Definitions
Bearing Definitions
Item |
Definition |
|
Configuration Item (CI) |
A physical entity, such as a camera or access reader; a logical entity, such as an instance of a database; or a conceptual entity, such as a requisition service. CIs are stored in the Configuration Management database (CMDB). |
|
Protected Asset |
A tangible or intangible item of value that is safeguarded by physical security measures. These include fields such as priority levels, security groups, and owners, which can drive workflow automation. |
|
Knowledge Base Article |
A documented reference containing procedures, guidelines, or best practices related to physical security operations. These reside directly within the Bearing application Physical Security Knowledge Base, and aid analysts with real time incident references. |
|
Channel |
The method or system through which a physical security issue or alert is reported or communicated |
|
Category |
The broad classification of a physical security event or incident |
|
Sub-Category |
A more specific breakdown of the incident type within a category |
|
Caller (affected user) |
The individual who reported the incident or who is directly impacted by the physical security event |
|
Location |
The physical site or exact area where the incident occurred or where the asset is located |
|
State |
The current progress stage of the incident or event in the resolution workflow |
|
Priority |
The level of urgency assigned to the incident based on its impact on safety or operations |
|
Parent |
A primary incident that has associated or related sub-incidents |
|
Assignment Group |
The team or unit responsible for handling the parent |
|
Assigned To |
The specific individual designated to address or resolve the incident |
|
Event Time |
The actual time when the security event occurred |
|
Detect Time |
The time the incident was first identified or observed |
|
Contain Time |
The time when the incident was mitigated or brought under control |
|
Resolve Time |
The time when the incident was fully addressed, and all remediation or corrective actions were completed |
|
Short Description |
A brief summary or title of the physical security incident |
|
Description |
A detailed account of the incident |
Category/Subcategory Definitions
Note: Items marked with an asterisk (*) will be updated in the next release
| Category | Subcategory | Definition |
| Critical Event | Active Assailant | Armed individual actively threatening people or property at or near a company site. |
| Critical Event | Bomb Threat | Threatened or suspected use of an explosive device. |
| Critical Event | Civil Unrest | Riots, protests, or disruptive gatherings affecting company operations. |
| Critical Event | Cyber | Large-scale or disruptive cyberattack with operational or physical implications. |
| Critical Event | Geopolitical | Political instability, sanctions, or regional conflict impacting operations. |
| Critical Event | Infrastructure Failure | Disruption to critical infrastructure such as utilities, transportation, or telecommunications impacting operations. |
| Critical Event | Major Crime | High-profile criminal incidents near or involving company assets impacting or disrupting operations. |
| Critical Event | Major Event | Large-scale external event creating elevated risk (e.g., sporting event, summit) or impacting or disrupting operations. |
| Critical Event | Natural Disaster | Earthquake, hurricane, flood, wildfire, or other natural hazards causing catastrophic harm or business disruption. |
| Critical Event* | Severe Weather* | Rain, wind, or other weather events impacting company operations. |
| Critical Event | Strike/Protest | Labor action or demonstration directly impacting company operations. |
| Critical Event | Terrorism | Coordinated violent acts intended to intimidate or disrupt operations. |
| Employee Assistance | Lost and Found | Items reported missing or found at facilities. |
| Employee Assistance | Lost or Stolen Company Device | Stolen, lost, or missing laptops, phones, or other company-issued devices. |
| Event Security | Customer Event | Security planning and support for public- or customer-facing events. |
| Event Security | Executive Private Event | Protection measures for executives at private functions where details are not publicized. |
| Event Security | Executive Public Event | Public appearances requiring executive protection, particularly where details are made public in advance. |
| Event Security | Internal Event | Company-sponsored events requiring security support. |
| Facility Security | Additional Staffing Request | Request for temporary or surge security staffing. |
| Facility Security | Area Report | Report of security or safety conditions in a specific area. Catalgogued for future risk assessment or analysis. |
| Facility Security | Assault | Physical attack on employees, contractors, or visitors. |
| Facility Security | Damage | Report of damage to company property due to accident or unintentional event. |
| Facility Security* | Drill* | Scheduled emergency or evacuation exercise. |
| Facility Security | Duress Alarm | Panic button or silent alarm activation requiring response. |
| Facility Security | Elevator Entrapment | Person(s) trapped in an elevator. |
| Facility Security | Elevator Issue | Elevator malfunction not involving entrapment. |
| Facility Security | Fire | Active fire requiring emergency response. |
| Facility Security | Fire Alarm | Triggered fire alarm requiring verification. |
| Facility Security | HAZMAT | Hazardous materials spill or exposure risk. |
| Facility Security* | Lock/Unlock Procedure* | Authorized lock/unlock requests outside standard hours. |
| Facility Security | Mechanical Issue | Facility system malfunction (HVAC, plumbing, etc.). |
| Facility Security | Medical | Employee or visitor requiring medical assistance. |
| Facility Security | Network Outage | Loss of IT network connectivity affecting operations. |
| Facility Security | Other | Facility incident not otherwise categorized. |
| Facility Security | Personal Property Issue | Loss or theft of personal items on premises. |
| Facility Security | Power Outage | Loss of electricity impacting operations. |
| Facility Security* | Secure Area Access* | Request for escorted or logged entry into secure zones. |
| Facility Security* | Security Escort* | Request for personnel escort to or from facilities. |
| Facility Security* | Severe Weather* | Weather warnings or events posing immediate risk. |
| Facility Security* | Suspicious Activity* | Behavior raising concern for potential threat. |
| Facility Security | Suspicious Device | Object resembling or suspected to be a weapon/device requiring investigation |
| Facility Security | Suspicious Package | Unattended or suspicious package requiring evaluation. |
| Facility Security | Suspicious Person | Individual behaving in a threatening or suspicious manner. |
| Facility Security | Suspicious Vehicle | Vehicle parked or behaving in a concerning way near facilities. |
| Facility Security | Temperature Issue | Facility temperature outside acceptable range. |
| Facility Security | Theft | Stolen company property incident on premises. Not inventory or other warehouse type theft. |
| Facility Security | Trespass | Unauthorized individual entering restricted property. |
| Facility Security | Unescorted Visitor | Visitor found without proper authorization or escort. |
| Facility Security | Vandalism | Intentional or malicious damage to company property. |
| Facility Security | Vehicle Accident | Collision or accident involving company vehicles on property. |
| Facility Security | Vehicle Issue | Mechanical issue with company or visitor vehicles. |
| Facility Security | Violation | Security observed potential breach or confirmed breach of company rules, policies, or regulations. |
| Facility Security | Walk-In Customer | Unscheduled individual requesting support at a security desk. |
| Intelligence | Cyber | Large-scale or disruptive cyberattack with operational or physical implications. |
| Intelligence | Geopolitical | Political instability, sanctions, or regional conflict impacting operations. |
| Intelligence | Health Concern/Pandemic | Outbreaks or disease trends posing business impact. |
| Intelligence | Infrastructure | Intelligence on vulnerabilities to public infrastructure. |
| Intelligence | Major crime | Crime trends or alerts affecting regional security. |
| Intelligence | Open Source (OSINT) | Publicly available intelligence relevant to security operations. |
| Intelligence | Other event | Intelligence on incidents not otherwise categorized. |
| Intelligence | Security Operation | Information related to security team posture or coordination. |
| Intelligence | Significant Event | Intelligence on high-impact regional or global events. |
| Intelligence | Strike/Protest | Labor action or demonstration directly impacting company operations. |
| Intelligence | Terrorism | Coordinated violent acts intended to intimidate or disrupt operations. |
| Intelligence | Weather | Severe weather alerts and forecasts impacting assets. |
| Investigations | Communications Review | Examination of communications for compliance or misconduct. |
| Investigations | Door Usage Report | Analysis of access control activity logs at a specific portal. |
| Investigations | Historical Video Review | Review of recorded surveillance footage for evidence. |
| Investigations | Lost Badge | Investigation into lost employee credentials. |
| Investigations | Other | Facility incident not otherwise categorized. |
| Investigations | Physical Access Badge Report | Analysis of access control activity logs for a specified badge holder. |
| Investigations* | Report Request (IR, Signed NDA, SEC ticket, etc)* | Formal request for investigation findings or reports. |
| Investigations* | Security Assisted Termination* | Security presence during employee separation. |
| Investigations* | Security Support* | Security assistance with HR, legal, or internal inquiries. |
| Investigations | Sensitive Investigation | High-profile or confidential matter requiring discretion. |
| Investigations* | Violation* | Investigation of potential breach of company rules, policies, or regulations requested by non-security organization. |
| Loss Prevention | Counterfeiting | Use or distribution of fake currency, tickets, or products. |
| Loss Prevention | Hijacking | Unauthorized seizure of shipments, vehicles, or goods. |
| Loss Prevention | Organized Retail Crime | Coordinated groups targeting products or assets. |
| Loss Prevention | Shoplifting | Unauthorized removal of merchandise from retail locations. |
| Loss Prevention | Transportation | Losses during transit of goods or materials. |
| Loss Prevention | Warehouse/Distribution Center | Theft or shrinkage at storage or logistics facilities. |
| Physical Security Systems | Access Outage | Failure of access control or locking mechanism at a specific portal/door. |
| Physical Security Systems | Access System Outage | Failure of software, database or associated hardware causing a system wide issue. |
| Physical Security Systems | Alarm Outage | Loss of alarm monitoring or functionality at a specific portal/door. |
| Physical Security Systems | Camera Outage | Failure of camera endpoint. |
| Physical Security Systems | Intercom Outage | Failure of intercom or communication devices. |
| Physical Security Systems | Key Management System Outage | Failure in systems tracking keys or locks. |
| Physical Security Systems | LPR Outage | License plate recognition system failure. |
| Physical Security Systems | Nuisance Alarm | Repeated false alarm requiring investigation, mitigation, and potential repair. |
| Physical Security Systems | Other | Security systems incident not otherwise categorized. |
| Physical Security Systems | System Installation | Deployment of new hardware or software system. |
| Physical Security Systems | System Testing | Routine testing of system functions. |
| Physical Security Systems | Turnstile Outage | Failure of turnstile security devices. |
| Physical Security Systems | Video System Outage | Failure of software, database or associated hardware causing a system wide issue. |
| Physical Security Systems | Visitor Management System Outage | Failure of visitor check-in systems. |
| Physical Security Systems | Vulnerability | Identified weakness in security software/hardware (OS, firmware, etc). Potentially has associated ticket with Security Operations/Vulnerability Management. |
| Travel Security* | Manual Itinerary (PNR)* | Employee travel itinerary entered manually into the system. |
| Travel Security* | Travel Request for Support* | Request for security assistance prior to start of travel travel. |
| Travel Security | Traveler Incident | Incident impacting employee while traveling. |
| Travel Security | Violation | Security observed potential breach or confirmed breach of company rules, policies, or regulations in the conduct of employee travel. |
| Workplace Violence | Customer Threat | Threat of violence made by a customer, visitor, or other non-employee. |
| Workplace Violence | Employee Threat | Threat of violence made by an employee. |
| Workplace Violence | Other | Workplace violence incident not otherwise categorized. |
| Workplace Violence | Shareholder Threat | Threats from shareholders or external stakeholders. |