ISO 23234-2021 pdf free download.Buildings and civil engineering works – Security – Planning of security measures in the built environment.
4 Planning of security measures for the built environment
4.1 General
Where there is an identified need for protective security In relation to an asset in the built environment, protective security measures shall be considered and, where implemented, managed in all project stages.
This document sets out a suggested model for project stages (see Table 1) that can be applied whether a project relates to a new or existing asset. Some projects might follow alternative project models for the execution olwork. Depending on the nature of the project, the complete model can be followed, or parts can be adapted and applied.
The actors in a construction process have defined tasks and roles in the different stages and sub- processes. The principal is responsible for defining the construction programme and detailed requirements, while the project manager and project planning manager are responsible for ensuring that the decision support documentation for security is prepared in line with the accepted recommendations of the project security adviser and to the right quality. The project planners shall jointly develop the project from a list of needs and functions that result in suggestions for detailed interdisciplinary solutions. The project executors shall deliver and implement the selected solutions, and document that their execution complies with the defined requirements.
All actors involved in the project security works shall familiarise themselves with the requirements and instructions defined by the principal in the project and understand how the security requirements also affect the individual’s specialism and choice of solutions. This document describes the tasks, functions, and responsibilities of the protective security roles during the individual stages. This should be viewed in relation to other security deliverables in the construction project. Requirements for protective security measures shall be developed in the project in the same way as other functions and requirements. Security requirements should be defined through processes for security risk management in the principal’s organization before the project is established.
4.2 Security planning as part of risk management
In a construction project where protective security measures are to be implemented in accordance with this document, there can often be a number of activities in parallel with, or in advance of, what is defined as the construction project itself. During the planning processes, public stakeholders should be asked whether their needs are sufficiently taken into account.
The principal shall decide which security measures to implement. The basis for such recognition often emerges from the organization performing security risk assessments as an ongoing activity in the organization’s security risk management.
The organization is expected to have ongoing processes for mapping, analysing, and assessing its threat profile in relation to assets and known threats. Changes in the asset inventory or the threat picture can result in the need to alter security measures. The same can be true after incidents that have affected the organization.
Which security deliverables are included at each stage within a specific construction project depends on the nature of the project and how it is being organized. Sometimes, a security risk analysis has already been conducted by the principal before the construction project begins. The project organization can then use the security risk analysis as supporting documentation for its work.
The principal can choose to include the introductory security deliverables in the strategic definition project stage, as part of its ongoing operations, as a concept for the construction project, or as the first stage of the construction project. A construction project organised in accordance with this document shall always use design-basis threats and security risk analyses in the project planning and execution of the security works.
4.3 Size of projects
Organizations with a need for security measures against undesirable intentional actions shall perform mapping, assessments, and analyses as a basis for their choice of final security measures. The organization and scope of the work should be modified according to the type and size of the project. For smaller projects, it can be appropriate to use this document for parts of the process only, and the security deliverables can have a lesser scope. This gives the organization the opportunity to adapt the usage of this document to its own needs.
4.4 Division of the building process into stages
4.4.1 General
The deliverables in the stage descriptions show which inlormation and documentation is necessary to complete the project tasks during that individual stage.
Table 1 shows where the individual security deliverables belong in different stages of the construction project.ISO 23234 pdf download.