hcp logo pic_edited.jpg

7900 Callaghan Rd. Ste 201

San Antonio, TX 78229

(210)979-6863

HCP Consulting Services, L.P. (HCP) is a certified, small disadvantaged business with a twenty year history of

exceeding customer expectations through the disciplines of Program Management Office, Intelligence, National Security

and Defense Programs and Enterprise It Systems.

        Technical Security Services

The goal is to aid mid level physical security professional to become proficient in planning, designing, constructing, evaluating, accrediting, and maintaining the physical security level of an accredited Access Control Facility (ACF), Security Secure Area (SSA), Sensitive Compartmented Information Facility Construction (SCIF).  We will review your designs for compliance with ICD 705 Tech Specifications and identify items that are not in compliance; areas of concern where compliance is questionable or items we feel that would not meet the intent of the SCIFs mission.  This includes:  Site selection surveys, Design reviews, and Facility inspections and eventually pre and post testing of facilities as needed.

 

ACCESS CONTROL COMMAND SYSTEM (ACCS)

 

We have experience in the engineering, general construction with design, and manufacturing of Access Control Command Systems (ACCS), the only host-based security system that is a single source solution for ACP Control System applications.  HCP's ACCS is a state-of-the-art facility management and asset protection system.  Developed to address the need for an integrated and seamless solution our ACCS design combines access control, perimeter protection, CCTV /DVR, traffic control into a single user-friendly, stand alone or networkable system.

 

HCP's ACCS employs universal access control technology to automate the entry of personnel, vehicles, and visitors into a secure location.  The ACCS integrates multiple standards hardware and software components include:

  •           Gates

  •           Identification Sensors

  •           CCTV

  •           Over Speed Detection

  •           Wrong Way Detection

  •           Card Readers

  •           Detection Technologies Perimeter Intrusion Detection Systems

  •           Others

 

THREAT/RISK ASSESSMENTS

 

What are the most commonly mixed up security terms?  Threat, vulnerability, and risk.  While it might be unreasonable to expect those outside the security industry to understand the differences, more often then not, many in the industry use these terms incorrectly or interchangeably.  Perhaps definitions from Strategic Security Management can clarify the issue.

 

ASSETPeople, property, and information.  People may include employees and customers along with other invited persons , such as, contractors or guests.  Property assets consist of both tangible and intangible items that can be assigned a value.  Intangible assets include reputation and proprietary information.  Information may include databases, software code, critical company records, and many other intangible items.  An asset is what we're trying to protect.

 

THREATAnything that can exploit a vulnerability, intentionally or accidentally, and obtain, damage, or destroy an asset.  A threat is what we're trying to protect against.

 

VULNERABILITY Weaknesses or gaps in a security program that can be exploited by threats to gain unauthorized access to an asset.  A vulnerability is a weakness or gap in our protection efforts.

 

RISK- The potential for loss, damage or destruction of an asset as a result of a threat exploiting a vulnerability.  Risk is the intersection of assets, threats, and vulnerabilities.

 

Why is it important to understand the difference between these terms?  If you don't understand the difference, you will not understand the true risk to assets.  When conducting a risk assessment, the formula used to determine risk is...

 

A+T+V=R

 

That is,  Asset + Threat + Vulnerability= Risk.

 

Risk is a function of threats exploiting vulnerabilities to obtain, damage or destroy assets.  Thus, threats (actual, conceptual or inherent) may exist, but if there are no vulnerabilities then there is little/no risk.  Similarly, you can have vulnerability, but is you ha ve no threat, then you have little/no risk.

 

Accurately assessing threats and identifying vulnerabilities is critical to understanding the risk to assets.  Understanding the difference between threats vulnerabilities, and risk is the first step.