Velocity Reviews

Velocity Reviews (http://www.velocityreviews.com/forums/index.php)
-   Computer Security (http://www.velocityreviews.com/forums/f38-computer-security.html)
-   -   REVIEW: "Effective Security Management", Charles A. Sennewald (http://www.velocityreviews.com/forums/t304777-review-effective-security-management-charles-a-sennewald.html)

Rob Slade, doting grandpa of Ryan and Trevor 12-16-2003 04:17 PM

REVIEW: "Effective Security Management", Charles A. Sennewald
 
BKEFSCMN.RVW 20031006

"Effective Security Management", Charles A. Sennewald, 2003,
0-7506-7454-7, U$49.95/C$72.50
%A Charles A. Sennewald
%C 225 Wildwood Street, Woburn, MA 01801
%D 2003
%G 0-7506-7454-7
%I Butterworth-Heinemann/CRC Press/Digital Press
%O U$49.95/C$72.50 800-366-BOOK fax 800-446-6520 www.bh.com/bh/
%O http://www.amazon.com/exec/obidos/AS...bsladesinterne
http://www.amazon.co.uk/exec/obidos/...bsladesinte-21
%O http://www.amazon.ca/exec/obidos/ASI...bsladesin03-20
%P 395 p.
%T "Effective Security Management"

The preface makes clear that the author's major background is in the
field of physical security. This is evident in places throughout the
rest of the book, but much of the material is more broadly applicable.

The introduction presents a wonderful statement about management, that
it is "the ability to create an environment in which other individuals
willingly participate to achieve objectives."

Part one deals with general security management. Chapter one outlines
some principles of organization, and provides an excellent overview of
the basics of management. The physical security background shows in,
for example, the assumption that demonstrating a "contribution to
profits" is relatively straightforward and easy to quantify. The
review questions at the end of the chapter are an adequate summary of
the material, but provide no more than a simple reading check.
Organizational structure, in chapter two, is based on the real world
rather than theory. Sennewald notes the difference between formal and
informal arrangements, as well as both the good and bad reasons that
the two exist. Security's role in the organization emphasizes
physical security, but chapter three also addresses non-traditional
functions such as training, internal consulting, and executive
protection. Chapters four, five, and six deal with the roles of,
respectively, the security director, supervisor (emphasizing the chain
of command), and employee (mostly stressing personal character and
integrity).

Part two addresses security personnel management. Chapter seven, on
hiring, is reasonable, but fails to provide useful guidance on
avoiding common pitfalls in reviewing resumes and interviewing
candidates. There is, for example, a heavy reliance on open-ended
questions, which often backfire on interviewers since the responses
tend to be so different that it makes the difficult task of judging
between people even harder. The creation of a job description, in
chapter eight, provides good pointers and a helpful outline. There
are more complaints about how training is done poorly than suggestions
about how to fix the problem in chapter nine. The material on
discipline, in chapter ten, is good but not great. In regard to the
motivation of employees, Sennewald presents the classic "Theory X and
Theory Y" model, but chapter eleven is more concerned with pointing
out the disadvantages of punishment and control (X) than with
suggesting how to support employees (Y). Chapter twelve, on
promotions, repeats many of the points of chapter seven. The vague
look at communications, in chapter thirteen, is not necessarily
helpful. The classic debate between employment of, or contracting
out, security personnel is presented in chapter fourteen.

Part three considers operational management. Budgeting, in chapter
fifteen, is a good start for those without a financial background, but
gets bogged down in specific forms. The basics of risk management
(albeit limited to physical security situations) is introduced in
chapter sixteen. Some expansion is given in chapter seventeen, but
the content is generally duplicated, and I wonder why the chapters
were split. Review and audit, renamed the security survey, is
important, but chapter eighteen seems to be a not-completely-recycled
magazine article. It seems odd to cover office administration, in
chapter nineteen, but many physical security officers may have limited
office background, so this might be quite useful. The discussion of
policy and procedures, in chapter twenty, primarily deals with
procedures. Chapter twenty one, on computers and security management,
is the longest in the book, but is only a computer literacy article
and addresses no specific security applications. Sennewald argues
that tatistics can be useful, but chapter twenty two does not provide
much direction in their manipulation.

Part four deals with public relations. A pedestrian selling job for
security is in chapter twenty three. The relationship with law
enforcement, in chapter twenty four, emphasizes what the police can
provide. Chapter twenty five promotes cooperation with those in the
same industry and the importance of trade groups, as well as community
service. This latter topic is expanded in twenty six. Chapter twenty
seven is a very recognizable list of thirty two "jackass traits" for
managers, pointing out all kinds of mistakes people can make. How to
improve your performance gets less space, and it is hard to know where
to draw the line between opposing problems, such as "the Despot" and
"The Popularity Kid."

Despite specific problems, this book provides some extremely valuable
advice for security managers of all kinds, not just the physical
security officers at whom it is aimed.

copyright Robert M. Slade, 2003 BKEFSCMN.RVW 20031006

--
======================
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@sun.soci.niu.edu
"If you do buy a computer, don't turn it on." - Richards' 2nd Law
============= for back issues:
[Base URL] site http://victoria.tc.ca/techrev/
or mirror http://sun.soci.niu.edu/~rslade/
CISSP refs: [Base URL]mnbksccd.htm
Security Dict.: [Base URL]secgloss.htm
Security Educ.: [Base URL]comseced.htm
Book reviews: [Base URL]mnbk.htm
[Base URL]review.htm
Partial/recent: http://groups.yahoo.com/group/techbooks/
Security Educ.: http://groups.yahoo.com/group/comseced/
Review mailing list: send mail to techbooks-subscribe@egroups.com



All times are GMT. The time now is 06:06 AM.

Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.