Understand and follow the physical security lifecycle to protect your organisation’s people, information, and assets.
Understand the physical security lifecycle
Understand what you need to protect
Before you can put the right physical security measures in place, you must understand what you need to protect. Think about the value of the people, information, and assets in your environment.
Assess your physical security
When you assess your organisation’s unique risks, you can work out which physical security measures you need to reduce those risks to an acceptable level.
Design physical security early in your processes
Physical security measures can be more expensive and less effective if they’re introduced later. So consider your physical security requirements at the earliest stages — preferably during the concept and design stages.
Implement your physical security measures
During this phase, you implement the agreed physical security measures, including policies, processes, and technical measures.
Validate your physical security measures
Validating your organisation’s physical security measures means finding out if they’ve been correctly implemented and are fit for purpose.
Operate and maintain to stay secure
It is important to operate and maintain your security measures appropriately, so they continue to provide the protection you need.
Review your physical security measures regularly
Undertake regular reviews to ensure your security measures remain fit for purpose. Identify changes in your use of facilities, in your organisation, or your threat environment.
Retire information and assets securely
When your building, facilities, information, or assets are no longer needed, make sure you consider the security implications during the decommissioning phase. Have a plan for destroying, redeploying, or disposing of your facilities, information, or assets securely.