1 / 47

FY02 ASA Presentation PROVIDE CRIME PREVENTION AND ACCESS CONTROL SERVICES

FY02 ASA Presentation PROVIDE CRIME PREVENTION AND ACCESS CONTROL SERVICES. Presented by: Harold Dawkins List Presenters Office of Research Services National Institutes of Health 18 November 2002. Main Presentation ASA Template ……………………………….……………………………….4

roseboyd
Télécharger la présentation

FY02 ASA Presentation PROVIDE CRIME PREVENTION AND ACCESS CONTROL SERVICES

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. FY02 ASA Presentation PROVIDE CRIME PREVENTION AND ACCESS CONTROL SERVICES Presented by: Harold Dawkins List Presenters Office of Research Services National Institutes of Health 18 November 2002

  2. Main Presentation ASA Template ……………………………….……………………………….4 Customer Perspective……………………….……………………………….5 Customer Segmentation …………………….…………………………………6-8 Customer Satisfaction……………………….…………………………………….9 Internal Business Process Perspective……………………………………10 Service Group Block Diagram…………………………………………………..,11 Conclusions from Discrete Services Deployment Flowcharts……………12-13 Process Measures…………………………………………………………….14-15 Learning and Growth Perspective………………………………………….16 Conclusions from Turnover, Sick Leave, Awards, EEO/ER/ADR Data……..17 Analysis of Readiness Conclusions…………………………………………….18 Conclusions and Recommendations………………………………………19 Conclusions from FY02 ASA..………………………………………………… 20 Recommendations……………………………………………………………21-22

  3. Table of Contents Appendices Page 2 of your ASA Template Customer segments graphs Process measures graphs Process maps Learning and Growth graphs Analysis of Readiness Information Asset utilization graphs

  4. Customer Perspective

  5. Customer Segmentation I • DS1 and DS 2: Building Entry Systems. Our customers are everyone in the NIH community who depend on access control systems. We are currently converting to the Andover system, which is a proximity card reader system that is more sophisticated, and provides more security than the previous system used. As of now: • We have converted 98% of cardkey readers on perimeter doors to the Andover system. • 80% of campus interior and animal doors completed. • Leased space perimeter conversion is being phased in. • DS 3: Locksmith services. The distribution of trouble calls and installations for the locksmith does not show an 80-20 effect . ORS has submitted as many work requests/orders for locksmith service as the Clinical Center. The remainder of the Locksmith’s work is equally distributed amongst the Institutes with the exception of NCI.

  6. Customer Segmentation II • DS 4: ID Badges. ID system statistics give us accurate insight into the makeup of the NIH population. 43% of the badges issued under the new ID system have been issued to non-FTE employees. Contractors make up about 22% of the total. (See chart on page 8). • DS 5: Consult on crime prevention: ORS, NIAMS and NIDCR were our biggest customers for crime prevention consultation, presentations, and follow-ups on reports of theft. • DS 6: Community Policing. Since 9/11, community policing has been on hold because we are lacking a sufficient number of officers to provide both heightened security and community policing services. • DS 7: Provide security for special events. Our primary customers are everyone who plans and stages special events. • All approved events are channeled through us for security analysis. • About 80% of all special events involve 50 or more attendees.

  7. Customer Segmentation DS4: Issue and Manage ID cards

  8. Customer Satisfaction • We did not survey customers this year • However, in 2003 we plan to survey as follows: • DS-1 and DS-2: A/Os who interface with building entry systems • DS-3: • A/Os who request installations, and/or modifications • DES project officers who request advice, and /or consultation • Individuals requiring service on an emergency basis • DS-4: A/Os and delegates who interact with ID Card system • DS-5: A/Os, facility managers, Project Officers • DS-6: Facility managers • DS-7: Event coordinators

  9. Internal Business Process Perspective

  10. Service Group Block Diagram“A COMBINED EFFORT’ • All of the activities fit together in a proactive approach to prevent crime. • The effectiveness of each discrete service is dependent upon each other.

  11. Conclusions from Discrete Services Deployment Flowcharts • Our Service Group completed 7 deployment flowcharts for 7 discrete services • DS 1: Develop a centralized point for receiving work orders/requests for additions to the access control system. As reflected in the flow chart there is a prolonged process in receiving and processing requests. A centralized point for receiving and processing would expedite this service. • DS 3: The efficiency of the locksmith service can be improved by establishing a means to transfer information onto a “Computerized Signature Card.” This improvement will serve to enhance the overall process. • DS 4: In the current process for issuing employees IDs, an employee decides whether the individual is an employee or a contractor and issues the appropriate ID. However, the system already “knows” whether the individual is an employee or a contractor. We are modifying the system so that it automatically assigns the proper ID for the individual. This should save time and improve accuracy.

  12. Conclusions from Discrete Services Deployment Flowcharts DS 5: The prevention process depends on the active participation, involvement,and communication of all components involved. This contributes the overall prevention of security breaches, and an effective recommendation and implementation process. DS 7: The security of the events process relies on open communication/participation of all parties involved to comply with security requirements in order to ensure the success of this process.

  13. Process Measures: DS1: System malfunctions before/after installation of new equipment. • DS3: Total number of requests for emergency service. • DS5: Crime rates before/after crime watch presentation. • DS7: Total time invested on the coordination of special events process.

  14. Findings from process measures data: • DS1: Data on system malfunctions do not discriminate between system problems and mechanical problems, therefore there is no data to support process measures for system malfunctions before/after installation of new equipment. • DS3: All emergency calls are stable at approximately 100 per month. However, because the total workload for the locksmiths has increased significantly while staff has decreased. We know that non-emergency response time is increasing. We expect to document this in 2003. • DS5: To determine the effect of our presentations, consultations etc., we need to measure crime rates before and after we work with the IC “clients.” Because heightened security after 9/11 reduced the incidence of crime at NIH dramatically, we will use FY 2002 as a baseline year and measure “before and after” crime rates beginning with 2003. • DS7: In providing security for special events, only 21% of our time is spent in actually attending the events. The other 79% is spent in planning and coordination.. We’ve included in the Appendix a detailed description of some of these steps for a particular event.

  15. Learning and Growth Perspective

  16. Conclusions from Turnover, Sick Leave, Awards, EEO/ER/ADR Data • Our data does not reflect any significant issues.

  17. Analysis of Readiness Conclusions • To maintain a tactical and technical edge on those who mean NIH harm, we will need to keep up with rapidly changing security, loss prevention and crime prevention techniques, and we will need continually to invest in new equipment and systems as technology evolves. • Because of growth in the locksmith workload, we will need at least 2 additional FTEs by 2003. We will also need an additional FTE in Facility Access Control. Also 2 additional FTEs in the crime prevention unit due to the expected increase in responsibilities involving the addition of the CC, construction of a bio-defense facility, expanded security oversight of the Fort Detrick site, and other out of state NIH facilities. • Enhancement of computer software with data management capabilities in order to provide a more efficient means of documenting relevant statistical data.

  18. Conclusions and Recommendations

  19. Conclusions from FY02 ASA While our service group encompasses several separate organizational units, we do make up a meaningful service group. We provide a combination of service that requires us to work together and depend on one another to help protect the NIH community. There is no centralized point for receipt of work orders/requests for additions to the access control system. We are understaffed in the locksmith’s branch for the amount of required work/requests.

  20. Recommendations -I • Because of security control limitations at multi-tenant facilities (see process map 1a), we recommend that NIH re-evaluate future multi-tenant leases wherever possible to ensure additional security control flexibility. • Develop security requirements to include/enhance all on and off campus building perimeter access points. • Create additional reporting capabilities for the Andover System that are more user friendly, and simplify system malfunctions, employee errors, security breaches, etc., • Improve the operation of the interface between the NIH Enterprise Directory (NED) and the Andover Continuum access control system to prevent problems that occur when downloading employee badge information. • In year 2003, the locksmith branch should have the capability of tracking response time for non-emergency calls..

  21. Recommendations - II • Primarily, because of the security mandates following the events of 9/11, the NIH community should be educated regarding the special events process from approval/request for service to providing security for service. • Non FTEs need security clearances prior to the issuance of an identification card due to the implementation of the current Andover proximity card reader system. • Because of the current chaos in access control policies and procedures (see Process Map 1a) we recommend the creation of an “Access Control Unit” responsible for developing and implementing access control policies and procedures.

  22. Appendices

  23. Appendices • Include the following: • Page 2 of your ASA Template • Customer segments graphs • Customer satisfaction graphs • Block diagram • Process maps • Process measure graphs • Learning and Growth graphs • Analysis of Readiness Information • Unit cost graphs • Asset utilization graphs • Any unique measures graphs

  24. FDA Off Campus 19 65 Animal 68 Interior 72 Card Reader 412 Customer SegmentationDS1: Install & Maintain Building Entry and Security Systems Completed Conversions from Cardkey to Andover • Converted 98% of cardkey readers • on Perimeter doors. • Lease space perimeter conversion • is being phased in. • Campus interior and animal doors • are 80% complete.

  25. Customer SegmentationDS3: Provide Locksmith Services.

  26. Customer Segmentation

  27. Customer Segmentation

  28. Customer Segmentation DS7: Coordinate and Provide Security for Events

  29. Process Measure Graphs

  30. Process Measure GraphsDS3: Provide Locksmith Services *Jan to Sept.

  31. Process Measure GraphsDS3: Provide Locksmith Services

  32. Process Measures GraphsDS3: Provide Locksmith Services

  33. DS7: Coordinate and Provide Security for Events • Ratio of 4 to1 for time spent planning events compared to time spent at events. n • 1914 Total hours spent on Events. • 1518 Hours spent for planning & coordinating (79%). • 396 Hours spent attending events (21%)

  34. FINDINGS FROM PROCESS MEASURES DATA FROM DS7: • PLANNING AND COORDINATING SECURITY FOR SPECIAL EVENTS ON THE NIH CAMPUS: • Meet with event sponsors and establish a liaison • Inform Police Managers of the event • Establish personnel requirements and any other additional needs of the department • Arrange for cost reimbursement from institutes • Obtain a list of attendees/participants • Develop a Security Plan • Contact the building events management staff where the event is being held

  35. If dignitaries are attending, contact and coordinate with their protection details • Notify the fire department and fire prevention personnel • Make arrangements to ensure all vehicles coming onto campus are inspected • Make parking arrangements for all vehicles associated with the event. • Provide sufficient area for the news media • Ensure that there is sufficient signage on campus so that employees are aware of any road closures, detours, etc., due to the event. • Some events require in-depth planning. Such an event was the two day Menopausal Hormone Therapy Conference that occurred during the month of October 2002. In addition to Secretary Tommy Thompson, there were 15 dignitaries, 50 speakers, and one thousand attendees expected. We worked closely with the building 45 events coordinator and management staff. Arrangements for various media staff were made. We also made special arrangements for special guests and handicapped personnel. FINDINGS FROM PROCESS MEASURES DATA FROM DS7:

  36. FINDINGS FROM PROCESS MEASURES DATA FROM DS7: Since the Secretary was attending, we coordinated with his protection detail to ensure his safety. In addition, we put additional security measures in place to ensure the safety of all visiting persons. We had a contingency plan for any emergency that may arise. The K-9 explosive team was deployed to the Natcher Building to conduct a security sweep prior to the start of the event. Once the building was swept, it was secured by designated security personnel. Police officers were assigned various posts within the building. Some officers were roving, and others were posted outside the building. All vehicles entering the campus were inspected, including the non-NIH buses transporting persons to the event. No vehicle were allowed on campus without being inspected. K-9 officers searched the vehicles of special guests that were cleared to parked directly in front of the Nathcer Building. Due to the overall sensitivity of the event, there were concerns for any attempts to disrupt the conference. The Intelligence Branch of the NIH Police Department conducted a briefing in order to dispense all relevant information available regarding disruptive groups.

  37. Process Maps

  38. DS 1a: Install Building Entry and Security Systems Date: 11/4/02 Participants: ASA Team Customers Automated Systems ISR DES/Work DES/Facility DCAB Team 5 (A/Os, DES. DPS) Unit (Contractor) Acceptance Access Control Identify need for access limitation Receive request Receive request Multi-tenant leased building? Receive request or Receive request or work order Yes work order Assign work order, or forward to Assign work order Facility Access Perimeter Control access issue? Security issue? No Yes Yes Cannot install No Priority job No (customer- Send installation defined)? request to DES/ Replace existing/ Facility Access add new card keys Control, DES Work Yes Acceptance Unit, ASU, or contractor. Conduct quality Easy and quick review install? Yes Replace existing/ Repair/redo No OK? add new card keys Yes End

  39. DS1b. Maintain Building Entry and Security Systems Date: 11/4/02 Participants: ASA Team Automated ISR System Police 911 General Campus Systems Unit (Contractor) Initiate trouble call Initiate trouble call Generates trouble Handle any police issue message Respond Analyze problem Is it warranty issue? Yes No Hardware? No Yes Repair Repair

  40. Modify electronic record DS 2 : Operate and Maintain Building Entry and Security Systems Date: 11/4/02 Participants: ASA Team Facility Access IC A/O Police Control Determines need for access Is information on the individual No Inputs information in NED System? Yes Does individual to DS No Check NCIC have ID Card? 4 From DS 4 Yes OK? No Deny request Is individual an Request NCIC No employee? check Yes Yes Send e-mail to Send e-mail requestor and requestfor access to Facility Access Facility Access Control to grant Control request record Notify requestor by e-mail

More Related