Security Considerations Assessment
It is important to protect people, buildings, infrastructure, information, and the systems that support businesses and services, from those with hostile and malicious intent, whether they use physical and/or cyber-attack methods.
The decreasing separation between the physical and technological aspects of the environment, assets and services means that security issues can no longer be siloed as personnel, physical or cyber. Instead, if security measures are to be effective in addressing the risks, a multi-layered approach that includes consideration of each of these aspects is required.
The Security Considerations Assessment (SCA) process has been developed to ensure that potential security-related vulnerabilities are considered across a range of activities and processes and that, where applicable, physical, personnel, cyber and cross-cutting security measures are properly embedded.
Correctly implemented, it should lead to fewer security-related changes being required at a later stage. It also aims to limit the re-occurrence of circumstances, decisions and actions that have previously led to a compromise of security in similar situations.
The SCA document is intended for use by those who are accountable and responsible for the creation, planning, design, construction, manufacture, use, operation, management, modification, improvement, demolition and/or recycling of individual assets or products, or the wider built environment, as well as those involved in the provision of related services. It is also for the use of those organisations who wish to embed security-mindedness, or protect their commercial information, personal data and intellectual property, as well as organisations and teams carrying out research and development.