How To Conduct a Corporate Security Assessment

Corporate premises face a variety of risks. These include everything from relatively minor crimes such as vandalism and criminal damage, through to serious and potentially deadly acts of violence and terrorism.

In order to properly protect your people, property and assets, you need to put in place adequate security measures. The first step in implementing a high-quality security plan is to carry out a security assessment. This will highlight your security strengths and – more importantly – weaknesses so that you’re able to allocate your security resources in the most efficient way.

Unfortunately, many businesses have never conducted a thorough security assessment. This may mean that the security measures they have in place do not match their target potential. Or, in other words, that they are wasting their money on ineffective security measures that don’t address their unique security vulnerabilities.

So that you can be sure your business is properly secure, we’re going to show you exactly how to conduct a proper corporate security assessment. It’s not difficult; but it could save you a lot of money and keep your people safe.


What Is a Corporate Security Assessment?

A corporate security assessment takes a detailed look at your existing security measures and vulnerabilities. This will allow you to spot what may have previously been unknown gaps in your security and develop a good understanding of your threat potential – i.e., the likelihood that your business will be targeted by certain types of criminals.

Your security assessment will also help you identify your assets so that you’re able to create security procedures that ensure they remain properly protected. Assets are broken down into three types:

People assets
Property assets
And information assets

Each of these assets types requires unique security measures to be applied to ensure that your business suitably secured.

This guide will look at each of these areas in turn and will show you how to assess your existing security as well as look at some of the ways you can improve your protection.


Risk Assessments

A risk assessment is designed to help you identify potential risks so that you can put in place effective countermeasures. Not all risks are immediately obvious. As such, your risk assessment is the place to really dig into every possible potentially dangerous scenario so that you are not caught off guard.


People Assets Risk Assessment

People assets are not limited to your employees. In fact, people assets include anyone who enters your premises. As such, visitors, contractors, members of the local community and anyone else visiting or impacted by your business count as people assets.

As an organisation, you are responsible for ensuring the security and safety of your people assets. In order to do so effectively, you first need to understand what risks your people assets face.

This is where your risk assessment comes in.

In terms of your people assets, your risk assessment should ask things such as:

– Are entrances and exits secure?
– Are your staff and visitors monitored by CCTV – and are there any blind spots?
– Are policies in place that set out what employees should do if they are confronted by an aggressive customer/colleague?
– Are effective emergency evacuation plans in place – and are these effectively communicated to your people assets?
– Are visitors required to sign into a logbook?
– Are there an appropriate number of fire, first aid and health and safety trained staff on site?
– Are all employees made to take basic fire, first aid and health and safety training?
– Have you updated security policies in line with recent all business changes (such as hiring new employees, expansion, relocation, and so on)?
– Have staff been trained in how to securely lock your premises at the end of the day – and do you make sure that this process is always undertaken by more than one person?
– What is the average emergency response time in your area?
– Are security alarms, fire alarms and CCTV systems regularly serviced and tested?
– How many people have access to your building, how many people regularly work late, and do you share your premises with another organisation whose own people assets may not have been properly trained in security and safety?
– Do you review your people asset security policies at least once a year?

These questions will give you an idea of the types of issues you should be looking at. Unfortunately, however, this is not a comprehensive list. All organisations have their own unique security requirements, and so deciding what does and doesn’t present a security threat is half of the battle.

For example, if your premises include outbuildings, you will also need to probe the risks around these. Or, if your organisation is located next to a busy road with no designated pedestrian crossing, you will need to factor this in, too.

The most important thing is to take your time with your people asset risk assessment (and, indeed, all risk assessments). This involves analysing every single aspect of your business in terms of the potential threats they present to your people assets.

To do this, it’s important that an interdisciplinary team is involved in your risk assessment – since different people will have different insights into the potential threats your people assets face.


Property Assets Risk Assessment

Your property assets include your buildings, machinery, utilities, vehicles, stock, equipment, systems and any other physical entities owned by your business. The value of your property assets can be incredibly high. Burglars and criminals, more often than not, target property assets as opposed to your people and informational assets.

In terms of your property assets, your risk assessment should ask things such as:

– Are entrances and exits secure?
– Are entrances and exits covered by CCTV?
– Is security lighting in place and operational?
– Are blinds closed at the end of the day as a matter of routine?
– Are items of plant and machinery properly secured to the floor?
– Are property assets marked with unique identifiers – such as codes or inscriptions?
– Are proper access control measures (such as manned security, key card systems, internal locks, etc.) in place?
– Are vehicles locked after use and are keys stored in a secure safe until they’re next required?
– Is money regularly banked; removed from the premises overnight, at weekends and over holiday periods; and is banking carried out at random times?
– Do you keep an up-to-date itinerary of all your property assets?
– Are you using a professional key holding service?
– Are all sets of keys accounted for – and are those holding them trustworthy?
– Are reporting processes in place so that employees can report any suspicious activity they see?
– Are disciplinary measure in place to deal with employee theft — and are all members staff aware of the repercussions of stealing from your business
– Are security alarms, fire alarms and CCTV systems regularly serviced and tested?
– Do you review your property asset security policies at least once a year?

As with the people assets section above, this is not a comprehensive list of all of the issues your risk assessment will need to cover. Different types of businesses will have very different property asset security requirements.

For example, corporate premises which are located in the same premises as warehouses and manufacturing units may require incredibly robust security measures since the value of the equipment accessible via the premises may be huge. On the other hand, small offices located in shared premises may be able to do much less and still remain incredibly secure.


Informational Assets Risk Assessment

Your information assets include computer systems, employee records, financial information, business information and any other potentially valuable data. Criminals are increasingly targeting informational assets, since they are often less secure and more profitable than property assets.

The security measures you have in place to protect informational assets will consist of two distinct types: physical security measures and cybersecurity measures. It is absolutely crucial that your security plan includes both of these.

– Are important physical documents kept in locked filing cabinets or safes?
– Are employees aware that all important documents must be safely stored before they leave work?
– Are measures in place to ensure that only authorised individuals are able to access important physical and digital documents?
– Are your staff using highly secure passwords – and do they change them every 30 days?
– Are staff aware that they must lock their computer whenever they’re not at their desk – even if only for a few minutes?
– Is data backed up and stored in a secure, offsite location?
– Do you have in place up-to-date, enterprise-grade cybersecurity measures – including an antivirus and firewall?
– Are employees required to sign a form when they remove and return important documents?
– Are employees complying with relevant data protection legislation – such as GDPR?
– Are onsite servers kept in a secure, locked and properly cooled location?
– Are security alarms, fire alarms and CCTV systems regularly serviced and tested?
– Do you review your informational asset security policies at least once a year?


Planning New Security Measures and Management Policies

Of course, a risk assessment alone will do nothing to improve your business’s security. You also have to implement the lessons you’ve learnt. This is often easier said than done – and, with a limited budget, you may find yourself in a situation where you have to prioritise some issues over others.

Your people assets are, without doubt, your most important. Ensuring the safety and security of every stakeholder of your business should therefore be your number one priority.

To implement effective change, you need to list your existing security weaknesses in terms of their importance. A good way of doing this is to assign each area for improvement with a number corresponding to how important its resolution is. For example:

– 1 for critical importance
– 2 for high importance
– 3 for medium importance
– 4 for low importance
– 5 for negligible importance

As such, a broken window may be assigned a priority rating of “1”. Whereas a small interior CCTV blind spot may be assigned a priority rating of “4” of “5”.

With such a list in place, you can begin researching the costs associated with resolving each issue. This will allow you to allocate your budget in the most effective way.

Remember, the most important security gaps may not be the most expensive to resolve. Whereas less important issues may cost a lot more. Ranking your security weaknesses in this way will prevent you from overspending on low priority issues at the expense of high priority ones.

Many resolutions needn’t cost any money at all. For example, proper staff training and the implementation of managerial security processes – covering, for example, employees’ responsibilities to properly file away important documents at the end of the working day – can begin in earnest.

If you’re new to security assessments, you may wish to seek the services of a security consultancy company. Such providers will have the experience and expertise required to ensure your security assessment doesn’t miss anything and can provide advice pertaining to how best to allocate your budget.


Professional Corporate Security

To enjoy the most robust corporate security, you may choose to provision the services of a professional security provider. A good private security company will be able to deliver public sector security, concierge security, reception security, office security and much more besides.

Here is an overview of some of the most frequently requested corporate security services that we deliver.


Corporate Security Officers

Corporate security officers are highly trained security officers able to enforce security best practice in professional environments. Corporate security guards provide a range of services, including:

– Concierge security
– Reception security
– Access control
– Health and safety
– First aid
– Physical intervention
– Crowd control
– Surveillance
– Emergency service liaison
– Evacuation services
– Out of hours and overnight security
– Bag checks and inspections.

An essential part of many large and medium-sized offices’ security strategy, corporate security officers provide an effective visual against crime and act as a rapid response to any security issues that arise.

Premises which have a visible manned security presence are significantly less likely to be targeted by criminals. And, if they are, the presence of manned security guards greatly reduces the chances of criminals being successful.


Mobile Security Patrols

Mobile security patrols undertake regular inspections of your premises. This will include perimeter checks, inspections of outhouses and other owned properties, patrols of large outdoor spaces (for example, industrial estates) and interior patrols. Choosing mobile security patrols has many benefits, including:

– Comprehensive surveillance over large or multiple premises.
– A rapid response time to any security incidents.
– 24/7 regular security patrols (as well as random inspections to prevent criminals being able to predict patrol times).
– An effective visual deterrent (uniformed guards and marked vehicles).
– An assurance that any necessary minor repairs are carried out quickly (such as boarding up broken windows).
– Physical intervention and first aid.

Whether they’re used in conjunction with static guarding or as a standalone service, mobile security patrols add an additional layer of defence to any security plan. In rural areas – where emergency response times may be relatively long – choosing mobile security patrols will ensure that any security incidents are dealt with rapidly and efficiently.


Key Holding and Alarm Response

Professional key holding and alarm response services provide another additional layer of defence to your corporate security strategy.
A good key holding provider will keep a complete set of keys in a secure, offsite location.

This means that, if the need arises, you are guaranteed entry to your premises. This service is usually coupled with alarm response, in which your security company will be alerted immediately when your alarm sounds – ensuring a hasty, effective response.Offices which opt to use a key holding and alarm response service benefit from:

– Guaranteed access to their property – 24/7.
– A rapid and professional response to alarm activations.
– First aid trained personnel.
– Physical intervention and suspect detention (where required).
– An accurate record of all security incidents.


CCTV Security

CCTV security allows you to monitor your premises remotely as well as to conduct comprehensive security surveillance on multiple locations simultaneously. A good security provider will be able to properly install a high-quality CCTV system (ensuring that cameras are in the most appropriate locations) and conduct regular maintenance checks of your system.

Your provider will also monitor visual video streams around the clock, taking necessary interventions where needed. Footage can be used as evidence in court if a crime takes place on your property. Companies which choose CCTV security benefit from:

– 24/7 surveillance.
– A rapid response to any security incidents.
– Video evidence for use in court.
– An effective visual deterrent.


How to Find a Good Security Provider

The UK security industry is growing quickly. Still, finding a good provider can be difficult. That said, with the right know-how, there are several things you should look out for when choosing a new provider.

SIA-Licensing – The SIA is the governmental body responsible for regulating the private security industry in the UK. Individuals working in the security industry require an SIA license in order to legally carry out their role. As such, always ask a potential provider if their staff are SIA-licensed. If they’re not, the company is breaking the law.

– ACS Pacesetters – The SIA operates a scheme to help businesses and individuals identify the very best security companies. Known as the ACS Pacesetters, this group represents the top 15 percent of UK security companies (as determined via extensive and continued assessments by the SIA). If you are able to, choose a security company which belongs to the ACS Pacesetters.

Third-Party Accreditations – Good security providers will place a high value on gaining third-party accreditations. These may include qualifications which demonstrate that they treat their staff properly, that they operate in an environmentally friendly way or that they adhere to good health and safety practice.

Since its foundation in 1996, Churchill Security has grown into one of the UK’s leading private security companies. All of our guards are SIA-licensed and we belong to the top five percent of all UK security companies – making us a top-tier member of the ACS Pacesetters.

We also have ConstructionLine membership – which ensures we our services are fit for private and public sector security work – and are SafeContractor approved.
To grow into the nation-wide security provider we are today, our company has been through a lot of changes. However, our ambition has always been the same: to provide first-class, cross-industry security services to companies of all sizes.

We have a ninety-five percent customer retention rate, maintain an average of 350 active sites and have and average alarm response time of 30 minutes. You can find out more about our company and our accreditations here.

Churchill Support Services provides a comprehensive range of security services (including corporate security services) and operates nation-wide. Whatever your security needs, we’ll be able to provide a solution that works for you.

John Melling

Group Chief Executive Officer

John has a proven track record for motivating and leading high performance teams and has helped mentor and develop many people at Churchill who now hold key or senior positions within the business. John is committed to delivering only the finest services, exercising compelling leadership, maintaining good internal morale and striving to resolve any challenges efficiently and effectively.