Establishing security specifications that deliver consistent and agreed levels of security protection based on the threat context is a challenge common to most organisations regardless of size or industry sector. This is particularly the case for organisations operating in different regions or countries, which face the added complexity of attempting to define specifications for security measures when terminology, materials and legislation are different.
This SRMBOK Guide deals with the establishment of physical security specifications for organisations by providing detailed information on the various threat control measures that can be adopted, and which can be readily used as a basis for consideration/modification to suit your specific organisational situations.
Most importantly, this section covers the concepts of threat postures and security-in- depth, whereby an organisation puts in place the basic 'buildings blocks' pertinent to their assessed threat context, which can then be built upon relatively quickly and efficiently as the threat context changes. It provides detailed information on:
Physical Security Specifications
Access Control to Premises and Secure Areas
Physical Barriers and Hardenings
Locks and Keys
Alarms, Sensors and Monitoring Devices
Security Cabinets and Containers
It has been written so that the guidelines for each of the above are separated from, and precede the suggested minimum recommended specifications for consideration in each component. In so doing, the guidelines can:
Be used to guide security treatments globally without fear of misunderstanding due to variations between country legislation or materials availability; and
Be provided to contractors and other staff with a need-to-know, without disclosing how the organisation applies these specifications based on its own business context and enterprise security risk assessments.
