More SecurityRiskIQ.com

Optimize Your Security Program with an Intelligence Collection Plan (ICP)

Updated: Nov 12, 2019

With the U.S. economy firing on all cylinders at 3.5 percent growth in the third quarter, corporate profits over the past year have zoomed at a 10.3 percent pace — the fastest increase in six years. Of course, companies are focused on maintaining the pace, and it is a good reason for savvy leaders to think about protecting their key assets from exposure to ever-evolving internal and external security risks.


While security leaders have the ability to leverage a multitude of robust integrated security solutions that are readily available on the market, some leaders often neglect intelligence collection planning as one of the simplest and most cost-efficient solutions to helping their organizations mitigate risk.


Commonly used in military, law enforcement and intelligence agency arenas, Intelligence Collection Plans (ICPs) require decision makers to task their teams with prioritizing and collecting a wide array of pertinent information within a specific time frame that is continuously updated and evaluated. In a law enforcement setting, for example, a leader who wants to know how illicit narcotics impacts violence in the United States may develop a collection plan that identifies how they are smuggled, types of conveyances and routes and communications methods that are used. Corporate security executives can mirror this methodology to not only identify and monitor the potential threat of workplace violence or business espionage in their facilities, but also establish necessary responses to mitigate these threats.


ICP Advantages


ICPs give a strategic advantage by identifying emerging trends and threats that uniquely impact an organization. Every organization faces a unique set of challenges, depending on the industry and global markets in which they operate. Consequently, security leaders must differentiate among a customized set of intelligence requirements to help identify emerging risks to their company. The Chief Security Officer for a global pharmaceutical company who has experienced a rash of legal actions due to counterfeit drugs resold in illicit markets requires an ICP with collection requirements centered on anti-counterfeiting intelligence, including trademark infringement, theft and illicit resale.


ICPs can also be used as a tool to set benchmarks in three core areas of a security mission against organization objectives: Facilities and Locations, and Specific Risks and Threats that need to be mitigated.


Set Priority Intelligence Requirements

The effectiveness of developing an ICP requires security managers to quantify how they are performing vs. organizational strategic objectives. To accomplish this task, however, security programs must set Priority Intelligence Requirements (PIRs) that are aligned with their most critical assets and the impacts on those assets from potential significant events. 


The security manager is now able to tag essential information to the intelligence requirement and over time establish clear trends that will be important in helping to make future decisions.


Once PIRs are established under the ICP, managers can assign benchmarks aligned with organizational objectives against their facilities. They must also use what are called Essential Elements of Information (EEIs), key information that security operators can capture to determine the core issues within their operation. Working through this process provides security managers with a roadmap on specific threats to be mitigated.

A global technology company based in a hurricane-prone location (see graphic) will build an ICP focused on hazardous weather to protect their data centers by assigning the EEIs to the PIR.


When security managers and analysts have completed an ICP to identify new trends and set new benchmarks, they should step back and determine intelligence gaps based on the data collected in the ICP. An ICP is perfect for illuminating security program needs, but when security analysts and operators have not collected sufficient information within the PIR it doesn’t mean that there was a mishap. It simply means that there is a key requirement in the ICP that needs further exploration. In these cases, additional resources should be dedicated to fill these gaps, which in turn will strengthen the security program and provide security operators with enough intelligence to understand how to efficiently respond to an event.


The survival of future security programs requires leaders to remain agile and flexible to a dynamic security environment marked by a growing symbiotic relationship between the physical, cyber and electronic spaces. This will further complicate the security environment, so security leaders should be open to new and innovative methodologies that provide value and efficiency. ICPs won’t solve all security challenges, but they are an excellent tool in helping security professionals build and execute robust security strategies within the framework of organizational objectives.  Additionally, security programs become more robust from trending and gap analysis of key facets of the ICP across the organization.


Jason David, Director of Intelligence and the Risk Operations Center (ROC) for G4S Corporate Risk Services, North America Region has been in the intelligence field for more than 18 years. He served nearly 15 years with the Drug Enforcement Administration (DEA), with assignments in the Agency’s Washington, D.C., Middle East, and Miami field offices where he was responsible for developing targeted intelligence in pursuit of some of the world’s most prolific Transnational Criminal Organizations.

View Full Bio