Over the last decade, schools and universities have looked to security technology, including video surveillance and electronic access-control equipment, to solve their security-related problems. But no matter how many cameras are installed, security technology is only one tool in a larger security plan.
Start thinking beyond the camera; today's schools need to approach security holistically. Weaving security into a facility's overall design provides a more complete way to protect a facility and its assets. New construction provides the greatest chance for success with this method, which can be broken down into four phases: security assessment, project planning, design and engineering, and construction administration.
Phase I: security assessment
The first step in a security assessment is to select a security consultant that will provide a holistic approach to protecting the facility. This security consultant needs to engage with the education institution, architect, engineer and other building team members from the first design stage of the project when a security risk assessment is performed. The formula for the assessment: Security threats + security vulnerabilities + probability of occurrence + impact of an event = security risk.
Security threats. These can be criminal, non-criminal or consequential events. A criminal security threat includes a theft, vandalism, burglary, arson, etc.; a non-criminal threat is any behavioral act that poses a threat to the facility, including student disruptions. A consequential event is a circumstance that creates a threat to the facility. This could be something as simple as an election polling place that is situated within a school building; a neighboring sex offender's check-in point; a drug treatment facility; or a nearby railroad that transports highly flammable liquids. Once security threats have been identified, it's important to ask questions such as: How do these events affect the campus, facility, faculty and interior spaces? At this point, administrators can examine how vulnerable a facility is to the threats that have been identified.
Security vulnerabilities. How vulnerable is a school or university to the established security threats? The physical structure of a building needs to be examined here, including building layout and composition. Once the planned physical environment has been studied, weaknesses that constitute vulnerability will be more obvious. Location and environment, as well as the dynamics of the school's population, are all considerations for security vulnerabilities. For example, a school in a rural area may have an average 30-minute police response time, yet an urban school may have a five-minute response time. This dynamic will directly affect the security design and the master security plan.
Next, established school procedures and processes are an important part of assessing vulnerability. Based on standard operating procedures, how will a potential risk affect the occupants and the facility? For example, what is the school's standard check-in procedure? When are certain entryways unlocked because of student movement?
Finally, tools of aggression must be considered. When unwanted acts occur, what are the tools of aggression? Which weapons are used? What tools are being used to commit crimes or unwanted acts previously experienced?
Probability of occurrence. The probability that a security event will occur can be determined by three factors: the historical frequency of such events, their statistical forecasting and specific indicators. Second, through meetings with local law-enforcement agencies and examining FBI Uniform Crime Reports for the area, crime trends can be identified to forecast the probability of future events. A specific indicator could be an event that has happened recently at a neighboring school or a trend beginning to develop, both of which point to an event likely to happen at the new facility. For example, if gang activity has recently become more prevalent in the area or an increasing student population or change in demographics begins to contribute to student altercations, the probability of occurrence of these threats increases.
Impact of an event. Now that potential threats have been identified, and it's been determined that a school is vulnerable to them and there is a high probability of occurrence, what is the effect of each threat to the organization? How will the threat affect the facility's assets? Giving each threat a numeric value will help determine which security risks will most affect the organization. If an event's effect is low, it may not be worth mitigating. For example, the threat of an intruder using a gun against the school's occupants will have a high impact and warrant mitigation, but students stealing rolls of toilet paper may have a low impact and not warrant mitigation.
The second part of a security risk assessment is to understand the school or university's security needs, determine which industry best practices are desired, and document the local, state or federal regulations that apply to the facility.
Security needs. When addressing security needs specific to the facility, the main question to ask: What does the administration need to properly operate this building? For example, a school may need to restrict deliveries to its rear loading dock during certain hours of the day. This may require a gate arm or a retractable bollard with an intercom system that leads to the maintenance/facilities area or front desk for monitoring.
Best practices. A typical best practice for an education institution is requiring that all visitors sign in and obtain a nametag at the facility's main entrance before being granted access to the student population. Another might be installing ample lighting in parking lots to illuminate them during nighttime hours when students who participate in after-hours, school-sanctioned activities will be parking their cars. Establishing best practices early on will create a baseline for security needs as well.
Government regulations. It is important to include local, state and federal regulations during Phase I to further define the security baseline. One existing federal regulation states that by 2012 all universities must have a mass-notification system in place. Therefore, if there is a security threat present, the school will be able to communicate it to the masses either through SMS text, a PA announcement, visual displays and more. Many local ordinances also require a fire-alarm system to be interfaced with electronic access-control systems. As crime in schools rises, security is becoming more and more regulated by a variety of local and federal governing bodies. Staying on top of what is required of each facility is crucial to proper design.
Phase II: project planning
The next step in the security assessment is to develop a report that outlines everything the school or university wishes to prioritize and include in its budget. Here, cost vs. the probability and impact of an event will be weighed. By evaluating each security risk in this way, the education institution will determine which risks are acceptable and which are unacceptable. The result is a security master plan that will take the project into the next phase.
Phase III: design and engineering
In Phase III, the security consultant will create multi-disciplinary security design criteria that will convey to every building team member which security elements they will need to incorporate into their section of the building’s design. This will include everyone from the landscape designer and the architect to the structural, mechanical, electrical and plumbing engineers, as well as the telecommunications and even security engineers (typically the engineer of the electronic security, not the security consultant themselves).
Once each discipline has submitted its design and construction documents, the security consultant will complete a discipline compliance review to make sure all security requirements established in the multi-disciplinary design are accounted for. This process will be followed by a compliance report for the institution.
Phase IV: construction administration
During construction, the security consultant will review progress at various stages of completion to ensure that the contractor maintains compliance with all security requirements. At the project’s completion, on-site commissioning will be completed on the electronic security equipment and all of the building’s security design elements.
Benne, PSP, CPOI, is a senior security specialist with Syska Hennessy Group, New York City. He can be reached at [email protected]