A security assessment is the critical first step towards developing and maintaining a robust security evaluation program. Without a comprehensive assessment process security managers and facility leaders are forced to respond to perceived vulnerabilities, the “threat of the day”, and good ideas rather than evaluating the risks to the facility and responding appropriately to reduce them. A good assessment process will provide the security managers and facility leaders with the necessary intelligence to understand the terrorist and criminal capability, intentions, and activity, and provide information to develop an effective threat mitigation plan.
Security assessments are a planning tool that ensures that security and procedural countermeasures are economically designed to counter specific threats or mitigate specific vulnerabilities, and that the risk remaining is well understood by security managers and facility leaders making risk acceptance decisions.
Both security managers and facility leaders will use security assessments to determine the threat for probability and severity of occurrence. The outcome of this process is a prioritized list of threats, vulnerabilities, and recommendations. This list of prioritized requirements shall be used to evaluate the acceptability of certain risks and to make decisions concerning the employment of resources and other actions that reduce vulnerability. These assessments should be recorded as a record/baseline and updated regularly as the situations change or as the facilities are modified and changed.
Assess the threat, develop and maintain a security program.