1 fy02 asa presentation provide crime prevention and access control services presented by: harold...
TRANSCRIPT
1
FY02 ASA Presentation
PROVIDE CRIME PREVENTION AND ACCESS CONTROL SERVICES
Presented by: Harold Dawkins
List Presenters
Office of Research ServicesNational Institutes of Health
18 November 2002
2
Main PresentationASA Template ……………………………….……………………………….4
Customer Perspective……………………….……………………………….5Customer Segmentation …………………….…………………………………6-8
Customer Satisfaction……………………….…………………………………….9
Internal Business Process Perspective……………………………………10Service Group Block Diagram…………………………………………………..,11
Conclusions from Discrete Services Deployment Flowcharts……………12-13
Process Measures…………………………………………………………….14-15
Learning and Growth Perspective………………………………………….16Conclusions from Turnover, Sick Leave, Awards, EEO/ER/ADR Data……..17
Analysis of Readiness Conclusions…………………………………………….18
Conclusions and Recommendations………………………………………19Conclusions from FY02 ASA..………………………………………………… 20
Recommendations……………………………………………………………21-22
3
Table of Contents
AppendicesPage 2 of your ASA Template
Customer segments graphs
Process measures graphs
Process maps
Learning and Growth graphs
Analysis of Readiness Information
Asset utilization graphs
4
ASA Template - 2002
Customer Value Proposition
Team Leader
PROVIDE CRIME PREVENTION AND ACCESS CONTROL SERVICES
DS 5. Consult on crime Prevention
Discrete Services
Service Group
DS 3. Provide Locksmith Services
Customer Intimacy Sustain
Foster the safety and security of the NIH on-campus and off-campus through systems, education and consulting that are effective in preventing crime.
DS1. Install and Maintain Building Entry and Security Systems
DS 2. Manage andOperate Building Entry and Security Systems
DS 6. Provide Community Policing Services
DS 4. Issue and Manage ID Cards
Product Leadership Harvest
Patricia A. Haynes
Operational Excellence Growth
Service Strategy
Team Members
Alex Salah, Debbie Thomson, Gary Freeman, Harold Dawkins, Udon Cheek, Mark Knowles, Phil Nathanson (Consultant)
DS 7. Coordinate and Provide Security for Events
X
5
Customer Perspective
6
• DS1 and DS 2: Building Entry Systems. Our customers are everyone in the NIH community who depend on access control systems. We are currently converting to the Andover system, which is a proximity card reader system that is more sophisticated, and provides more security than the previous system used. As of now:
• We have converted 98% of cardkey readers on perimeter doors to the Andover system.
• 80% of campus interior and animal doors completed. • Leased space perimeter conversion is being phased in.
• DS 3: Locksmith services. The distribution of trouble calls and installations for the locksmith does not show an 80-20 effect . ORS has submitted as many work requests/orders for locksmith service as the Clinical Center. The remainder of the Locksmith’s work is equally distributed amongst the Institutes with the exception of NCI.
Customer Segmentation I
7
Customer Segmentation II• DS 4: ID Badges. ID system statistics give us accurate insight into the
makeup of the NIH population. 43% of the badges issued under the new ID system have been issued to non-FTE employees. Contractors make up about 22% of the total. (See chart on page 8).
• DS 5: Consult on crime prevention: ORS, NIAMS and NIDCR were our biggest customers for crime prevention consultation, presentations, and follow-ups on reports of theft.
• DS 6: Community Policing. Since 9/11, community policing has been on hold because we are lacking a sufficient number of officers to provide both heightened security and community policing services.
• DS 7: Provide security for special events. Our primary customers are everyone who plans and stages special events.
• All approved events are channeled through us for security analysis.• About 80% of all special events involve 50 or more attendees.
8
ID Badges Issued by Type (New System)24,173 Badges Total
13827
5314
3235
1079453 265
0
2000
4000
6000
8000
10000
12000
14000
16000
FTEs Contractors Fellows Volunteers Summer Guest
Customer SegmentationDS4: Issue and Manage ID cards
9
• We did not survey customers this year• However, in 2003 we plan to survey as follows:
• DS-1 and DS-2: A/Os who interface with building entry systems
• DS-3: A/Os who request installations, and/or modifications DES project officers who request advice, and /or
consultation Individuals requiring service on an emergency basis
• DS-4: A/Os and delegates who interact with ID Card system• DS-5: A/Os, facility managers, Project Officers• DS-6: Facility managers• DS-7: Event coordinators
Customer Satisfaction
10
Internal Business Process Perspective
11
Service Group Block Diagram“A COMBINED EFFORT’
• All of the activities fit together in a proactive approach to prevent crime.
• The effectiveness of each discrete service is dependent upon each other.
Interact withcommunity to
determine needs
Evaluate needs andmake
recommendationsfor solutions
Assist inimplementation of
solutions, includingpolicing and
security solutions
Assess results;recommend
improvements, newinitiatives asnecessary
12
• Our Service Group completed 7 deployment flowcharts for 7 discrete services
• DS 1: Develop a centralized point for receiving work orders/requests for additions to the access control system.
As reflected in the flow chart there is a prolonged process in receiving and processing requests. A centralized point for receiving and processing would expedite this service.
• DS 3: The efficiency of the locksmith service can be improved by establishing a means to transfer information onto a
“Computerized Signature Card.” This improvement will serve to enhance the overall process.
• DS 4: In the current process for issuing employees IDs, an employee decides whether the individual is an employee or a contractor and issues the appropriate ID. However, the system already “knows” whether the individual is an employee or a
contractor. We are modifying the system so that it automatically assigns the proper ID for the individual. This should save time and improve accuracy.
Conclusions from Discrete Services Deployment Flowcharts
13
DS 5: The prevention process depends on the active participation, involvement,and communication of all components involved. This contributes the overall prevention of security breaches, and an effective recommendation and implementation process.
DS 7: The security of the events process relies on open communication/participation of all parties involved to
comply with security requirements in order to ensure the success of this process.
Conclusions from Discrete Services Deployment Flowcharts
14
Process Measures:
DS1: System malfunctions before/after installation of new equipment.
• DS3: Total number of requests for emergency
service.• DS5: Crime rates before/after crime watch
presentation.• DS7: Total time invested on the coordination of
special events process.
15
Findings from process measures data:DS1: Data on system malfunctions do not discriminate between system problems and mechanical problems, therefore there is no data to support process measures for system malfunctions before/after installation of new equipment.
DS3: All emergency calls are stable at approximately 100 per month. However, because the total workload for the locksmiths has
increased significantly while staff has decreased. We know that non-emergency response time is increasing. We expect to document this in 2003.
DS5: To determine the effect of our presentations, consultations etc., we need to measure crime rates before and after we work with
the IC “clients.” Because heightened security after 9/11 reduced the incidence of crime at NIH dramatically, we will use FY 2002 as a baseline year and measure “before and after” crime rates beginning with 2003.DS7: In providing security for special events, only 21% of our time is spent in actually attending the events. The other 79% is spent in planning and coordination.. We’ve included in the Appendix a detailed description of some of these steps for a particular event.
16
Learning and Growth Perspective
17
• Our data does not reflect any significant issues.
Conclusions from Turnover, Sick Leave, Awards, EEO/ER/ADR Data
18
• To maintain a tactical and technical edge on those who mean NIH harm, we will need to keep up with rapidly changing security, loss prevention and crime prevention techniques, and we will need continually to invest in new equipment and systems as technology evolves.
• Because of growth in the locksmith workload, we will need at
least 2 additional FTEs by 2003. We will also need an additional FTE in Facility Access Control. Also 2 additional FTEs in the crime prevention unit due to the expected increase in responsibilities involving the addition of the CC, construction of a bio-defense facility, expanded security oversight of the Fort Detrick site, and other out of state NIH facilities.
• Enhancement of computer software with data management capabilities in order to provide a more efficient means of documenting relevant statistical data.
Analysis of Readiness Conclusions
19
Conclusions and Recommendations
20
Conclusions from FY02 ASA
While our service group encompasses several separate organizational units, we do make up a meaningful service group. We provide a combination of service that requires us to work together and depend on one another to help protect the NIH community.
There is no centralized point for receipt of work orders/requests for additions to the access control system.
We are understaffed in the locksmith’s branch for the amount of required work/requests.
21
Recommendations -I
• Because of security control limitations at multi-tenant facilities (see process map 1a), we recommend that NIH re-evaluate future multi-tenant leases wherever possible to ensure additional security control flexibility.
• Develop security requirements to include/enhance all on and off campus building perimeter access points.
• Create additional reporting capabilities for the Andover System that are more user friendly, and simplify system malfunctions, employee errors, security breaches, etc.,
• Improve the operation of the interface between the NIH Enterprise Directory (NED) and the Andover Continuum access control system to prevent problems that occur when downloading employee badge information.
• In year 2003, the locksmith branch should have the capability of tracking response time for non-emergency calls..
22
Recommendations - II• Primarily, because of the security mandates following the events
of 9/11, the NIH community should be educated regarding the special events process from approval/request for service to providing security for service.
• Non FTEs need security clearances prior to the issuance of an identification card due to the implementation of the current Andover proximity card reader system.
• Because of the current chaos in access control policies and procedures (see Process Map 1a) we recommend the creation of an “Access Control Unit” responsible for developing and
implementing access control policies and procedures.
23
Appendices
24
Appendices
• Include the following:
• Page 2 of your ASA Template• Customer segments graphs • Customer satisfaction graphs• Block diagram• Process maps• Process measure graphs• Learning and Growth graphs• Analysis of Readiness Information • Unit cost graphs• Asset utilization graphs• Any unique measures graphs
25
Actual assets utilized/planned asset utilization for each Discrete ServiceMaximize utilization of assets.
Change in Unit Cost for each Discrete Service
Customer PerspectivePerformance Measure
Customer satisfaction ratings from the ORS Customer Scorecard for each Discrete Service
DS 7: Total time invested on the coordination of special events process
Turnover
Customer segmentation of Discrete Services
Increase customer satisfaction
Performance Objective
Maintain & enhance competencies for the future organization.
Performance Objective
DS 1:: System malfunctions before/after installation of new equipment
Performance MeasureInternal Business Process Perspective
Complete process maps of Service Group/Discrete Services
Identify and report on process measures for Discrete Services
Performance Measure
Financial Perspective
Performance Measure
Analysis of Readiness Index
Awards/Recognition
Contacts/Complaints with EEO/ER/ADR
Sick Leave Usage
Performance Objective
Increase understanding of customer base
Service Group: Provide Crime Prevention and Security Services
DS3: Total number of requests for emergency service
DS5: Crime rates before/after crime watch presentation
Minimize unit cost at a defined service level.
Increase understanding of processes.
Performance Objective
Enhance quality of work life for employees in ORS.
Identify methods to measure processes.
Learning and Growth Perspective
26
Customer SegmentationDS1: Install & Maintain Building Entry and Security Systems
Completed Conversions from Cardkey to Andover
Interior72 Card Reader
412
FDA19Off Campus
65
Animal68
•Converted 98% of cardkey readers on Perimeter doors.
•Lease space perimeter conversion is being phased in.
•Campus interior and animal doors are 80% complete.
27
Customer SegmentationDS3: Provide Locksmith Services.
% Work Requests by IC (Jan 02 - Sept 02)
16.6%
9.4% 9.0%
7.9% 7.7%
6.8%
5.6%5.0% 4.8% 4.7%
22.4%
0.0%
5.0%
10.0%
15.0%
20.0%
25.0%
NCI ORS CC NINDS NIAID NIMH NHLBI NIDDK NICHO OD ALLOTHERS
8997 Total Orders
28
Customer Segmentation DS-5CPU Presentations/Surveys/Followups By IC
8/00 - 8/01
7
6 6
4
3
2 2 2 2
1 1 1 1 1 1 1 1 1
0
2
4
6
8
ORS NIAMS NIDCR NLM NICHD NIAID NHGRI FDA NIDDK FIC NIND NCI NMH NHLBI NEIM NIA NIDCD OAR
IC
# P
res
en
tati
on
s/S
urv
ey
s/F
ollo
wu
ps
Customer Segmentation
29
Customer Segmentation DS-5CPU Presentations/Surveys/Followups by Building
8/2000 - 8/20019
6 6
3 3
2 2 2 2
1 1 1 1 1
0
2
4
6
8
10
Bldg 31 Bldg 13 Bldg 45 Bldg 30 Bldg 38 Bldg 6 Bldg 14 Bldg 29 Bldg 50 Bldg 2 Bldg 4 Bldg 5 Bldg 7 Bldg 21
# P
rese
nta
tio
ns/
Su
rvey
s/F
ollo
wu
ps
Customer Segmentation
30
DS7: Coordinate and Provide Security for Events
Number of Events by size (Oct 01 - Oct 02)
267
150
50
89
0
50
100
150
200
250
300
51-100 26-50 100 or more 0-25
Events categorized by attendance population
Customer Segmentation
31
Total # of Emergency Calls by Month (2002)
101
105
101
110
116
107
101
105
99
90
95
100
105
110
115
120
Jan Feb March April May June July Aug Sept
945 Calls Total
Process Measure Graphs
32
Process Measure GraphsDS3: Provide Locksmith Services
*Jan to Sept.
Average Completed Work Requests (Monthly)
895
1149
1537
1466*
0
200
400
600
800
1000
1200
1400
1600
1800
1999 2000 2001 2002
33
Process Measure GraphsDS3: Provide Locksmith Services
Total Jobs by Month (2002)
1292
1396
1147
1946
1378
1193
1506
1763
1574
0
500
1000
1500
2000
2500
Jan Feb March April May June July Aug Sept
13195 Total Jobs
34
Process Measures GraphsDS3: Provide Locksmith Services
Total # of Jobs by Type (Jan 02 - Sept 02)
6515
2426
1096 910618 431 384
815
0
1000
2000
3000
4000
5000
6000
7000
DOOR KEYS C
UT
RETURNED K
EYS/REASSIG
NED KEYS
LOCK/C
YLINDER C
HANGES
EXPIRED 30
- DAY
KEY P
ICKUP
PADLO
CKS ISSUED/R
EMOVALS
DESK KEYS, B
AR LOCK K
EYS AND C
ABINET
KEYS
DOOR LOCK R
EPAIR
S
OTHER
13195 Total Jobs
35
planning & coordinating
79%
attending events 21%
planning & coordinating
attending events
•Ratio of 4 to1 for time spent planning events compared to time spent at events.
n
•1914 Total hours spent on Events.
•1518 Hours spent for planning & coordinating (79%).
•396 Hours spent attending events (21%)
DS7: Coordinate and Provide Security for Events
36
PLANNING AND COORDINATING SECURITY FOR SPECIAL EVENTS ON THE NIH CAMPUS:
•Meet with event sponsors and establish a liaison •Inform Police Managers of the event •Establish personnel requirements and any other additional needs of the department•Arrange for cost reimbursement from institutes•Obtain a list of attendees/participants•Develop a Security Plan•Contact the building events management staff where the event is being held
FINDINGS FROM PROCESS MEASURES DATA FROM DS7:
37
If dignitaries are attending, contact and coordinate with their protection details•Notify the fire department and fire prevention personnel•Make arrangements to ensure all vehicles coming onto campus are inspected•Make parking arrangements for all vehicles associated with the event.•Provide sufficient area for the news media•Ensure that there is sufficient signage on campus so that employees are aware of any road closures, detours, etc., due to the event. Some events require in-depth planning. Such an event was the two day Menopausal Hormone Therapy Conference that occurred during the month of October 2002. In addition to Secretary Tommy Thompson, there were 15 dignitaries, 50 speakers, and one thousand attendees expected. We worked closely with the building 45 events coordinator and management staff. Arrangements for various media staff were made. We also made special arrangements for special guests and handicapped personnel.
FINDINGS FROM PROCESS MEASURES DATA FROM DS7:
38
Since the Secretary was attending, we coordinated with his protection detail to ensure his safety. In addition, we put additional security measures in place to ensure the safety of all visiting persons. We had a contingency plan for any emergency that may arise. The K-9 explosive team was deployed to the Natcher Building to conduct a security sweep prior to the start of the event. Once the building was swept, it was secured by designated security personnel. Police officers were assigned various posts within the building. Some officers were roving, and others were posted outside the building. All vehicles entering the campus were inspected, including the non-NIH buses transporting persons to the event. No vehicle were allowed on campus without being inspected. K-9 officers searched the vehicles of special guests that were cleared to parked directly in front of the Nathcer Building. Due to the overall sensitivity of the event, there were concerns for any attempts to disrupt the conference.The Intelligence Branch of the NIH Police Department conducted a briefing in order to dispense all relevant information available regarding disruptive groups.
FINDINGS FROM PROCESS MEASURES DATA FROM DS7:
39
Process Maps
40
DS 1a: Install Building Entry and Security SystemsDate: 11/4/02 Participants: ASA Team
DES/WorkAcceptance
DES/FacilityAccess Control
Automated SystemsUnit
ISR(Contractor)
DCAB Team 5Customers
(A/Os, DES. DPS)
Identify need foraccess limitation
Easy and quickinstall?
Receive request orwork order
Replace existing/add new card keys
Replace existing/add new card keys
OK?
End
Yes
Repair/redo
Security issue?
Priority job(customer-defined)?
YesNo
Yes
No
No
Multi-tenantleased building?
Perimeteraccess issue?
Yes
Cannot install
Send installationrequest to DES/Facility Access
Control, DES WorkAcceptance Unit,
ASU, or contractor.
Assign work order
Assign work order,or forward to
Facility AccessControl
Receive request Receive request
Receive request orwork order
YesNo
Yes
Conduct qualityreview
41
DS1b. Maintain Building Entry and Security SystemsDate: 11/4/02 Participants: ASA Team
ISR(Contractor)
AutomatedSystems Unit
Police 911 General CampusSystem
Generates troublemessage
Initiate trouble call Initiate trouble call
Respond
Is it warrantyissue?
Repair
Analyze problem
Hardware?
Repair
Yes
Handle any policeissue
YesNo
No
42
DS 2 : Operate and Maintain Building Entry and Security SystemsDate: 11/4/02 Participants: ASA Team
Facility AccessControl
PoliceIC A/O
Determines needfor access
Is informationon the individual
in NEDSystem?
Inputs information
Does individualhave ID Card?
to DS4
Yes
Is individual anemployee?
Send e-mailrequestfor access to
Facility AccessControl
Yes
Yes
FromDS 4
No
No
Request NCICcheck
No
Check NCIC
OK? Deny requestNo
Send e-mail torequestor andFacility AccessControl to grant
request
Yes
record
Notify requestor bye-mail
Modify electronic record
43
Provide Locksmith Services: Construction/RenovationDate: 9/27/02 Participants: Clarence Bruce, Alverta Wilson
ICA/O
ContractorProject OfficerLocksmith Section
Request review ofblueprints or
proposal
Request review ofblueprints or
proposal
Reviews for safety,security, codecompliance
Develops hardwarespecs -- equipment,contractor, keyway
Installs hardwareper specs
OKs for occupancy
Generatescylinder/key order
Removescontractor cylinders
Installs NIHcylinders
Walkthrough
44
Provide Locksmith Services: Respond to Service RequestsDate: 9/27/02 Participants: Clarence Bruce, Alverta Wilson
Locksmith Section
Print and reviewrequest
against authorizedrequestor data base
Is requestorauthorized?*
Review authorizationprocedure with A/O
Is this a keyrequest?
Has individualalready beenissued key?
Reasonablebasis forrequest?
Cut key
Hold 30 days forpickup
Is this acylinder change
request?
Request goes in"miscellaneous"
FIFO queue
Customerrequestsexpeditedservice?
Has cylinderbeen changedwithin last 6
months/year?
Section Chiefevaluates
appropriateness ofrequest
Install new cylinder w/in 45 days
1-day responsecategory?**
Fufill request within1-3 days
Appropriate?
No
Yes
No
Yes
Yes
Yes
Deny requestNo
No
Process within 24hours
Handle on FIFObasis
No
No
Yes
Receives servicerequest from A/O
via ADB
Yes
No
No
Yes
Yes
** 1-day Response Categories
Employee termination Moves/renovations R eq ues t s t o exped i t e
orders in queue Emergencies
No
* Authorized Requestors
IC Executive Officer sets up anumbrella for technicians to usethe system through CIT.
45
Discrete Service: DS4 Issue and Manage ID CardsDate: 9/10/02 Participants: Gary Freeman, Deborah Thomson
Andover ContinuumSystem
NED SystemID Card OfficeIndividualIC
A/O
Inputs information aboutindividual into NED system;
authorizes for ID cardissuance
Checks Andoversystem
Accepts datra
Individual'sinformation is in
system?
Refer individualto A/O
yes
no
Reports data
Downloads data toAndover Systemevery 15 minutes
Select template basedon organizational
status - employee,contractor
End
Accepts data
Presents self atoffice
FromDS-2
Issue IDAccess
Involved?
NoYes
to DS-2
46
Discrete Service DS 5: Consult on CrimePreventionDate: 8/27/02 Participants: ASA Team
ICsDES/DCABDPS
Conducts building security surveys, ongoing review ofpolice reports for thefts, security breaches, etc.
Report securityconcerns
Informs DPS ofconstruction/
renovation projects
Identify specificsecurity concerns
Renovation/new
construction?
Formulate designrecommendations
Inspect building
Formulateequipment, service
and educationalrecommendations
Follow up witheducational
efforts, suggestpresentations,
etc..
Assist inimplementation ofrecommendations,deliver educationalpresentations, etc.
Monitor ongoingimplementation,
review crimestatistics, conductbuilding security
surveys
Additionalaction
necessary?
IC reviewsrecommendations,
decides onimplementation
approach
PO/Contractorreviews
recommendations,decides on
implementationstrategy
Implements allrecommenda-
tions?
Implements allrecommenda-
tions?
Yes
No
Endyes
no
yes
no
yes
no
47
Discrete Service: DS7 Provide Security for EventsDate: 8/27/02 Participants: ASA Team DRAFTII
Office of the DeputyDirector, ORS IC Event Planner
Dignitary'sSecurity
TeamDPS
Request for event securityoriginates from I/C,
Director's Office
Non-emergency?
Duringbusinesshours?
Fewer than 100attendees
Assess securityneeds and costs,
developrecommendations.refer to Dep NIHDirector's Office
yes
no
yes
yes
Reviewsrecommendations
Approves eventsecurity?
End
no
no
no
Get CAN
yes
Dignitaryinvolved?
Develop event planbased on alert level::
routes, seating,snipers, reactionary
team, etc. asnecessary
no
Develop event planbased on alert level::
routes, seating,snipers, reactionary
team, etc. asnecessary
yes
Execute securityplan
Assess results forfuture
improvements
Emergencies includeterrorist threats (anthrax,bomb scare), unexpectedmovement of dignitary)