Some Security Questioning Guidelines

Security QuestionsThe following blog post provides guidelines on how to conduct security questioning. You can use this information for training or for updating a security SOP.

You will use security questioning in the following situations:

  • When you need to resolve or investigate a suspicious activity or behavior.
  • In access control, to assess a visitor’s/employee’s identity and the reason for wanting to enter the secure area.

Security Questioning Objectives:

  • To resolve the suspicious situation rapidly and efficiently.
  • To find more suspicion indicators that may come up during the conversation.
  • To provide a proactive security service.

The Security Questioning Process:



  • Detect Suspicion Indicators – Identify suspicious objects, individuals or situations.
  • Immediately engage the suspicious individual and try to find a logical reasonable explanation for the suspicious activity or behavior.
  • If you cannot resolve the situation (a logical explanation was not provided to you), treat the situation as a threat and act to prevent by reporting the situation, maintaining a close watch over the individual, restricting access or escorting the individual etc.

You can derive suspicion indicators from a person’s behavior or appearance, his story and identifying documentation, from the person’s belongings and the situation as a whole. Normally, a person will be deemed suspicious when two or more attributes (see image below) will not fit together. For example, a person is dressed like a maintenance employee (appearance) but his ID tag is in an unusual color (documentation).


How to Question (General):

Before you approach a person and begin to question him assess the behavior and appearance of this person. In the assessment process, ask yourself; what is the declared identity of this person? (…is he a business man, teacher, technician etc.). Answers to these questions will give you a baseline for what you expect to hear from this person in the questioning process. A deviations from this baseline may indicate a potential cover ( for example: the person is not a business man but only pretends to be one in order to gain access to a restricted floor in the building),

The following are guidelines that you should follow when questioning a suspicious individual:

  • You are empowered to question: Do not be ashamed or afraid to approach people and questioning them with the purpose of resolving the suspicion. THIS IS YOUR JOB!
  • Conduct questioning in a cooperative tone: Always begin questioning with a cooperative tone. Suspicious people are not criminals or terrorists – They are only suspicious.
  • You control and direct the conversation: Don’t let the person you are questioning take over the conversation by answering questions with questions.
  • Ask open ended questions: Who, what, when, when, where and how are much better questions to use in security questioning. Close ended questions which are answered by a “Yes” or “No” confirm what you already think. Open ended questions allow you to find more information.
  • Make sense of your gut feeling: Gut feeling is important but you should try to assess each suspicion with your mind and not with your gut. When you identify a suspicious activity ask yourself: What is this person suspicious of (surveillance, theft, dry run, etc)? If you can’t associate the suspicion with a criminal or terrorist MO then what you see is abnormal or odd but it is not suspicious.
  • Be quick and focused: most suspicions will be resolved after two or three questions. Ask questions that will help you get the suspicion resolved and avoid asking questions that are off topic.
  • Go from the General to the Specifics: Start with a general question and go to more specific questions. Here is an example:

Q: “Excuse me…who are you here to see?”

A: “I am going for a meeting at the Chameleon Associates Office.”

Q: “Which floor is Chameleon Associates located at?”

A: “I believe the 20th floor”

Q: “Who is your contact person there – I will contact them for you”

A: “Thank you, her name is Sara.”

Q: “…and what is your name, sir?”

How to Question (Access Control):

  • Using open ended questions identify the reason or intent for the person to want to access to the secure area.
  • Ask for an ID from the visitor.
  • Ask from the visitor to pronounce his/her name.
  • Look for discrepancies between, age, picture, date of issuance, accent, ethnicity and name. A discrepancy may indicate a forged ID or a stolen identity.
  • If you identify the person’s intent as potentially hostile and his identity false then restrict access.
  • Before refusing access try to get as much information as you can about the individual.


How to Question someone who is taking pictures or conducting surveillance?

  • Before engaging the suspicious individual make sure the person knows you are watching him. This can be done by direct observation, taking notes or taking a picture of the suspicious individual. Try to get the suspicious person to come to you and ask you why he is being watched or photographed.
  • A person who approaches security to try and figure out why he is being targeted is most likely without any hostile intent.
  • If you see the person is still going about his business or if you see the person leaving the area engage him with open ended questioning. The objective of this questioning procedure is to identify the true nature and reason for his suspicious activities or behavior.                                                Security questioning guidelines

1 Comment

  1. Anonymous on February 8, 2020 at 9:04 am

    Great blog!

Leave a Comment