Physical Security Asset and Service Life Cycle Security Management
Role overview
The role of Physical Security Asset and Service Life Cycle Security Management is to oversee and provide advice throughout the procurement cycle, minimising the security risks associated with the procurement of assets or services, from concept to disposal.
Typical role expectations
To support:
- identification and management of assets developed, processed or shared with suppliers, including with domestic and international partners
- supplier compliance with all relevant security legislation and regulatory requirements
- governance structures to manage all security risks from conception to disposal of assets
- the implementation of secure logistics of assets in development, transportation and at rest
Typical role expectations
- Identify and manage the assets developed, processed or shared with suppliers, including with domestic and international partners
- Ensure acquisitions/service programmes and suppliers comply with all relevant security legislation and regulatory requirements
- Implement governance structures to manage all security risks from conception to disposal of assets
- Act on intelligence indicating any risk to the supply chain, including providing advice and assurance on supplier’s security across acquisitions and services, and encourage continuous improvement
- Develop and maintain effective stakeholder relationships with both internal and external stakeholders in order to influence and change security decisions and manage the delivery of the required security assets
Typical role expectations
- Oversee life cycle standards for assets developed for the organisation, processed or shared with suppliers, including with domestic and international partners
- Create and manage standards for acquisitions/service programmes and ensure suppliers comply with all relevant security legislation and regulatory requirements
- Oversee the implementation of governance structures to manage all security risks from conception to disposal of assets
- Aggregate and prioritise intelligence indicating any risk to the supply chain, including providing advice and assurance on supplier’s security across acquisitions and services, and encourage continuous improvement
- Develop and maintain effective stakeholder relationships with both internal and external stakeholders in order to influence and change security decisions and manage the delivery of the required security assets
Skills
| Skill | Associate | Lead | Principle |
|---|---|---|---|
| Applied Physical Security | Working | Practitioner | Expert |
| Risk understanding and mitigation | Working | Practitioner | Expert |
| Secure supply chain management | Working | Practitioner | Expert |
| Legal and regulatory environment and compliance | Awareness | Working | Practitioner |
| Protective security | Awareness | Working | Working |
| Threat understanding | Awareness | Working | Working |
Core learning
Associate
NPSA – Reducing Insider Risk
Lead
ISO27001 Practitioner
NPSA – Sensitive Information and Assets
Principal
NPSA – Cyber Assurance of Physical Security Systems (CAPSS)
Certified ISO27001 Practitioner