identified by ASIS International, FEMA, and the National Fire Protection Association (NFPA) may be appropriate in other countries. Emergency management and disaster preparedness/ response structures, capabilities, and requirements vary from one country to another. Emergency planning handbook (2nd ed.) ASIS International (2003); Business Continuity Guideline; Organizational resilience: Security, preparedness and continuity management systems, ANSI/ASIS SPC. 1-2009.

  18. ASIS International & British Standards Institution, Inc. (2010). Business continuity management systems, ANSI/ASIS/BSI BCM. 01- 2010. Federal Emergency Management Agency. (1993). Emergency management guide for business and industry. FEMA Publication 141. Federal Emergency Management Agency. (2007a). National incident management system. FEMA Publication 501. http://www.fema.gov/pdf/emergency/nrf/nrfnims.pdf

  19. Federal Emergency Management Agency. (2010a). Comprehensive planning guide: A guide for all-hazard emergency operations planning. FEMA Publication CPG 101, Version 2.0. Federal Emergency Management Agency. (2010b). Guidance on planning for integration of functional needs support services in general population shelters. Federal Emergency Management Agency. (2007b). National Incident Management System Resource Center: Glossary. http://www.fema.gov/emergency/nims/Glossary.shtmGlo ssary.shtm

  20. Federal Emergency Management Agency. (2007b). National Incident Management System Resource Center: Glossary. http://www.fema.gov/emergency/nims/Glossary.shtmGlo ssary.shtm Federal Emergency Management Agency. (2010a). Comprehensive planning guide: A guide for all-hazard emergency operations planning. FEMA Publication CPG 101, Version 2.0. Federal Emergency Management Agency. (2010b). Guidance on planning for integration of functional needs support services in general population shelters.

  21. National Fire Protection Association. (2010). Standard on disaster/ emergency management and business continuity programs. NFPA 1600. Quincy, MA: National Fire Protection Association.

  22. CERTIFIED PROTECTION PROFESSIONAL (CPP) Certification Examination Review Certification Examination Review CERTIFIED PROTECTION PROFESSIONAL (CPP) Task 07/02 Prepare and plan how the organization will respond to incidents October 2017 Dennis Shepp, CPP

  23. CERTIFIED PROTECTION PROFESSIONAL (CPP) Certification Examination Review Knowledge of: 07/02/01 Resource management techniques 07/02/02 Emergency planning techniques 07/02/03 Triage and damage assessment techniques 07/02/04 Communication techniques and notification protocols 07/02/05 Training and exercise techniques 07/02/06 Emergency operations center (EOC) concepts and design 07/02/07 Primary roles and duties in an incident command structure October 2017 Dennis Shepp, CPP

  24. 07/02/03 Triage and damage assessment techniques POA: Crisis Management CHAPTER 1.5.9 PRIORITIES (Kindle Location 19976) Protect human life. Prevent or minimize personal injury. Reduce the exposure of assets. Optimize loss control for assets whose exposure cannot be reduced. Restore normal operations as quickly as possible. Time tested principles: Evacuation and shelter Personal protection Rescue and relief

  25. POA: Crisis Management, CHAPTER 1.7.6 EMERGENCY MEDICAL SERVICES (EMS), (Kindle Location 20243) Immediate and short-term care of injured persons a priority. Planners must consider: Availability of EMS personnel; transportation of injured; onsite EMS facilities; trained responders; triage (for mass casualty situations); coordinate with off-site medical facilities (ingress/egress) Triage - where trained medical personnel evaluate the injured and prioritize them for treatment. Post Incident medical care Organization provided support for victims/families.

  26. CERTIFIED PROTECTION PROFESSIONAL (CPP) Certification Examination Review 07/02/05 Training and exercise techniques POA Crisis Management; CHAPTER 1.5.6 Training, Drills and Exercises; Page 12/13 Training reinforced by exercises Various forms, table-top, walk-through emergency plan, full exercise involve outside agencies Test workability of the plan if further training needed. Identifies shortcomings See exercise planning template (CHAPTER 1-1 page 13) October 2017 Dennis Shepp, CPP

  27. 07/02/06 Emergency operations center (EOC) concepts and design POA: Crisis Management, CHAPTER 1.6.4 EMERGENCY OPERATIONS CENTERS AND COMMAND POSTS, (Kindle Locations 20095-20105). A business should identify a location for use as an emergency operations center (EOC) or crisis management center (CMC). The size, nature, and location of the organization may dictate the location and scope of its EOC/ CMC. Small organizations EOC/CMC - building manager s office, plant manager s office, or other individual s normal work area.

  28. Larger organizations may use a conference room or dedicated EOC/CMC that is used only in emergencies. During an emergency, the personnel managing the response to the event need to maintain full concentration on coordinating the response; therefore, access to the EOC/ CMC should be controlled. Regardless of the arrangement, the organization should also designate one or more alternate locations. The primary and alternate EOC/CMC locations should accommodate the CMT and provide redundant communications capabilities. The locations should have backup power and an independent supply of potable water. Effective communications vital.

  29. 07/02/07 Primary roles and duties in an incident command structure POA: Crisis Management, CHAPTER 1.6.2 INCIDENT COMMAND/ MANAGEMENT, (Kindle Locations 20037- 20049). The Incident Command System (ICS) is a command and control mechanism used by many public safety agencies and jurisdictions in the United States. ICS provides an expandable structure that can be used as needed to manage emergency agencies. ICS normally consists of five primary elements: command, operations, planning, logistics, finance & administration

  30. Several special staff positions, including public affairs, safety, and liaison, report directly to the incident commander (IC) when the emergency warrants establishment of those positions. If an incident requires a public safety response, the incident commander is normally the senior member of the responding agency. The response may involve only one agency and one jurisdiction. ICS is formally implemented based on size of the incident - single-incident command. Incident involves multiple agencies or jurisdictions - unified command (UC).

  31. Under UC, there is a collaborative approach to decision- making and a single incident command post, with the agencies involved in the incident participating in the process through direct representation or through the ICS liaison officer. Participating agencies may choose to operate with a single IC, who would normally be the senior representative of the lead agency or jurisdiction.

  32. Task 7.2.1 and 7.2.2 Prepare and plan how the organization will respond to incidents explaining resource management and emergency planning techniques POA: Crisis Management CHAPTER 1.5.5 PLANNING PROCESS, (Kindle Location 19908). For an effective plan - it must reflect the requirements of the organization to which it pertains. All persons tasked with responsibilities must clearly understand their responsibilities and be trained to fulfill them. The plan must be tested through practice, and it should be revised in light of such testing.

  33. An exercise or an actual implementation of the plan may point to the need for revisions, reassignment of responsibilities, or retraining of personnel, after which the plan should be retested. Most important- planning is a continuing process that is never finished as long as the plan exists. Plan All-Hazards - basic emergency plan, or emergency operations plan (EOP), with functional annexes (emergency call lists) that apply to multiple emergency situations, and threat-specific annexes (bomb threats) Stand-alone Plan plans for each type of event Hybrid Plan combination of the others.

  34. Task 7.2.4 and 7.2.5 Prepare and plan how the organization will respond to incidents explaining communication techniques and notification protocols and training and exercise techniques. POA: Crisis Management CHAPTER 1.6.5 COMMUNICATIONS (Kindle Locations 20112-20113) Interoperability, or the ability of different agencies and different jurisdictions to communicate with one another via wireless means, is a significant issue in the public safety community. Private line telephones (FX Foreign Exchange) should be acquired to replace existing switchboard systems overloading could occur in emergency. POA: Crisis Management CHAPTER 1.7.8 ALERT AND WARNING SYSTEM, (Kindle Locations 20288-20292) The emergency plan should provide a method of warning those occupying the facility when an emergency exists.

  35. The method used should be sufficient to alert individuals as quickly as possible so that appropriate action can be taken (for instance, evacuating an area of the facility). Many local building or fire and safety codes require emergency warning and communications systems in high rises and other specified types of structures. Existing communication systems a public address system or the telephone system may be used for indoor warnings. All those occupying the facility should know what the warning signals are and what actions they must take when a warning is given. The warning system should be tested periodically when employees are in the facility so they can experience and become familiar with the warning.

  36. Task 7.2.6 and 7.2.7 Prepare and plan how the organization will respond to incidents explaining emergency operations center (EOC) concepts and design and primary roles and duties in an incident command structure. POA: Crisis Management; CHAPTER 1.6.4 EMERGENCY OPERATIONS CENTERS AND COMMAND POSTS, (Kindle Locations 20095-20101). A business should identify a location for use as an emergency operations management center (CMC) from which the emergency response can be directed. center (EOC) or crisis

  37. During an emergency, the personnel managing the response to the event need to maintain full concentration on coordinating the response Access to the EOC/ CMC should be controlled. One or more locations designated (redundancy) Crisis Management Center A specific room or facility staffed by personnel charged with commanding, controlling and coordinating the use of resources and personnel in response to a crisis. (ASIS BCG pge7) POA: Crisis Management CHAPTER 1.6.2 INCIDENT COMMAND/ MANAGEMENT, (Kindle Location 20037) Command Operations Planning Logistics Finance & Administration

  38. If an incident requires a public safety response, the incident commander (IC) is normally the senior member of the responding agency. Collaborative approach to decision making and a single incident-command post. Organizations encouraged to develop own incident- command response plan, designate an IC and crisis management team (CMT). CMT: senior management - plans and operations - public affairs - human resources - facilities engineering - security - safety and occupational health - legal counsel - resource management- logistics chaplain employee union

  39. CMT: coordinating contingency plans coordinating resources and support needed by responding agencies coordinating with internal and external agencies, as required developing alternative presentation to decision makers developing a media management strategy and preparing appropriate press releases maintaining contact with victims and family members, as appropriate implementation of appropriate courses of action for

  40. ASIS/SHRM WVPI.1-2011 CHAPTER 5.2.7 CRISIS MANAGEMENT PERSONNEL and CHAPTER 11 POST INCIDENT MANAGEMENT Role of the CMT personnel for workplace violence incident Crisis containment Coordination with Threat Management Team Communications Notifications Crisis mental health response ASIS/SHRM WVPI.1-2011 CHAPTER 8.6 THREAT RESPONSE & 8.10 RESPONDING TO A VIOLENT WORKPLACE INCIDENT General considerations and response imperatives

  41. CERTIFIED PROTECTION PROFESSIONAL (CPP) Certification Examination Review Task 07/03 Respond to and manage an incident October 2017 Dennis Shepp, CPP

  42. CERTIFIED PROTECTION PROFESSIONAL (CPP) Certification Examination Review Knowledge of: 07/03/01 Resource management techniques 07/03/02 EOC management principles and practices 07/03/03 Incident management systems and protocols October 2017 Dennis Shepp, CPP

  43. Task 7.3.1 Respond to and manage an incident describing resource management techniques. POA: Crisis Management: CHAPTER 1.6.3 Crisis Management Teams; 1.6.4 Emergency Operation Centers and Command Posts; 1.6.5 Communications; 1.7.2 Emergency Response Agencies; 1.7.6 EMS; 1.7.7 Security and Fire Protection; 1.7.11 Resources and Logistics Above sections outline detailed resources required for incident response. Some equipment/resources dedicated for emergencies. Procurement requirement at time of emergency. Mutual aid agreements may provide interagency support arrangements.

  44. Key questions when planning for logistical support (procured equipment and services from outside the organization): o Required equipment or services o Quantity o Time frame o Duration required o What sources are available? o Is source capable of providing required resources? o How long for source to respond? o Costs o Can source be contacted after normal hours? o How will resources be delivered/transported? o Maintenance of leased equipment

  45. o Who has the authority to purchase/lease? o What documentation is required? o How often will resource list be reviewed and amended?

  46. Task 7.3.2 Respond to and manage an incident describing EOC management principles and practices.

  47. Task 7.3.2 Respond to and manage an incident describing EOC management principles and practices. These levels may aid organizations developing response plans and implementing triggers . CMT determines progression from one level to next. ASIS Business Continuity Guideline, page 19

  48. CERTIFIED PROTECTION PROFESSIONAL (CPP) Certification Examination Review Task 07/04 Recover from incidents by managing the recovery and resumption of operations October 2017 Dennis Shepp, CPP

  49. CERTIFIED PROTECTION PROFESSIONAL (CPP) Certification Examination Review Knowledge of: 07/04/01 Resource management techniques 07/04/02 Short and long-term recovery strategies 07/04/03 Recovery assistance resources 07/04/04 Mitigation opportunities in the recovery process October 2017 Dennis Shepp, CPP

Related


CPP Teacher Intern Program Orientation 2023-2024

CPP Teacher Intern Program Orientation 2023-2024

alivia
Navigating the Palo Alto PCSFE Certification:- Insights and Preparation

Navigating the Palo Alto PCSFE Certification:- Insights and Preparation

RUCHI95
MTM Certification Process

MTM Certification Process

keziah
Cisco 300-220 Certification: All You Need to Know

Cisco 300-220 Certification: All You Need to Know

RUCHI95
CNA Gerontological Nursing Certification

CNA Gerontological Nursing Certification

africa
Certification Process in Accordance with Part 132 - Illinois Department of Human Services

Certification Process in Accordance with Part 132 - Illinois Department of Human Services

indira
Transforming Buildings with EDGE Certification

Transforming Buildings with EDGE Certification

franz
Academic Department Management Workshop on Examination Processes and Irregularities

Academic Department Management Workshop on Examination Processes and Irregularities

dion
Comprehensive Guide to Ophthalmic Examination in Veterinary Medicine

Comprehensive Guide to Ophthalmic Examination in Veterinary Medicine

shivani
Guidelines for Lecturer Evaluations and Entitlements at CPP

Guidelines for Lecturer Evaluations and Entitlements at CPP

kiyan
Initial Teacher Certification Webinar Overview

Initial Teacher Certification Webinar Overview

minerva
Organic Certification and NPOP in India

Organic Certification and NPOP in India

miracle
ACSI Certification Process for Early Education: Strengthening Christian Schools

ACSI Certification Process for Early Education: Strengthening Christian Schools

ssaj
The Influence of Maryland Green School Certification on Student Achievement Research Study

The Influence of Maryland Green School Certification on Student Achievement Research Study

afeag
European Framework of Certification for Trustworthy Digital Repositories

European Framework of Certification for Trustworthy Digital Repositories

sid_fla
Overview of Advanced Registered Nurse Practitioner Roles in Iowa

Overview of Advanced Registered Nurse Practitioner Roles in Iowa

eva_fai
Certified Professional in Online Instruction: Promoting Quality and Credibility in Distance Education

Certified Professional in Online Instruction: Promoting Quality and Credibility in Distance Education

maesonro
Certified Protection Professional (CPP) Certification Examination Review

Certified Protection Professional (CPP) Certification Examination Review

jwans
Advancing Laboratory Profession and Networks in Africa: Training and Certification for POC Sites and Testers

Advancing Laboratory Profession and Networks in Africa: Training and Certification for POC Sites and Testers

nkem
SPP Public Information Update on CPP Transition Study and CNAT Priorities

SPP Public Information Update on CPP Transition Study and CNAT Priorities

macint
Evaluation of 2015 California Statewide Critical Peak Pricing Program

Evaluation of 2015 California Statewide Critical Peak Pricing Program

cam_fa
Comprehensive Training and Certification Programs for Homeland Security Professionals

Comprehensive Training and Certification Programs for Homeland Security Professionals

trayton

More Related Content