What is the CPP Designation?

by | Apr 20, 2011

What is the CPP Designation?

Saturday mornings in late February and early spring mean two things for me. Little League Baseball and the Certified Protection Professional (CPP) Review Course. For the last three years, I have found it a challenge to manage both commitments, but find both interesting, fun and rewarding.

There are eight domains covered by the CPP exam encompassing the areas of knowledge and expertise necessary for security professionals to master the security function in todays complex business environment. The CPP exam is an intensive 225 question exercise that can only be taken after an extensive qualification and background screening for security professionals with more than five years of security management experience. The CPP

designation is therefore awarded to a relatively small group of professionals who have demonstrated their competency in the areas of security solutions and best-business practices. Out of 37,000 members in the American Industrial Security Society (ASIS) only 10% hold the CPP designation. These men and women are recognized as proven leaders in their profession.

The most rewarding aspect of becoming a CPP has been the continued education I have been able to partake in after passing the certification exam. For the last two years, I have been a mentor for the regional CPP Review Course. This experience has been invaluable to me by reinforcing the concepts of security management, building mutually beneficial relationships and friendships with other CPP’s, and with those seeking to become CPP’s and finally, the internal reward of teaching and helping others prepare for and achieve CPP status.

The eight domains and the specific areas they cover are as follows:

DOMAIN ONE – Security Principles and Practices

Plan, organize, direct and manage the organization’s security program to avoid/control losses and apply the processes to provide a secure work environment.

Develop, manage, or conduct threat/vulnerability analyses to determine the probable frequency and severity of natural and man-made disasters and criminal activity on the organization’s profitability and/or ability to deliver products/services.

Evaluate methods to improve security and loss prevention systems on a continuous basis through auditing, review, and assessment.

Develop and manage external relations programs with public sector law enforcement or other external organizations to assist in achievement of loss prevention objectives.

Develop and present employee security awareness programs to achieve organizational goals and objectives.

DOMAIN TWO -Business Principles and Practices

Develop and manage budgets and financial controls to achieve fiscal responsibility.

Develop, implement, and manage policies, procedures, plans, and directives to achieve organizational


Develop procedures/techniques to measure and improve organizational productivity.

Develop, implement, and manage staffing, leadership, training, and management programs in order to achieve organizational objectives.

Monitor and ensure a sound ethical climate in accordance with the laws and the organization’s directives and standards to support and promote proper business practices.

DOMAIN THREE – Legal Aspects

Develop and maintain security policies, procedures, and practices which comply with relevant elements of criminal, civil, administrative, and regulatory law to minimize adverse legal consequences.

Provide coordination, assistance, and evidence such as documentation and testimony to support legal counsel in actual or potential criminal and/or civil proceedings.

Provide advice and assistance to management and others in developing performance requirements and contractual terms for security vendors/suppliers and establish effective monitoring processes to ensure that

organizational needs and contractual requirements are being met.

Provide assistance to management, legal counsel, and human resources in developing strategic and tactical plans for responding to labor disputes, including strikes.

Develop and maintain security policies, procedures, and practices that comply with relevant laws regarding investigations.

Develop and maintain security policies, procedures, and practices that comply with relevant laws regarding personnel security.

Develop and maintain security policies, procedures, and practices that comply with relevant laws regarding information security.

DOMAIN FOUR – Personnel Security

Develop, implement, and manage background investigations to validate individuals for hiring, promotion, or retention.

Develop, implement, manage and evaluate policies, procedures, programs and methods to protect individuals in the workplace against harassment, threats and violence.

Develop, implement, and manage executive protection programs.

DOMAIN FIVE – Physical Security

Survey facilities in order to manage and/or evaluate the current status of physical security, emergency and/or restoration capabilities.

Select, implement, and manage security processes to reduce the risk

of loss.

Assess the effectiveness of security measures by testing and monitoring.

DOMAIN SIX – Information Security

Survey information facilities, processes, and systems to evaluate current status of: physical security, procedural security, information systems security, employee awareness, and information destruction and recovery capabilities.

Develop and implement policies and standards to ensure information is evaluated and protected against all forms of unauthorized/inadvertent access, use, disclosure, modification, destruction, or denial.

Develop and manage a program of integrated security controls and

safeguards to ensure confidentiality, integrity, availability, authentication,

non-repudiation, accountability, recoverability, and audit ability of sensitive information and associated information technology resources, assets and investigations.

Evaluate the effectiveness of the information security program’s integrated security controls, to include related policies, procedures and plans, to ensure consistency with organization strategy, goals and objectives.

DOMAIN SEVEN – Crisis Management

Assess and prioritize risks to mitigate potential consequences of incidents.

Prepare and plan how the organization will respond to incidents.

Respond to and manage an incident.

Recover from incidents by managing the recovery and resumption of operations.

DOMAIN EIGHT – Investigations

Develop and manage investigation programs.

Manage or conduct the collection and preservation of evidence to support post-investigation actions (employee discipline, criminal or civil proceedings,arbitration).

Manage or conduct surveillance processes.

Manage and conduct specialized investigations.

Manage or conduct investigative interviews.

Coaching my son Sean’s little league team is equally, if not more, rewarding for some of the same reasons. The main focus of my coaching efforts is to engage the kids on the team, get to know them and their family on a personal level and foster a spirit for learning the rules and fundamentals of the game of baseball, but mostly to have fun! Who knows maybe some of my players will be future CPP candidates.