The document discusses security master planning issues for built environments. It addresses determining an organization's risk appetite by identifying what risks can be treated, transferred, terminated, or tolerated. When planning security, it is important to consider threats, likelihoods, impacts, and how to mitigate risks cost-effectively. The document also covers crime prevention through environmental design principles like territoriality, surveillance, access control and target hardening. For security master planning, it is important to account for factors like more open environments, greater permeability, concentrations of people, and space complexity that can challenge security.

1. Security Master-planning Issues
in Built Environments
Chris Tomlinson
Arup Resilience, Security and Risk
21 October 2011

2. There will be a Risk Appetite
Threat Likelihood Impact Risk
 Risk appetite, at the organisational level, is the amount of risk
exposure, or potential adverse impact from an event, that the
organisation is willing to accept/retain. (Mark Carey - Deloitte
& Touche LLP)
 An economically-conditioned balance between maintaining
profitability, while not facing reputational exposure through
culpable risk-mitigation failure. (Me)

3. Questions that might guide Risk Appetite
 Identify headline risk impacts on life safety, economic
reinstatement or reputation
 What adjacencies might increase or decrease risks?
 What are the acceptable norms for protecting the space in its
operational and aesthetic context – is there an extant security
milieu that appeals as a benchmark?
 What risks can be treated, transferred, terminated and what
is left to tolerate – the latter lies at the core of risk appetite?
 What design basis threats are likely to remain beyond
practical (cost-effective) mitigation?
3

4. Risk Appetite Illustrated in Counter Terrorism
Levels of Resilience to the Effects of Blast
Life Safety
Life Safety + Evacuation
Economic Reinstatement
Operational Continuity
All of which is a little
counterintuitive, given that
organisations normally say
that they are want to be
operationally viable after a
catastrophic event

5. The Implications for Risk Owners
 You cannot mitigate everything, so figure out what you can handle
as risk appetite – challenging with crowded places
 Doing nothing is not an option, but mitigation sufficiency is linked
to risk appetite
 Get a risk assessment done and one that offers deductions for best
protective fit against form, function and budget
 Scalability – things change (think about review programmes)
 Have an audit trail for what was agreed on and why
 Do it early because security as an afterthought is ugly and
expensive (think sustainability)
 Think about balances between security technology and operations.
5

6. Threats, Likelihoods and Mitigation Impact
Anti-Social Behaviour Civil Disorder Bodily Harm Arson
Minor Serious
Vandalism Theft Robbery Kidnap Terrorism
More Likely Less Likely
Relatively Low Project Impact Relatively High Project Impact

7. A Built Environment‟s Characteristics
 Accessed by many people and services during an often
extended working day – highly permissive
 Capable guardian numbers will be small in relation to space
user populations
 A highly predictable and well-publicised diurnal cycle
 There will be lots of back-of-house areas
 Private spaces are contiguous with public spaces - so good
mobility corridors (vehicle and pedestrian)
 Technical surveillance challenged in crowded multi-function
spaces
 Protective stand-off distances between potential threat loci
and key assets is often well below what is desirable.
7

8. Permeability
• Pedestrian routes need to be as open as possible to
facilitate the business day and avoid clogging at
pinch points (e.g. mass transit interchanges etc)
• Effective vehicle control will generally rely on
compliant behaviours – traffic enforcement rather
than HVM
• Natural barriers need to be enhanced (e.g. water
obstacles)
• Fences used sparingly and only along poorly
surveyed and „lonely‟ boundaries
• Atypical behaviours need to stand out – video
analytics.
8

9. Urban Buildings
• Highly packed on constrained footprints
• Dense occupation – the economics of modern high-rise
• Pedestrian connections across building demises – access
control zoning
• Mixed use inner spaces
• Legibility and way-finding encouraged
• Servicing and logistics areas
• Multiple security points needed
• Presence patrolling challenged by site complexity and
multiple ownership.
9

10. Building Forms
 Sightlines along frontages
 Heritage
 Lighting
 Nuisance alcoves
 Pinch points
 Capable guardianship
 Fear of crime promoters
 IED Blast propagation.
10

11. Crowded Public Spaces
 Auditoria
 Galleries & museums
 Nationally-symbolic sites
 Mass transit interchanges
 Stadia
 Night-time economies
 Retail centres.
11

12. Do Not Forget Crime
• Crime
• High concentration of retail outlets
• High footfall
• High level of mixing between
workers, shoppers, tourists and others
• Mix of space management (inconsistent security
operations)
• Night-time economies
• Cash machines
• Fear of crime
12

13. Introducing Crime Prevention Early in Design
Space designers, owners and users can rarely influence the
law, the nature of targets (specifically their attractiveness), but
they can do something about the nature of a crime target‟s
location.
There is an academically supported view that “the proper design
and effective use of the built environment can lead to a
reduction in the fear and incidence of crime, and an
improvement in the quality of life”
(Crowe, 2000)
Crime prevention through environmental design (CPTED) is all
about „shaping‟ the working, entertainment, retail, domestic,
commute and recreational spaces we use; to encourage legitimate
use, whilst discouraging the illegitimate use of those spaces.

14. CPTED Intent
 The theory of CPTED is based on a simple idea i.e. that
crime results partly from the opportunities presented by
physical environment
 CPTED is the design or re-design of an environment to
reduce crime opportunity and fear of crime through
natural, mechanical, and procedural means
 CPTED is best applied with a multi-disciplinary
approach that engages
planners, designers, architects, landscapers, law
enforcement and (ideally) residents/space users
 The synergies with sustainability are a good selling
point
 It has limits and cannot solve all crime issues.

15. CPTED
 Territoriality - reinforcing notions of a “sense of ownership” in
legitimate users and discouraging illegitimate users
 Surveillance - if offenders perceive that they can be observed
(even if they are not), they may be less likely to offend
 Access control - denying access to potential target spaces creating
a heightened perception of risk in offenders
 Target hardening - increasing the effort that offenders must
expend in the commission of a crime
 Image maintenance - ensuring that the physical environment
transmits positive signals to all users
 Activity support - the use of design to promote and strengthen
intended patterns of usage of space

16. The Security Master-plan Must Account For
 More Open Environment – Inclusive and welcoming immediately
challenges desire for legitimate use
 Greater Permeability – pedestrian and vehicle permissive – not all future
space users will be influenced by soft controls versus clear harder rule-
setting design
 Concentrations of People – increased duty of care and policing/guarding
demands
 Space Complexity – increased high-rise complex building forms and
complex space relationships – natural and technical surveillance
challenged
 Situational Awareness and Incident Response – the things that will be key
influencers of overall operational effectiveness.

17. The Unfortunate Truth in Protective Security