Technology changes but the basics remain.
There can be little doubt that security has changed over the recent years. We face a radically new threat landscape and huge technology leap realised by the internet of things (IoT). IP-enabled security has clearly brought many advantages, transforming security systems into a more integral operational role rather than just a security tool, thus raising client expectations and attracting IT departments and new security providers from the IT sector.
That said, the strength of the security professional is in understanding security and risk and the fundamental role of electronic security measures remain the same: the protection of assets. So the process for defining appropriate security measures and their suitability and fitness for purpose for a facility has changed little, revolving around undertaking a risk analysis and security survey, which should be methodical, systematic and thorough.
The protection level for a building primarily depends on risk. The risk analysis identifies probable targets – people, property, information, and the probability and impact of an attack, while the security survey ensures that all pertinent information to design and implement commensurate security systems and measures is obtained.
Stage one is about intelligence gathering: collecting information on the organisation, its operations and objectives, followed by a risk assessment to identify assets requiring protection and their value/attractiveness. As well as defining the threats – break ins, robbery, arson, trespass, insider attack etcetera – and the type of adversary likely to be encountered.
Stage two, involves obtaining details of the facility, including the location – whether inner city, commercial rural, etcetera – previous history, boundary, building structure and condition and any existing protective measures such as alarms, bolts, bars. This should be a structured process undertaking observations, interviews with key employees, crime prevention officers and, if possible, insurance assessors.
It should be supplemented with historic data, crime records, site plans and drawings, where available. A survey checklist ‘Location Survey Checklist’ based on the BS EN 50131-7 standard is also advisable as a useful aid memoire.
The final stage is the site walk through, or the survey. In the journal task, this would involve assessing the physical vulnerabilities, current security measures and their condition, and the types of system and devices to further mitigate the threat. The survey leads to the system design stage, which takes into account people, processes and the technology that needs integrating to meet objectives.
Starting with the ABC of risk, area, boundary, contents, is good practice, so the site survey begins at the boundary working towards the core to ensure a layered security approach. The shell of the building consists of all parts of the boundary of the structure: walls, floor, roof, including moveable parts such as doors and windows.
The shell needs viewing from outside as well as inside to ascertain any weak points. As well as the outer shell, there may be further shells within that require protection, for example a storeroom containing high value goods.
As the survey progresses through the building, there needs to be a careful assessment of the type of security device required and its deployment. It must take into account any influencing factors that may compromise the level of security, such as specifying the wrong device, or lead to potential sources of false alarms relevant to each technology type, such as water pipes, HVAC systems, lighting, electromechanical interference, extraneous noise, draughts, animals, signs and stock movement and other special considerations.
Once concluded the survey notes/information leads to the system design document, which also needs to incorporate adherence to the relevant standards and NSI/SSAIB codes of practice.
Reference material
BICSI (July 2012). Electronic Safety and Security Design Reference Manual, Third edition. BICSIÒ ISBN 1-928886-60-4
Mary Lynn Garcia (2008). The Design and Evaluation of Physical Protection Systems, Second Edition.
British Security Industry Association BSIA
Free Download: The Video Surveillance Report 2023
Discover the latest developments in the rapidly-evolving video surveillance sector by downloading the 2023 Video Surveillance Report. Over 500 responses to our survey, which come from integrators to consultants and heads of security, inform our analysis of the latest trends including AI, the state of the video surveillance market, uptake of the cloud, and the wider economic and geopolitical events impacting the sector!
Download for FREE to discover top industry insight around the latest innovations in video surveillance systems.
Just to quickly add a few extra points to Peter’s excellent article. It’s worth mentioning that in terms of conducting a Risk Assessment Survey (RAS), if there’s an intention to deploy CCTV, or of course if the site already uses a Security Camera System, a general security RAS does differ in some respects, from that required specifically for video surveillance planning and assessment. When evaluating risks, it’s also worth if possible conducting a brief external Crime Audit ( and reviewing the site’s Health and Safety Log ) to see what previous issues have been of concern locally, in other words… Read more »
My complements to Peter Houlis for outlining in a very concise way, the requirements of a Security Risk Survey. As Peter mentioned, the first stage of the process acquires information as to the inner workings of the protected site to allow for the development of a risk analysis. Peter also pointed out that this stage should also include an assessment of the type of threat adversary that may attack the site. By including the threat assessment the whole risk management process can be refined, and therefore, provide a better allocation of resources to mitigate against the identified threat adversaries. Doktor… Read more »
Very true David, those organisations that enjoy positive community relations and are viewed as a benefit to their community are far less likely to suffer an attack than those that exert any negative or even nutral feelings