Presentation is loading. Please wait.

Presentation is loading. Please wait.

Physical Security Governance Model

Published byRandell Lindsey Modified over 6 years ago

Similar presentations

Presentation on theme: "Physical Security Governance Model"— Presentation transcript:

1 Physical Security Governance Model
JUNE 2012 GENERAL MILLS • PEOPLE PROPERTY BRANDS

2 Background General Mills operates more than 600 facilities worldwide ranging from manufacturing, warehousing and distribution operations to offices and retail restaurant outlets, which cumulatively have a net insurable value, including all associated physical assets, in excess of $15,000,000,000. Total facility values are considerably higher when accounting for intellectual property, personnel and business interruption values at each location.

3 Physical Security - Operations
Responsibilities Facility security guidance Site surveys and assessments Perimeter security (fencing, lights, gates, etc.) Access control (ID cards, locks/keys, etc.) Intrusion alarms Video cameras Security officers Strike planning Site openings and closures Loss prevention Regulatory security expertise Food Supply Chain Workplace Methodology Globally monitor and assess security-related risks impacting General Mills physical assets. Proactively advise business partners of evolving risks and jointly develop effective mitigation strategies. Develop physical security standards, processes and procedures. Collaborate on the design and implementation of appropriate physical security infrastructure. US World HQ Plants R&D Regional Sales Offices Warehouse /Distribution International Regional HQ Warehouse / Distribution Haagen Dazs Cake Kitchens Haagen Dazs Shops (C.O.) Total Sites Employees Other Joint Ventures Suppliers Co-Packers Franchisees 1 36 2 6 19 7 35 3 38 ~ 10 524 ~ 681 ~ 40800 Scope/Clients (03/2016) Responsibilities: Facility Security Guidance relative to the protection of our People, Property, Product, Information & Brand provided, influenced by: *Facility type *Facility Criticality *Facility Location *Facility Size *Facility Employee Population *External Risk Factors Regulatory Secuity Expertise: *Expertise specific to security related controls necessary to meet the minimum requirements of stated regulation though physical security controls and/or operational procedures. Methodology: *Leveraging local management, intelligence resources, industry peers, benchmarking *As new or evolving risks are identified partner to develop & implement effective mitigation strategies *To guide and bring consistency in mitigation of risk and protection of our people, physical property and brands through development of SOP’s, equipment recommendations, etc. *Design site specific security requirements and infrastructure by working with partners, facilities and suppliers to ensure that security designs, infrastructure and controls are consistent and effective ,while mitigating risk and meeting the needs of the business

4 Which Assets Require Protection?
People Employees Visitors Customers Consumers Property Physical assets - Buildings, equipment, raw materials, finished goods, etc. Information - Physical and digital Systems Intellectual Property Brands Reputation Value preservation CONFIDENTIAL

5 Security Landscape

6 Security Challenge Often lack of consistency in:
Physical Security methodology, Risk assessment, Security guidance, Investment in security tools and equipment across facilities. Subsequently exposed to a variety of risks including but not limited to: Employee safety, Facility integrity, Vandalism. Intellectual Property theft, Product/Materials Theft, Regulatory penalties, Litigation by adversely affected consumers,

7 Recognizing a gap between:
Concept Recognizing a gap between: the ability to effectively assess risk at facilities and the ability to deploy appropriate, reliable and consistent physical and operational security measures to mitigate these risks; An on-going and consistent security strategy and methodology is needed.

8 Solution Using risk as the driver for identification and mitigation of security threats, creation of a Security Governance Model encompassing an on-going repeatable methodology that would include continuous: Assessment and evaluation of risk Development and communication of mitigation strategies, Development and communication of security guidance Education and awareness Surveys and assessment of security related controls at facilities Reporting and mitigation of identified security exposures

9 Physical Security Governance Model
Assess Risk Develop Mitigation Strategies Establish Guidance Inform and Educate Survey & Assess Compliance Report and Mitigate Security Governance

10 Security Operations Governance Model
Mechanisms for advising facility management and business unit leadership on assessed security vulnerabilities. Risk rankings which prioritize and focus efforts A broad, consistent and on-going methodology for evaluating and quantifying the risk. Assess Risk Develop Mitigation Strategies Establish Guidance Inform and Educate Survey & Assess Compliance Report and Mitigate Continual and effective program to understand, assess and document current facility conditions and risks to which they are exposed. Security Governance Specific physical and operational security methods which mitigate threats to our facilities based on risk rankings. Regular communication with leadership and facility management on developing risks and mitigation measures. Standard documented security guidelines and expectations for site management to build their security program

11 Where To Focus

12 Management Engagement
Education Buy in on Security Governance Model Direct input on Key risks Needed guidance Required security mitigation measures Assessment and reporting Capital spending

13 Management Involvement
Security and risk mitigation measures will be differentially prioritized and applied at locations deemed to be high risk or business critical as defined by a broad group of senior business and security management. This “list” will be reviewed and modified at least annually to reflect changes in risk and business priorities.

14 Management Support

15 Security Tools Development
Foundational elements which must be developed and implemented to support the success of this model include: A global security event/incident reporting system General facility profiles Consistent security survey tools based on facility type Risk based security assessment methodologies Clear and consistent security mitigation strategies Documented security guidelines An effective security compliance monitoring program

16 Physical Security Governance Model
Assess Risk Develop Mitigation Strategies Establish Guidance Inform and Educate Survey & Assess Compliance Report and Mitigate Security Governance

17 Success Development and implementation of this Physical Security Governance Model and supporting tools will provide an effective, reliable and continuous process for management of security risk.

18 Questions: Jeff Jeffery A. Olson Sr. Manager, Physical Security
Global Security ◦ General Mills, Inc. Office: ◦ Mobile: ◦ 1 General Mills Boulevard, Minneapolis, MN 55426  USA

19

20 Compliance Monitoring

21 Incident Reporting

22 Site Profile

23 Security Survey

24 Risk Assessment & Mitigation Matrix

25 Policies and Guidelines

Download ppt "Physical Security Governance Model"

Similar presentations

www.hsmsecurity.com HSM Security is... “HSM is an nationally recognized integrated security provider, committed to perform excellent service, national.

HSM Security is... “HSM is an nationally recognized integrated security provider, committed to perform excellent service, national.
October 2009. In May 2000, Walkerton’s drinking water system became contaminated with deadly bacteria, primarily Escherichia coli O157:H7.1 Seven people.

October In May 2000, Walkerton’s drinking water system became contaminated with deadly bacteria, primarily Escherichia coli O157:H7.1 Seven people.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Security Controls – What Works

Security Controls – What Works
Information Security Policies and Standards

Information Security Policies and Standards
Security Governance Technology Executive Club

Security Governance Technology Executive Club
Risk Assessment Frameworks

Risk Assessment Frameworks
CORPORATE RISK MANAGEMENT & INSURANCE BY R P BLAH D.G.M. INCHARGE THE ORIENTAL INSURANCE COMPANY LIMITED REGIONAL OFFICE BHUBANESWAR.

CORPORATE RISK MANAGEMENT & INSURANCE BY R P BLAH D.G.M. INCHARGE THE ORIENTAL INSURANCE COMPANY LIMITED REGIONAL OFFICE BHUBANESWAR.
1 MEASURING THE EFFECTIVENESS OF THE NATION’S FOODSERVICE AND RETAIL FOOD PROTECTION SYSTEM.

1 MEASURING THE EFFECTIVENESS OF THE NATION’S FOODSERVICE AND RETAIL FOOD PROTECTION SYSTEM.
Consultancy.

Consultancy.
K E M A, I N C. NERC Cyber Security Standards and August 14 th Blackout Implications OSI PI User Group April 20, 2004 Joe Weiss

K E M A, I N C. NERC Cyber Security Standards and August 14 th Blackout Implications OSI PI User Group April 20, 2004 Joe Weiss
Presenting The Broker-Dealer Certification Tool The Compliance Department Inc. Broker Dealer Compliance Consultants Compliance SCORE Powered by Keane BRMS.

Presenting The Broker-Dealer Certification Tool The Compliance Department Inc. Broker Dealer Compliance Consultants Compliance SCORE Powered by Keane BRMS.
Global Risk Management Solutions Risk Management and the Board of Director: Moving Beyond Concepts to Execution Anton VAN WYK Partner, Global Risk Management.

Global Risk Management Solutions Risk Management and the Board of Director: Moving Beyond Concepts to Execution Anton VAN WYK Partner, Global Risk Management.
Module 3 Develop the Plan Planning for Emergencies – For Small Business –

Module 3 Develop the Plan Planning for Emergencies – For Small Business –
Responsible CarE® Product Stewardship – Building Your Team David Sandidge Director, Responsible Care American Chemistry Council June 2010.

Responsible CarE® Product Stewardship – Building Your Team David Sandidge Director, Responsible Care American Chemistry Council June 2010.
BITS Proprietary and Confidential © BITS 2003. Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.

BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.
Protect critical information with a smart information-based-risk management strategy. Prepared by: Firas Mohamed Taher.

Protect critical information with a smart information-based-risk management strategy. Prepared by: Firas Mohamed Taher.
WEC10-031 The Integration of HSE into Supply Chain Business Relationships WEC International Environment Forum London, UK 21-22 October 2003 Tony Lloyd,

WEC The Integration of HSE into Supply Chain Business Relationships WEC International Environment Forum London, UK October 2003 Tony Lloyd,
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Chapter 8 8-1 © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Similar presentations

Ads by Google