Use this Security Assessment Checklist as a resource to methodically prepare a comprehensive security assessment. Not all of the elements listed here will be applicable to every organization, but working through the checklist will help you avoid redundancy and improve accountability.
CATEGORY 1: GENERAL INFORMATION
- Nature of business or agency
- Facility name
- Address
- Survey date
- Hours of operation
- Facility contact person
- Phone number
- Fax number
- Environment survey conducted by
- Surveyor’s address
- Surveyor’s phone
- Surveyor’s email
CATEGORY 2: GEOGRAPHICAL CHARACTERISTICS
- Political conditions
- Crime rates
- Personnel safety
- Availability of labor
- Economic conditions
- Medical treatment availability
- Public fire fighting availability
- Public utilities
- Public transportation
- Earthquake susceptibility
- Fire susceptibility
- Tornado susceptibility
- Severe weather susceptibility
CATEGORY 3: COMMUNITY
- Crime rate
- Aesthetic qualities
- Public police protection
- Fire protection
- Emergency medical services
- History of civil unrest
- Graffiti and vandalism
CATEGORY 4: PHYSICAL SECURITY
Facility Perimeter
- Fencing
- Landscaping
- Parking
- Employee parking area illumination
- Visitor parking area illumination
- Employee parking area monitoring
- Visitor parking area monitoring
- Lighting
- Vehicular traffic pattern
- Trash removal
- Protection from adjacent occupancies
- Proper signage
Building
- Description of building
- Common walls with adjacent occupancies
- Exterior door construction
- Exterior door locks
- Door lock operation
- Exterior window construction
- Window height above ground
- Window security
- Roof access restriction
- Building exterior lighting
- Shipping and receiving area monitoring
- Emergency exit
- Emergency exits unobstructed
- Interior door construction
- Interior wall construction
- Antitheft systems or mechanisms
Access Control
- Intrusion detection
- Building entrances minimized
- Employee entrance monitoring
- Visitor entrance monitoring
- Interior door locks
- Key control system
- Key sign-out and assignment system
- Keys accounted for
- Key safeguards
- Employee distinguishableness
- Visitor supervision
- Restricted access to sensitive or vulnerable areas
- Computer data storage restrictions
- Key storage area restrictions
- Mechanical and utility room restrictions
- Telecommunications room restrictions
- Mailroom restrictions
- Executive office suite restrictions
- Vendor access
- Vault or safe security
- Controlled substance security
- Hazardous material security
- Liquid asset protection
- Proper signage to direct visitors
- Alarm and Surveillance Systems
Fire Protection
- Fire alarm system
- Sprinkler system
- Fire extinguishers
- Fire suppression
- Fire alarm system testing
- Gas line protection
- Electric power cord protection
- Fire doors functional
- Flammable material storage
- Fire notification plan
- Fire evacuation plan
- Fire exits unobstructed
- Fire exits secured from outside
- In-house fire brigade
- Fire safety policy and procedures
- Address prominently displayed
CATEGORY 5: PERSONNEL SECURITY
- Employee background investigations
- Previous employer verification
- Security for personnel records
- Exit interviews upon employee termination
- Organization property retrieval at termination
- Employee and visitor safeguards against accidents, theft, assault, and workplace violence
CATEOGRY 6: INFORMATION SECURITY
- Critical information identification
- Critical information security
- Information hardcopy destruction
- Employee nondisclosure agreement in place
- Intellectual property identification
- Intellectual property security
- Client and customer list protection
- Access to computers restricted
- Access to computer transmissions restricted
- Laptop and personal computer security
- E-mail access restrictions
- Internet connection security
- Electronic document destruction procedures
- Software licensing
- Prohibition against installation of outside software
- Terminated employees immediately denied access
- Disaster recovery plan
- Duplicate data files maintained at remote location
- Password security
- Information security indoctrination and training
- Cellular phone communication protection
CATEGORY 7: INVESTIGATIONS, INTELLIGENCE, AND SECURITY
Background Investigations
- Employees (new)
- Employees (existing)
- Vendors and contractors
- Partnerships with other organizations
- Security clearances
Incident Investigations
- Investigation of any loss
- Accidents
- Safety hazards
- Crime
- Natural disasters
Intelligence
- Competition counterintelligence
- Criminal intelligence
- Foreign travel intelligence
Reporting Procedures
- Background investigations documentation
- Background investigation confidentiality
- Security activity log maintenance
- Recording of incidents
- Incident reported to proper manager and/or authority
- Adherence to reporting procedures
CATEGORY 8: OPERATIONS
- Audit procedures
- Employee locker or workstation inspections
- Accounting function separation
- Package control system
- Opening time ambush controls
- Closing time ambush controls
- Receiving area security
- Shipping area security
- Delivery driver controls
- Separation between shipping and receiving areas
- Equipment inventory
- Contractor and vendor audits
- Customer or visitor service
CATEGORY 9: POLICIES AND PROCEDURES
- Mission statement
- Vision statement
- Organizational goals
- Organizational values
- Quality improvement initiatives
- Employee code of conduct
- Employee misconduct policies
- Disciplinary procedures
- Termination procedures
- Search or inspection policies
- Removal of organization property
- Bomb threat procedures
- Evacuation procedures
- Severe weather procedures
- Natural disaster procedures
- Contraband detection
- Chemical abuse policy
- Drug testing policy
CATEGORY 10: SECURITY INDOCTRINATION AND TRAINING
- Indoctrination for new employees
- Training for existing employees
- Executive protection
- Foreign travel training
CATEGORY 11: LIAISON ACTIVITIES
- Contact with local police maintained
- Contact sheriff maintained
- Contact with state police and highway patrol maintained
- Contact with fire department maintained
- Contact with appropriate federal agencies maintained
- Articulation and collaboration with other security organizations