1
CHAPTER CPP STUDY SESSION
Chapter 159 CY2016 Study Session ConceptApproved 15 Nov 2015
09 December 2015
Mr. Stephen P. Perkins, PMP, CPPChapter CPP Prep Chairman
CY2016 CPP Study Session Concept
• Chapter conducts two CPP Study Sessions in 2016 ... defined as a ~8 week prep session. The preparation cycle ends with candidates taking the test within the semi-annual period.
• Each week explores one, but NMT two, domain ... 2.5 hour session. Some domains may need more than one day in the week, or some might not need as much.
• Primary and Alternate Instructors attend their sessions; encouraged to attend others
• Use of Chapter CPPs designed to leverage their expertise and provide them opportunities to maintain their expertise … also provides them CPP recertification points
• Focused use of instructors minimizes their use to “power” sessions
• Optimize technology when possible … use hard & digital copies of POAs/Standards/ Guidelines … Venue for the sessions is … TBD
• Requires CPP candidate participation inside and outside the weekly sessions … missed classes are missed opportunities
• This CPP Study Session will NOT include separate Focus Area sessions, nor a weekend CPP Review. All CPP Facilitators will attend end of session reviews
2As of 02 Nov 2015Mr. Stephen P. Perkins, PMP, CPP
CPP Study Session Concept
3As of 15 Nov 2015Mr. Stephen P. Perkins, PMP, CPP
• Study Session – 7 Domains + Legal (BY WEEK)
1 – Security Principles and Practices
2 – Business Principles and Practices
3 – Investigations
4 – Physical Security
5 – Personnel Security
6 – Information Security
7 – Crisis Management
X – Legal
NOTE: Facilitators will work Guidelines and Standards into their Domains
• Study Session Specifics
1 – Dates: Every Thursday and Selected Tuesdays
2 – Times: 1800 – 2030 (last thirty minutes for quizzes)
3 – Location: TBD
4 – References: POAs, Guidelines (4), Standards (4), and Green CPP Study Guide
CPP Study Session ConceptCPP Study Model
CPP StudyPrep
Modules 1-4 Modules5-7/X
CPP TestingCPPStudy AAR
FOCUS AREAS
AREA 1 – Sensors AREA 2 – Lighting AREA 3 – Locks AREA 4 – CPTED 4
As of 15 Nov 2015Mr. Stephen P. Perkins, PMP, CPP
Modules 1-4 Modules5-7/X
CPP StudyPrep
CPPStudy AAR
CPPFocus Areas
CPPTesting
CPP Study Session ConceptFacilitator Assignments – Modules 1-4
As of 15 Nov 2015 5Mr. Stephen P. Perkins, PMP, CPP
Date Section Primary Facilitator Alternate Facilitator
Session
0 - Tues
Orientation Day Steve Perkins, CPP
Session
1A - Thu
Physical Security - #1 Darryll DeCotis, CPP
Session
1B - Tues
Physical Security - #2 Darryll DeCotis, CPP
Session
1C - Thu
Physical Security - #3 Darryll DeCotis, CPP
Session
2A - Tues
Security Principles - #1 Barry Watkins, CPP
Session
2B - Thu
Security Principles - #2 Barry Watkins, CPP
Session
3 - Thu
Investigations Gary Chlebus, CPP
Session
4 - Thu
Business Principles Al Kittredge, CPP John Wolf, CPP
NOTE: Names are notional
As of 15 Nov 2015 6Mr. Stephen P. Perkins, PMP, CPP
Date Section Primary Facilitator Alternate Facilitator
Session
5 - Thu
Personnel Security John Wolf, CPP
Session
6 - Thu
Information Security Steve Perkins, CPP Dan Jutson, CISSP
Session
7 - Thu
Crisis Management Dan Brand, CPP
Session
8 - Thu
Legal Gary Chlebus, CPP
Session
9- Tues
Session Review Steve Perkins, CPP Darryll DeCotis, CPP
Session
10 - Thu
Assessment Steve Perkins, CPP Darryll DeCotis, CPP
NOTE: Names are notional
CPP Study Session ConceptFacilitator Assignments – Modules 5-8
CPP Study Session ConceptFacilitator Assignments – Session 16-01
As of 09 Dec 2015 7Mr. Stephen P. Perkins, PMP, CPP
Date Section Primary Facilitator
0 – Tues
14 Jan 16
Orientation Day Steve Perkins, CPP
1A – Thur
04 Feb 16
Physical
Security - #1
Darryll DeCotis, CPP
1B – Tues
09 Feb 16
Physical
Security - #2
Darryll DeCotis, CPP
1C – Thur
11 Feb 16
Physical
Security - #3
Darryll DeCotis, CPP
2A – Tues
16 Feb 16
Security
Principles - #1
Barry Watkins, CPP
2B – Thur
18 Feb 16
Security
Principles - #2
Barry Watkins, CPP
3 – Thur
25 Feb 16
Investigations Gary Chlebus, CPP
NOTE: Names are notional
Date Section Primary Facilitator
4 – Thur
03 Mar 16
Business
Principles
Al Kittredge, CPP
5 – Thur
10 Mar 16
Personnel
Security
John Wolf, CPP
6 – Thur
17 Mar 16
Information
Security
Steve Perkins, CPP
7 – Thur
24 Mar 16
Crisis
Management
Dan Brand, CPP
8 – Thur
31 Mar 16
Legal Gary Chlebus, CPP
9- Tues
07 Apr 16
Session Review Steve Perkins, CPP
8
LOCATION: Trustee's Building (very first building) Room T-107
Appears to be #45 on the map
CPP Study Session ConceptInstruction Location
As of 02 Nov 2015Mr. Stephen P. Perkins, PMP, CPP
• The first and most rigorous component of becoming a CPP is meeting the eligibility requirements. As with most Board Certifications, the qualifications are strict and require substantial experience. While many candidates place considerable emphasis on the exam, the eligibility requirements set Board Certification apart from a course certificate or a degree program. Only those candidates who meet the rigors of the eligibility requirements can sit for the exam.
• The CPP Exam is an assessment of a candidate’s depth of knowledge. An item writing team monitored by the ASIS Professional Certification Board (PCB), a group of volunteer leaders within ASIS, constructs the CPP exam. The exam items or questions relate to specific knowledge, skills, and tasks under eight domains. There may be thousands of exam items within the item bank. However, each candidate will see only 225 multiple-choice questions covering all of the domains. The item writing team references each of the items to Protection of Assets (POA) or an ASIS standard.
9
CPP Study Session ConceptWhy the CPP?
As of 28 May 2015Mr. Stephen P. Perkins, PMP, CPP
1 - Security Principles and Practices (21%)
2 - Business Principles and Practices (13%)
3 - Investigations (10%)
4 - Personnel Security (12%)
5 - Physical Security (25%)
6 - Information Security (09%)
7 - Crisis Management (10%)
10
CPP Study Session ConceptWhat are the CPP Domains?
As of 01 Nov 2015*** Effective 1 Mar 2016 ***
Mr. Stephen P. Perkins, PMP, CPP
• Task 01/01 Plan, direct, implement, and manage the organization’s security program to protect the organization’s assets – Knowledge of: Principles of planning, organization, and control; Security theory, techniques, and processes;
Security industry standards NEW; Continuous assessment and improvement processes NEW; and Cross-functional organizational collaboration NEW
• Task 01/02 Develop, manage, or conduct the security risk assessment process – Knowledge of: Quantitative and qualitative risk assessments; Vulnerability, threat, and impact assessments; and Potential
security threats (for example, all hazards, criminal activity) NEW
• Task 01/03 Evaluate methods to improve the security program on a continuous basis through the use of auditing, review and assessment – Knowledge of: Cost-benefit analysis methods; Risk management strategies (for example, avoid, assume/accept, transfer,
spread); Risk mitigation techniques (for example, technology, personnel, process, facility design) NEW; and Data collection and trend analysis techniques NEW
• Task 01/04 Develop and manage external relations programs with public sector law enforcement or other external organizations to achieve loss prevention objectives – Knowledge of: Roles and responsibilities of external organization and agencies; Methods for creating effective working
relationships; and Techniques and protocols of liaison, and Local and national Public/Private Partnerships (example Fusion Centers) NEW
• Task 01/05 Develop, implement, and manage employee security awareness programs to achieve organizational goals and objectives – Knowledge of: Training methodologies; Communication strategies, techniques, and methods; Awareness program objectives
and program metrics NEW; and Elements of a security awareness program (for example, roles and responsibilities, physical risk, communication risk, privacy) NEW
11
CPP Study Session ConceptSecurity Principles & Practices (21%)
As of 01 Nov 2015Mr. Stephen P. Perkins, PMP, CPP
• Task 02/01 Develop and manage budgets and financial controls to achieve fiscal
responsibility– Knowledge of: Principles of management accounting, control, and audits; Business finance principles and financial reporting;
Calculation & interpretation of Return on Investment (ROI); and The lifecycle for budget planning purposes
• Task 02/02 Develop, implement, and manage policies, procedures, plans and directives to achieve organizational objectives – Knowledge of: Principles and techniques of policy/procedures development; Communication strategies, methods, and
techniques; Training strategies, methods, and techniques; and Preventive and corrective maintenance for systems; Cross-functional collaboration NEW; and Relevant laws and regulations NEW
• Task 02/03 Develop procedures/techniques to measure and improve organizational
productivity – Knowledge of: Techniques for quantifying productivity/metrics/key performance indicators (KPI); and Data analysis
techniques and ROI
• Task 02/04 Develop, implement, and manage security staffing processes and personnel development programs in order to achieve organizational objectives – Knowledge of: Interview techniques for staffing; Candidate selection and evaluation techniques; Job analysis processes; Pre-
employment background screening NEW; Principles of performance evaluations, 360 reviews, and coaching; Interpersonal and feedback techniques; Training strategies, methodologies, and resources; and Human Capital Management; Retention strategies and methodologies NEW; and Talent management and succession planning NEW
CPP Study Session ConceptBusiness Principles & Practices (13%)
As of 01 Nov 2015Mr. Stephen P. Perkins, PMP, CPP
1 of 211
• Task 02/05 Monitor and ensure a sound ethical climate in accordance with the regulatory requirements and the organization’s directives and standards to support and promote proper
business practices – Knowledge of: Good governance standards; Guidelines for individual and corporate behavior; Generally accepted ethical
principles; Confidential information protection techniques and methods; and Legal and regulatory compliance NEW
• Task 02/06 Provide advice and assistance to management and others in developing
performance requirements and contractrual terms for security vendors/supplier NEW– Knowledge of: Key concepts in the preparation of requests for proposals and bid reviews/evaluations NEW; Service Level
Agreements (SLA) definition, measurement and reporting NEW; and Contract law, indemnification, and liability insurance principles NEW
CPP Study Session ConceptBusiness Principles & Practices (13%)
As of 01 Nov 2015Mr. Stephen P. Perkins, PMP, CPP
2 of 212
• Task 03/01 Identify, develop, implement, and manage Investigation functions– Knowledge of: Principles and techniques of policy and procedure development; Organizational objectives and cross-
functional collaboration; Types of investigations (for example, incident, misconduct, compliance) NEW; Internal and external resources to support investigative functions; Report preparation for internal purposes and legal proceedings; and Laws pertaining to developing and managing investigative programs NEW
• Task 03/02 Manage or conduct the collection and preservation of evidence to support post-investigation actions – Knowledge of: Evidence collection techniques; Protection/preservation of crime scene; Requirements of chain of custody;
Methods for preservation of evidence; and Laws pertaining to the collection and preservation of evidence NEW
• Task 03/03 Manage or conduct surveillance processes – Knowledge of: Surveillance techniques; and Technology/equipment and human resources; and Laws pertaining to managing
surveillance processes NEW
• Task 03/04 Manage and conduct investigations requiring specialized tools, techniques, and resources– Knowledge of: Techniques, tools and resources related to Financial and fraud related crimes; Intellectual property and
industrial espionage crimes; arson and property crimes; and cybercrimes
CPP Study Session ConceptInvestigations (10%)
As of 01 Nov 2015Mr. Stephen P. Perkins, PMP, CPP19
1 of 2
• Task 03/05 Manage or conduct investigative interviews – Knowledge of: Methods and techniques of eliciting information; Techniques for detecting deception; The nature of non-
verbal communication; Rights of interviewees NEW; Required components of written statements; Laws pertaining to managing investigative interviews NEW
• Task 03/06 Provide coordination, assistance, and evidence such as documentation and testimony to support legal counsel in actual or potential criminal and/or civil proceedings NEW– Knowledge of: Criminal law and procedures NEW; Civil law and procedures NEW; Employment law (e.g., wrongful
termination, discrimination and harassment) NEW
CPP Study Session ConceptInvestigations (10%)
As of 01 Nov 2015Mr. Stephen P. Perkins, PMP, CPP19
2 of 2
• Task 04/01 Develop, implement, and manage background investigations for hiring, promotion, or retention of individuals– Knowledge of: Background investigations and employment screening techniques; quality and types of Information source;
Screening policies and guidelines NEW; and Laws and regulations pertaining to personnel screening NEW
• Task 04/02 Develop, implement, manage, and evaluate policies, procedures, programs and methods to protect individuals in the workplace against harassment, threats, and violence – Knowledge of: Protection techniques and methods; Threat assessment; Prevention, intervention and response tactics;
Educational and awareness program design and implementation; Travel security programs; and Laws, government, and labor regulations regarding organizational efforts to reduce employee substance abuse NEW
• Task 04/03 Develop, implement, and manage executive protection programs – Knowledge of: Executive protection techniques and methods; Risk analysis; Liaison and resource management techniques;
Selection, costs, and effectiveness of proprietary and contract executive protection personnel
June – July 2015 CPP Study SessionPersonnel Security (12%)
As of 01 Nov 2015Mr. Stephen P. Perkins, PMP, CPP16
• Task 05/01 Conduct facility survey to determine the current status of physical security – Knowledge of: Security protection equipment and personnel; Survey techniques; Building plans, drawings, and schematics;
Risk assessment techniques; Gap analysis NEW
• Task 05/02 Select, implement, and manage physical security strategies to mitigate security risks– Knowledge of: Fundamentals of security system design; Countermeasures; Budgetary projection development process; Bid
package development and evaluation process; Vendor qualification and selection process; Final acceptance and testing procedures; Project management techniques; Cost-benefit analysis techniques; and Labor-technology relationship NEW
• Task 05/03 Assess the effectiveness of security measures by testing and monitoring– Knowledge of: Protection personnel, technology and processes; Audit and testing techniques; and Preventive and
corrective maintenance for systems NEW
CPP Study Session ConceptPhysical Security (25%)
As of 01 Nov 2015Mr. Stephen P. Perkins, PMP, CPP17
• Task 06/01 Conduct surveys of information asset facilities, processes, systems, and services to evaluate current status of information security programs – Knowledge of: Elements of an information security program, including physical security, procedural security, information
systems security, employee awareness, and information destruction and recovery capabilities NEW; Survey techniques; Quantitative and qualitative risk assessments; Risk mitigation strategies (for example, technology, personnel, process, facility design) NEW; Cost-benefit analysis methods; Protection technology, equipment and procedures; Information security threats NEW; and Building and system plans, drawings, and schematics
• Task 06/02 Develop and implement policies and standards to ensure information is evaluated and protected against all forms of unauthorized/inadvertent access, use, disclosure, modification, destruction or denial – Knowledge of: Principles of management; Information security theory and terminology; Laws pertaining to protection
requirements for proprietary information and intellectual property; Information security industry standards (e.g., ISO, PII, PCI) NEW; Relevant laws and regulations regarding records management, retention, legal holds and destruction practices; Practices to protect proprietary information and intellectual property; Protection measures, equipment, and techniques; including information security processes, systems for physical access, data control, management, and information destruction
CPP Study Session ConceptInformation Security (09%)
As of 01 Nov 2015Mr. Stephen P. Perkins, PMP, CPP18
1 of 2
• Task 06/03 Develop and manage a program of integrated security controls and safeguards to ensure information asset protection including confidentiality, integrity, and availability – Knowledge of: Elements of information asset protection including confidentiality, integrity, and availability, authentication,
accountability, and audit ability of sensitive information and associated information technology resources, assets and investigations NEW; Information security theory and systems methodology; Multi-factor authentication techniques NEW; Threats and vulnerabilities assessment and mitigation; Ethical hacking and penetration testing techniques and practices NEW; Encryption and data masking techniques NEW; Systems integration techniques; Cost-benefit analysis methodology; Project management techniques; Budget development process; Vendor evaluation and selection process; Final acceptance and testing procedures, information systems, assessment, and security program documentation; Protection technology, investigations, and procedures; and Training and awareness methodologies and procedures
CPP Study Session ConceptInformation Security (09%)
As of 01 Nov 2015Mr. Stephen P. Perkins, PMP, CPP18
2 of 2
• Task 07/01 Assess and prioritize threats to mitigate potential consequences of incidents– Knowledge of: Threats by type, likelihood of occurrence, and consequences; “All hazards” approach to assessing threats
NEW; Cost-benefit analysis; Mitigation strategies; Risk management and business impact analysis methodology; Business Continuity standards (e.g., ISO 22301) NEW
• Task 07/02 Prepare and plan how the organization will respond to incidents– Knowledge of: Resource management techniques; Emergency planning techniques; Triage and damage assessment
techniques NEW; Communication techniques and notification protocols; Training and exercise techniques; Emergency operations center (EOC) concepts and design; and Primary roles and duties in an incident command structure
• Task 07/03 Respond to and manage an incident – Knowledge of: Resource management techniques; EOC management principles and practices; and Incident management
systems and protocols NEW
• Task 07/04 Recover from incidents by managing the recovery and resumption of operations – Knowledge of: Resource management techniques; Short and long-term recovery strategies; Recovery assistance resources;
and Mitigation opportunities in the recovery process
CPP Study Session ConceptCrisis Management
As of 28 May 2015Mr. Stephen P. Perkins, PMP, CPP19
• As you read the reference material, you may realize security is an art as well as a science.There may be multiple solutions for one situation. Remember as you study, the exam items are based on what most security professionals feel is the best solution for a given situation—not what you necessarily use in your practice. While the actual exam questions are difficult, there are no ambiguous answers to questions. Only one answer is correct.
• Do not spend your time solving issues that are ambiguous or have no right answer. Those situations are not likely to be tested. Your colleagues correctly answer the exam questions more than 50% of the time. The test developers remove questions that are not clear or are frequently answered incorrectly from the bank of questions.
• As you move through your studies, re-evaluate your progress.
- Start each study session with a review of the previous work.
- Did you improve your assessment score? Did you mitigate one threat to your success?
- Seek root statements. Identify those items that unconditionally express a key security principle.
o “Sometimes” or “usually” suggest conditions. Unless the conditions are identified, it would be difficult to write a question with one answer.
- Don’t memorize the facts, but apply the facts to a scene, so that you see it as security practice.
• The exam is testing your experience and your knowledge of practices as conducted by other security professionals. This exam is not simply book learning.
21
CPP Study Session ConceptHow Should You Think?
As of 01 Nov 2015Mr. Stephen P. Perkins, PMP, CPP
• Your Fellow CPP Study Candidates
• CPP Facilitators
• Chapter CPP Prep Chairman– Steve Perkins, 910-229-1329
• Chapter Chairman– Ricky Davis, 910-578-4102 (?)
22
CPP Study Session ConceptWho Should You Call for Help?
As of 15 Nov 2015Mr. Stephen P. Perkins, PMP, CPP
• Your CPP Facilitators- Steve Perkins, CPP … [email protected] … 910-229-1329
- Darryl DeCotis, CPP … [email protected] … 919-630-5753 cell
- Geary Chlebus, CPP … [email protected] … 910-670-2055 cell
- Al Kittredge, CPP … [email protected] … 910-624-3457 cell
- Dan Brand, CPP … [email protected] … 910-797-3778 cell
- John Wolf, CPP … [email protected] … office: (919) 407-4661;
cell: (910) 922-4392
- Dan Jutson, CISSP … [email protected] … 910-570-5268
- Barry Watkins, CPP … [email protected] …
23
CPP Study Session ConceptWho Should You Call for Help?
As of 15 Nov 2015Mr. Stephen P. Perkins, PMP, CPP
NOTE: Names are notional
Top Related