AS STRONG AS ITS WEAKEST LINK
Developing Strategies for a Security Program
|
4. Developing a Plan for Collections Security • The Library of Congress Experience
Steven J. Herman
The Library of Congress has developed a
comprehensive, integrated collections security program to protect its
"heritage assets" (the term we have given to the Library's permanent
collections). Keys to success in building this program consisted of:
first, recognizing the challenges facing us; next, obtaining management
and staff support; and, finally, ensuring a collaborative effort between
security and library professionals. Neither library managers nor
security professionals, operating alone, could have produced the
high-quality program that we developed in this collaborative
environment. The result is a program that not only has widespread
buy-in but also has a readily understandable implementation
phasebecause staff members are on board and understand the
concepts, terminology, and need.
As we began developing a collections security plan
for the Library of Congress, we realized that the program would be
successful only if we first made a realistic assessment of the existing
situation. In so doing, we found challenges that we needed to recognize
and address. I believe there were four main issues:
(1) "It's not my job." Although not always apparent,
the Library's culture betrayed an attitude of "we versus they" between
the Library's staff and managers and the Library's security
professionals. Although not antagonistic, this attitude often took the
form of staff members' feeling that they should not be asked to assume
the responsibility for collections security but, rather, that this was
the job of the security professionals. Staff members felt that they
themselves had been hired and trained to help researchers and build
collections, not to enforce security regulations and act as police.
(2) "All this money and not one book." At the same
time that everyone agreed that security was necessary. Library staff
members often resented the amount of money spent on security, believing
that it took away funds from such core Library activities as reference
and collections development. It was not unusual to hear a staff member
say that we are spending a lot of money on security, but all that money
does not buy us one manuscript or one book.
(3) "Security is locks and cages." Traditionally.
when we had talked about collections security, people immediately focused
on physical securitythat is, lock-and-key control,
surveillance cameras, intrusion detection, cages, and vaults. We believed
that effective collections security, however, required a much
broader-based program than simply physical security, and that if we
defined the program more broadly, we also would attain increased
interest and buy-in from Library staff.
(4) "Don't you trust us?" We believed that an
effective security program should address all possible threats. For
collections security, this involved changing procedures for access to
the collections both for researchers and for Library staff. Perhaps no
other aspect of developing our program evoked the level of emotional
reaction, especially from staff, as we saw when we modified our policies
to limit staff access to collections storage areas in 1992, shortly after closing
the stacks to the general public.
We addressed these four main challenges and made
every effort to enlist the support of the staff:
(1) "It's not my job." Those of us who have witnessed
the mutilation and theft of irreplaceable itemsand have seen the
frustration of researchers who have traveled long distances for an item
that can be found only at the Library of Congress, arriving to find the
item either missing or mutilatedare convinced that security is
everyone's job. We have adopted a concept of levels of responsibility,
with the staff being the first line of defense. When the situation
cannot be addressed safely and satisfactorily by the staff member, or
when the event happens outside of a reading room or work area, we
summon the Library of Congress Police.
We have established an active security awareness
program to make staff members aware of the importance of collections
security and of their role in ensuring the protection of our heritage
assets for this and future generations. Examples of successful
initiatives include: regular articles in the staff newsletter, the
Gazette; programs for the staff such as a Security Awareness
Week, with posters, bookmarks, and presentations; presentations to
groups of employees; and displays of mutilated items, including the
cost of the items and the unique information or illustrations that were
lost.
(2) "All this money and not one book." This concern
is voiced more frequently in an era of diminishing resources and
increased competition for available funding. We have explained to our
staff that the result of not spending the necessary funds to protect
our heritage assets can be far worse in terms of mutilation, theft, and
permanent, irreplaceable loss of the artifact and the information than
the reduced purchasing ability that may result from allocating funds for
security purposes. Staff awareness has been increased by displays
of mutilated items and, wherever possible, by sharing stories of
attempted thefts and mutilations that were thwarted by having alert
security staff. In collections areas having a high value and unique
material, success stories can significantly raise staff awareness and
understanding of the need to have adequate security staff.
(3) "Security is locks and cages." Perhaps one of our
major accomplishments as we crafted our comprehensive collections
security plan was to move away from the traditional view that a
collections security program equates with a physical security
programlocks, keys, cages, security cameras, intrusion detection
systems, alarms, and so forth. Indeed, as we developed our collections
security program, we took a much broader approach. We felt that a truly
comprehensive plan must address four critical issues: what we have,
where each item is at any given time, how we preserve the items for this
and future generations, and how we protect the items physically. Only
the last of these four issuesphysical securityhas traditionally
been addressed by the security professionals; the other three are
traditionally addressed as core library activitiesbibliographic
control, inventory control and tracking, and preservation. By defining
collections security as including all four areas, we were not only able
to put together an integrated plan but also to bring professional
librarians and security experts together in this collaborative
effort.
(4) "Don't you trust us?" We took a number of
positive steps to explain to the staff why it was necessary to make
certain changes; even so, we were not completely successful in
convincing everyone on the staff that we had to adopt the policies we
did. Among the steps we took were the following:
We held a number of staff forums in which the
Librarian of Congress and security and other Library staff
members explained to Library employees what we were doing and why.
As part of these forums, we set up dramatic displays of mutilated
items with captions that explained the uniqueness of the items, what had
been lost and could never be examined again, and the assessed cost of
the items. Staff members attending these forums and viewing these
exhibits left with a very different perspective of the scope of the
problem and the impact of not protecting the collections than they had
had when they arrived. By showing concrete examples, we demonstrated
that mutilation and theft were not mere abstract concepts.
We established options to determine stack access for staff in various
positions to ensure that staff members could continue to do their work
without encountering significant roadblocks in their path, and we
explained these options to the staff. We tried to remain as flexible as
possible in listening to the concerns of staff and in developing
appropriate options.
We were honest with staff members in reaffirming our belief to them
that they are our greatest asset and that we were not accusing them of
dishonest behavior. At the same time, all of us needed to recognize that
out of a staff of more than four thousand employees, it only took a few
people to create serious damage to the collections. Unfortunately, there
was no "profile" that we could use to determine who might create
problems and therefore restrict access only to those individuals, We
shared with staff specific incidents involving staff, as well as citing
studies and articles supporting the need to address insider as well as
outsider threats.
Once we had both librarians and security professionals working
collaboratively, our next step was to develop a framework that we hoped would cover all four control
areas: bibliographic control, inventory control and tracking, preservation,
and physical security. We did so by adopting a series of four
steps that, when completed, would constitute the collections security
plan itself.
Step 1: Reaffirming the four categories of controls. This
was a fairly straightforward process. We agreedand our
consultants and auditors supported our understandingthat our
collections security plan would provide a program to assert:
(1) Bibliographic control. This is the most logical first step:
we need to know what we haveprimarily author and title
information.
(2) Inventory control and tracking. Once we know what we have, we
need two additional pieces of information:
how many we have and where each item is assigned (for instance, the Law
Library, general collections, or Main Reading Room reference
collection); and the location of each item if it is moved from its
assigned location (for instance, for circulation or rebinding).
(3) Preservation. Once we are satisfied that we know what we
have, and where each trackable item is at any given time, as stewards of
the nation's "library of last resort," we need to ensure, through best
preservation techniques, that the item will be available not only for
the current generation, but also for future generations. Preservation
measures include components such as: regulating and monitoring the
environment; emergency preparedness; proper furniture and equipment;
proper handling; physical treatment; and reformatting.
(4) Physical security. Finally, we could not underestimate the
importance of ensuring that the item is physically secure, especially
when in its storage location. We therefore looked at vaults, cages,
cameras, limited-access stacks,
intrusion detection, and other means to secure the collections.
Step 2: The tiers of risk. One of the most
challenging aspects of putting together the collections security plan
was to establish the tiers of risk. By categorizing material into one of
five categories along the tiers-of-risk continuum, we were
acknowledging that all collections items are not created equal for the
purpose of developing a meaningful security plan. With finite resources,
and 120 million items in our collections, it is essential that we
categorize material so that we can determine how best to deploy our
resources to ensure the protection of collections according to their
value (not simply monetary value, but also research, uniqueness, and
artifactual value). We could not examine, make a meaningful determination,
and provide a protection program for every one of the 120 million
items in the Library's collections, but we could establish broad
categories to form the tiers of risk. From our discussions, we developed
a five-tier risk continuum, and we labeled the collections
accordingly:
(1) Platinum. These collections essentially include the Library's
most priceless items. The "Treasures" are the quintessential components
of this category.
(2) Gold. These collections include the Library's rare items
having prohibitive replacement cost, high market value, and significant,
cultural, historical, and/or artifactual importance.
(3) Silver. These collections require special handling and
include the Library's items at particularly high risk, such as computer
software, popular labels in print, videos, and compact discs.
(4) Bronze. These collections include those items served without
special restrictions in the Library's reading rooms and materials that
may be lent without stringent restrictions.
(5) Copper. These collections are those that the Library does not
intend to retain but holds while deciding, for example, which items may
be used for its exchange and gift program.
Step 3: Establishing the life cycles: Our next discussion
involved what the status of an item might be at any given time. We
identified five possibilities:
(1) In Process. Refers to the collections while held during
their accessioning, organizing, processing, and transport to
storage.
(2) In Storage. Refers to the collections while in permanent
storage.
(3) In Use. Refers to the collections while being used by
researchers or staff.
(4) In Transit. Refers to the collections while being transported
from permanent storage to another location.
(5) On Exhibit. Refers to the collections while on exhibit
either at the Library of Congress or at another location.
Step 4: The security control measuresdeveloping the grids.
Our next step was to identify, for each tier of risk and each life
cycle, the security control measures that would be used to protect the
collections. The security control measures were aimed at responding to
the four questions discussed earlier:
what do we have (bibliographic), how many of them and where are they
(inventory control and tracking), how do we preserve the items
(preservation), and how do we physically secure them (physical
security)?
We began with the physical security requirements,
because physical security has received the greatest attention and is the
most straightforward to address. To ensure a collaborative effort and
buy-in, we put together a team of physical and electronic security
specialists and library managers who had
already played a major role in collections security
planning. The team identified and defined the measures that should be
taken to protect the collections. In the area of physical security,
these measures included: marking (ownership) and tagging (theft
detection strips); secured transit; intrusion detection;
closed-circuit television; storage; key and lock control; electronic
access control; and exit inspection. For many of these measures,
we established levels of control depending on the tiers of risk. For
example, for closed-circuit television coverage, we had three levels.
Level 3, the highest level, was defined as "image displayed and recorded
in Library police communications center during alarm condition." Level
2, the intermediate level, was defined as "Level 1 with additional
cameras capturing facial features plus specific areas of interest, for
instance, patron using material at desk in Rare Book and Special
Collections Reading Room." Level 1, the minimum level, was defined as
"recorded cameras showing large area views with limited facial details
of individuals."
When we had completed this process, we had five
grids, one for each of the life cyclesin process, in storage, in
use, in transit, and on exhibit. [1] One of the most challenging
steps followed: determining which level of control applied to which tier
in each life cycle. Our guiding principle was to answer the question,
"What is the minimum requirement that we need to implement to be able to
satisfy ourselves that we can give assurance that the collections are
being protected to the appropriate level?" In this context, we once
again had to develop and accept a number of working assumptions:
There is no such thing as absolute assurance.
Although we can have a policy of zero tolerance for those
stealing or mutilating the collections, we cannot give
absolute assurance that nothing will ever be stolen or damaged.
Not every item can be protected to the same level,
nor should it be, given finite resources. Our program must
aim at giving assurance that the appropriate level of
protection is being provided. Certainly, the nature and level of
protection for the Library's copy of the Gutenberg
Bible is not the same as that given to today's
edition of the New York Times.
We therefore needed to establish the minimum level
of security for each specific category of material. We were cognizant of
the fact that our collections security plan, when finally developed,
would be presented to our peers, management, and others. Credibility was key
if the plan was to be accepted and was to serve as the
basis for an implementation program. We needed to ensure
that our security program could indeed be supported
and could serve as the basis for future planning, programming, and
budgeting.
Once we had completed our protection prioritization
framework of physical security controls, we were ready to gain
broad-based acceptance. First, we gathered a group of our peers together
and presented the proposed plan. We explained it, received their
feedback, and made modifications as appropriate. Next, we presented the
plan to the Library's senior managers and got their feedback and
approval. And, finally, we received the approval of our congressional
oversight committees. The last was accomplished in early 1998.
Our planning groups were intent on ensuring that the
plan, as finally adopted, would serve as a guide for action and would
not be just another study to sit on the shelf. For that reason, we
developed a set of actions, a timeline, and four standing subcommittees
to lead the implementation phase. The four areas represented by these
subcommittees are: Policy and Standards; Operations; Security
Awareness; and Resources. These subcommittees meet regularly, and the
chairs of each gather periodically to share progress and ideas.
Establishing minimum standards was important. But
the next step we needed to take was to assess where we
are, and what we need to do to meet these standards. Our assessment
program consisted of visiting all the custodial and processing divisions
and discussing the program with them. These field visits and the
personal interaction proved to be a wise way to proceed and yielded
excellent results. In discussing what we needed to obtain during these
visits, we went back to our grids and looked at the dots we had placed
in the matrix indicating the minimum standard. We decided that wherever
a dot was present, we would replace this during our field visit with a
baseline status, i.e., stating how well that specific custodial or
processing unit met the minimum requirement. To aid us in gathering
data, we identified five baseline statuses:
C, or completed, meaning that the division meets the
minimum standard.
P, or partially completed, meaning that additional
actions will be required to meet fully the minimum standard.
F, or funded, meaning that although controls are
incomplete at this time, monies to create controls meeting the minimum
standard have been appropriated.
H, or "in-house," meaning that the division currently
does not meet the minimum standard but can do so by reconfiguring with
no additional funding.
U, or unmet, meaning that the division does not
completely meet the minimum standard.
We then conducted our visits, filled out the grids
using the statuses above, and elaborated on these with comments. The
grids prepared for each of the Library's custodial and processing
divisions continue to provide the framework for security planning as we
implement the minimum standards we established in the plan.
The approach we adopted was highly successful on many
levels. I believe the greatest advantages are:
Collaborative effort. The development and
implementation of the collections security plan was a collaborative
effort of Library managers and security managers and staff. I cannot
emphasize enough the importance of this collaboration. It built mutual
trust and understanding, when there is traditionally a kind of wariness.
By presenting this plan as a collaborative effort, Library staff and
managers more readily accepted it.
A shared vocabulary. By getting away from an extended list of
formats, value, and specific collections assignments, and by using five
categories of tiers of risk that are not dependent on format or
custodial unit, managers and staff throughout the Library have adopted
the same vocabulary. If we say that we have developed a project to
protect the gold collections, staff members understand what we
are doing.
An approved, understandable plan. A major challenge that we
have faced in the past has been that, although we have long taken
collections security very seriously and have a zero-tolerance policy for
theft and mutilation, we did not have a formal plan to which we could
refer when preparing budget requests or when deciding which collections
security initiatives we should tackle first. Without such a document, we
had not always been articulate or convincing in implementing collections
security measures. Now we can refer to the plan when developing a
program to enhance collections security.
A blueprint for action. We found, as we went from division to
division, that many of the minimum requirements had already been met,
that others were in the process of being met, and that others could be
done in-house. For those unmet needs that require additional funding, it
is far more meaningful to place these in a multiyear plan
along with prioritization (protecting our platinum and gold collections
first, for example). Our requests are far better received when they fit
into a planning framework than when they come as disjointed
requests.
A synergistic approach. We found thatin determining what
to implement, how to implement it, and what might be
unattainablewe needed to look at the plan in its entirety, rather
than blindly following each minimum requirement. In so doing, we
established two basic principles. First, a synergistic approach is
essential because if we cannot meet a minimum requirement in one area,
we may be able to use controls in place in another area to provide the
same level of assurance that we are protecting our collections. Second,
as good as a plan is, there is no substitute for good judgment.
chap4.html
|