FY02 ASA Presentation PROVIDE CRIME PREVENTION AND ACCESS CONTROL SERVICES

1
FY02 ASA Presentation PROVIDE CRIME PREVENTION
AND ACCESS CONTROL SERVICES

• Presented by Harold Dawkins
• List Presenters
• Office of Research Services
• National Institutes of Health
• 18 November 2002

2

• Main Presentation
• ASA Template ..4
• Customer Perspective..5
• Customer Segmentation .6-8
• Customer Satisfaction..9
• Internal Business Process Perspective
  10
• Service Group Block Diagram..,1
  1
• Conclusions from Discrete Services Deployment
  Flowcharts12-13
• Process Measures.14-15
• Learning and Growth Perspective.16
  
• Conclusions from Turnover, Sick Leave, Awards,
  EEO/ER/ADR Data..17
• Analysis of Readiness Conclusions
  .18
• Conclusions and Recommendations19
• Conclusions from FY02 ASA..
  20
• Recommendations21-22

3
Table of Contents

• Appendices
• Page 2 of your ASA Template
• Customer segments graphs
• Process measures graphs
• Process maps
• Learning and Growth graphs
• Analysis of Readiness Information
• Asset utilization graphs

4
(No Transcript)
5
Customer Perspective
6
Customer Segmentation I

• DS1 and DS 2 Building Entry Systems. Our
  customers are everyone in the NIH community who
  depend on access control systems. We are
  currently converting to the Andover system, which
  is a proximity card reader system that is more
  sophisticated, and provides more security than
  the previous system used. As of now
• We have converted 98 of cardkey readers on
  perimeter doors to the Andover system.
• 80 of campus interior and animal doors
  completed.
• Leased space perimeter conversion is being phased
  in.
• DS 3 Locksmith services. The distribution of
  trouble calls and installations for the locksmith
  does not show an 80-20 effect . ORS has submitted
  as many work requests/orders for locksmith
  service as the Clinical Center. The remainder of
  the Locksmiths work is equally distributed
  amongst the Institutes with the exception of NCI.
  

7
Customer Segmentation II

• DS 4 ID Badges. ID system statistics give us
  accurate insight into the makeup of the NIH
  population. 43 of the badges issued under the
  new ID system have been issued to non-FTE
  employees. Contractors make up about 22 of the
  total. (See chart on page 8).
• DS 5 Consult on crime prevention ORS, NIAMS
  and NIDCR were our biggest customers for crime
  prevention consultation, presentations, and
  follow-ups on reports of theft.
• DS 6 Community Policing. Since 9/11, community
  policing has been on hold because we are lacking
  a sufficient number of officers to provide both
  heightened security and community policing
  services.
• DS 7 Provide security for special events. Our
  primary customers are everyone who plans and
  stages special events.
• All approved events are channeled through us for
  security analysis.
• About 80 of all special events involve 50 or
  more attendees.

8
Customer Segmentation DS4 Issue and Manage ID
cards
9
Customer Satisfaction

• We did not survey customers this year
• However, in 2003 we plan to survey as follows
• DS-1 and DS-2 A/Os who interface with building
  entry systems
• DS-3
• A/Os who request installations, and/or
  modifications
• DES project officers who request advice, and /or
  consultation
• Individuals requiring service on an emergency
  basis
• DS-4 A/Os and delegates who interact with ID
  Card system
• DS-5 A/Os, facility managers, Project Officers
• DS-6 Facility managers
• DS-7 Event coordinators

10
Internal Business Process Perspective
11
Service Group Block DiagramA COMBINED EFFORT

• All of the activities fit together in a proactive
  approach to prevent crime.
• The effectiveness of each discrete service is
  dependent upon each other.

12
Conclusions from Discrete Services Deployment
Flowcharts

• Our Service Group completed 7 deployment
  flowcharts for 7 discrete services
• DS 1 Develop a centralized point for receiving
  work orders/requests for additions to the
  access control system.
• As reflected in the flow chart
  there is a prolonged process in
  receiving and processing requests. A centralized
  point for receiving and processing would
  expedite this service.
• DS 3 The efficiency of the locksmith service can
  be improved by establishing a means to transfer
  information onto a Computerized Signature
  Card. This improvement will serve to enhance
  the overall process.
• DS 4 In the current process for issuing
  employees IDs, an employee decides whether the
  individual is an employee or a contractor and
  issues the appropriate ID. However, the system
  already knows whether the individual is an
  employee or a contractor. We are modifying the
  system so that it automatically assigns the
  proper ID for the individual. This should save
  time and improve accuracy.

13
Conclusions from Discrete Services Deployment
Flowcharts
DS 5 The prevention process depends on the
active participation, involvement,and
communication of all components involved. This
contributes the overall prevention of
security breaches, and an effective
recommendation and implementation process. DS 7
The security of the events process relies on open
communication/participation of all parties
involved to comply with security requirements
in order to ensure the success of this process.
14
Process Measures

• DS1 System malfunctions before/after
  installation of new equipment.
• DS3 Total number of requests for emergency
  service.
• DS5 Crime rates before/after crime watch
  presentation.
• DS7 Total time invested on the coordination of
  special events process.

15

• Findings from process measures data
• DS1 Data on system malfunctions do not
  discriminate between system problems and
  mechanical problems, therefore there is no data
  to support process measures for system
  malfunctions before/after installation of new
  equipment.
• DS3 All emergency calls are stable at
  approximately 100 per month. However, because
  the total workload for the locksmiths has
  increased significantly while staff has
  decreased. We know that non-emergency response
  time is increasing. We expect to document this
  in 2003.
• DS5 To determine the effect of our
  presentations, consultations etc., we need to
  measure crime rates before and after we work with
  the IC clients. Because heightened security
  after 9/11 reduced the incidence of crime at NIH
  dramatically, we will use FY 2002 as a baseline
  year and measure before and after crime rates
  beginning with 2003.
• DS7 In providing security for special events,
  only 21 of our time is spent in actually
  attending the events. The other 79 is spent in
  planning and coordination.. Weve included in
  the Appendix a detailed description of some of
  these steps for a particular event.

16
Learning and Growth Perspective
17
Conclusions from Turnover, Sick Leave, Awards,
EEO/ER/ADR Data

• Our data does not reflect any significant issues.

18
Analysis of Readiness Conclusions

• To maintain a tactical and technical edge on
  those who mean NIH harm, we will need to keep up
  with rapidly changing security, loss prevention
  and crime prevention techniques, and we will need
  continually to invest in new equipment and
  systems as technology evolves.
• Because of growth in the locksmith workload, we
  will need at least 2 additional FTEs by 2003.
  We will also need an additional FTE in Facility
  Access Control. Also 2 additional FTEs in the
  crime prevention unit due to the expected
  increase in responsibilities involving the
  addition of the CC, construction of a bio-defense
  facility, expanded security oversight of the Fort
  Detrick site, and other out of state NIH
  facilities.
• Enhancement of computer software with data
  management capabilities in order to provide a
  more efficient means of documenting relevant
  statistical data.

19

Conclusions and Recommendations
20
Conclusions from FY02 ASA

• While our service group encompasses several
  separate organizational units, we do make up a
  meaningful service group. We provide a
  combination of service that requires us to work
  together and depend on one another to help
  protect the NIH community.
• There is no centralized point for receipt of
  work orders/requests for additions to the access
  control system.
• We are understaffed in the locksmiths branch
  for the amount of required work/requests.

21
Recommendations -I

• Because of security control limitations at
  multi-tenant facilities (see process map 1a), we
  recommend that NIH re-evaluate future
  multi-tenant leases wherever possible to ensure
  additional security control flexibility.
• Develop security requirements to include/enhance
  all on and off campus building perimeter access
  points.
• Create additional reporting capabilities for the
  Andover System that are more user friendly, and
  simplify system malfunctions, employee errors,
  security breaches, etc.,
• Improve the operation of the interface between
  the NIH Enterprise Directory (NED) and the
  Andover Continuum access control system to
  prevent problems that occur when downloading
  employee badge information.
• In year 2003, the locksmith branch should have
  the capability of tracking response time for
  non-emergency calls..

22
Recommendations - II

• Primarily, because of the security mandates
  following the events of 9/11, the NIH community
  should be educated regarding the special events
  process from approval/request for service to
  providing security for service.
• Non FTEs need security clearances prior to the
  issuance of an identification card due to the
  implementation of the current Andover proximity
  card reader system.
• Because of the current chaos in access control
  policies and procedures (see Process Map 1a) we
  recommend the creation of an Access Control
  Unit responsible for developing and implementing
  access control policies and procedures.

23
Appendices
24
Appendices

• Include the following
• Page 2 of your ASA Template
• Customer segments graphs
• Customer satisfaction graphs
• Block diagram
• Process maps
• Process measure graphs
• Learning and Growth graphs
• Analysis of Readiness Information
• Unit cost graphs
• Asset utilization graphs
• Any unique measures graphs

25
(No Transcript)
26
Customer SegmentationDS1 Install Maintain
Building Entry and Security Systems
Completed Conversions from Cardkey to Andover

• Converted 98 of cardkey readers
• on Perimeter doors.
• Lease space perimeter conversion
• is being phased in.
• Campus interior and animal doors
• are 80 complete.

27
Customer SegmentationDS3 Provide Locksmith
Services.
28
Customer Segmentation
29
Customer Segmentation
30
Customer Segmentation
DS7 Coordinate and Provide Security for Events
31
Process Measure Graphs
32
Process Measure GraphsDS3 Provide Locksmith
Services
Jan to Sept.
33
Process Measure GraphsDS3 Provide Locksmith
Services
34
Process Measures GraphsDS3 Provide Locksmith
Services
35
DS7 Coordinate and Provide Security for Events

• Ratio of 4 to1 for time spent planning events
  compared to time spent at events.

n

• 1914 Total hours spent on Events.
• 1518 Hours spent for planning coordinating
  (79).
• 396 Hours spent attending events (21)

36
FINDINGS FROM PROCESS MEASURES DATA FROM DS7  
   

• PLANNING AND COORDINATING SECURITY FOR SPECIAL
  EVENTS ON THE NIH CAMPUS
• Meet with event sponsors and establish a liaison
• Inform Police Managers of the event
• Establish personnel requirements and any other
  additional needs of the department
• Arrange for cost reimbursement from institutes
• Obtain a list of attendees/participants
• Develop a Security Plan
• Contact the building events management staff
  where the event is being held

37

• If dignitaries are attending, contact and
  coordinate with their protection details
• Notify the fire department and fire prevention
  personnel
• Make arrangements to ensure all vehicles coming
  onto campus are inspected
• Make parking arrangements for all vehicles
  associated with the event.
• Provide sufficient area for the news media
• Ensure that there is sufficient signage on campus
  so that employees are aware of any road
  closures, detours, etc., due to the event.
•  
•  
•  Some events require in-depth planning. Such an
  event was the two day Menopausal Hormone Therapy
  Conference that occurred during the month of
  October 2002. In addition to Secretary Tommy
  Thompson, there were 15 dignitaries, 50 speakers,
  and one thousand attendees expected. We worked
  closely with the building 45 events coordinator
  and management staff. Arrangements for various
  media staff were made. We also made special
  arrangements for special guests and handicapped
  personnel.

FINDINGS FROM PROCESS MEASURES DATA FROM DS7  

38
FINDINGS FROM PROCESS MEASURES DATA FROM DS7  
  Since the Secretary was attending, we
coordinated with his protection detail to ensure
his safety. In addition, we put additional
security measures in place to ensure the safety
of all visiting persons. We had a contingency
plan for any emergency that may arise.   The K-9
explosive team was deployed to the Natcher
Building to conduct a security sweep prior to the
start of the event. Once the building was swept,
it was secured by designated security personnel.
Police officers were assigned various posts
within the building. Some officers were roving,
and others were posted outside the building. All
vehicles entering the campus were inspected,
including the non-NIH buses transporting persons
to the event. No vehicle were allowed on campus
without being inspected. K-9 officers searched
the vehicles of special guests that were cleared
to parked directly in front of the Nathcer
Building. Due to the overall sensitivity of the
event, there were concerns for any attempts to
disrupt the conference. The Intelligence Branch
of the NIH Police Department conducted a briefing
in order to dispense all relevant information
available regarding disruptive groups.  
39
Process Maps
40
(No Transcript)
41
DS1b.
Maintain Building Entry and Security Systems
Date
11/4/02
Participants
ASA Team
ISR
Automated
Police 911
General Campus
System
(Contractor)
Systems Unit
Initiate trouble call
Initiate trouble call
Generates trouble
Handle any police
issue
message
Respond
Analyze problem
Is it warranty
issue?
Yes
No
Hardware?
No
Yes
Repair
Repair
42
DS 2
Operate and Maintain Building Entry and
Security Systems
Date
11/4/02
Participants
ASA Team
Facility Access
Police
IC A/O
Control
Determines need
for access
Is information
on the individual
Inputs information
No
in NED
System?
Yes
Does individual
to DS
No
Check NCIC
have ID Card?
4
From
DS 4
Yes
OK?
Deny request
No
Is individual an
Request NCIC
No
employee?
check
Yes
Yes
Send e-mail to
Send e-mail
requestor and
requestfor access to
Facility Access
Facility Access
Control to grant
Control
request
record
Notify requestor by
e-mail
43
(No Transcript)
44
(No Transcript)
45
(No Transcript)
46
(No Transcript)
47
(No Transcript)