General Vulnerability Assessment Tool GR/ENG

1
Name
First Name
Last Name
2
Email
example@example.com
3
Make a List with Site's main AssetsAn asset is any onsite or offsite activities; process(es); systems; subsystems; buildings or infrastructure; rooms; capacities; personnel; or response, containment, mitigation, resiliency, or redundancy capabilities that support the storage, handling, processing, monitoring, inventory/shipping, security, and/or safety of the facility’s chemicals. Assets include but are not limited to: • Physical security infrastructure, activities, procedures, personnel, or measures that comprise all or part of the facility’s system for managing security risks; • Physical safety infrastructure, activities, procedures, personnel, or measures that comprise all or part of the facility’s system for managing process safety and emergency response measures; • Cyber systems involved in the management of processes, process safety, security, product or material stewardship, or business management and control; • Vessels, process equipment, piping, transport vessels, or any container or equipment used in the processing or holding of chemicals; • On-site and off-site response protocols; • Warehouses, vaults, storage bays, and similar infrastructure; and • Specially trained, qualified personnel who are engaged in the management of security and safety risk.
Huge
Large
Normal
Small
Ok
Ok
4
Make a list with all Site's Critical AssetsA critical asset is any onsite or offsite activities; process(es); systems; subsystems; buildings or infrastructure; rooms; capacities; personnel; or response, containment, mitigation, resiliency, or redundancy capabilities that support the storage, handling, processing, monitoring, inventory/shipping, security, and/or safety of the facility’s chemicals, whose theft, diversion, loss, damage, disruption, or degradation would result in a significant adverse impact to human life, national security, or a critical economic asset.
Huge
Large
Normal
Small
Ok
Ok
5
Upload a map with marks on the critical assets position
Drag and drop files here
Select files to upload
Max. file size: 10.6MB
Cancelof
6
Q.1.1 Detection Measures and Identified VulnerabilitiesYou must describe the detection security posture and potential vulnerabilities. Specifically, you are asked to provide a high-level description of the protective measures that are in place to monitor the perimeter and/or critical asset(s) and to detect attacks at early stages. For example, detection security measures may include some combination of (1) personnel or protective force monitoring through stationed positions or roving patrols, (2) intrusion detection systems (IDS), (3) closed circuit television systems (CCTV), (4) lighting, (5) process controls and alarms, and (6) inventory control. After describing the current detection security posture, you should use this information to identify any gaps or vulnerabilities in your posture. For example, potential vulnerabilities may include (1) access points to the perimeter and/or critical asset(s) not currently covered by a method of detection, (2) inoperable or ineffective monitoring system, and (3) lack of training or procedures to support the monitoring capability.
Huge
Large
Normal
Small
Ok
Ok
7
Q.1.2 Delay Measures and Identified VulnerabilitiesHere we describe the delay security posture and potential vulnerabilities. When answering this question we consider all delay measures used to secure the perimeter and/or critical asset(s) and afford the facility sufficient time in which to detect an attack prior to the attack becoming successful and allow for appropriate response. For example, delay security measures may include some combination of (1) fencing and walls, (2) vehicle barriers, (3) locking mechanisms, (4) access control, (5) key and credential accountability programs, and (6) screening and inspections. After describing the current delay security posture, you should use this information to identify any gaps or vulnerabilities in your posture. For example, potential vulnerabilities may include (1) access points to the perimeter and/or critical asset(s) lacking an appropriate barrier or locking mechanism, (2) inoperable or ineffective access control system, and (3) lack of training or procedures to support the delay capability.
Huge
Large
Normal
Small
Ok
Ok
8
Q.1.3 Responce Measures and Identified VulnerabilitiesHere we describe your response capability and potential vulnerabilities. To answer this question, we provide information related to developing and exercising an emergency plan within the facility to respond to security incidents internally and with the assistance of local law enforcement and first responders. For example, response security measures may include (1) crisis management plans, (2) elevated and specific threat procedures, (3) communications equipment, (4) outreach with local law enforcement and first responders, (5) security drills and exercises, and (6) release mitigation capabilities. After describing the current response capability, you should use this information to identify any gaps or vulnerabilities in your posture. For example, potential vulnerabilities may include (1) incomplete or lacking documentation, (2) insufficient resources internally or externally, and (3) lack of training or procedures to support the response capability.
Huge
Large
Normal
Small
Ok
Ok
9
Q.1.4 Policies, Procedures, and Resources and Identified VulnerabilitiesHere we provide measures and vulnerabilities related to the policies, procedures and resources necessary to support the application and management of the facility’s security plan and posture. For example, these measures may include (1) inspection, testing, and maintenance program, (2) security awareness and training program, (3) personnel surety, (4) incident reporting and investigations, (5) security organization, and (6) recordkeeping. After describing the current policies, procedures, and resources, you should use this information to identify any gaps or vulnerabilities in your posture. For example, potential vulnerabilities may include (1) incomplete or lacking documentation, (2) insufficient resources to manage the security plan, and (3) lack of training to support the security plan.
Huge
Large
Normal
Small
Ok
Ok
10
Q.2.1 Security ForceSelect Yes if the facility maintains onsite security personnel. Other wise, select No.
YESNO
11
Q.2.2 Security Force EquipmentIf you select Yes for Question , you MUST answer this question.
YESNO
12
Q.2.2.1 What equipment ?Provide an explanation
13
Q.2.3 Onsite Security Force PersonnelIf you select Yes for Question , you MUST answer this question.
YESNO
14
Q.2.3.1 About Onsite Security Force Personnel
Please enter the number of guards deployed per shift
Please enter the total number of guards deployed (all shifts)
Enter the average response time in minutes for the initial onsite security representative to engage adversaries
15
Q.2.4 Personnel PresenceYes if the facility operates 24 hours a day and 7 days a week.
YESNO
16
Q 2.4.1 Number of employees onsiteEnter the minimum number of personnel onsite for each time period.
17
Q.2.5 Posted PersonnelYes if the facility utilizes posted personnel to provide surveillance of areas and identify unauthorized activities and/or access to materials.
YESNO
18
Q.2.6 Personnel DetectionYes if facility utilizes personnel for detection.
YESNO
19
Q.2.7 Mobile PatrolsYes if the facility utilizes mobile patrol type at facility’s perimeter and any identified assets.
YESNO
20
Q.2.8 Offsite Security Force PersonnelYes if the facility utilizes mobile patrol type at facility’s perimeter and any identified assets.
YESNO
21
Q.2.8.1 Offsite Security Force Personnel Response timeEnter the estimated average response time for the initial offsite security representative to engage adversaries if an incident occurred at your facility AND; Mention if these response times are documented and tested in response exercises.
22
Q.2.9 Communication Between Management and Workforce with scope to Security Yes if the facility HAS a program to ensure and enhance communication between management and facility personnel to reduce workplace violence, prevent sabotage and improve security awareness.
YESNO
23
Q.3.1 Intrusion Detection Systems (IDS)Select Yes if the facility utilizes an IDS. Otherwise, select No.
YESNO
24
Q.3.1.1 Intrusion Detection Systems (IDS) Backup Power SupplyIf you select Yes for Question Q.3.1, you MUST answer this question.
YESNO
25
Q.3.1.2 Intrusion Detection Systems(IDS) ControlIf you select Yes for Question Q.3.1, you MUST answer this question. Yes if the facility’s IDS can be controlled at the location. No if the facility does not use the location to control the IDS.
YESNO
26
Q.3.1.3 Intrusion Detection Systems(IDS) AdministrationIf you select Yes for Question Q.3.1, you MUST answer this question. Yes if facility’s IDS can be administered at that location. No if the facility does not use the location for IDS administration .
YESNO
27
Q.3.1.4 Intrusion Detection Systems (IDS) MonitoringIf you select Yes for Question Q.3.1, you MUST answer this question.Yes if facility’s IDS can be monitored at the location. No if the facility does not use the location for monitoring the IDS. .
YESNO
28
Q.3.1.5 Intrusion Detection Systems (IDS) Monitoring FrequencySelect the answer that most accurately describes the monitoring frequency of your facility’s IDS.
29
Q.3.2.1 Fence Mounted SensorsHere we describe intrusion detection technology deployed within the facility. If sensor exists then yes
YESNO
30
Q.3.2.1 Fence Mounted SensorsType
31
Q.3.2.2 Volumetric SensorsHere we describe intrusion detection technology deployed within the facility. If sensor exists then yes
YESNO
32
Q.3.2.2 Volumetric SensorsType
33
Q.3.2.3 Beam SensorsHere we describe intrusion detection technology deployed within the facility. If sensor exists then yes
YESNO
34
Q.3.2.3 Beam SensorsType
35
Q.3.2.5 Window Mounted SensorsHere we describe intrusion detection technology deployed within the facility. If sensor exists then yes
YESNO
36
Q.3.2.5 Window Mounted SensorsType
37
Q.3.2.6 Gate/Door SensorsHere we describe intrusion detection technology deployed within the facility. If sensor exists then yes
YESNO
38
Q.3.2.6 Gate/Door SensorsType
39
Q.3.2.7 Wall Mounted SensorsHere we describe intrusion detection technology deployed within the facility. If sensor exists then yes
YESNO
40
Q.3.2.7 Wall Mounted SensorsHere we describe intrusion detection technology deployed within the facility. If sensor exists then yes
41
Q.3.3.1 Sufficient Illuminations LevelsYes if the facility provides sufficient illumination levels for security, safety, and surveillance. (“Sufficient illumination” is lighting that permits individual(s) to perform their duties, provide appropriate surveillance, and properly utilize all security equipment (e.g., CCTV systems).
YESNO
42
Q.3.3.2 Security Lighting Backup Power SupplyYes if security lighting has a backup power supply.
YESNO
43
Q.3.3.3 Lighting in Security AreasYes if lighting system covers the area of the facility. No if lighting system DOES NOT cover the area.
YESNO
44
Q.3.3.4 Security Gates Covered by Security LightingYes if lighting system covers the area
YESNO
45
Q.3.3.5 Critical Assets Covered by Security LightingYes if lighting system covers the area
YESNO
46
Q.3.4.1 Closed Circuit Television (CCTV)Yes, if the facility utilizes a CCTV system. Otherwise, No.
YESNO
47
Q.3.4.1.1 CCTV System Backup Power SupplyYes if the CCTV system has a backup power supply. Otherwise, No.
YESNO
48
Q.3.4.1.2 CCTV Coverage AreaYes if CCTV system covers the area within the facility. Otherwise, No.
YESNO
49
Q.3.4.1.3 CCTV Integration with Access Control SystemYes if CCTV system is integrated with access control system (ACS). Otherwise, No.
YESNO
50
Q.3.4.1.4 CCTV Integration with Intrusion Detection SystemYes, if CCTV system is integrated with the intrusion detection system. Otherwise, No.
YESNO
51
Q.3.4.1.5 CCTV System ControlYes if your CCTV system can be controlled at the location.Otherwise, No
YESNO
52
Q.3.4.1.6 CCTV System AdministrationYes if CCTV system can be administered at the location. Otherwise, No.
YESNO
53
Q.3.4.1.7 CCTV CCTV System MonitoringYes if CCTV system can be monitored at the location. Otherwise, No.
YESNO
54
Q.3.4.1.8 CCTV System Staffing and MonitoringDescribe
Huge
Large
Normal
Small
Ok
Ok
55
Q.3.4.1.9 CCTV Facility CoverageAnswers below are positive percentages integer and not greater than 100.
Percentage of facility’s CCTV coverage at Perimeter Fencing
Percentage of facility’s CCTV coverage at Gates Monitoring
Percentage of facility’s CCTV coverage at Critical locations (critical assets, loading/unloading areas, storage vessels, etc.).
56
Q.3.5.1 Are There Any Process Controls Functions Supporting Facility's Detection Measures ?
YESNO
57
Q.3.5.1 Process Controls DescriptionHere we describe the process control functions supporting facility’s detection measures.
Huge
Large
Normal
Small
Ok
Ok
58
Q.3.6.1 Are there Any Inventory Controls ?
YESNO
59
Q.3.6.2 Are there Any Inventory Control Records?
YESNO
60
Already proposed and scheduled security measures that enhance facility’s detection measures
Huge
Large
Normal
Small
Ok
Ok
61
Q.3.8.1 Describe facility’s security plan for its delay measuresDelay means physically limiting the accessibility of the facility or critical asset(s) such that there is a low likelihood of an adversary successfully breaching the facility perimeter or critical asset(s) or using the area immediately outside of the facility’s perimeter to launch an attack. Completely adequate perimeter security is rarely achievable through the deployment of a single security barrier; rather an optimal security solution typically involves the use of multiple protective measures providing layers of security. Layering of security measures can be achieved in many different manners, such as incorporating different types of security measures (e.g., integrating physical protective measures, such as barriers, lighting, and electronic security systems, with procedural security measures, such as procedures guiding how security personnel should respond to an incident). A layered approach to perimeter security potentially increases the opportunity to use existing facility and natural features or more applicable technologies to meet the performance objectives at a reduced cost.
Huge
Large
Normal
Small
Ok
Ok
62
Q.3.9.1 Perimeter ExistenceYes if facility has a perimeter.
YESNO
63
Q.3.9.2 Defined PerimeterYes if facility has a defined perimeter marked by company property, has no trespassing signage, fencing, or other barriers.
YESNO
64
Q.3.9.3 Defined Perimeter CharacteristicsYes if facility uses the measure to define its perimeter. Select No if facility does not use the perimeter characteristic.
YESNO
65
Q.3.9.4 Maintain Standoff DistanceYes if the facility maintains standoff distance. Standoff distance is a security measure that focuses on preventing unscreened people and vehicles from approaching within a certain distance of the facility perimeter or a critical asset. Otherwise, select No.
YESNO
66
Q.3.9.5 Topographical Barriers ExistenceYes if the facility has topographical barrier. Select No if the facility does not have the barrier.
YESNO
67
Q.3.9.5 Perimeter Topographical Barriers Existence
Drag and drop files here
Select files to upload
Max. file size: 10.6MB
Cancelof
68
Q.3.9.6 Landscaping Barriers ExistenceYes if the facility has topographical barrier. Select No if the facility does not have the barrier.
YESNO
69
Q.3.9.6 Perimeter Landscape Barriers Existence
Drag and drop files here
Select files to upload
Max. file size: 10.6MB
Cancelof
70
Q.3.9.7 Vegetation ExistenceYes if the facility has Vegetation near to fences. Select No if the facility does not have any Vegetation.
YESNO
71
Q.3.9.7 DescribeFor example, a clear zone (i.e., zones that are not subject to environmental disturbances, such as foliage, birds, squirrels, etc.) can be present on either side of the facility’s fence that allows persons to be detected at the boundary.
Huge
Large
Normal
Small
Ok
Ok
72
Q.3.9.8 Does The Facility Use Top Guard Type Fence ?
YESNO
73
Q.3.9.9 Does The Facility Use Wall Type Fence ?
YESNO
74
Q.3.9.10 Does The Facility and/or Critical Assets Utilise Gates/Doors ?
YESNO
75
Q.3.9.10.1 Gates/Doors Material
76
Q.3.9.11 Does The Facility Utilise Anti Personnel Barriers ?Yes if the facility uses the anti- personnel barrier. Select No if the facility does not use the barrier.
YESNO
77
Q.3.9.11 Does The Facility Utilise Access PointsYes if the facility uses the Access Controll. Select No if the facility does not use the barrier.
YESNO
78
Q.3.10.1 Are Restricted Areas Defined ?
YESNO
79
Q.3.10.2 Screening for Restricted Area Access
YESNO
80
Q.3.10.3 Rules for Restricted Areas Access Like 2-Person rule Existence
YESNO
81
Q.3.10.4 Internal Barriers for Restricted Areas Existence
YESNO
82
Q.3.11.1 Facility’s overall Screening Process of Entering Personnel and Vehicles
Huge
Large
Normal
Small
Ok
Ok
83
Q.3.11.2 Does the Facility Inspects Vehicles Seeking to Access it ?
YESNO
84
Q.3.11.3 Does the Facility Inspects Inbound Trucks & Railcars ?
YESNO
85
Q.3.11.2/3.1 Inbound Vehicle/Trucks Inspection Methods
Not Allowed on site (Facility does not allow the vehicle type to enter the facility)
Inspection of all vehicles (The facility inspects all the vehicles of the listed type prior to entering the facility)
Inspection of a percentage of vehicles (The facility performs random inbound vehicle inspections of the vehicle type listed)
Other
86
Q.3.11.4 Does the Facility Inspects Inbound Hand Carried Item Inspections
YESNO
87
Q.3.11.4.1 Describe Inbound Hand Carried Item Inspection Method
88
Q.3.11.5 Are Vehicles Allowed to Access Into Restricted Areas ?
YESNO
89
Q.3.11.5 Are Outbound Vehicles Inspected ?
YESNO
90
Q.3.11.5.1 Outbound Vehicle/Trucks Inspection Methods
Not Allowed on site (Facility does not allow the vehicle type to enter the facility)
Inspection of all vehicles (The facility inspects all the vehicles of the listed type prior to entering the facility)
Inspection of a percentage of vehicles (The facility performs random inbound vehicle inspections of the vehicle type listed)
Other
91
Q.3.11.6 Does the Facility Inspects Outbound Hand Carried Item Inspections
YESNO
92
Q.3.11.6.1 Describe Outbound Hand Carried Item Inspection Method
93
Q.3.12.1 Does the Facility Uses any Identification Verification Method ?
YESNO
94
Q.3.12.2 Does the Facility Utilise Personnel Access Control ?Yes if your facility uses the Access Control System (ACS) interface. Select No if your facility does not use the interface.
YESNO
95
Q.3.12.3 Does the Personnel, Contractors, and/or Visitors Required to Have Budges?
YESNO
96
Q.3.12.4 Does the Facility Require Photo Badge Usage?
YESNO
97
Q.3.12.5 Does the Facility Utilize Any Policies for Visitors and/or Contractors?
YESNO
98
Q.3.12.6 Describe The Policies Enforced By the The Facility
Huge
Large
Normal
Small
Ok
Ok
99
Q.3.13.1 Does the Facility Utilise Access Control System?Yes if your facility uses the Access Control System (ACS) interface. Select No if your facility does not use the interface.
YESNO
100
Q.3.13.2 Does the Access Control System can be controlled at the Location?
YESNO
101
Q.3.13.3 Does the Access Control System Have Backup Power Supply?
YESNO
102
Q.3.13.4 Does the Access Control System Logs Monitored at the Location?
YESNO
103
Q.3.14.1 Does The Facility Uses Any Additional Vehicle Restriction Method ?
YESNO
104
Q.3.14.1 Describe
105
Q.3.14.2 Does The Facility Uses Any Vehicle Identification Method ?
YESNO
106
Q.3.14.2 Describe
107
Q.3.14.3 Does The Facility Uses Any Calming/Speed Reduction Measures ?
YESNO
108
Q.3.14.4 Does The Facility Utilise Any Employee Parking Restrictions ?
YESNO
109
Q.3.14.5 Does The Facility Utilise Any Contractor Parking Restrictions ?
YESNO
110
Q.3.14.6 Does The Facility Utilise Any Delivery Parking Restrictions ?
YESNO
111
Q.3.14.7 Does The Facility Utilise Any Visitor Parking Restrictions ?
YESNO
112
Q.3.14.8 Does The Facility Utilise Any Anti Vehicle Measures ?
YESNO
113
Q.3.14.8.1 Does The Facility's Anti Vehicle Measure have Backup Power ?
YESNO
114
Q.3.15.1 Does The Facility Have a Key Inventory/Control Program For Managing key/lock, Combinations, & Access Credentials Controls and accountability
YESNO
115
Q.3.15.1 Describe1. Facilitie΄s Key Inventory Measure. 2. Facilitie's key compromise procedures.
Huge
Large
Normal
Small
Ok
Ok
116
Response within the security plan context primarily refers to the response of appropriately trained personnel (either facility personnel or external first responders) to a threat or actual theft or release of Chemical of Interest (COI). This includes plans to mitigate or respond to the consequences of a security incident and to report security incidents internally and externally in a timely manner. An appropriate response should involve not only designated facility emergency response personnel but all facility personnel (including security personnel), as well as local law enforcement and other off-site emergency responders. Response security measures should address the identification of hazards and the proper response plans. Response plans should identify the numbers, capabilities, equipment, and training of the various response personnel. Properly equipped personnel, who understand the potential consequences of a security incident and the need for timely, effective actions, coupled with well- rehearsed response plans reduce the probability of an attack achieving the adversaries’ desired goals. Additionally, response personnel practiced in their response plans help ensure that onsite responders and local law enforcement, firefighting, ambulance, mutual aid, and rescue agencies are familiar with the facility and the chemicals stored onsite and that they are not impeded from reaching the location of the security event.
117
Q.4.1 Does The Facility Have a Response Plan ?
YESNO
118
Q.4.2 Does The Response Plan include Crisis Management Plan ?
YESNO
119
Q.4.3 Does The Crisis Management Plan include Emergency & Shut down Plans ?
YESNO
120
Q.4.4 Does The Crisis Management Plan include Evacuation Plans ?
YESNO
121
Q.4.5 Does The Crisis Management Plan include re-entry-recovery Plans ?
YESNO
122
Q.4.6 Does The Crisis Management Plan include Community Notification Plans ?
YESNO
123
Q.4.7 Does The Crisis Management Plan include Emminent Threat Plan ?Documented process for increasing security measures during periods of elevated threats
YESNO
124
Q.4.8 Is there a schedule for Response Drills and exercises ?
YESNO
125
Q.4.8.1 Frequency for all exercises?
Frequency
Evacuation Plan Exercise
Row 0, Column 0
Community Notification Exercise
Row 1, Column 0
Emergency & Shut Down Plan Exercise
Row 2, Column 0
Re-Entry Recovery Plan Exercise
Row 3, Column 0
Evacuation Plan Exercise
Community Notification Exercise
Emergency & Shut Down Plan Exercise
Re-Entry Recovery Plan Exercise
Frequency
Row 0, Column 0
Frequency
Row 1, Column 0
Frequency
Row 2, Column 0
Frequency
Row 3, Column 0
1 of 4
126
Q.4.8 Is there a schedule for Response Drills and exercises ?
YESNO
127
Q.4.8 Does the Facility Have An Emergency Command Center ?
YesNo
128
Q.4.9 Does the Facility Have An Emergency Backup Power ?
YESNO
129
Q.4.9 Does the Facility Utilise Response Equipment ?
YESNO
130
Q.5.1 Does The Facility Have Communication Plan ?
YESNO
131
Q.5.2 Does The Facility Utilise Communication Equipment ?
YESNO
132
Q.5.2.1 What Equipment ?
133
Q.5.3.1 Does The Facility Have Written Procedures to ensure that all security equipment applicable to the facility (e.g., IDS, CCTV, ACS, lighting, locking mechanisms, process controls/safeguards) is maintained in proper working order.
YESNO
134
Q.5.3.2 Written Procedures
YES
NO
IDS Monitoring Written Procedure
Row 0, Column 0
Row 0, Column 1
CCTV Monitoring Written Procedure
Row 1, Column 0
Row 1, Column 1
ACS Monitoring Written Procedure
Row 2, Column 0
Row 2, Column 1
Lighting Monitoring Written Procedure
Row 3, Column 0
Row 3, Column 1
Locking Mechanism Monitoring Written Procedure
Row 4, Column 0
Row 4, Column 1
IDS Monitoring Written Procedure
CCTV Monitoring Written Procedure
ACS Monitoring Written Procedure
Lighting Monitoring Written Procedure
Locking Mechanism Monitoring Written Procedure
YES
Row 0, Column 0
NO
Row 0, Column 1
YES
Row 1, Column 0
NO
Row 1, Column 1
YES
Row 2, Column 0
NO
Row 2, Column 1
YES
Row 3, Column 0
NO
Row 3, Column 1
YES
Row 4, Column 0
NO
Row 4, Column 1
1 of 5
135
Q.5.1 Training Programs
YES
NO
Security Awareness and Training Program
Row 0, Column 0
Row 0, Column 1
Site Security Officer Training
Row 1, Column 0
Row 1, Column 1
Security Personnel Training
Row 2, Column 0
Row 2, Column 1
All Employees Emergency Response Training
Row 3, Column 0
Row 3, Column 1
Locking Mechanism Monitoring Written Procedure
Row 4, Column 0
Row 4, Column 1
Security Awareness and Training Program
Site Security Officer Training
Security Personnel Training
All Employees Emergency Response Training
Locking Mechanism Monitoring Written Procedure
YES
Row 0, Column 0
NO
Row 0, Column 1
YES
Row 1, Column 0
NO
Row 1, Column 1
YES
Row 2, Column 0
NO
Row 2, Column 1
YES
Row 3, Column 0
NO
Row 3, Column 1
YES
Row 4, Column 0
NO
Row 4, Column 1
1 of 5
136
Q.6.1 The following security incidents should be considered as reportable to facility security personnel,
YES
NO
unauthorized, successful or unsuccessful breaches of the perimeter;
Row 0, Column 0
Row 0, Column 1
unauthorized, successful or unsuccessful breaches of the critical asset(s)
Row 1, Column 0
Row 1, Column 1
COI inventory control issues
Row 2, Column 0
Row 2, Column 1
suspected theft of COI;
Row 3, Column 0
Row 3, Column 1
unauthorized release of COI;
Row 4, Column 0
Row 4, Column 1
sabotage or contamination of COI;
Row 5, Column 0
Row 5, Column 1
suspicious orders for COI; and
Row 6, Column 0
Row 6, Column 1
any act of tampering with malicious intent to critical physical or cyber asset(s).
Row 7, Column 0
Row 7, Column 1
unauthorized, successful or unsuccessful breaches of the perimeter;
unauthorized, successful or unsuccessful breaches of the critical asset(s)
COI inventory control issues
suspected theft of COI;
unauthorized release of COI;
sabotage or contamination of COI;
suspicious orders for COI; and
any act of tampering with malicious intent to critical physical or cyber asset(s).
YES
Row 0, Column 0
NO
Row 0, Column 1
YES
Row 1, Column 0
NO
Row 1, Column 1
YES
Row 2, Column 0
NO
Row 2, Column 1
YES
Row 3, Column 0
NO
Row 3, Column 1
YES
Row 4, Column 0
NO
Row 4, Column 1
YES
Row 5, Column 0
NO
Row 5, Column 1
YES
Row 6, Column 0
NO
Row 6, Column 1
YES
Row 7, Column 0
NO
Row 7, Column 1
1 of 8
137
Q.6.2 Does The Facility Implement Specific Procedures For Reporting Security Incidents ?
YESNO
138
Q.6.2.1 What Exactly?
139
Q.6.3 Does The Facility Keep Record Reported Security Incidents ?
YESNO
140
Q.6.4 Does The Facility Have Specific Procedures about Record Content,Disposal and availability ?
YESNO
Should be Empty: