Rake gun: a tool used by auto thieves to defeat car and ignition door locks. The handle and trigger appear similar to that on a caulking gun. The barrel of the device is a lockpicker’s rake that slides forward and backward upon activation of the trigger.
Rate of return analysis: a financial technique for evaluating a candidate project in terms of expected future savings. The approach determines the rate of return resulting from a purchase or investment, and therefore allows comparisons between projects having different life expectancies and costs.
Reaction distance: the distance a moving vehicle travels between the time the driver perceives a hazard and the time the body initiates a responsive action such as applying the brakes or engaging in a maneuvering action.
Reaction formation: an ego defense mechanism which prevents dangerous desires and impulses from being carried out by fostering opposed types of behavior and attitudes.
Readiness: the first step of a business continuity plan that addresses assigning accountability for the plan, conducting a risk assessment and a business impact analysis, agreeing on strategies to meet the needs identified in the risk assessment and business impact analysis, and forming Crisis Management and any other appropriate response teams.
Real cost: a measure in dollars of costs pertaining to the replacement of lost assets plus all related costs.
Reasonable force: force that is not excessive and is appropriate for protecting oneself or one’s property. Also called legal force. The least amount of force that will permit a police or security officer to subdue a subject while still maintaining a level of safety for himself or herself and the public.
Recapture rate: the rate of interest necessary to provide for the return of the initial investment. Recapture rate is different than interest rate, which is the rate of return on an investment.
Recidivism: repetitive criminal behavior; habitual or confirmed criminality.
Reconciliation procedure: a control procedure that identifies and accounts for any difference between the values of a given balance and its associated control total. Reconciliation procedures, for example, might be used to inventory physical assets or audit a petty cash fund.
Reconnaissance: a mission undertaken to obtain, by observation or other detection methods, information about the activities of persons or groups.
Recovery/resumption: plans and processes to bring an organization out of a crisis that resulted in an interruption. Recovery/resumption steps should include damage and impact assessments, prioritization of critical processes to be resumed, and the return to normal operations or to reconstitute operations to a new condition. Also called business resumption or business recovery.
Reduction in force (RIF): a phrase used by the federal government and other employers when jobs are eliminated.
Redundant design: a design of alarm equipment involving two or more components so arranged that failure of one will call one or more of the others into service.
Request For Proposal (RFP): the process by which an organization formerly requests that bidders indicate how they will provide the services required by a client and their proposed fee.
Respondeat Superior: the doctrine which states that the master (employer) is liable in certain cases for the wrongful acts of servants (employees) and is a principal for these agents.
Response program: plan, processes, and resources to perform the activities and services necessary to preserve and protect life, property, operations, and critical assets. [ISO/PAS 22399:2007] Note: Response steps generally include incident recognition, notification, assessment, declaration, plan execution, communications, and resources management.
Restraint of trade: an illegal action taken to prevent the free flow of goods in a market economy. Restraint of trade may take such forms as the holding back of improved products, the monopolistic control of raw materials, or agreement among corporations to fix prices and to not compete against each other.
Return on equity (ROE): an accounting ration in which the net income is expressed as a percentage of capital employed.
Return on investment (ROI): an accounting ration in which the net income is expressed as a percentage of capital employed plus cost of capital.
Revenue center: an element or unit within a business organization where income is accumulated and identified with a specific project or organizational entity. Also called income center.
RFID: Radio-frequency identification tags are small computer chips connected to miniature antennae that can be fixed to or implanted within physical objects. The chip itself contains an Electronic Product Code that can be read each time a reader emits a radio signal.
The chips are subdivided into two distinct categories, passive or active. A passive tag doesn’t contain a battery and its read range is variable, from less than an inch to twenty or thirty feet. An active tag on the other hand, is self-powered and has a much longer range. The data from an active tag can be sent directly to a computer system involved in inventory control–or weapons targeting.
Risk: an effect of uncertainty on objectives. [ISO/IEC Guide 73] Note 1: An effect is a deviation from the expected – positive and/or negative. Note 2: Objectives can have different aspects such as financial, health and safety, and environmental goals and can apply at different levels such as strategic, organization-wide, project, product, and process. Note 3: Risk is often characterized by reference to potential events, consequences, or a combination of these and how they can affect the achievement of objectives. Note 4: Risk is often expressed in terms of a combination of the consequences of an event or a change in circumstances, and the associated likelihood of occurrence. The possibility of loss resulting from a threat, security incident, or event. See also security risk.
Risk analysis: a process to comprehend the nature of risk and to determine the level of risk. [ISO/IEC Guide 73] Note: Risk analysis provides the basis for risk evaluation and decisions about risk treatment. a detailed examination including risk assessment, risk evaluation, and risk management alternatives, performed to understand the nature of unwanted, negative consequences to human life, health, property, or the environment; an analytical process to provide information regarding undesirable events; the process of quantification of the probabilities and expected consequences for identified risks.
Risk assessment: Overall process of risk identification, risk analysis, and risk evaluation. Note: Risk assessment involves the process of identifying internal and external threats and vulnerabilities, identifying the probability and impact of an event arising from such threats or vulnerabilities, defining critical functions necessary to continue the organization’s operations, defining the controls in place necessary to reduce exposure, and evaluating the cost of such controls. The process of assessing security-related risks from internal and external threats to an entity, its assets, or personnel. The process of identifying internal and external threats and vulnerabilities, identifying the likelihood of an event arising from such threats or vulnerabilities, defining the critical functions necessary to continue an organization’s operations, defining the controls in place or necessary to reduce exposure, and evaluating the cost for such controls.
Risk Management: The human activity which integrates recognition of risk, risk assessment, developing strategies to manage it, mitigation of risk using managerial resources into a prioritization process (adapted from Wikipedia).
Coordinated activities to direct and control an organization with regard to risk. [ISO/IEC Guide 73] Note: Risk management generally includes risk assessment, risk treatment, risk acceptance, and risk communication. A business discipline consisting of three major functions: loss prevention, loss control, and loss indemnification.
Robbery prevention: a combination of techniques that seek to convince the potential robber that in the commission of robbery the personal risks will be high and that the possible gain will be low. Such techniques are for the most part designed for execution by retail businesses that are targeted by robbers.
Root cause analysis: a technique used to identify the conditions that initiate the occurrence of an undesired activity or state.
Round down fraud: a theft technique in which the criminal, typically a white collar employee, transfers to a dummy account the rounded-down remainders from the computation of interest pertaining to many accounts. The rounded-down remainder of each account may only be a fraction of one cent, but the total amount stolen can be significant when the number of accounts is large. The dummy account is usually set up in a way that will allow the criminal to make withdrawals without drawing suspicion.