8. Crowded Places: Security Audit Tool


The government’s ‘Protecting Our Crowded Places from Attack: New Zealand’s Strategy’ provides guidance to venue operators and event organisers in relation to protecting staff and visitors from armed attacks. In this series of posts, FIRST Security’s COO Steve Sullivan looks at how you can implement the strategy and keep your people safe.
In my last post, I wrote about the Detecting Hostile Reconnaissance Tool that forms part of the recently released Crowded Places strategy. Specifically, I explored some key aspects of behavioural detection.
In this post, we take a look at the strategy’s Security Audit Tool. The audit is designed to assist owners and operators of crowded places to check which security matters are relevant to the type, size and risk profile of their site, and its attractiveness to would-be attackers; identify any security gaps that need to be resolved, and create an action plan to resolve them.
“… the audit tool will help you select proportionate protective security measures for the type of threats and level of risk you may face,” states the document. “The focus is to maintain your location’s functions, while reducing vulnerability, increasing safety and preventing unnecessary investment in protective security measures.”
This post will look specifically at the tool’s ‘Security plans, policies and procedures’ and ‘General security arrangements’ checklists. A following post will consider further checklists within the document.
Security plans, policies and procedures
My first general comment in relation to the checklists in the Security Audit Tool is that they’re quite comprehensive, and not all items will be relevant to all organisations, particularly smaller ‘crowded places’. The tool states that you will need to decide what is relevant to your crowded place, but I suggest that a suitably qualified security professional is best placed to assist you in this regard.
The ‘Security plans, policies and procedures’ checklists lists 30 questions that require a ‘yes’, ‘no’ or ‘n/a’ answer. They are, in the main, very practical, relevant questions that operators of crowded places should be asking themselves
In summary, the questions ask:
- Do you have relevant plans and procedures?
- What do they contain?
- How often do you test and update them?
- And do your people know how to implement them?
According to the checklist, relevant plans and procedures include:
- risk management plans
- security, and business continuity plan
- mail, bag and vehicle screening
- suspicious activity, weapon and bomb threat escalation
- emergency response, lockdown and evacuation procedures.
Again, some or all of these may be relevant to your premises or event, and without specialist knowledge knowing which ones are is largely a case of guesswork. Working through this first raft of questions presents an opportune time to seek professional advice.
General security arrangements
There are 25 questions listed under ‘General security arrangements’. These cover:
- decluttering of perimeters
- access/egress points and common areas
- unattended baggage and unused rooms/areas
- public and staff communications
- relationship with emergency services
- proximity of similar locations/events
- easily identifiable security guards
- security of catering, air conditioning, generators/power and nearby mobile phone towers, search procedure, first aid resources
- fire detection and suppression systems.
These questions operationalise many of those posed in the preceding ‘Security plans, policies and procedures’ list. It’s interesting to note that among the several communications-related questions are questions focused on social media, including using social media before your event to check for possible threats and to broadcast security and emergency related messages.
Utilise social media
If your crowded place is a performance or sporting venue, for example, data collected from social media can let you know when a threat has been implied or made targeting a performer/player or the venue and its patrons, when there is tension between rival groups of patrons/fans, or when a large fight is breaking out.
Along with identifying hostile reconnaissance and suspicious behaviours, which I’ve discussed in recent posts, monitoring of social media is another important way to identify potential threats to your venue or event. Social media is also becoming a key information source in the wake of an attack or security incident, and it’s changing the speed at which the public learns about them – and how they react. The fact that most people carry a smartphone means that information can be spread to a wide audience in real-time, providing details about an attack and the security and police response.
Coming up...
In my next crowded places post, I’m looking forward to exploring security at access points, security at the perimeter, and prevention of hostile vehicles as part of our look into the Security Audit Tool.
As always, if you’d like to have a discussion about how to keep your staff and visitors safe, feel free to contact me at steven.sullivan@firstsecurity.co.nz