Operational requirements | NPSA

About NPSA
About NPSA

The UK Government’s National Technical Authority for Physical and Personnel Protective Security.
- Who We Work With
  
  NPSA works with partners in government, police, industry and academia to reduce the vulnerability of the national infrastructure.
- Frequently Asked Questions
  
  Frequently asked questions about NPSA.
- Threat Information
  
  Understanding the threats facing your business or organisation will ensure protective security measures are proportionate, effective and responsive
- NPSA Blog
  
  The NPSA blog provides thought leadership, latest news and updates on protective security.
Protective Security
Protective Security

Implementing effective protective security measures will help to protect your organisation from threats.
Advice & Guidance
Advice & Guidance

Our advice & guidance outlines the steps to take when implementing protective security measures.
- Physical Security
- Personnel & People Security
- Incident Management
- Personal Safety and Security for High-Risk Individuals
  
  This content is designed for individuals that have heightened risk affecting their personal safety and security
Learning & Resources
Learning & Resources

We provide information and resources to support the promotion of security awareness across your organisation.
- Security Campaigns
  
  NPSA has developed a series of security awareness campaigns, designed to provide organisations with a complete range of materials they need.
- Digital Learning
  
  Online learning modules relating to Protective Security.
- Think Before You Link
  
  'Think Before You Link' will help you to protect yourself, your colleagues, and your organisation from the harmful impact of online malicious profiles.
- Catalogue of Security Equipment
  
  The Catalogue of Security Equipment (CSE) is available to help security practitioners to identify appropriate physical security equipment. The CSE provides a range of products that have been evaluated against specific NPSA security standards and the performance rating achieved.

Home
Protective Security
Build it Secure
Operational Requirements

Operational Requirements (OR) are an essential tool to enable an organisation to produce a clear, considered and high level statement of their security needs based on the risks they face.

A well-defined OR increases the likelihood of success in any security project and reduces the risk of commissioning expensive nugatory work. The involvement of key stakeholders in the OR process will increase executive buy-in for the project, simplifying any organisational change required.

NPSA has recommended the use of an OR process for many years. The development of this process is based on observing projects where security requirements were poorly defined or developed in isolation. Where NPSA has been asked to assist in failing security projects, in almost all cases an OR process has not been followed. In many cases a comprehensive risk assessment is also absent which is why NPSA recommends completing both risk assessments and the OR process as an essential part of any security project.

Where a suitable OR process is used, projects have a significantly higher success rate and stakeholders are better engaged in the security measures implemented.

See below for the OR documents which provide a step by step guide to completing the process. This self-help guidance and accompanying worked examples should enable a security manager to facilitate a structured OR workshop to develop a set of security mitigations for their organisation.

Did you find this page useful? Yes No