Security Management of Government Buildings



Similar documents
Service Risk Assessment. Consultant PQC

The Risk Management strategy sets out the framework that the Council has established.

Audit summary of Security of Infrastructure Control Systems for Water and Transport

Risk Management Policy and Framework

Risk Management Strategy and Policy. The policy provides the framework for the management and control of risk within the GOC

Enterprise Risk Management Framework Strengthening our commitment to risk management

River Stour (Kent) Internal Drainage Board Risk Management Strategy and Policy

CONTROLLED DOCUMENT. Number: Version Number: 4. On: 25 July 2013 Review Date: June 2016 Distribution: Essential Reading for: Information for:

Bedford Group of Drainage Boards

Tasmanian Government Information Security Framework

DORSET & WILTSHIRE FIRE AND RESCUE AUTHORITY Performance, Risk and Business Continuity Management Policy

Corporate Governance Framework

Guide to Developing Risk Management Plans for Sport & Active Recreation Clubs

Victorian Government Risk Management Framework. March 2015

Capital Works Management Framework

AFTRS Health and Safety Risk Management Policy

Business Continuity Policy and Business Continuity Management System

Shepway District Council Risk Management Policy

Aberdeen City Council IT Security (Network and perimeter)

POLICY : CORPORATE RISK MANAGEMENT

How To Manage Risk In Ancient Health Trust

Managing Risk in Procurement Guideline

Waveney Lower Yare & Lothingland Internal Drainage Board Risk Management Strategy and Policy

Gateway review guidebook. for project owners and review teams

Risk Management. Policy

Confident in our Future, Risk Management Policy Statement and Strategy

ESKISP Conduct security testing, under supervision

1.0 Policy Statement / Intentions (FOIA - Open)

Corporate Governance Framework June 2015

Project Evaluation Guidelines

Risk Management Procedure

PROJECT MANAGEMENT FRAMEWORK

PSPSOHS606A Develop and implement crisis management processes

Core Infrastructure Risk Management Plan

TRANSPORT FOR LONDON SAFETY, HEALTH AND ENVIRONMENT ASSURANCE COMMITTEE

Memorandum of Understanding. Department of Justice and Attorney-General. Department of Transport and Main Roads. between the.

Overview TECHIS Manage information security business resilience activities

Wide Bay Respite Services Supporting the caring role of families. Service Management Policy

SCOTTISH CHILDREN S REPORTER ADMINISTRATION

RISK MANAGEMENT STRATEGY

Health and safety guidance for research undertaken in the community

SAFETY and HEALTH MANAGEMENT STANDARDS

DERBYSHIRE COUNTY COUNCIL BUSINESS CONTINUITY POLICY

Information Governance Strategy & Policy

RISK MANAGEMENT STRATEGY

Risk Management Policy

Incident Reporting Procedure

Risks and uncertainties

Emergency Management and Business Continuity Policy

Management of Business Support Service Contracts

National Surface Transport Security Strategy. September Transport and Infrastructure Senior Officials Committee. Transport Security Committee

This is a free 9 page sample. Access the full version online. AS/NZS ISO 31000:2009 Risk management Principles and guidelines

Guide to Integrated Strategic Asset Management

GUIDANCE NOTE FOR DEPOSIT-TAKERS. Operational Risk Management. March 2012

Business Continuity Policy. Version 1.0

Business Continuity Management Policy

APPENDIX 50. Enterprise risk management - Risk management overview

Specification for Learning and Qualifications for Common Security Industry Knowledge

Safety Management System (SMS) Guidelines

DATA AUDIT: Scope and Content

Guide to the National Safety and Quality Health Service Standards for health service organisation boards

TRUST SECURITY MANAGEMENT POLICY

Risk Management & Business Continuity Manual

ENTERPRISE RISK MANAGEMENT FRAMEWORK

Corporate Risk Management Policy

RISK MANAGEMENT POLICY AND STRATEGY. Document Status: Draft. Approved by. Appendix 1. Originator: A Struthers. Updated: A Struthers

Strategic Alliance. Business Continuity Policy

ACT Auditor-General s Office. Performance Audit Report. Whole-of-Government Information and Communication Technology Security Management and Services

Lone Working Guidance

IS INFORMATION SECURITY POLICY

Queensland State Emergency Service Operations Doctrine

Information Security Policy. Chapter 11. Business Continuity

TRUST POLICY FOR EMERGENCY PLANNING

Maintenance Strategy 2015 Owner: Kevin Bullimore Head of Infrastructure Next review 2020

WORK HEALTH AND SAFETY CONSULTATION, CO-OPERATION AND CO-ORDINATION

Hazard Identification, Risk Assessment and Control Procedure

Bus incident management planning: Guidelines

PROCEDURES RISK MANAGEMENT FRAMEWORK AND GUIDELINES PURPOSE INTRODUCTION. 1 What is Risk?

BUSINESS CONTINUITY MANAGEMENT POLICY

Contract management: renewal and transition. Report to Parliament 10 :

WEST YORKSHIRE FIRE & RESCUE SERVICE. Business Continuity Management Strategy

Guide to Integrated Strategic Asset Management

IAM Certificate in Asset Management Ver1.2 January 2013

POL ENTERPRISE RISK MANAGEMENT SC51. Executive Services Department BUSINESS UNIT: Executive Support Services SERVICE UNIT:

Business Continuity Management

Preparation of a Rail Safety Management System Guideline

4. Critical success factors/objectives of the activity/proposal/project being risk assessed

How To Manage A Business Continuity Strategy

The Lowitja Institute Risk Management Plan

Transcription:

GUIDELINE Security Management of Government Buildings The Queensland Government has a responsibility to ensure its services are resilient to all foreseeable risks. In the context of security management, agencies need to implement processes and procedures to ensure the safety and security of people in government buildings and the continued delivery of government services. Security management is the process of identifying, implementing and monitoring systems and processes for the protection of people and building assets against loss, misuse, damage or deprivation of use caused by deliberate acts. Building assets should have adequate security systems and processes in place to protect people, property, operational capability and information. Efficient security management requires: assessing security risks (including the risks associated with terrorism) and their impacts on service delivery developing and implementing cost effective and appropriate measures to manage the risks monitoring the effectiveness of security measures and adjusting them as risks and circumstances change. In this guideline, the term agencies has the same meaning and is used interchangeably with departments (as defined in s8 of the Financial Accountability Act 2009). All agencies that control or administer buildings (regardless of whether they are tenants or owners) should comply with the requirements, processes and procedures for the security of Government buildings covered in the: Government Asset Protection (GAP) guides and toolbox Guide for General Security Planning The Queensland Plan for the Protection of Government Assets from Terrorism The Australian/New Zealand Standard 31000:2009: Risk management Principles and guidelines. Department of Housing and Public Works

For access to the whole-of-government policy documents, agencies should contact the Queensland Police Service by email at Counter.Terrorism@police.qld.gov.au or by telephone on 07 3364 6791. Benefits Implementing efficient security management of government buildings: Risks supports agency service delivery objectives minimises unnecessary losses or disruptions ensures Government meets its statutory obligations (e.g. duty of care) as the employer and building owner. Inadequate or inappropriate security management can leave agencies exposed to unnecessary losses, damage, business disruption, injury to staff and/or litigation. 1.0 Security management process A strategic approach to security management is essential for effective protection, prevention and emergency response. The following services related to the monitoring and operation of a security system (which are necessary to keep the building in a habitable and useable condition) should be considered: alarm monitoring mobile security patrols security audits provision of static security personnel other relevant protection measures in accordance with the principles and processes for on-site emergency response and business continuity in the Queensland Plan for the Protection of Government Assets from Terrorism. The key stages of the security management process detailed below are consistent with the process of risk analysis and management outlined in the Australian/New Zealand Standard 31000:2009: Risk management Principles and guidelines. Where government employee housing is a component of their building portfolio, agencies should ensure that their security management provisions are consistent with the Government Employee Housing Management Framework, in particular policy requirements 6 and 15 and the Security and Safety Standard for Government Employee Housing detailed in Appendix B. 2

1.1 Establish the context It is necessary to determine the assets and service delivery processes and procedures of the agency and the potential security incidents/threats which may impact upon them, for example: the key activities in the building with a particular focus on those which, if disrupted, could substantially affect the agency's ability to deliver its services the security threats to which the agency may be exposed where the vulnerabilities lie in relation to each of the threats regarded as plausible. 1.2 Identify, analyse and assess the risks Agencies should consider what controls are in place, the likelihood of the situation taking place, whether there are any triggers which could signal the potential for such an event to happen, the consequences of such an occurrence and the cost to the organisation. To complete the risk assessment, the level of the security risks should be evaluated and ranked according to their importance and the potential damage or harm that could result. Priorities should also be set to address each of these risks. 1.3 Identify and assess risk treatment options In order to determine the most risk/cost effective security risk treatment options, agencies should identify options, assess options, prepare and implement treatment plans and analyse and evaluate residual risks. Security measures can be broadly categorised as prevention, deterrence, detection or response, or a combination of these. 1.4 Develop a security management plan A security management plan should be based on the recommended risk treatment options which: assign responsibilities for reporting, recording and analysing security incidents establish communication processes and (where applicable) ensure that relevant information is provided to key management committees institute a training and awareness program for key personnel and stakeholders include a process and timetable for the implementation of agreed physical and technical security procedures document performance criteria and ongoing monitoring processes for plan implementation determine funding requirements taking into consideration any existing service level agreement with the security provider and departmental plans for security/onsite emergency response and business continuity. If agencies require advice or assistance regarding the procurement of security service providers to meet their particular requirements they should consult the Department of Housing and Public Works. 3

Building tenants should work cooperatively to develop collective arrangements for common areas of their building. Similarly, tenants of adjacent buildings need to implement mutually supportive security arrangements for their precinct. In accordance with the requirements of the Guide for General Security Planning, a building security committee should be established in multi-tenanted buildings. The committee is responsible for periodically reviewing security risks and developing, implementing, reviewing and testing building security arrangements. The committee should comprise representatives from all tenants and from the building owner. A tenant representative with relevant authority should undertake the role of the chair of the committee. In government buildings, where protective security services are provided by the Department of Housing and Public Works, the officer performing the function of the building service coordinator is responsible for implementing and testing security and emergency arrangements. 1.5 Monitor and review plans and feedback The security management plan should be monitored to ensure its effectiveness. Improvements/changes in asset planning, maintenance procedures, risk management and security management plans could be triggered. by: responses to, or the impact of, security incidents on service delivery the results of testing exercises occurrence of security incidents not previously anticipated views of stakeholders regarding the effectiveness and value of security management and onsite emergency responses legislative changes performance of security operations. 4

The suite of guidelines which comprise the Strategic Asset Management Framework (available online at www.hpw.qld.gov.au) is organised under the following categories: 1. Overview - explains the principles and concepts of strategic asset management as they apply to buildings. 2. Guidelines - expand on key aspects of strategic asset management to inform decisions over the entire life-cycle of the asset. 3. Decision-making methodologies and guidelines - support agencies to implement best practice strategic management of buildings. Second Edition First published as Security Management (ISBN 0 7242 9311 6) in the Strategic Asset Management - Best Practice Guidelines Queensland Department of Housing and Public Works December 2010 (includes minor updates as at December 2012) ISBN 978-1-921670-08-04 The State of Queensland (Department of Housing and Public Works) Enquiries should be directed to: The Principal Policy Manager Building Policy Unit Strategic Asset Management Department of Housing and Public Works GPO Box 2457 Brisbane Qld 4001 bpu@publicworks.qld.gov.au 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information