Understand and follow the physical security lifecycle to protect your organisation’s people, information, and assets.
Understand the physical security lifecycle
Before you can put the right physical security measures in place, you must understand what you need to protect. Think about the value of the people, information, and assets in your environment.
When you assess your organisation’s unique risks, you can work out which physical security measures you need to reduce those risks to an acceptable level.
Physical security measures can be more expensive and less effective if they’re introduced later. So consider your physical security requirements at the earliest stages — preferably during the concept and design stages.
During this phase, you implement the agreed physical security measures, including policies, processes, and technical measures.
Validating your organisation’s physical security measures means finding out if they’ve been correctly implemented and are fit for purpose.
It is important to operate and maintain your security measures appropriately, so they continue to provide the protection you need.
Undertake regular reviews to ensure your security measures remain fit for purpose. Identify changes in your use of facilities, in your organisation, or your threat environment.
When your building, facilities, information, or assets are no longer needed, make sure you consider the security implications during the decommissioning phase. Have a plan for destroying, redeploying, or disposing of your facilities, information, or assets securely.