Certified Protection Professional (CPP) Certification Examination Review
This comprehensive review covers the Certified Protection Professional (CPP) Certification Examination focusing on security principles, business investigations, personnel security, physical security, information security, management, and crisis management. It includes topics such as background investigations, executive protection programs, and human threat protection in the workplace. Presented by Dennis Shepp in October 2017.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
E N D
Presentation Transcript
CERTIFIED PROTECTION PROFESSIONAL (CPP) Certification Examination Review Dennis Shepp, CPP October 2017
(DOMAINS) SUBJECTS CERTIFIED PROTECTION PROFESSIONAL (CPP) Certification Examination Review Security Principles Practices Security Principles & Practices DOMAIN 1 Security Principles & Practices (21%) Principles & DOMAIN 2 Business Principles & Practices (13%) Practices Business Investigations DOMAIN 3 Investigations (10%) Personnel Security DOMAIN 4 Personnel Security (12%) SecurityPhysical Security DOMAIN 5 Physical Security (25%) Information DOMAIN 6 Information Security (9%) Management DOMAIN 7 Crisis Management (10%) Crisis
CERTIFIED PROTECTION PROFESSIONAL (CPP) Certification Examination Review 4 4 DOMAIN 4 PERSONNEL SECURITY (12%) DOMAIN DOMAIN Dennis Shepp, CPP October 2017
CERTIFIED PROTECTION PROFESSIONAL (CPP) Certification Examination Review Task 04/01 Develop, implement, and manage background investigations for hiring, promotion, or retention of individuals Task 04/02 Develop, implement, manage, and evaluate policies, procedures, programs and methods to protect individuals in the workplace against human threats (for example, harassment, violence) Task 04/03 Develop, implement, and manage executive protection programs October 2017 Dennis Shepp, CPP
CERTIFIED PROTECTION PROFESSIONAL (CPP) Certification Examination Review Certification Examination Review CERTIFIED PROTECTION PROFESSIONAL (CPP) Task 04/01 Develop, implement, and manage background investigations for hiring, promotion, or retention of individuals October 2017 Dennis Shepp, CPP
CERTIFIED PROTECTION PROFESSIONAL (CPP) Certification Examination Review Knowledge of: 04/01/01 Background investigations and personnel screening techniques 04/01/02 Quality and types of information sources 04/01/03 Screening policies and guidelines 04/01/04 Laws and regulations pertaining to personnel screening October 2017 Dennis Shepp, CPP
Task 4.1.1 Develop, implement, and manage background investigations for hiring, promotion, or retention of individuals explaining background investigations and personnel screening techniques. Chapter 4.5 DATA COLLECTION POA: Investigations, (Kindle Locations 19075-19076) initially focuses on information provided by the applicant. Typically found in the employment application, personal history questionnaire, r sum , and other biographical documents. No single tool should be used to screen applicant. Detailed application process Application review examine red flags (4.6.1) Applicant interviews (initial reviews supplied data in application &resume)
At final selection stage: o Screening: Drug Psychological 4.8 INVESTIGATION PROCEDURES, POA: Investigations (Kindle Locations 19231-19233) Most common resources: security or assets protection department - human resources department - outside consumer reporting and investigative agency. 4.8.4 DATA ANALYSIS, POA: Investigations Adverse information verified investigated REVIEW ASIS Pre-employment & Background Screening Guideline (ASIS GDL PBS-2009)
Task 4.1.2 Develop, implement, and manage background investigations for hiring, promotion, or retention of individuals explaining the quality and types of information sources. 3.5 INFORMATION SOURCES, POA: Investigations, (Kindle Locations 18469-18474). Primary sources: o Interviews with individuals o Direct observations of people, places, or events Secondary sources include these: o Government-maintained public records o Commercial record sources o Annual reports and other company records. o News and other media sources
CHAPTER 9 APPLICANT SCREENING PROCESS Pre- employment Screening Guideline (ASIS)
Task 4.1.4 Develop, implement, and manage background investigations for hiring, promotion, or retention of individuals explaining the laws and regulations pertaining to personnel screening. 4.4.5 SEVEN EASY STEPS TO A COMPREHENSIVE PRE- EMPLOYMENT SCREENING POLICY, POA: Investigation page 165 4.4.3 LIABILITY ISSUES, POA: Investigations o Protect organization from issues relating to vicarious liability 4.4.4 INDUSTRY REGULATIONS POA: Investigations Generally, the higher the level of responsibility, the more involved the screening should be. Consider the ramifications of incomplete or incompetent performance of particular jobs.
Laws vary, but accidents and injuries that result from employee error or incompetence often become the employer s responsibility. Related lawsuits and settlements cost a substantial amount of money and may actually put a company out of business. POA Investigation 4.4.5 Page 165 4.4.4 INDUSTRY REGULATIONS Proper data collection Effective background screening and investigation Data analysis and sound hiring practices Requires corporate policy and ethical compliance outlined to guide IU
USA laws and regulations do not impact foreign investigations outside of USA/Canada/UK HOWEVER policies & procedures for investigations should follow ethical standards which meet western legal requirements. Corporate legal counsel should be consulted
Task 4.1.3 Develop, implement, and manage background investigations for hiring, promotion, or retention of individuals explaining the screening policies and guidelines. 4.4.5 SEVEN EASY STEPS TO A COMPREHENSIVE PREEMPLOYMENT SCREENING POLICY, POA: Investigation (Kindle Location 19032). pge 165 Seven steps for pre-employment screening o Create clearly written, well-defined job descriptions for all positions. o Assess the risk of each job classification in terms of reasonable (or foreseeable) potential for problems o Based on the preceding risk assessment, determine the scope of preemployment screening for each job classification.
o Work with human resources and legal personnel to develop an appropriate hiring packet. o Establish criteria for evaluating information. o Communicate the policy o Periodically review POA; LEGAL ISSUES CHAPTER 4.4 ADMINISTRATIVE LAW, (Kindle Locations 11400-11406). In some parts of the world, databases containing criminal records are not digitized, are not centralized, or are nonexistent. Fraudulent criminal records, employment history, credentialing, and education complicates. Privacy laws may tightly control the dissemination and use of records.
The security practitioner should work closely with human resources personnel to understand what data is available, how reliable it may be, and how it can be employed in the hiring process.
CERTIFIED PROTECTION PROFESSIONAL (CPP) Certification Examination Review Task 04/02 Develop, implement, manage, and evaluate policies, procedures, programs and methods to protect individuals in the workplace against human threats (for example, harassment, violence) October 2017 Dennis Shepp, CPP
CERTIFIED PROTECTION PROFESSIONAL (CPP) Certification Examination Review Knowledge of: 04/02/01 Protection techniques and methods 04/02/02 Threat assessment 04/02/03 Prevention, intervention and response tactics 04/02/04 Educational and awareness program design and implementation 04/02/05 Travel security program 04/02/06 Laws, government, and labor regulations regarding organizational efforts to reduce employee substance abuse October 2017 Dennis Shepp, CPP
Task 4.2.1 Develop, implement, manage, and evaluate policies, procedures, programs and methods to protect individuals in the workplace against human threats (for example, harassment, violence) explainingprotection techniques and methods ASIS/SHRM WVPI.1-2011 Workplace Violence Standard, page 11-15 The ASIS General Security Risk Assessment Guideline, describes the risk assessment process. Evaluate current policy & procedures (PDCA Cycle) Evaluate existing physical security (PDCA Cycle) Pre-employment screening Needs assessment threat assessment Prevention is key - Policy and procedures (harassment & workplace violence) as outlined in ANSI/ASIS OSM.1-2017 (9.5.3 OHS) page 32
Establish policy & procedures (recognition, reporting, action) Employee awareness programs Appropriate physical security Contract SME s.
Task 4.2.2 Develop, implement, manage, and evaluate policies, procedures, programs and methods to protect individuals in the workplace against human threats (for example, harassment, violence) explaining threat assessments. ASIS/SHRM WPVI.1-2011 Workplace Violence Standard page 29 Early actions by the threat management team consult with an internal or external threat assessment professional for comprehensive assessment of violence risk mitigates to manage the risks. Engage internal or external threat assessment professional to address and mitigate issues. Conduct a Violence Risk Assessment refer to methodology in ASIS General Risk Assessment Guideline (next slide)
Task 4.2.3 Develop, implement, manage, and evaluate policies, procedures, programs and methods to protect individuals in the workplace against human threats (for example, harassment, violence) explaining prevention, intervention and response tactics. ASIS/SHRM WPVI.1-2011 Workplace Violence Standard, 6.2.8 page 19-20 (Prevention strategies) Physical security measures Effective employment screening measures. Policies and procedures Conflict resolution and mediation process Awareness program ANSI/ASIS ORM.1-2017 CHAPTER 8 THREAT RESPONSE & INCIDENT MANAGEMENT; (A.9.1.2. and 9.5.3.) Policies & procedures with guidelines to identify & address workplace harassment and violence. (OHS requirement)
Contained in an organizations Code of Conduct to establish organizational norms 8.2 ENCOURAGING THE REPORTING OF PROBLEMATIC BEHAVIOR Awareness programs explaining warning signs and encouraging reporting 8.3 INCIDENT MANAGEMENT PROCESS Outlines the response tactics Review Figure 1: Overview of the Incident Management Process in Non-Emergency Situations.
Task 4.2.4 Develop, implement, manage, and evaluate policies, procedures, programs and methods to protect individuals in the workplace against human threats (for example, harassment, violence) explainingthe educational and awareness program design and implementation. 5.5 GENDER DISCRIMINATION AND SEXUAL HARASSMENT, POA: Legal Issues (Kindle Location 12076). US LAWS QUOTED ETHICS & BEST PRACTICE DICTATE THE PRINICPLES ARE INTERNATIONAL GUIDELINES Employers need to be aware of the risks associated with gender bias in the workplace appropriate measures to remove it. Establishing policies that treat men and women as equally as possible is the first step in a solution.
5.4 THE SECURITY ROLE IN EQUAL EMPLOYMENT OPPORTUNITY AND AFFIRMATIVE ACTION, POA: Legal Issues, (Kindle Locations 12035-12036). Strong commitment to the equal employment opportunity/ affirmative action program = recognizing the importance of reducing financial risk to the company. POA Security Management & ASIS Workplace Violence Standard, 2011 US LAWS QUOTED ETHICS & BEST PRACTICE DICTATE THE PRINICPLES ARE INTERNATIONAL GUIDELINES Employee awareness programs lie at the heart of a successful program to ensure adequate prevention and management Must have senior management support
Task 4.2.6 Develop, implement, manage, and evaluate policies, procedures, programs and methods to protect individuals in the workplace against human threats (for example, harassment, violence) explaining the laws, government, and labor regulations regarding organizational efforts to reduce employee substance abuse. LAWS CONCERNING SUBSTANCE ABUSE VARY INTERNATIONALLY FOCUS ON LIABILITY ISSUES WHICH ARE A BEST PRACTICE & GLOBAL POA: Security Management; Chapter 11.5 Liability - substance abusers are more likely to have accidents and get injured. Vicarious liability employee agent of employer. 11.8.1 Drug-free workplace policy POA: Legal Issues, 11.8.1. Criminal laws governing the use of abused substances.
Recent high-profile cases have brought more attention to business ethics. The reason may be that the unethical behavior has caused widespread harm. One ill effect is the vicarious liability employers bear for the negligent action of employees. Another is the damage that such cases can cause to corporate reputations and to the image of business in general. 9.5.4 ANSI/ASIS ORM.1-2017 Incident Monitoring, Reporting and Investigations policies and procedures for Substance Abuse Testing
Task 4.2.5 Develop, implement, manage, and evaluate policies, procedures, programs and methods to protect individuals in the workplace against human threats (for example, harassment, violence) explaining travel security programs. 4.2.2 ASSETS PROTECTION IN VARIOUS SETTINGS, POA: Security Management Corporate safeguards: Domestic and international travel security. 4.3.2 GLOBALIZATION IN BUSINESS, POA: Security Management Globalization makes it necessary for assets protection managers to consider a wider variety of customs, cultures, laws, business practices, economic factors, language issues, workforce characteristics, and travel requirements.
POA, Security Mgmt, pge; 267; Information Security pges 18, 35) Travel for local and broader - employee and executive Local policies and awareness for driving Broader Travel research (customs, register with embassy, assessments by security, travel low profile, provide advice on how to react to incidents, who to call, register travel details with security, Health history, subscribe to travel services etc.)
CERTIFIED PROTECTION PROFESSIONAL (CPP) Certification Examination Review Task 04/03 Develop, implement, and manage executive protection programs October 2017 Dennis Shepp, CPP
CERTIFIED PROTECTION PROFESSIONAL (CPP) Certification Examination Review Knowledge of: 04/03/01 Executive protection techniques and methods 04/03/02 Risk analysis 04/03/03 Liaison and resource management techniques 04/03/04 Selection, costs, and effectiveness of proprietary and contract executive protection personnel October 2017 Dennis Shepp, CPP
Task 4.3.1 Develop, implement, and manage executive protection programs, explaining executive protection techniques and methods. 9.3 BASICS OF EXECUTIVE PROTECTION POA: Security Management; Best approach is to establish a crisis management team during the preplanning stage. The person who performs the in-person, up-close service who walks, rides, and flies with the executive is usually called the EP specialist.
Six principles guide EP: o Prevent and avoid danger. o Realize that anyone can protect anyone. o Don t stop to think. o Keep clients out of trouble. o Understand the security vs. convenience continuum. o Rely on brains, not technology. Collecting information the advance assessment (good advance reduces exposure by smoothing logistics) The choreography (maneuvering) used by the EP specialist to physically move about with the subject is called working the principal. Avoid the threat not confront it.
Integrate people, equipment and PPS systems Starts with employee selection & screening key for EPS Never leave the building with Principal without conducting a risk assessment
Task 4.3.2 Develop, implement, and manage executive protection programs, describing the risk analysis. 9.6 BASICS OF EXECUTIVE PROTECTION POA: Security Management; Conducting an EP risk assessment, the specialist must consider two factors. o The threats that the executive faces must be analyzed based on multiple considerations such as the executive s position with the employer, access to and level of exposure among potential adversaries, access to wealth or other lifestyle attributes, publicity, and travel practices. o The specialist must assess the likelihood that threats could be carried out successfully
Task 4.3.3 Develop, implement, and manage executive protection programs, describing the liaison and resource management techniques. 9.11 PROTECTION RESOURCES POA: Security Management Police resources Public and subscribed news services Networking with professional contacts A key phrase to remember in executive protection is use your resources.
Task 4.3.4 Develop, implement, and manage executive protection programs, describing the selection, costs, and effectiveness of proprietary and contract executive protection personnel. POA: SECURITY OFFICER OPERATIONS; CHAPTER 1 UNDERSTANDING SECURITY OFFICER OPERATIONS (Page 19) Contract security costs can be lower detailed specifications and competency expectations should be detailed and enforced Issues dependability of EP specialists (turnover) If contracted does control over quality get compromised? Analyze the cost between in-house and contract which is better?
Consider: o Liability issues o Workers Compensation o Labor relations EP is VERY expertise specific competencies may NEED to be contracted.
CERTIFIED PROTECTION PROFESSIONAL (CPP) Certification Examination Review Certification Examination Review CERTIFIED PROTECTION PROFESSIONAL (CPP) PRACTICE EXAM QUESTIONS October 2017 Dennis Shepp, CPP
A general statement of the way an organization implements a policy, BEST describes which of the following? a. A policy b. A procedure c. A practice d. A standard
A general statement of the way an organization implements a policy, BEST describes which of the following? a. A policy b. A procedure c. A practice d. A standard ASIS GDL PBS-2009, Pre-employment and Background Screening Guideline, page 9
Which of the following BEST describes the personnel who are often described as the first line of defense in the selection of quality and risk-free applicants for the organization? a. Background Investigator b. HR personnel c. Security Manager d. Contracted Recruiter
Which of the following BEST describes the personnel who are often described as the first line of defense in the selection of quality and risk-free applicants for the organization? a. Background Investigators b. HR personnel c. Security Manager d. Contracted Recruiter ASIS GDL PBS-2009, Pre-employment and Background Screening Guideline, page 10
The Sarbanes-Oxley Act of 2002, requires, which of the following:. a. Prohibits discrimination in employment on the basis of bankruptcy history. b. Recommends publicly traded companies conduct background checks on certain positions of trust. c. Prohibits the use of the polygraph for preemployment screening of employees. d. Recommends the use of credit checks for preemployment screening of employees.
The Sarbanes-Oxley Act of 2002, requires, which of the following:. a. Prohibits discrimination in employment on the basis of bankruptcy history. b. Recommends publicly traded companies conduct background checks on certain positions of trust. c. Prohibits the use of the polygraph for preemployment screening of employees. d. Recommends the use of credit checks for preemployment screening of employees. ASIS GDL PBS-2009, Preemployment and Background Screening Guideline, page 15
When using a third-party to conduct preemployment background investigations, which of the following statements is correct? a. The third party s judgment of the background investigation results should be considered final. b. The accountability for the final evaluation of the background investigation remains with the employer. c. Person s with any form of criminal history should never be recommended for hiring. d. The age of any adverse information and the age of the applicant at the time of the adverse incident is not relevant.
When using a third-party to conduct preemployment background investigations, which of the following statements is correct? a. The third party s judgment of the background investigation results should be considered final. b. The accountability for the final evaluation of the background investigation remains with the employer. c. Person s with any form of criminal history should never be recommended for hiring. d. The age of any adverse information and the age of the applicant at the time of the adverse incident is not relevant. ASIS GDL PBS-2009, Preemployment and Background Screening Guideline, page 42
When establishing internal and external complaint and grievance procedures, which of the following procedures should to be included? a. Identification of the root causes b. Levels of the organization excluded from the procedures. c. Details on the required experience and training of the investigators. d. Identification of the penalties for breach of policy.