Optimize Your Security Program with an Intelligence Collection Plan (ICP)

With the U.S. economy firing on all cylinders at 3.5 percent growth in the third quarter, corporate profits over the past year have zoomed at a 10.3 percent pace — the fastest increase in six years. Of course, companies are focused on maintaining the pace, and it is a good reason for savvy leaders to think about protecting their key assets from exposure to ever-evolving internal and external security risks.

Five Steps to Building and Maintaining an ICP

Step 1: Identify the key risks to your organization that could severely impact its ability to operate. These risks are your Priority Intelligence Requirements (PIRs).

Step 2: Make sure your PIRs are aligned with organizational strategy and objectives. This requires security and intelligence leaders to take a cross-functional approach for buy-in.

Step 3: Create a list of Essential Elements of Information (EEI), specific issues that fall under PIRs.

Step 4: Develop or outsource a data analytic platform that allows you to tag each EEI under each PIR for benchmarking and analysis.

Step 5: Review periodically for trending and intelligence gap analysis, preferably annually for reconsiderations of revamping the existing ICP based on changed organizational and security objectives.

While security leaders have the ability to leverage a multitude of robust integrated security solutions that are readily available on the market, some leaders often neglect intelligence collection planning as one of the simplest and most cost-efficient solutions to helping their organizations mitigate risk.

Commonly used in military, law enforcement and intelligence agency arenas, Intelligence Collection Plans (ICPs) require decision makers to task their teams with prioritizing and collecting a wide array of pertinent information within a specific time frame that is continuously updated and evaluated. In a law enforcement setting, for example, a leader who wants to know how illicit narcotics impacts violence in the United States may develop a collection plan that identifies how they are smuggled, types of conveyances and routes and communications methods that are used. Corporate security executives can mirror this methodology to not only identify and monitor the potential threat of workplace violence or business espionage in their facilities, but also establish necessary responses to mitigate these threats.

ICP Advantages

ICPs give a strategic advantage by identifying emerging trends and threats that uniquely impact an organization. Every organization faces a unique set of challenges, depending on the industry and global markets in which they operate. Consequently, security leaders must differentiate among a customized set of intelligence requirements to help identify emerging risks to their company. The Chief Security Officer for a global pharmaceutical company who has experienced a rash of legal actions due to counterfeit drugs resold in illicit markets requires an ICP with collection requirements centered on anti-counterfeiting intelligence, including trademark infringement, theft and illicit resale.

ICPs can also be used as a tool to set benchmarks in three core areas of a security mission against organization objectives: Facilities and Locations, and Specific Risks and Threats that need to be mitigated.

Set Priority Intelligence Requirements

The effectiveness of developing an ICP requires security managers to quantify how they are performing vs. organizational strategic objectives. To accomplish this task, however, security programs must set Priority Intelligence Requirements (PIRs) that are aligned with their most critical assets and the impacts on those assets from potential significant events.

The security manager is now able to tag essential information to the intelligence requirement and over time establish clear trends that will be important in helping to make future decisions.

Once PIRs are established under the ICP, managers can assign benchmarks aligned with organizational objectives against their facilities. They must also use what are called Essential Elements of Information (EEIs), key information that security operators can capture to determine the core issues within their operation. Working through this process provides security managers with a roadmap on specific threats to be mitigated.

A global technology company based in a hurricane-prone location (see graphic) will build an ICP focused on hazardous weather to protect their data centers by assigning the EEIs to the PIR.

When security managers and analysts have completed an ICP to identify new trends and set new benchmarks, they should step back and determine intelligence gaps based on the data collected in the ICP. An ICP is perfect for illuminating security program needs, but when security analysts and operators have not collected sufficient information within the PIR it doesn’t mean that there was a mishap. It simply means that there is a key requirement in the ICP that needs further exploration. In these cases, additional resources should be dedicated to fill these gaps, which in turn will strengthen the security program and provide security operators with enough intelligence to understand how to efficiently respond to an event.

The survival of future security programs requires leaders to remain agile and flexible to a dynamic security environment marked by a growing symbiotic relationship between the physical, cyber and electronic spaces. This will further complicate the security environment, so security leaders should be open to new and innovative methodologies that provide value and efficiency. ICPs won’t solve all security challenges, but they are an excellent tool in helping security professionals build and execute robust security strategies within the framework of organizational objectives. Additionally, security programs become more robust from trending and gap analysis of key facets of the ICP across the organization.

Join us for an insightful webinar where we delve deep into the ever-evolving landscape of video surveillance. As the demand for robust security solutions continues to surge, staying ahead of the curve is imperative.

PSA Security Network is one of the nation’s leading sources for education, training, and industry networking events. With multiple settings and events throughout the year to meet and exchange industry knowledge, there is something for everyone.