Development and interpretation of the security rating index

This paper documents the second phase of a three-phase research effort to develop and deploy best practices for project security on industrial construction projects. Specifically, it details the development and interpretation and initial validation of the security rating index, which provides a means of quantitatively assessing the level of implementation of security practices for a project. The security rating index must be used in the context of threat and consequence levels. The threat level quantifies the intention and capability of an adversary to undertake detrimental actions, whereas the consequence level quantifies potential impacts of a security breach over the facility life cycle. This approach allows comparisons to be made between projects with similar security considerations. The security rating index is the first tool to integrate and quantify risk, consequence, and security best practice implementation. It can also be used as a checklist to integrate the appropriate security measures in the early phases of project planning. Once sufficient data are available, the security rating index will provide a means by which companies can gauge the level of security integration of their own projects against similar projects within the industry.