Security Advisor - Security Assessment Guide

Welcome to SecureNet's Security Assessment guide. This tool will help pinpoint general security risks and make you aware of all the steps required to assess your faculties’ security including research, strategy, planning and installation. Keep in mind, the Security Assessment guide is for general information purposes, and is designed to serve only as a starting point for your facilities’ initial assessment. For a comprehensive security assessment, please contact SecureNet.

How to Perform a Site Security Assessment  
You can never eliminate risk but you can manage risk and be ready to deal with failures in your security system. Security managers can make better business decisions related to their existing and new security technology.
Analyzing new security technologies is an important part of the process. An overall security assessment of your company is essential to understanding and evaluating your companies’ ability to prioritize threats which will help in determining the security technology your business utilizes.

Risk Management
Security risks have a tendency to be viewed as isolated incidents. Risks can overlap at certain points and could conceal areas of weakness of the company’s security. Convergence of security risks is important because those converged risks that pose the greatest danger to people and organizations are often unidentified. We need to keep ahead of those who attack us and work with interior and exterior forces to recognize and understand those possible weaknesses that could cause a business the most damage.

There’s a variety of security threats
• Accidents involving employees and visitors
• Natural disasters
• Data loss
• Fraud
• Intellectual espionage
• Vandalism
• Threats to people
• Physical theft
• Brand and reputation attacks 

The numerous and intricate merging of risk is causing organizations to rethink their security risk strategy.

Building on What Already Exists
Many security operations already collect a myriad of data related to security incidents as well as link the data to specific security programs. 

Security-related Incident Reporting, Logging
• Number of security incidents in the past 12 months
• Types of security incidents
• Primary methods used in security incidents
• Likely sources of security incidents
• Security incidents' impact on the organization
• Estimated individual and total financial losses as a result of security incidents
• Manner in which the organization learned of security incidents
• Types of decision-makers that are engaged by the organization in security issues
• Effectiveness of policies and procedures over the past year
• Elements included in the organization's security policies
• Alignment with business objectives
• Frequency of prioritizing threats by risk level
• Business issues or factors driving security spending
• Reasons used to justify security spending
• Effectiveness measures for security spending
• Confidence in security 

The issue of trust in security is vital. Depending on the findings of the security assessment, there may be the need for additional products and services. Each area analyzed should be viewed and assessed individually, guided by the facts and matched to the business goals.

Site Security Assessments Leads to Right Decisions
A comprehensive site survey can make it easier to see exactly what needs to be done to control access and surveillance inside and outside a facility. Frequently, by focusing on the security needs of the company, a business can make significant improvements at a much lower cost than expected. 
A site assessment is a tool for finding out what is right and what is wrong with a facility's perimeter and internal physical security, including electronic access control, intrusion detection, and video surveillance.

One advantage of the assessment is clearly identifying security holes. Sometimes security can fall into the trap of quick fixes — repairing an individual door that doesn't close properly or throwing up a camera based on increased criminal activity in a section of a parking lot. Using these stop gap measures may not do much to improve overall security nor help with growing security systems in the right ways. 

An outside site security survey consultant may suggest that a solid first step is to cover the basics of security and the specific level of security the enterprise desires. A second step: a review of the organization’s security procedures, including access points. A discussion of access points determines whether parking lots, garages, external doors, hallways, windows and even the roof are equipped with access control and security video, where necessary. 

Six Areas to Highlight
1. The ability to secure a facility depends in large part on its function and its integration to other buildings.
2. Existing systems. A comprehensive assessment should note the location of every security component, such as card readers, cameras, and intrusion detection devices. 
3. Communications infrastructure. In these days of IP-based security systems, a comprehensive site survey should document the configuration, availability and capacity of existing communications networks.
4. Regulatory requirements. In some instances, a site assessment enables security to compare the existing security program against regulatory and compliance requirements.
 5. Power availability. The access and security video camera points surveyed need power.
6. Site preparation. The survey team also should look for conditions that may impede or preclude the effective use of an electronic security system. 

Comprehensive Assessment with Details, Photos
Number and photograph vehicle and people access points throughout the facility is useful in developing later recommendations or in making changes of security camera locations and their views.

Rank each access and security video point: Rank 1 is for those functioning properly. Rank 2 function properly, but have cosmetic issues. Rank 3 is for doors and cameras that require maintenance or changes in positioning. Rank 4 indicates that a defective or ineffective item needs to be replaced or upgraded. Rank 5 indicates a need for a camera, access control or intrusion detection, which will require a new installation or product replacement.
Different than a site security assessment, a threat assessment considers the full spectrum of threats (i.e., natural, man-made, accidental) for a facility, location or camera point. The assessment adds supportive information to assess the likelihood of occurrence for each threat. For natural threats, historical data concerning frequency of occurrence for given natural disasters such as tornadoes, hurricanes, floods, fire, or earthquakes can be used to determine the credibility of the given threat. For criminal threats, incident reports on site and the crime rates in the surrounding area provide a good indicator of the type of criminal activity that may threaten the facility. 

The security site assessment guide is meant to help you get a better understanding of your facilities security preparedness or lack thereof. Please contact SecureNet if you have any questions regarding this information or if you need any help with your security assessment.