ASIS-PSP Exam Dumps - Physical Security Professional (PSP) Exam

A Business Impact Analysis (BIA) is a core component of business continuity planning. Its primary outcome is the identification of critical business functions and processes—those that are essential to the organization’s survival and need to be restored first after a disruption. This lays the groundwork for selecting appropriate recovery strategies and prioritizing resources.

A (Recovery strategies) are developed after identifying critical functions.

B (Mitigation alternatives) are part of risk treatment but not the direct result of BIA.

D (Replacement agreements) may be used later in continuity planning.

Post-implementation evaluation testing should be performed at least annually to assess whether the security system continues to meet operational requirements. It also ensures that performance standards are upheld, and helps identify any necessary updates or improvements.

A, B, and C are more frequent than typical industry best practice unless special conditions apply.

Contingency planning traditionally focuses on:

Infrastructure (A)

People (B)

Processes (C)

While reputation is a concern in broader risk management and public relations, it is not considered a direct category of contingency planning programs, which deal more with operational continuity than brand management.

Self-defense is a legal doctrine that allows a person to use reasonable force to protect themselves from harm. The force used must be proportionate to the threat faced—equal to but not exceeding the level of force used against them.

Security (A) and Protection (B) are broader terms.

Precautions (D) are preventive measures, not reactive force.

A Physical Security Personnel metric measures the performance or responsiveness of individuals or teams responsible for maintaining physical security systems. " Integrator response to a service request " measures how quickly and effectively a technician or support provider addresses security system issues—making it a valid personnel performance metric.

A and C relate to threat detection or monitoring, not personnel metrics.

B is a system-level metric, not specific to personnel.

In security and risk management, criticality refers to the importance or impact of a loss, typically measured in monetary terms. It helps determine how severely the loss of an asset, process, or system could affect operations, productivity, or safety. Understanding criticality allows security professionals to prioritize protection efforts based on potential financial and operational consequences.

References from PSP: Risk Assessment Terminology – ASIS POA; PSP Study Guide – Asset Valuation and Risk Impact

Insurance should be viewed as a complementary component of a security program, not a replacement. It provides financial recovery after a loss has occurred but does not prevent the loss itself. Security operations—including physical barriers, surveillance, policies, and personnel—serve as the primary defense against threats. Insurance mitigates the financial impact only after an incident.

Intrusion sensor performance is commonly evaluated using three key criteria: probability of detection, nuisance alarm rate, and vulnerability to defeat. Probability of detection measures how effectively the sensor identifies actual intrusions. Nuisance alarm rate refers to the frequency of false or unnecessary alarms, which can reduce trust in the system and lead to complacency among personnel. Vulnerability to defeat assesses how easily the sensor can be bypassed or compromised by an intruder. From a Human Resource and organizational management perspective, these factors are critical because they directly influence employee response, security awareness, and overall workplace safety. High false alarm rates may lead to reduced attentiveness among staff, while poor detection capability or high vulnerability can expose the organization to risks. Therefore, option D correctly represents the standard performance criteria.