Security Manual

The Security manual establishes and states the policies governing the company’s Security Program. These policies define management’s arrangements for managing operations and activities in the event of a major business interruption due to natural disaster event or a manmade act.  These top-level policies represent the plans or protocols for establishing quality Security procedures. The sample Security manual covers the topics to be addressed when establishing a Security program. This sample is intended only to provide an example of wording that might be used in a Security manual. This sample wording can be helpful in generating ideas for developing a manual for your own company.  However, Security policies should be drafted as appropriate and as necessary to accurately reflect your company’s Security Planning requirements. (36 pages, 8254 words)

The Security Manual is designed to help implement policies and procedures that will protect the company’s personnel, material assets and intellectual property, and which will insure a safe business environment for clients and company personnel. It assists the company in establishing minimum standards for the installation and operation of all security devices, and to implement procedures to both discourage crimes and to assist in the identification of individuals who commit such acts. This manual covers:

INTRODUCTION AND PURPOSE OF THE SECURITY PROGRAM 

SCOPE

• RESPONSIBILITY
• EXCLUSIONS
  • Internal Auditing
  • Personnel Investigations
  • Information Systems
  • Accounting
  • Disaster Recovery

MANAGEMENT RESPONSIBILITY 

• SECURITY ORGANIZATION
  • Operations Department Organization Chart
  • Controller Responsibilities
  • Security Director Responsibilities
  • Office and Department Managers Responsibilities
  • Operations Staff Responsibilities
• MANAGEMENT COMMITMENT
• MANAGEMENT PHILOSOPHY
• PLANNING
• RESPONSIBILITY, AUTHORITY, COMMUNICATION
  • Management Representative
  • Internal communication
• MANAGEMENT REPORTING
  • Review Input
  • Review Output

BUSINESS CONDUCT 

• Ethical Standards
• Integrity

SECURITY PLANNING 

• OBJECTIVE
• REQUIREMENTS
  • Resources
  • Infrastructure
  • Internal Controls
  • Audit Findings
• TRANSACTIONS
  • Authorization
  • Timing
  • Accuracy
• DOCUMENTATION
  • Security Manager’s Manual
  • Forms Development & Control
  • Control of Records
  • Security Transactions
  • Referenced Procedures
• SECURITY
  • Physical Security
  • Disaster Security
  • Information Security
  • Internal communication
• MANAGEMENT REVIEW
  • General
  • Review Input
  • Review Output

RESOURCE MANAGEMENT 

• PROVISION OF RESOURCES
• COMPETENCE, AWARENESS AND TRAINING
• INFRASTRUCTURE

POLICY AND PROCEDURE STATEMENTS

• DEFINITIONS OF STATEMENTS
• ISSUANCE OF STATEMENTS
• DISTRIBUTION OF STATEMENTS
• MAINTAINING THE SECURITY PROGRAM MANUAL
• CANCELLATION AND PURGING
• INDEXING

TYPES OF SECURITY 

• PHYSICAL SECURITY
• CONCENTRIC SECURITY