Physical security management core policy
New Zealand government agencies hold significant resources on behalf of the Crown to fulfill government functions, for example, to develop policy, implement programmes and deliver services to the public.
The Government expects each agency to create and maintain an appropriate physical security environment for the protection of these functions, associated resources and people.
Physical security environments should support the efficient and effective delivery of agency outputs without compromising the application of protective security measures and while also taking into account relevant health and safety standards.
Agencies must employ a risk management approach to determine appropriate levels of physical protection for their functions, information, assets, employees and the public.
These decisions require a rigorous analysis of security risk.
For more information refer to:
- AS/NZS ISO 31000:2009 Risk Management – Principles and Guidelines
- HB 167:2006 Security Risk Management.
Sensible management of security risk will involve finding appropriate and cost-effective ways to minimise risk through a combination of procedural, personnel and physical security measures.
This mix establishes a series of barriers that prevent or restrict unauthorised access or harm to resources. It also establishes mechanisms to detect and respond to security breaches within an acceptable timeframe. This is known as security-in-depth.