What is a physical security design standard?
An organization’s physical security design standards are critical to ensuring a holistic approach to physical security system implementation. Often a highly technical document, the standards set minimum requirements and specifications for the equipment being installed and the level of functionality and integration between system components and facility systems and processes. Detailed design standards also include installation specifications, programming and operating parameters, as well as the system interface requirements for you, the customer. Physical security design standards create tremendous value in ensuring that the quality of work done by integrators is consistent and meets your expectations. The standard can be used in the overall facility design process for renovations or new construction to ensure architects, engineers and general contractors integrate your security standards into the facility from day one. The overall goal of the standard is to enhance security, while maintaining compliance with applicable regulations, codes and organizational policies.
Whose job is it?
Developing physical security design standards is not a one-person or one-department job and should begin with an all-hazards risk assessment to ensure that:
- Assets are prioritized
- Vulnerabilities are identified
- Threats are recognized
- Risk is quantified
Stakeholders from various departments should take part in this risk assessment and have input on the design standard to ensure the assets with the highest risk are adequately protected. Your organization’s size and structure will dictate who is involved, but it is recommended that, at a minimum, a representative from the following departments take part, when feasible and applicable:
- Information Technology
- Human Resources
- Corporate Compliance/Ethics
- Finance/Risk Management
- Logistics/Supply Chain Management
- Senior/Executive Leadership
This collaborative approach helps you get buy-in for your security needs from other areas of the organization and can strengthen your case by having more people in your corner during budget season. It also ensures that your security systems align with regulatory requirements and organizational policies they may be subject to.
Keeping the standard relevant
Once you have a physical security design standard in place, the next challenge is keeping the standard up to date. In a world where technological advances seem to be made daily, it comes as no surprise that security systems are evolving at a breakneck pace. Wireless technology, video analytics and cloud hosting are among the many advances that are sweeping the security industry. Threats and risks evolve at an equally fast pace, whether they be human, economic or natural risks. So, how does this affect your design standards?
In terms of technology, you may not need to specify the latest and greatest 30-megapixel camera or cutting-edge biometric access control, but it helps to be informed about trends and know where your current technology falls against industry standards. You certainly do not want to create vulnerability by having outdated specifications, such as a 125KHz proximity access control card that can be easily hacked. Some technology, such as wireless, can provide a more cost-effective solution that allows you to stretch your dollar a little further. Understanding how advances in technology can create efficiency for the other departments in your organization and implementing them into your standards will allow you to create additional value with your security systems. Ultimately, aligning your standard with modern technology reduces the total cost of ownership over the life of the system and reduces vulnerability within the system itself.
Your physical security design standard should also be reviewed when any changes to your organization’s risk profile occur. This ensures that the design standard maintains its purpose of enhancing security and does not leave any gaps in your defense, nor do you continue to specify protection for something that is no longer needed. As your organization evolves, new risks are sure to emerge, and it is critical to have a design standard in place that can easily adapt to the changing landscape.
Your standard should be subject to an informal review annually, allowing the team members involved in its development to document any necessary changes, as well as give new personnel that may be stakeholders in the design the opportunity give it a “fresh set of eyes.” A formal review should occur every three years, where the committee responsible for the risk assessment and design standard convenes to evaluate the standard in depth and make any necessary changes.
Contact S3 Integration and leverage our expertise in helping you establish, update or refine your physical security design standard. We will work with you, step by step, to deliver a solution that meets your current and potential future needs. Learn more about our consulting and planning services by clicking here.