Security Process: Perception, Cognition, Decision & Action
Security Process: From Perception to Action
A security process unfolds through several key stages, beginning with perception and progressing through cognition, decision, and finally, action. Effective security administration relies on accurate perception of stimuli, followed by correct interpretation and communication.
Perception
Accurate and relevant perception is the foundation of a robust security process. Perceptions must be transformed into knowledge through a cognitive process. This involves identifying threats, preparing profiles, and establishing communication channels for efficient processing.
Cognition
Cognition encompasses the mental processes of knowing, perceiving, and judging. It allows individuals to interpret their surroundings. Perception and cognition are intertwined; we cannot perceive what we haven’t encountered before. Understanding the desired level of protection and the specific threats is crucial for effective security.
Security decisions often need to be made quickly, sometimes under high-stress conditions where emotions can influence the decision-making process.
Decision
The decision-making phase involves:
- Qualitative and Quantitative Analysis: Assessing the quantity and quality of each course of action using analytical techniques. Due to the dynamic nature of threats and the psychological factors involved, no single technique guarantees a perfect outcome.
- Choosing the “Best” Course of Action: Selecting a strategic course of action, often combining multiple measures (people, systems, etc.) to achieve a specific goal. This course of action is then implemented by the administration.
Security decisions often require a focused approach.
Administration
This phase consists of two steps:
- Implementation: Putting the chosen course of action into effect. This can involve challenges such as communication between decision-makers, planners, and the executive branch, as well as negotiation and compromise between different stakeholders.
- Evaluation: Assessing the results of the implemented measures. This may involve temporarily suspending activities to gather data and analyze the effectiveness of the new security measures.
Defining the Problem
A security problem often comprises multiple sub-problems, each with its own context and priority level (identification, comparison, quantification, acceptability, legal and social aspects, etc.). This requires a combination of problem-solving processes. Defining the security context is crucial for establishing priorities and applying appropriate decision-making criteria.
Once the context is defined and primary criteria are identified, the methodology involves identifying the initial state and goal state (problem definition), and breaking down the problem into smaller, more manageable parts (identifying alternative courses of action).
Levels of Decision-Making in Organizations
Security decisions occur at three levels: strategic, administrative, and tactical.
- Strategic Level: The highest level, where security criteria are chosen, policies are set, plans are developed, and emergencies or crises are managed.
- Administrative Level: Responsible for allocating responsibilities, organizing resources, and specifying development.
- Tactical Level: Develops security projects, plans activities, and conducts monitoring and inspections.
The strategic level guides the administrative level, which in turn guides the tactical level. It’s crucial for the tactical level to inform the strategic level if a decision isn’t achieving its objectives so adjustments can be made.
Safety Program or Plan
Formulating a safety program is the third stage of problem-solving and involves management principles and operational research techniques. The Safety Officer or consultant gathers information from the internal environment regarding the feasibility of proposed measures and the effectiveness of existing ones. They report needs and problems (with solutions) to higher levels and can influence policy or strategy.
A safety program is a resource allocation scheme encompassing six components: intelligence, people, structures, systems, plans and procedures, and controls. It’s an open system subject to change and requires addressing six key questions: What, Who, Why, Where, When, and How. Answering these questions involves considering the relationship between the main element under consideration and the other components.