Integrated Asset Protection Project.

Integrated Asset Protection Project.

Post by Mark Lea » Mon, 16 Jun 1997 04:00:00

Attention Security Professionals!

I am a professional security consultant located in the southeast
looking for other security professionals who specialize in information
security (CISSP/CISA desired), disaster recovery or business
continuity planners (CDRP/CBCP desired)  or other security
"generalists" (CPP desired) like myself.  I'm attempting to contact
qualified information/data security, disaster recovery planners and
security professionals for an academic project with possible future
commercail purposes.

The goal of the project is to study the possibility of developing a
"asset protection model" for application of security concepts and
methodology to a business environment (production or service

Some questions to become the focus of the project:

1. What is asset protection?  Is it safeguarding a combination of
tangible/intangible property or are we required to divide the process
into niche fields, each responsible for protecting it's own "assets" -
business processes, data, property?  Does, and should, a distinction
exist between these areas or "niche" fields?

2. What are the minimum levels of protection?  Of course, a risk
analysis/BIA identifies these respective to a company and it's
environment, but are there common levels of protection?

3.  Can one individual administer comprehensive protection measures
with little to no experience in security?  What basic
knowledge/competencies should he possess?  What tools should he have

4. What can be considered an acceptable final security product in the
form of policies, procedures and services?  How does one measure

The final product of the study would be an academic paper/report with
the immediate goal of publishing in a professional journal (i.e.,
"Security Management", "INFOSecurity News", "Disaster Recovery").  

if interested.  Of course, my own qualifications can be found at
<>.  Thanks in advance.