Understand what needs to be protected
Identify the people, information, and assets your organisation needs to protect, and where they are. Assess the security risks and the impact of loss or harm to people, information, or assets. Use your understanding to:
- Protect your people from threats of violence and provide support if they experience a harmful event
- Protect members of the public who interact with your organisation
- Put physical security measures in place to reduce or remove risks to your information assets.
Design physical security
Include physical security in the planning, selection, design, and modification of facilities. Design security measures to address risks your organisation faces and align with your risk appetite. Ensure measures are compliant with relevant health and safety obligations.
Validate security measures
Confirm that security measures have been correctly implemented and are suitable. Complete certification and accreditation processes to ensure security zones have approval to operate.
Keep security up-to-date
Stay aware of evolving threats and vulnerabilities and respond accordingly. Maintain physical security measures effectively to ensure they remain suitable.