All facilities need a security plan, whether required by regulation or not.
Security plans should be designed to control access to the facility, prevent intrusions, and reduce the chances of theft or other loses , and to provide procedures for response to security incidents.
Security planning must take into consideration that the adversary sets the agenda. This is an important and too little discussed reality. Building occupants, even building security, are unlikely to know that an adversary is considering an adverse attack or criminal intrusion. (click here to read more about how The Adversary Sets the Agenda)
Security plans protect people and their safety.
Security plans should:
- be facility specific and include security requirements and procedures for both normal and emergency or crisis operations
- describe the roles and responsibilities for security related tasks
- describe in detail how access is managed for the facility
- describe the physical security features and security countermeasures of the facility and their importance in protecting people and the facility
- describe how the facility will test, maintain, and repair the physical security features
- identify all critical areas of the facility and address the level of protection required for each area
- have procedures and policies for how to respond to a security incident
- have a system in place for reporting and investigating a security incident
- provide for ongoing employee security awareness training
- have policies and procedures for protecting critical cyber and IT infrastructure and systems
- describe how the facility will test and exercise the security plan
- be reviewed frequently and updated as needed
A Security Risk Assessment should be conducted prior to developing a security plan.
Contact Don Greenwood & Associates, Inc. to have us conduct a security assessment on your facility and assist you in developing your security plan.