Security planning

Share

Share this page with the external widget:

  • Delicious
  • Digg
  • Reddit
  • StumbleUpon
  • Email

Security Planning

Organisations cannot remove all of the possible threats they face but, in addition to the security measures in place to protect their most valuable assets, they should also have plans and strategies to respond to serious incident and the contingency arrangements for getting back to ‘business as usual’ as soon as possible.

This section explains some of the key documents and plans that organisations should maintain to an appropriate level of detail. They are intended as starting points. Any decisions or investments in relation to security should always be taken in consultation with the wider sources of information that are available and which are referenced throughout.

There are three strong business reasons why organisations should plan to deter acts or terrorism or espionage, or at least to minimise their impact. They are:

Business continuity

Ensure that your business is able to cope with an attack and return to normality as soon as possible. This is particularly important for smaller businesses that may not have the resources to withstand even a few days without trading.

Legal obligations

In the event of an attack your preparation and contingency plans are likely to come under scrutiny. Health and safety at work regulations put the responsibility on the owner or occupier of premises has a duty of care for staff and visitors. Although the police and other agencies can offer advice, it is up to the owner or occupier to seek out and act upon that advice. In any subsequent inquiries or court proceedings, you would need to show that you took the relevant legislation into account.

Loss of reputation

Your business or organisation will lose its good name if it does not fulfil its legal obligations and/or business continuity plans in the event of a terrorist attack. The resulting loss of reputation may adversely affect your business.

In addition, make sure that your organisation has adequate insurance to cover terrorist threats - consult your insurance company or broker.

There is limited value in safeguarding your own business premises in isolation. Take into account your neighbours' plans, particularly if you are in a multi-occupancy building. You may also wish to discuss your plans with the emergency services.

Business continuity planning

The Business Continuity Plan (BCP) is an essential part of any organisation’s response planning. It sets out how the business will operate following an incident and how it expects to return to ‘business as usual’ in the quickest possible time afterwards.

Business continuity planning

Staff training and awareness

Educating staff about security will not only help them to recognise possible risks and vulnerabilities but also help organisations identify new threats from the feedback they receive from a more alert workforce.

Staff training and awareness

Standards and specifications

In collaboration with the British Standards Institution (BSi), and with the assistance of a range of stakeholders, CPNI has developed four Publicly Available Specifications and one European CEN Workshop Agreement.

You should bear relevant standards and specifications in mind when security planning.

Standards and specifications

Share

Share this page with the external widget:

  • Delicious
  • Digg
  • Reddit
  • StumbleUpon
  • Email
pen and notepad

Related Documents