Physical security threat assessment
First of all, if you think this is just for professionals, don't be misguided! A threat assessment can be implemented by any person eager to improve their security at home, place of business, office, ranch, farm, flat, or even just a single room! It is just a simple step-by-step system that has been developed over a couple of years, and can be used by anyone willing to put some thought and research into it!
Why use it?
One of the most common risks an organization runs is stagnant and non-evolving security measures. Unfortunately, these things can only be addressed if it is known to the organization. For that reason, it is necessary to perform a complete threat assessment. Sadly, too often a comprehensive threat assessment is missing completely or never updated. So it's your responsibility as the Advisor/Consultant/Team-leader/Security manager or head of the house to make sure that all the risks are reduced to an acceptable level.
The biggest mistake most organizations make is waiting for a safety breach or incident to happen before they implement mitigation strategies. Preparing a thorough threat assessment will undoubtedly help in improving overall security. It will also help in identifying which preventative measures to implement and reduce the risk of possible threats.
Any organization will always have some form of physical threat. Whether it's from general crime, human error, or even natural elements. Physical security is not a one-size-fits-all package. It gets very specific to the organization itself, especially when it comes down to demographics and location.
Before we start
Before we go any further, you should have a clear knowledge of the differences between risk, threat, and vulnerability. If you are unsure or just need a little refresher to make sure you are on the right track, you can learn the difference >Here<. It's also important to note that there are different methodologies out there and each one probably works, but will not necessarily be comfortable for everyone. That's why you need to learn from each of them and develop something that you are comfortable to use.
That being said, you should make sure that the following points are covered in your assessment:
- Buildings, assets, and vehicles are characterized
- Undesirable events should be identified
- The consequences of those events should be determined
- The types of threats should be identified
- Testing and analyzing the protection security systems and procedures
- Complying with law and regulations
- Identifying reasonable control measures needed
To formulate the assessment:
Formulating a threat assessment can be done by following these 5 steps:
1) Characterizing facilities