To reduce costs and improve effectiveness, consider your physical security measures early in any process for:
- planning new sites or buildings
- selecting new sites
- planning alterations to existing buildings.
You also need to assess physical security risks for people working away from the office, and for any shared facilities you use.
Evaluate risks and prepare plans
You must evaluate physical security risks before you select sites. Then prepare site security plans which detail the security measures you need to mitigate the risks.
Comply with security zone requirements
Use the right security zones and their associated measures for protectively-marked information and assets. Security zones may also help to protect other valuable information and resources. Each zone comes with minimum requirements you must implement.
Apply good practice for physical security design
Good practice includes:
- following the ‘Deter, Detect, Delay, Respond, Recover’ model
- using multiple layers of security — ‘security in depth’
- using NZSIS-approved security products when required
- addressing all points where your physical security could be breached
- knowing and complying with all relevant laws and standards
- applying ‘Crime prevention through environmental design’ (CPTED)
- adding physical security requirements to your business continuity and disaster recovery plans.
Get your physical security design accepted
Your chief security officer (CSO) must accept that the proposed security design is fit for purpose and will address your organisation’s specific requirements.
Implement your physical security measures
Implementing your agreed physical security measures includes rolling out related policies and processes, and any technical measures you need.
Include physical security in your business dealings
Build physical security into your contracts, business relationships, and partnerships. Ensure everyone is aware of your physical security requirements and check for compliance.
Manage your planning and building processes
Make sure your physical security measures are implemented when there are new builds, refurbishments, or assets shifted from one workplace or area to another.