This case involves an international pharmaceutical company called Southard Pharmaceuticals, Inc. (SPI). SPI researches, makes and markets both over-the-counter drugs as well as prescription only produ

INSTRUCTIONS FOR USE OF THE SECR 6000 ASSESSMENT TOOL:

1. This Assessment Tool is an essential step in the Accreditation Process and is designed to be utilized at any point during the course.

Part 1 is a multiple choice and short answer test that is designed to test student knowledge of the mandatory topics listed in the Faculty Course Guidelines, which can be found in the SBT Faculty Course Information site of the Connections portal.

1. Part 2 is a case followed by several case questions.

1. Students are expected to complete the entire assessment tool. Scores on the assessment tool are built into your grading system so that the students are motivated to take the assessment seriously.

1. Once you have completed the entire assessment tool, post it in Mail as an attachment. For students to receive credit (up to 5 points), completed inputs must be submitted no later than the last day of class.

PART 1

Multiple Choice Test

Please place your answers on the separate answer sheet.

1. States typically have different types of courts within their state with jurisdictional distinctions based upon;

   1. Dollar thresholds

   2. Diversity

   3. Law vs. equity

   4. a & b

   5. a & c

1. Differences between the criminal legal system and the civil legal system include;

   1. The number of jurors required;

   2. Criminal trials are allowed to be as long as needed for due process reasons;

   3. There is a higher burden of proof for the government in a criminal case than the plaintiff in a state case.

   4. All of the above.

1. Respondeat Superior in the context of the concept of agency means;

   1. The master can be liable for the acts of its agents;

   2. An agent can be liable for the acts of its master;

   3. Filing a superior response in court can negate agency;

   4. None of the above.

1. Constitutional concepts including protections afforded by the bill of rights;

   1. Can never under any circumstance be applied to persons or entities engaged in private security;

   2. Can be applied in some limited fashion depending upon the jurisdiction;

   3. Can be applied if the actor undertakes an act that is typically reserved only for government employees;

   4. Can only be applied in federal courts.

1. A tort is a civil wrong for which there is a money damage remedy. Common torts (causes of action) seen in the context of private security include;

   1. Negligence

   2. Defamation

   3. Malicious Prosecution

   4. All of the above

   5. None of the above

1. Before an employer can be liable for the acts of its employee;

   1. The employer must be found negligent for failure to train the employee;

   2. The employee must be in the course and scope of her employment at the time of the act that gave rise to the cause of action;

   3. The employer must be found negligent for failure to hire the employee;

   4. The employee must have failed to follow the company policy.

1. Training and monitoring compliance of private security policy is critical because;

   1. In most states, it is required by law;

   2. It will diminish the likelihood that an employee will act outside the policy and diminish the likelihood of suit if the policies are good;

   3. It will diminish the likelihood that an employer will be sued for independent negligence.

   4. All of the above

   5. b & c

1. Kenny Convict has applied for a job in private security for your company. On his application, he fails to answer the section which seeks information regarding convictions. Later, after being sued by Vicki Victim for negligently hiring Kenny, you learn Kenny has a felony conviction for assault and was ordered to anger management training by the court. In hindsight, the best practice would have been:

   1. Not to hire Kenny because he failed to complete his application;

   2. Refused to hire Kenny after you had run a criminal background check on him and discovered his previous conviction;

   3. Fire Kenny because he lied on his application;

   4. All of the above

1. Your company owns a chain of convenience stores. One of your guards witnesses a car jacking. The stolen vehicle contains a 3 year old child riding in a car seat in the back. Having had similar experiences at other locations, you provide the following instruction and training to your employee.

   1. Use lethal force to protect the child;

   2. Use only that force which is reasonable under the circumstances;

   3. Call law enforcement immediately and allow them to handle the situations;

   4. All of the above

   5. a & c

   6. b & c

1. Bull Dog security employees Billy who works at the local mall. He conducts a search of Jane’s person looking for stolen merchandise. In determining whether Bull Dog can be held liable, which of the following should be most important to you?

   1. Whether Bull Dog had a policy prohibiting searching customers or at least searching customers of the opposite sex;

   2. Whether Bull Dog trained Kenny on its policies;

   3. The reason Billy searched Jane; probable cause or reasonable suspicion?

   4. Whether the State has a Merchant’s statute which might allow some privilege for the search.

1. Elements to consider in organizing and staffing a security department include:

   1. Personnel qualifications

   2. Budget

   3. Security operations requirements

   4. All the above

1. Two examples of Management experts whose concepts include a focus on quality improvement and/or customer service are

   1. Deming and Peters

   2. Harari an Franklin

   3. Peters and Likert

   4. McGregor and Deming

13. Application of management principles flow from

1. Strategic planning process

2. Vulnerability assessment

3. Six Sigma

4. None of the above

1. Dalton provides in his BOSM textbook

   1. Important terminology

   2. Facts

   3. Concepts

   4. Principles and theories

   5. All the above

1. A tool to identify and analyze tactical security situations could include

1. 1. Prescreening

   2. Mazlow’s hierarchy of needs

   3. CPP exam

   4. Vulnerability assessment

1. An example of a method of assessing the risk level of a facility, city, etc., would be

   1. Jones Lang LaSalle

   2. Bomb threat checklist

   3. Homeland Security color code

   4. Russet’s table of unusual criminal activity

1. Theory-based criteria and standards of performance presented in this course afford the student an opportunity to assess the effectiveness of their solutions

   1. When presented in outline form

   2. When that criteria and standards are quantitatively or qualitatively measured

   3. When all values are equal

   4. Only after a survey of all security personnel is completed

1. At the end of the course the student will be able to utilize themselves as scholar-practitioners capable of creatively synthesizing intellectual understanding of security models with methodological competencies and experience-based perceptual skills and judgment because

   1. Students have security management experience and/or access to those who do

   2. The text provides security management concepts/theories

   3. The Research Paper provides a forum for developing such abilities

   4. The Final Exam thoroughly examines the student’s understanding of these areas

   5. All the above

19. In Asset Protection the process of risks management / risks analysis will cause review and assessment of:

a. Costs analysis, personnel retention and strategic planning.

b. Quantification of relative source data.

c. Hazards, types, sources, countermeasures and probability of critical loss potential.

d. Theories of accepted industry procedures.

20. The analysis process yields:

a. Critical loss potential and as a by-product of the relevant data information to be used in the cost-benefit analysis is gained.

b. Data that produces the best integrated program.

c. Relevant information for resource allocation is gained.

d. Capable programs in Asset protection.

21. Countermeasures in Risks Management become clearer as:

a. Survey data links survey problems with solutions.

b. Analysis helps define probability and potential costs.

c. Accepted methodologies are used.

d. Quantified data is made available.

22. Collection of information for the capstone course can be obtained through:

a. Historical company records.

b. Industry loss figures

c. Primary and secondary research along with review of loss history.

d. Survey apparatus.

23. Practical exercises utilizing accepted industry processes will:

a. Add to a students knowledge of Asset Protection.

b. Add realism to class assignments.

c. Develops the students perceptual skills and judgment in approaching security task’s.

d. Add understanding and realism.

24. The basic premise of the concept of emergency management as a discipline, which would apply to each level of government and local communities, is:

a. Fear reduction and proper planning

b. Risk and Risk Avoidance

c. Gaining community support and obtaining compliance

d. Developing succession planning tools and budgetary resources

25.  The cornerstone of emergency planning is:

a. Planning

b. Restitution

c. Mitigation

d. Budgeting

26.  There are two critical components to risk management that include determining the acceptable level of risk and

a. Identify risk-reduction opportunities

b. Avoidance techniques for any risks

c. A “zero-tolerance” approach to any risks

d. An annual review plan to mitigate risks

27. Which is not one of the four major components of the Preparedness Planning Cycle?

a. Evaluation

b. Assessment

c. Planning

e. Mitigation

28. Organizations need this focus-driven preparedness theme to ensure the survival of the organization.

a. Business Revitalization Plan (BRP)

b. Business Continuity Plan (BCP)

c. Corporate Continuity Process (CCP)

d. Financial Recovery Plans (FRP)

29. This process is based on the effects of a single or multiple hazards are on an infrastructure (roads, pipelines, etc.) and measures 14 variables.

a. Damage Assessment Plan (DAP)

b. Composite Exposure Indicator (CEI)

c. Emergency Recovery Plan (ERP)

d. Disaster Recovery Matrix (DRM)

30. Two of the most important tools for mitigation are

a. Hazard Identification and Mapping

b. Risk Review and Cost Analysis

c. Political and community involvement

d. Media Relations and MOU’s. (Memorandums of Understanding)

31.  What is it that must be established as part of the nation’s homeland security efforts, but as of yet, has not occurred?

a. A partnership between government and business

b. A mandated business preparedness plan

c. Funding for private corporations to establish survival kits for employees

d. Training funding through increased taxation

32.  Which of the following methods would not be a viable means of measuring an organizations ability to validate its emergency readiness levels?

a. Full-Scale Exercises

b. Partial-Scale Exercises

c. Self-assessment surveys

d. Functional Exercises

e. Tabletop Exercises

33.  The four key lessons that have been learned from the recent past, include all but one of the following. Which is not one of those lessons?

a. Maintain an all-hazards approach to emergency management

b. Create and maintain comprehensive plans for every conceivable type of emergency and a detailed response for each

c. The framework of the federal response infrastructure, based on the Federal Response Plan, does work, despite challenges and criticisms

d. Mitigation is the focus of emergency management in the U.S.

34. What is the most common concept for achieving security of an Information System using the CIA method?

a. Confidentiality, Integrity, Availability.

b. Confidentiality, Interests, Authentication

c. Cost, Interest, Annual investment

d. Confidentiality, Interactions, Authority

35. Granting access to networks and systems is controlled through the policy by:

a. Authentication, authorization, and permission.

b. Factors of authentication only

c. Encryption and controls

d. System Administrators

36. The best strategy for protection of the network and devices is through which strategy?

a. Defense in depth

b. Deploying a firewall

c. Using audit trails

d. None of the above

37. The Manager is responsible to:

a. Provide a top level statement for the security policy

b. Abide by the policy

c. Enforce the policy

d. All of the above

38. Encryption now is a standard feature in :

a. Operating systems and file systems

b. Networking connectivity such as VPN.

c. Both a and b

d Neither a nor b

39. A technical control would be:

a. Configuring a firewall

b. Writing a policy

c. Conducting training with users

d. None of the above.

40. An example of a management control would be.

a. Data classification and controls

b. User training

c. Firewall settings

d. All of the above.

41. The best policy is the policy that is:

a. Well understood and followed

b. Exquisitely written and formatted

c. Reviewed every couple of years

d. None of the above

42. Planning to develop a security policy starts with:

a. Risk assessment

b. Incident

c. Notification of impending inspection.

d. When assigned as part of your job description.

43. We can learn how to best develop better security through the use of :

a. Models

b. Employing more hardware devices for protection.

c. The waterfall model

d. System development life cycle

44. Plans to continue to operate if computer systems are compromised is known as:

a. Disaster planning

b. CISSP

c. A cold site

d. None of the above.

45. What can be said to be true for punishment of computer crimes:

1. Too harsh on juveniles.

2. No standardization across the nation in laws or punishments

3. Too lenient on white hat ethical hacking.

4. All of the above.

1. Criminal behavior is best defined as:

a. Antisocial behavior

1. 1. Deviant behavior

   2. An intentional act in violation of a criminal code

   3. Behavior in violation of the rights of others

47. The major schools of criminological theory can be divided into the:

1. Classical and Psychological

2. Positive and Biological

3. Neo-Classical and Sociological

4. Classical and Positive

48. A psychopath would most likely explain their criminal behavior by saying:

1. “I did it because everyone else was doing it”

2. “I did it for the hell of it”

3. “I did it because it is what I do best”

4. “I did it for the money”

49. According to Ronald Akers’ differential association-reinforcement theory, criminal behavior develops primarily as the result of:

1. Modeling

2. Heightened expectancies

3. Social reinforcements given by significant others

4. Classical conditioning

50. When aggressive behavior by a precipitator is followed by a stronger aggressive behavior by the victim, this process is called:

1. 1. Frustration-aggression

   2. Dehumanization

   3. Deindividuation

   4. Escalation

51. The treatment approach that has the most promise for reducing violence individuals is:

1. To improve their self-regulatory systems

2. Psychoanalysis

3. To educate them about the causes and consequences of violence

4. To teach them relaxation techniques

ANSWER SHEET FOR PART 1

1. d 11.d 19.d 24.d 34.b 46.d

2.c 12.a 20.b 25.c 35.a 47.d

3.a 13.c 21.a 26.a 36.b 48.b

4.b 14.d 22.c 27.a 37.d 49.c

5.b 15.d 23.c 28.c 38.a 50.d

6.b 16.b 29.a 39.a 51.b

7.d 17.d 30.a 40.d

8.a 18.e 31.b 41.a

9.f 32.d 42.a

10.d 33.c 43.c

44d

45.b

PART 2 - CASE

This case involves an international pharmaceutical company called Southard Pharmaceuticals, Inc. (SPI). SPI researches, makes and markets both over-the-counter drugs as well as prescription only products. SPI is a Delaware corporation and is a publicly traded firm with headquarters in a stand-alone building on the outskirts of Atlanta, Georgia. Due to favorable tax laws, production of the firm’s many different drugs takes place within an industrial park in San Juan, Puerto Rico. All research and development activities for SPI are carried out by a wholly owned subsidiary, Southard Research, based in Geneva, Switzerland. While the company is publicly traded, a major share holder and member of the board of directors is a citizen of Saudi Arabia.

The general flow of products for the company starts with research and development being done in Geneva, with clinical trials being conducted in Europe, North and South America, Asia and Africa. It is also on these five continents along with Australia and Central America that SPI distributes its pharmaceuticals. Once a drug is approved for distribution, production is started in San Juan. The drug is then shipped to one of six regional distribution centers located in Geneva (Switzerland), Atlanta (USA), Mexico City (Mexico), San Palo (Brazil), Sidney (Australia) and Tokyo (Japan). It is from these five distribution centers that the pharmaceuticals are shipped to various hospitals, pharmacies, clinics, retail outlets, etc.

SPI promotes its products through medical journal advertising, direct mailing and a field force of Pharmaceutical Sales Representatives. These sales reps call directly on the doctors that prescribe SPI’s products, as well as retail store chains that sell the over-the-counter medicines. All of the promotional activities are directed out of the Atlanta, GA headquarters.

Additional information:

The company is headquartered in Atlanta, Georgia, but is actually a Delaware Corporation.

The President and C.E.O.’s name is D. C. Southard.

The company uses Employee Advisory Councils in each of its locations to provide management additional viewpoints regarding issues that face the company.

Big Dog Security Service (BDGS) is an outside contractor that provides security at the Atlanta location.

Your assignment: The management of SPI has asked you to look over six different areas of concern regarding security within their organization. After you study each of the situations, you are to prepare a security report directed to the management of the company, outlining each of the six situations, including the issues involved, and one or more methods that could be used to address the situation as well as your recommendation for action.

Your final report will be composed of eight parts or identified chapters. They will be:

An introduction (No more than 300 words)

Six scenario reports

Your conclusion (No more than 300 words)

NOTE: Each of the six scenario reports is to contain the following:

No more than a two paragraph explanation of the situation

A list of the issues involved in each scenario—can use bullet points

The facts that support each issue

One or more methods to address each issue

Identify your recommendation based upon the information available in the case and the scenario.

ONE FINAL NOTE:

Each of the scenarios given stands alone. They may give contradictory information regarding the situation. DO NOT take information from one scenario and use it in another. Use only information from the core case and the scenario to complete each scenario report .

Example: Scenario Business Assets Protection and Scenario Information Systems Security contradict each other regarding the location of the apparent inventory shrinkage.

Legal and Ethical Issues in Security

Hanz Schroeder is a field pharmaceutical sales representative for the company. Hanz is a superb salesperson and during his seven year employment with SPI, no one has had more sales. Last year, he took home over a million dollars. Because of his results, the company has held him out as a model to be emulated by the entire sales force.

You are in the office of a junior attorney with the company’s general counsel. The junior attorney’s boss has just handed the attorney 50 page lawsuit filed in the Circuit Court of Buzzard County South Carolina. Buzzard County has a national reputation for picking clean the bones of corporations sued there. The lawsuit alleges that Schroeder sold one of the company’s drugs to a group of doctors representing that the drug (RU-9355) was approved for cancer treatment for patients suffering from liver cancer. As a result of the prescription, it is alleged in the suit that one of the physicians in the clinic, Dr. Careless, gave samples of the drug to Mr. Ima Sick who later died. Mrs. Sick is now suing for wrongful death.

RU-9355 is an approved drug. It isn’t yet FDA approved for treatment of liver cancer although it is in clinical trials.

Although SPI is a Delaware Corporation, its national headquarters is in Atlanta.

The junior attorney has asked you to help analyze the following issues: What is the appropriate jurisdiction for the lawsuit against the company? Identify and analyze the potential legal issues given this fact pattern and state any factual assumptions you feel you must make to justify your response. Discuss the legal relationship between Schroeder and the company and whether the company might be liable for Schroeder’s acts (assuming the allegations are true) or whether you feel the company could distance itself from Schroeder and avoid liability. Finally, assuming the company cannot distance itself from Schroeder; discuss your thoughts on how the company avoids liability.

Security Administration and Management

The corporate director of security has determined there is a need to install various monitors and sensors to reduce the shrinkage problem recently identified at the shipping dock in San Juan. However, the CFO has strongly challenged the increased cost associated with this security approach.

Consider alternative approaches to the problem, costs associated with appropriate solutions, and methodology for getting the necessary board approval for your approach. This should include a metrics-based justification for the expenditures.

Business Assets Protection

The company is experiencing an increase of “Inventory Shrinkage” from the San Juan plant. There are no shortages observed by other company distribution centers. All of the losses are prescription pharmaceuticals.

You are to identify investigative strategies and methods of addressing the issue. Make your recommendations in countering the loss. Costs factors may be considered including man hours etc.

Emergency Planning

Southard Pharmaceuticals, Inc. has recently occupied their present headquarters building in Atlanta. Previously, they occupied rental and leased facilities in different smaller buildings in the greater Atlanta area. Now that they are in the facility as both owner and occupant, the CEO has directed that a single comprehensive emergency management plan be developed to ensure the safety of the workforce and the facilities and demonstrate that SPI is an interested community partner.

Your project is to formulate the plan outline and present it to the CEO for approval. The plan should have an identifiable creation and approval process, development timeline, logical methodology, and display a comprehensive understanding of the emergency planning process consisting of the four phases of mitigation, preparation, response and recovery.

Once you have created the plan outline, you must create at least one functional annex. Example one: A functional annex describing the emergency planning for an emergency evacuation of the building. Example two: A functional annex describing the emergency planning to preserve the information in the companies computer systems.

Information Systems Security

The company has noticed a steadily increasing “Inventory Shrinkage” from the time their products leave the shipping dock in San Juan until the products arrive at the various distribution centers. There appears to be shrinkage no matter to which distribution center the products are shipped. The products disappearing are all prescription pharmaceuticals. This problem was identified purely by accident. A shipping clerk noticed that the shipping invoice did not match the data in the database.

The main database is located in Atlanta Georgia. This could also account for unexplained revenue losses across the board in the organization. The quantity is somehow changed from the original shipping document to reflect the lesser quantity that arrives in other ports days or weeks later. It is not known how long this has been going on.

The quantity is automatically transmitted from the shipping database to the corporate database via a secure link weekly. No user involvement is required the query into the shipping database is performed by a program provided by the Corporate Office.

You have been asked to identify the possible issues, one or more possible methods of addressing the issues identified, and finally your recommendation.

Behavioral Issues

Within the past two years the company has noticed a 10% increase per year in workplace violence at the production facility in San Juan, Puerto Rico. The majority of the violence, over 60 percent, involves employee on employee violence while the remaining violence involves physical assaults on female employees by ex-boyfriends and husbands. Over 80% of the assaults involve the use of a firearm. Approximately 50% of the assaults occurred within the facility, while the remaining assaults occurred in the parking lots (30%) and entrances (20%) to the facility. Last year an employee killed his supervisor after he felt he was unfairly terminated.

Senior management at the San Juan production facility is naturally concerned with the continued increase in workplace violence at the facility. You have been asked to: a) identify the possible issues and actions necessary to develop a workplace violence prevention plan; b) develop one or more possible strategies of addressing the workplace violence incidents identified; and finally, c) provide your recommendation for a workplace violence prevention plan.

2 3 4 5

NOTE: Transfer these scores to the Program Outcomes 2, 3, 4, and 5 on SECR 6000 Scoring Rubric A

SECR 6000 Scoring Rubric A

PROGRAM OUTCOME #1:

Graduates will know and understand the important terminology, facts, concepts, principles, and theories used in the field of Business and Organizational Security Management. These will consist of the mandatory topics taught in the pre-requisite, advanced core courses, and integrative capstone course.

PROGRAM OUTCOME #2: Graduates will be able to apply the important terminology, facts, concepts, principles and theories in the field of Business and Organizational Security Management to analyze simple to moderately complex factual security situations.

PROGRAM OUTCOME #3: Graduates will be able to creatively construct and implement moderately complex Business and Organizational Security Management solutions to real organizational problems using frameworks procedures, and methods derived from the individual security disciplines of Legal and Ethical Issues in Security Management, Security Administration and Management, Business Assets Protection, Emergency Planning, Information Systems Security, and Behavioral Issues in Security Management.

PROGRAM OUTCOME #4: Graduates will be able to assess the effectiveness of their solutions by quantitatively or qualitatively measuring their results against theory-based criteria and standards of performance.

PROGRAM OUTCOME #5: Graduates will be able to utilize themselves as scholar-practitioners, capable of creatively synthesizing intellectual understanding of security models with methodological competencies and experience-based perceptual skills and judgment.

ASSESSMENT DATA FOR A SINGLE STUDENT

PROGRAM OUTCOME #1 (Exam Results):

Graduates will know and understand the important terminology, facts, concepts, principles, and theories used in the field of Business and Organizational Security Management. These will consist of the mandatory topics taught in the pre-requisite, advanced core courses, and integrative capstone course.

PROGRAM OUTCOME #2 (Case Study Results): Graduates will be able to apply the important terminology, facts, concepts, principles and theories in the field of Business and Organizational Security Management to analyze simple to moderately complex factual security situations.

PROGRAM OUTCOME #3 (Case Study Results): Graduates will be able to creatively construct and implement moderately complex Business and Organizational Security Management solutions to real organizational problems using frameworks procedures, and methods derived from the individual security disciplines of Legal and Ethical Issues in Security Management, Security Administration and Management, Business Assets Protection, Emergency Planning, Information Systems Security, and Behavioral Issues in Security Management.

PROGRAM OUTCOME #4 (Case Study Results): Graduates will be able to assess the effectiveness of their solutions by quantitatively or qualitatively measuring their results against theory-based criteria and standards of performance.

PROGRAM OUTCOME #5 (Case Study Results): Graduates will be able to utilize themselves as scholar-practitioners, capable of creatively synthesizing intellectual understanding of security models with methodological competencies and experience-based perceptual skills and judgment.

AGGREGATED DATA FOR A GROUP OF 20 STUDENTS

PROGRAM OUTCOME #1 (Exam Results):

Graduates will know and understand the important terminology, facts, concepts, principles, and theories used in the field of Business and Organizational Security Management. These will consist of the mandatory topics taught in the pre-requisite, advanced core courses, and integrative capstone course.

PROGRAM OUTCOME #2 (Case Study Results): Graduates will be able to apply the important terminology, facts, concepts, principles and theories in the field of Business and Organizational Security Management to analyze simple to moderately complex factual security situations.

PROGRAM OUTCOME #3 (Case Study Results): Graduates will be able to creatively construct and implement moderately complex Business and Organizational Security Management solutions to real organizational problems using frameworks procedures, and methods derived from the individual security disciplines of Legal and Ethical Issues in Security Management, Security Administration and Management, Business Assets Protection, Emergency Planning, Information Systems Security, and Behavioral Issues in Security Management.

PROGRAM OUTCOME #4 (Case Study Results): Graduates will be able to assess the effectiveness of their solutions by quantitatively or qualitatively measuring their results against theory-based criteria and standards of performance.

PROGRAM OUTCOME #5 (Case Study Results): Graduates will be able to utilize themselves as scholar-practitioners, capable of creatively synthesizing intellectual understanding of security models with methodological competencies and experience-based perceptual skills and judgment.

ALPHANUMERIC SUMMARY OF AGGREGATED DATA FOR A GROUP OF 20 STUDENTS

PROGRAM OUTCOME #1 (Exam Results):

Graduates will know and understand the important terminology, facts, concepts, principles, and theories used in the field of Business and Organizational Security Management. These will consist of the mandatory topics taught in the pre-requisite, advanced core courses, and integrative capstone course.

PROGRAM OUTCOME #2 (Case Study Results): Graduates will be able to apply the important terminology, facts, concepts, principles and theories in the field of Business and Organizational Security Management to analyze simple to moderately complex factual security situations.

PROGRAM OUTCOME #3 (Case Study Results): Graduates will be able to creatively construct and implement moderately complex Business and Organizational Security Management solutions to real organizational problems using frameworks procedures, and methods derived from the individual security disciplines of Legal and Ethical Issues in Security Management, Security Administration and Management, Business Assets Protection, Emergency Planning, Information Systems Security, and Behavioral Issues in Security Management.

PROGRAM OUTCOME #4 (Case Study Results): Graduates will be able to assess the effectiveness of their solutions by quantitatively or qualitatively measuring their results against theory-based criteria and standards of performance.

PROGRAM OUTCOME #5 (Case Study Results): Graduates will be able to utilize themselves as scholar-practitioners, capable of creatively synthesizing intellectual understanding of security models with methodological competencies and experience-based perceptual skills and judgment.

Page 27 of 27