Table of Contents
- Part One
- An In-Depth Discussion of Routine Activity Theory
- The Relationship between the Crime Triangle and Routine Activity Theory
- The Application of the Theory in a Private Security Industry
- Specific Steps that Security Professionals Can Take to Decrease the Risk Facing a Private Organization
- Part Two
- A Security Program for an Organization that Produces Data Software
- Risk Assessment
- Identification of Assets and Risks to Them
- Type of Threat and Methods of Attack
- Security Policies and Controls
- Related Management essays
Routine activity theory involves the events related to crime. The theory focuses on providing the explanations as to why individuals commit crimes. In other words, the theory finds the motivation behind committing a crime rather than explaining how criminal events unfold. Therefore, the theory explains the various ways of preventing crime. For the effective maintenance of private security, it is important to ensure that the nature of the crime is effectively understood in terms of the occurrence rate and the impact on the organization. Thus, private security and data security are critical elements for any organization and they could only be assured if the organization has a critical understanding of the routine activity theory and a reliable security program respectively.
An In-Depth Discussion of Routine Activity Theory
Routine activity theory is one of the sub fields of the theory of crime opportunity that puts the focus on the situations related to crimes. The theory holds that there is no great influence of social causes, including unemployment or poverty, on crime. According to Andresen and Farrell (2015), the theory puts forth a simple but, at the same time, powerful insight into the causes of the problems of crime. The theory holds the basic idea that offenders will generally prey upon the attractive targets when effective controls are absent. Therefore, for a crime to occur, a motivated offender must be found in the same place with the attractive target. As far property crimes are concerned, an object or rather a thing is the target of crime. On the other hand, Andresen and Farrell (2015) explain that the main target of personal crimes is a person. In addition, the presence of controllers can prevent the occurrence of a crime. However, this is not guaranteed, as the controllers might be present but they might not have power to prevent the crime. The theory also holds that the opportunities of crime are not spread equally in society. In addition, the theory provides that the crime opportunities are not infinite as the number of the available targets, and the ones that can be termed by offenders as attractive ones are limited.
The Relationship between the Crime Triangle and Routine Activity Theory
The theory is related to the crime triangle that involves three basic things, mainly the desire, the ability, and the opportunity. The crime triangle provides that all the above-mentioned elements are important for a crime to take place. Cullen and Wilcox (2015) assert that this is provided with the fact that a motivated offender must identify a suitable target at the given opportunity of time and place. Hence, routine activity theory is related to the crime triangle as it also mentions three basic elements of crime that are essentially the same as the basic elements in regards to the crime triangle. The first element is an offender who has the desire to commit the crime. The second element is the availability of a target of crime or rather a crime opportunity, whereas the third element is the absence of a guardian who has the ability of preventing the occurrence of the crime. Therefore, if any of the three mentioned elements is absent, a crime will be prevented from occurring.
The Application of the Theory in a Private Security Industry
Routine activity theory can be applied in a private security industry for crime prevention. For a private security industry to be able to prevent the occurrence of crimes, it should have an understanding of how crime occurs. Abrahamsen and Leander (2015) explain that the private security industry will apply routine activity theory to understand that crime is caused by the interaction of three basic elements mentioned above. Thus, crime occurs when all the three elements are at the same place and time. However, each of these basic elements of crime has controllers, handlers, or managers. Controllers are in a position to exercise control over the necessary conditions. Handlers are the individuals that offenders are emotionally attached to, for instance, parents. Managers are the owners of organizations or places. According to Abrahamsen and Leander (2015), a private security industry will apply the theory in preventing crime by the managers organizing the physical environment as well as the social processes with a view of preventing crime. In addition, the private security industry can apply routine activity theory by mobilizing the controllers in addition to making them more efficient and effective.
Specific Steps that Security Professionals Can Take to Decrease the Risk Facing a Private Organization
There are various specific steps that security professional can take to decrease the risk facing a private organization. The first step is the identification as well as the selection of targets of crime in the private organization. The second step would be the identification of weapons that can protect the targets. The third step is the delivery of weapons to the environment of the initially identified targets. Lastly, there should be the installation of security protocols that survey the environment of the targets.
A Security Program for an Organization that Produces Data Software
For an organization that produces data software, the security of the data is very crucial because there is great insecurity in the environment of computing. Therefore, a security program that is concerned with information security should be put in place. According to Stair and Reynolds (2015), a security program that ensures information security should be able to perform various functions such as risk assessment, identification of assets and risks to them, the identification of the types of threats and methods of attack as well as the implementation of security policies and controls.
The most crucial purpose of a security program is risk management. Therefore, as far as risk assessment is concerned, a security program should identify, quantify, and mitigate the risks to both computers and data. The first step in risk assessment is the identification of assets. The next step involves the assigning of values to the assets. Then, the assessment of specific risks and threats associated with specific assets follows (Stair & Reynolds, 2015). The next step involves estimating potential loss that comes from the assessed risks and threats. Another step of risk assessment involves the estimation of the frequency rate, at which the risks and threats are prone to occurring. In addition, as part of risk assessment, the program is able to calculate the risks ccost apart from recommending countermeasures or rather alternative remedial activities.
Identification of Assets and Risks to Them
The identification of assets and risks to the software in the organization involves the identification of the information and data that is both processed and stored in the organizational computers. Every asset has its own value. Therefore, Calder and Watkins (2012) reveal that a risk analysis should be performed on the assets. Consequently, risk analysis involves two methods - the quantitative method and the qualitative method. The quantitative method involves the assigning of the financial value to the assets, while the qualitative method involves the ranking of security threats and measures that are relative to the system under analysis by the use of a system of classification or a system of scoring.
Type of Threat and Methods of Attack
After the identification of assets in the organization, the security program analyses the types of threat and the methods of attack. Therefore, a threat can be defined as any activity of action that can bring harm to the identified assets. The types of threats and the methods of attack include human errors, poor procedures, hackers, and terrorists. These types of threats and methods of attacks are then cross-referenced with a view of developing the complete picture of the security environment.
Security Policies and Controls
After the identification of the types of threats and the methods of attack, the security program initiates security policies and controls. Stair and Reynolds (2015) are of the view that security policies and controls provide a description of the security goals. These security policies and controls include a password policy. For instance, the password policy should identify the appropriate time and instances when the passwords should be applicable. Additionally, a firewall can be implemented as a security policy and control as it is an essential part of a security program (Calder & Watkins, 2012). A firewall will be able to prevent an unauthorized traffic from coming in and going out a network. Another security policy and control to be implemented by the security program is the installation of antivirus programs. Antivirus programs monitor and detect any changes in files in the environment of computing. They are able to clean the infected files or provide quarantine in the cases whereby the process of cleaning is not possible.
In conclusion, the routine activity theory revolves around three basic elements of crime - a motivated offender, the target and the opportunity or place. The theory is directly related to the crime cycle, and it can be applied in a private security industry in the prevention of crime. Apart from this, the computing environment is prone of experiencing great insecurities. However, for a computing environment, such as an organization that produces data software, a security program that ensures the security of the data should be designed. Therefore, it is necessary that a designed security program should be able to perform risk assessment, the identification of assets and risks to them, the identification of the types of threats and methods of attack, and the implementation of security policies and controls.
Related Management essays
- Actions to Improve Security of Intermodal Transportation
- Project Procurement, Outsourcing, Closure, and Evaluation
- Training and Development
- Planned Change in a Unit
- Questions and Answers
- Leadership Styles
- The Evaluation of International Standards
- Hunzicker Brothers Corporation's Hiring Process
- Managing Marketing Channels: Zara
- The Tenet Healthcare Corporation