NEED EMERGENCY SERVICE?

Our technicians are available 24/7 to help with your emergency.

Call 1.800.736.1456

How to Develop a Building Vulnerability Assessment Checklist

silhouettes of three people assessing a facility

Every building has security vulnerabilities. Developing a comprehensive security solution for any facility involves a thorough assessment of the facility to determine vulnerabilities, gaps, existing resources, priority improvements, etc. Partnering with an experienced, reputable security systems integrator and installer is essential; a building vulnerability assessment checklist is a good resource to help you figure out what your building needs. Here’s how to develop a building vulnerability assessment checklist:

1. Customize an Initial Threat Assessment to Your Facility and Location

Every building vulnerability assessment checklist should start with an initial threat assessment. Although there are some general areas to cover for any facility, you want to make sure you customize the initial threat assessment to your facility and location.

Type of Building

The type of building and type of facility will introduce a myriad of security considerations for a building vulnerability assessment checklist. A big part of making sure your facility gets the security solution it needs is ensuring the type of facility is taken into account.

A hospital or a university will have unique needs and considerations that may or may not overlap with a private office building. In addition to the type of building, it’s also important to take a high-level overview of the building layout and what is located where inside the building. You want to identify the spaces in a building that could be considered high-value targets for intruders or high-risk areas for other security issues.

Security Mandates

Another important aspect of a building vulnerability assessment is whether there are specific security requirements or mandates that need to be met according to the type of facility. Assisted living facilities, healthcare facilities, and schools may have security measures that are mandated by law and/or by professional accreditation organizations. These need to be included in any security assessment to ensure they are properly met.

Location

The type of building needs to be considered during a vulnerability assessment and so does the location of the building. The site of the building itself and the surrounding area need to be considered during an initial threat assessment.

Beyond that, it’s also important to consider whether there are crimes and security vulnerabilities already common to the area and what those may be. What are the common security threats? What are the uncommon security threats you still need to prepare for?

2. Review and Evaluate Existing Security Technology

Outdated security products and technology can create security vulnerabilities and open up a facility to security risks and are huge signs your security technology needs an upgrade. On top of identifying security upgrades, reviewing existing security technology is part of managing and maintaining security systems and also helps to identify gaps and vulnerabilities in the current system.

Alarm and Call Systems

Start by identifying what alarm systems and call systems your facility has in the first place. Then, thoroughly evaluate those systems, compare them to current updated technology, and make sure you’re future-proofing your building security.

Think about how these systems work and who is involved with them. For example, is your security system integrated? There are many benefits of integrated security systems, but all components have to work together seamlessly to reap those benefits. Do alarm systems and call systems connect and communicate seamlessly with other security elements like access control and security cameras?

Are high-value items or information stored in a secured space or alarmed room? Are windows and doors equipped with an alarm system? Are these connected to security cameras and a notification or call system? If windows or doors are broken, is anyone notified?

How many people have access to the alarm system? Who are they? Who knows how to disarm the system, how can they be reached, and when? How do you manage access to the system when the people who need or don’t need access to it change?

Security Cameras

There are several types of surveillance cameras available with varying capabilities. The right type of security camera installed correctly in the right place is critical to your building’s security. Broken security cameras, cameras that don’t work, cameras with the wrong capabilities, etc. are all vulnerabilities to your facility’s security.

Location of Current Cameras

Thoroughly review current security cameras for existing capabilities and status, and consider what that monitored area needs. Also, take note of where cameras are placed in your building. What areas are currently monitored and what areas are not? Are the best places to install security cameras fully monitored and covered?

Security Camera Capabilities

Do cameras run consistently or are they only triggered by motion? Do you have low-light, night, or heat signal cameras in areas that do not get enough light? Do your building’s security cameras capture on video or do they capture both video and audio?

Are there intelligent video analytics capabilities in your current system? For example, can your video surveillance cameras track movement, count objects, detect heat, send tampering alerts, etc.?

Integration and Storage

Also, consider how well your video surveillance integrates with other security systems in your building. Are they connected, do they communicate, and how? Additionally, evaluate your current tech storage needs.

If a security threat occurs, you need to be able to access and reference that footage, which requires storage. How much storage do you have available for footage from your security cameras and for how long is it stored? You may find that one of the security features you didn’t know your business needed was cloud storage for your video surveillance footage.

Backup Solutions

When examining your current security technology, do so with emergencies and backup plans in mind. For example, do you have ways of sustaining critical life safety & security systems during power outages?

Are your systems wired or wireless? Are they capable of both if one or the other is not working for some reason? What plans or systems do you have in place if one part of your security system fails? Do your current systems proactively alert you of damage, necessary updates, or upcoming repairs?

3. Check Your Access Points and Access Credentials

Entrances, exits, and general access to your building and around it are common areas for security vulnerabilities. In addition to other alarm systems and security systems, it’s important to review these areas physically and technologically.

Entrances

Securing the doors and windows is one of the ways to improve commercial building security and the security of any facility. Take a close look at the doors in and around your building.

Are they heavy-duty, reinforced, and in good shape? When the door is closed, how much space is between the doorjamb and the door? Does it close tightly or is there space to pry it open?

Keys and Locks

Also, think about your keys and locks. What types of locks are you using? Do your doors have commercial-grade locks and deadbolts? What sorts of keys are you using? How easy are they to duplicate?

Are there master keys? How many and who has them? How do you manage keys? Where and how do you track who has keys or access credentials?

Access Control System

If you are using an access control system in addition to, or in place of, a traditional key and lock system, carefully evaluate each part of it. Where are the access points? How are they secured? What types of cards are being used? Are you using biometric access control anywhere?

How do you manage and track cards and who has them? What happens when you need to revoke someone’s access? What happens to those cards? Can you place warnings or limits on access credentials? Will you know if an unauthorized person tries to gain access?

Does your access control system integrate with your other security systems? Can you generate reports? What types of reports? Can you see how often people are accessing or attempting to access places they shouldn’t?

4. Consider and Examine Secured and Unsecured Spaces

As you examine and review access points, also take note of secured and unsecured spaces in your building. Which spaces are currently monitored and/or considered a secured enclosure? Which spaces are currently not? Taking note of these spaces and carefully reviewing them can help identify security vulnerabilities and gaps.

Are there any places or entrances that are unsecured or regularly left unlocked? Are there security measures and monitoring in place for all important spaces? For example, is your server room a secured space that requires authorized access or is it open and unsecured? Is it monitored in any way?

5. Evaluate Building Architecture and Perimeter

Part of assessing vulnerabilities of a building and location includes building architecture, the exterior of the building, and the perimeter of the building. Surrounding structures and features can introduce potential security vulnerabilities and need to be considered.

Do you have critical assets near access points? What type of security is provided for them? Are there hidden areas on your lot or structures that could be used as hiding places? Is the perimeter of your building monitored or secured in some way from every angle?

Does your building have a parking garage or parking lot? How is it accessed, how is it secured, is it monitored, how it is monitored, etc.? Can security cameras in the parking area or around the building recognize and capture license plates? How do people access your building from the parking area?

Does your building site have fences, barriers, or other perimeter security? What kind of perimeter security do you have, is it in good shape, are there damaged areas or repairs that are needed, etc.? Is your current perimeter security sufficient or do you need an upgrade?

These are some tips on how to develop a building vulnerability assessment checklist. Going through a new year security checklist at the beginning of the year and regularly running through a building vulnerability assessment can help you secure your building and maintain security as technology and your facility’s needs evolve.

Not having enough security is one of the common security mistakes businesses make. Security needs and the right mix of security products to meet them will vary from facility to facility. A custom building vulnerability assessment is a useful tool for security budget planning and getting comprehensive security for your facility.

If you’re interested in upgrading your building’s security, contact NEPPS at (800) 736-1456 to schedule a free site assessment for security solutions tailored to your facility’s specific needs.

NEPPS - Building Vulnerability Assessment Checklist

Want to Share it on Your Site?

Just copy and paste this embed code into your page to share it with others:

<a href="https://www.nepps.com/blog/develop-a-building-vulnerability-assessment-checklist/" title="Northeast Protection Partners"><img src="https://www.nepps.com/wp-content/uploads/2022/03/Building-Vulnerability-Assessment-Checklist-min.jpg" alt="Building Vulnerability Assessment Checklist - Infographic by NEPPS" style="border:none;" /></a>