Physical Security Assurance
Role overview
The role of physical security assurance is to identify physical security risks and highlight non-compliance and vulnerabilities to enable others to manage residual risk.
Role level
Typical role expectations
- Deliver Physical Security assurance processes, including providing audit information to risk owners
- Assess, record, and monitor the introduction, maintenance, through-life performance, and removal of physical infrastructure and systems
- Monitor and report on the delivery of Physical Security services against requirements, with the use of key performance indicators
- Ensure alignment with government and industry objectives and standards, proactively reviewing and assuring security risk and highlighting non-conformance
Typical role expectations
- Manage delivery and life cycle of Physical Security assurance processes, including sharing audit information to senior leadership, and setting assurance standards
across government
- Manage the assessment, recording, and monitoring of the introduction, maintenance, through-life performance, and removal of physical infrastructure and systems
- Review reporting, including key performance indicators, and act as key decision maker for the delivery of Physical Security services against requirements
- Ensure alignment with government and/or industry objectives and standards, and liaise with senior stakeholders on how these objectives and standards can be met
Skills
| Skill | Lead | Principal |
|---|---|---|
| Applied Physical Security | Practitioner | Expert |
| Legal and regulatory environment and compliance | Practitioner | Expert |
| Risk understanding and mitigation | Practitioner | Expert |
| Protective security | Awareness | Working |
| Threat understanding | Awareness | Working |
Core learning
Lead
Certified ISO27001 Practitioner
NPSA – Reducing Insider Risk Guidance and Tools
NPSA – Sensitive Information and Assets
Principal
Certified ISO27001 Practitioner
NPSA – Leadership Guidance
NPSA – Technology and Control Rooms