SlideShare uma empresa Scribd logo

Code of practice for physical security systems in banks

S
Samer Al Basha

The document is a draft Indian standard code of practice for physical security systems in banks. It outlines organizational responsibilities for security, including having a security manual and program. It describes location and infrastructure considerations as well as security measures like risk categorization, primary in-built measures, essential general measures, and desirable additional measures. It also provides procedures for opening, closing, and accessing branches after hours. In the event of an incident, branches must immediately report to law enforcement and authorities.

Tecnologia
1 de 18
Baixar para ler offline
DRAFTS IN WIDE CIRCULATION DOCUMENT DESPATCH ADVICE Ref: ME 24/ T-20 Date: 01-12-2014 SECURITY EQUIPMENT SECTIONAL COMMITTEE, MED 24 To: a) The interested members of Mechanical Engineering Division Council, b) All members of Security Equipment Sectional Committee, c) All others interested Dear Sir(s), Please find enclosed the following documents Kindly examine the draft Indian standards and forward your views stating any difficulties which you are likely to experience in your business or profession, if these are finally adopted as standards. Last date for receipt of comments: 31-01-2015 Comments, if any, may please be made in the format as given overleaf and mailed to the undersigned at the above address. In case no comments are received or comments received are of editorial nature, you will kindly permit us to presume your approval for the above document as finalized. However, in case of comments of technical in nature are received then it may be finalized either in consultation with the Chairman, Sectional Committee or referred to the Sectional committee for further necessary action if so desired by the Chairman, Sectional Committee. Thanking you, Yours faithfully (T.V. SINGH) Encl: As above Scientist ‘F’ & Head (Mech Engg) Phone/fax 011 23232509 email: med@bis.org.in Doc . No. TITLE Doc ME 24 (1394) Draft Indian Standard Code of Practice for Physical Security Systems In Bank.
Doc: ME 24(1394)c Dec 2014 Draft For Comments Only Draft Indian Standard CODE OF PRACTICE FOR PHYSICAL SECURITY SYSTEMS IN BANKS Not to be reproduced without the permission of Last date for receipt of BIS or used as a STANDARD comments is 31-01-2015 NATIONAL FOREWORD (Adoption clause to be added later on) 1.0 SCOPE 1.1 This standard recommends practices to be followed for ensuring physical security in banks and financial institutions. 1.2 This standard does not cover internet banking or information security. 1.3 This standard is intended to be a guideline and the provisions herein shall be Subservient to all applicable rules and regulations and policies, unless otherwise mandated by a competent regulatory authority. 1.4 The Physical Security System of a bank is a function of various factors like threat Perception, location, construction, installed security measures, quality of security equipment and devices. This standard attempts to take a comprehensive view of the related factors and specify minimum measures to ensure desirable functioning of the system. 2.0 OBJECTIVE 2.1 The principal objective of this code of practice is to prescribe minimum security measures to be instituted by all banks and financial institutions for the purpose of : a) Creating and maintaining a secured environment to facilitate safe banking transactions, b) Promoting security awareness among management and staff in all banks and financial institutions, c) Minimise crimes and reduce losses, d) Assisting investigating agencies, and e) Building customer confidence and organisational image. 3.0 TERMINOLOGY
Doc: ME 24(1394)c Dec 2014 3.1 For the purpose of this standard, the following definitions shall apply : (a) Branch : Any operating unit of a Bank or Financial Institution dealing with receipt and disbursal of cash and /or storage of valuables on behalf of its customers, (b) Branch Heads : The senior most official of the Branch ,under whose administrative authority the Branch functions, (c) Organisation : Any organisation classified as a Bank or a Financial Institution as per the law of the land, (d) Security devices : Any device employed to enhance the security measures through warning signals or generating evidence, (e) Security Equipment : Any product employed to store and protect currency and other valuables in the custody of a Branch, (f) Security Manual : A documented Physical Security Policy and Procedures Manual as described in 4.1 of this standard, and (g) Top Management: The Management of the organisation, or any person or group of persons representing the Management to execute a specific task. 4.0 ORGANISATIONAL RESPONSIBILITIES : 4.1 Security Manual 4.1.1 Every organisation shall have a documented security policy and procedure manual which shall be approved at the highest level of the organisation and implemented at all appropriate levels of the organisation. 4.1.2 The Security Manual shall provide the basis of a Security Programme, appropriate to the scale of operation of the organisation. It shall be the responsibility of the Top Management of the organisation to ensure successful implementation of the Security Programme. 4.1.3 The Security manual shall be formulated on basis of the Plan Do Check Act principle and shall, to the extent possible, follow the structure of IS/ISO 9001. 4.2 Security Programme: 4.2.1 The Security Programme shall address, at least, the following :- (a)Procedure for Risk Categorisation of branches, (b)Procedure for installing security programme , devices and equipment appropriate to the risk categorisation levels at various functional units of the organisation, (c)Procedure for deployment of security personnel in accordance to its risk categorisation,
Doc: ME 24(1394)c Dec 2014 (d)the responsibilities and authorities of the personnel involved in implementing the security programme at appropriate levels of the organisation, (e)procedure for providing initial and periodic training to security staff and other employees about the organisation’s security policy , general security measures and specific responsibilities appropriate to his/her level, (f) Procedures for safekeeping of all currency, negotiable instruments, and other valuable items, whether owned by the organisation or by its customers (g) Procedures for ensuring security of strong rooms/vaults, (h) Special security measures to be taken during off-days or holidays, (i) Procedures for preserving evidence and assisting in identification of persons committing acts of robbery or burglary, (j) Procedures for selecting, procuring, operating, maintaining and disposal of security devices, (k) Procedures for selecting, procuring, operating, maintaining and disposal of security equipment, (l) Procedures for comprehensive periodic auditing of all aspects of security installed at the organisation, (m) Procedures for maintenance of appropriate records at various functional levels on implementation, administration and effectiveness of the security programme . 4.3 Designation of Responsible Officer: 4.3.1 Every organisation shall have a Security Department headed by a Chief Security Officer with appropriate responsibilities and authority. 4.3.2 Depending upon the organisational structure, Zonal and / or Regional Security officers may also be appointed with appropriate authorities to implement the security policy of the organisation. 4.3.3 It shall be the primary responsibility of the Branch Head to ensure appropriate measures in the Branch under his authority, in accordance to the Security Programme. The nomination of an alternate official to look after the day to day security activities of the Branch may also be considered wherever necessary. 5.0 LOCATION AND INFRASTRUCTURE: 5.1 Location: The following measures shall be ensured while deciding about the location of a Branch and the operational infrastructure therein: (a) The Branch shall not be located in an isolated and /or vulnerable place .
Doc: ME 24(1394)c Dec 2014 (b) The Branch shall not be located in a crime prone area . The Security Officer of the Bank and the local police shall be consulted to assess the crime proneness of a locality and their views shall be taken in to account. (c) The Branch shall be located as near to the police station as possible. (d) During site selection, the possibility of any easements within or adjacent to the facility that could affect the security of personnel or assets should be examined. (e) Consideration should be given to potential and perceived threats. (f) The susceptibility of the area to natural calamities should also be considered. 5.2 Constructional Requirements 5.2.1 General (a) The design, layout and site location of buildings should facilitate natural surveillance by police and the public from the surrounding area (e.g., from nearby roadways or other buildings) unless this approach is deemed undesirable by organisational safeguarding strategies. (b) Structurally strong building should be selected for locating Branches. Old dilapidated buildings which may infringe on security requirements shall not be used ,even temporarily. (c) It shall be ensured that windows do not directly open into areas having direct access to the strong rooms ,storage facilities or sections dealing with liquid assets. (d) Where windows are unavoidable ,they should be fitted with strong grills embedded into the walls with strong steel rods, angles or flat bars. The grill shall be so designed as to deny access by human hand through it. (e) Irrespective of the location or design of the Branches ,the strong rooms shall be built in accordance to the relevant Indian Standard and in strict conformance to the guidelines issued by RBI. (f) RCC construction for Strong Rooms shall be as per relevant IS Specifications. (g) In cases where strong rooms as per specifications cannot be made available. (h) Safes shall be adequately embedded in to the walls by strengthening the walls with 6 inches thick RCC lining all around. (i) The future operational requirements should be considered while constructing the Branch. 5.2.2 Entry/Exit
Doc: ME 24(1394)c Dec 2014 a) In addition to the wooden doors, the entrance at the front should have rolling shutters and collapsible grills. b) Rolling shutter shall have floor embedded central lock with slots made of steel . There shall be no gap between the lock lever and the hook of the door. c) Hanging locks shall not be used on the rolling shutter in place of the latch embedded locks. 6.0 SECURITY MEASURES: 6.1 Risk Categorisation: 6.1.1 Every Branch shall be assessed for its exposure to risk and categorised appropriately. 6.1.2 The security measures installed in a Branch shall be appropriate to its risk categorisation and in accordance to guidelines made available by the appropriate authorities. 6.2 Primary In-built Measures: 6.2.1 All Branches shall invariably ensure the following primary security arrangements : (a)There shall be only one entrance to a Branch. The entrance shall be situated at a place easily noticeable by a substantial part of the employees working in the Branch. (b) If there are more than one entrance to a Branch , only one entrance shall be used and all other entrances shall be securely closed from inside . It shall not be possible to gain access through these entrances without raising an alarm or drawing attention of persons present in the working area. (c) The doors and grills should have separate locking devices. (d) Strong and good quality high leverage locks with minimum 11 levers should be used. Locks with long arms should not be used as these are more amenable to break-in attempts. (e) Perimeter lighting should provide sufficient illumination in and around facilities to allow the detection and observation of people approaching the facility, discourage opportunistic criminal activity, address any other security threats that may apply and support surveillance features. (f) Emergency power must be provided in the Branch and particularly for the Security devices (g) The strong room facilities shall include the following:- (i) fire alarm security system; (ii) Intrusion detection security systems;
Doc: ME 24(1394)c Dec 2014 (iii) 24 hours monitored surveillance cameras (CCTVs); (iv) secured locks and keys to avoid duplication; (v) Secured safes and storage equipments; and (vi) Adequate access control system. (h) Wherever Branches are functioning without a Strong Room facility, all valuable terms and documents are to be kept in FBR safe. 6.3. Essential General Measures: 6.3.1 Every Branch shall have the following security arrangements :- a) Entrance door shall be fitted with a grill gate, shutter with central lock. b) CCTV surveillance. c) Appropriate types of fire extinguishers at important places, including server/UPS rooms. d) Integrated intruder alarm system with sensors and auto-dialler connected to the emergency responders. e) UPS system shall have a separate circuit, independent of the usual electrical circuit of the Branch. f) Emergency lights and inverters or generator sets shall be installed to ensure that lights come on automatically in case of power failure . g) Every Branch shall be provided with a B Class strong room. Where, a B Class strong room cannot be provided for unavoidable reasons, the safe room shall be suitably provided with grills. h) Armed Guards shall be posted in accordance to the risk categorization of the Branch i) Important phone numbers like Police, Fire, Hospital, Bank Officials etc. shall be displayed at prominent places. j) Adequate Insurance cover for cash and valuables is to be obtained for an amount more than the combined value of the market value of the gold kept at the branch and cash, generally kept at the branch. k) Procedures for opening, closing and accessing the bank after working hours shall be rigidly followed. l) Accumulation or dumping of furniture ,files or any other objects shall not be permitted to happen in a manner so as to constitute a potential fire hazard and/or provide cover to intruders. 6.4 Desirable Additional Measures
Doc: ME 24(1394)c Dec 2014 6.4.1 In addition to the measures described in 6.1 to 6.3 , it is desirable that every Branch should also take the following additional measures : (a) Security guards of nearby shopping or residential complexes etc may be requested to keep an eye on the branch at night and on holidays (b) The local police authorities may be requested to include the branch under the Police beat system. (c) Adequate perimeter lighting may be provided at the front rear and sides preferably on all exposed sides of the branch premises. (d) During the weekends and holidays, the Branch Head or any other designated staff should visit the branch premises at staggered timings to ensure the security of the premises. 7.0 OPENING, CLOSING AND ACCESING THE BRANCH AFTER WORKING HOURS: 7.1 The Security Manual of an organisation shall document the procedures to be followed for opening and closing a Branch as well as for accessing the branch after normal working hours, both by employees as well as customers. 7.2 Opening the Branch 7.2.1 Every Branch shall nominate an officer to open the Branch for starting the services. The documented procedure shall be strictly followed by the Branch. The nominated officer shall, in addition to any other responsibility outlined in the organisation’s procedures, ensure that the following actions are taken: a) Examine the premises from the outside to check whether any attempt to break in to the branch has been made. b) After opening the main entrance, the security alarm should be switched on in the day mode. c) While cleaning of the premises is carried out before the working hours under the supervision of the nominated officer/ employee, it shall be ensured that entry into the branch is not allowed to customers. d) The cleaning of the Branch shall be done only by authorised personnel. In cases where outside agencies have been contracted to do the housekeeping functions, the concerned person(s) shall be issued with proper identity document by the Branch Head. e) The cleaning shall be done under the supervision of nominated employees/ Branch Head.
Doc: ME 24(1394)c Dec 2014 f) If any staff member is allowed entry during this time , it shall be ensured that he is identified properly. The collapsible gate should be closed and locked immediately after he enters. 7.3 Access after Working Hours: 7.3.1 Access to the Branch premises after working hours should be avoided. In situations where it becomes unavoidable, all following precautions should be taken to ensure the security of the Branch: a) After the banking hours, all entrances will be closed and secured from inside. b) If any customer is in the banking hall after the close of the business hours, they should be attended to as expeditiously as possible. c) Entry of outsiders after working hours shall be allowed only after obtaining permission from the Branch Head . Under no circumstances, the authority should be delegated to the guard, watchman, or attender. d) Whenever a customer is allowed to enter the premises before or after business hours, care should be taken to identify the person seeking entry in to the premises. The collapsible gate should be closed and locked immediately after he enters. Similarly, the collapsible gate should be closed and locked immediately after he leaves the premises. e) In case the Branch is functioning after normal working hours, the Branch Head should ensure that at least two or more staff members are present. f) Strangers or customers whose identities are not properly known shall not be entertained to stay back during lunch hours or after working hours. 7.4 Closing the Branch: a) Ensure that the Security alarm and CCTV are switched on and functional. b) Check that all doors, windows, strong rooms, storages are properly closed/ locked/ bolted in strict accordance to the procedures outlined in the Security Manual. c) Each Branch shall have a check-list of security points to be verified. The check-points shall be verified and authenticated by a responsible officer nominated by the Branch Head. d) Check that all electrical connections, except the UPS, are switched off. e) Check that all table drawers and almirahs are locked. f) Operational guidelines on dual control of keys should be strictly adhered to. 8.0 POST- INCIDENT ACTIONS:
Doc: ME 24(1394)c Dec 2014 In the event of an attempted or successful burglary or robbery attempt, every Branch shall take the following actions: (a) Immediately report to the law enforcement agencies. (b) Report to the authorities as specified in the Security Manual. (c) Under these circumstances, the Branch entrance should not be opened until directions of the Branch Head/Regional Head/Security Officer are received., (d) Care must be taken not to touch anything and not to allow anybody into the branch. (e) A communication shall be sent to the nearest BIS office requesting them to examine whether the unaffected / untampered sides of the burgled equipment may be subjected to testing to assess whether the burgled equipment was made as per the required standard. (f) In the event of any recorded evidence that the equipment was actually burgled in less than its certified resistance time, an online complaint shall be registered with BIS giving necessary details of the burgled equipment. This shall be followed up with a written communication to the appropriate authority in BIS, with a request to conduct a suitable enquiry about the particular consignment /control unit of which the burgled equipment was a part. Note: Possible course of action in case of non-BIS certified equipment needs to be explored because similar investigative actions and consequent corrective measures may not at all be possible in such cases. 9.0 SECURITY EQUIPMENT: 9.1 Procurement (General): 9.1.1 Security equipment plays a vital role in enhancing security of banking operations, both during banking and non-banking hours. It is therefore imperative that the security equipment installed in branches must be procured and installed according to strict time tested norms that accrue the maximum benefits and safeguard to the organisation. 9.1.2 Only BIS certified Security Equipment shall be procured for all products where an IS Specification exists. 9.2 Procurement of BIS Certified Security Equipment 9.2.1 At the time of procurement, the procuring authority shall confirm whether the manufacturer holds a valid BIS certification marks licence with respect to the product, type, variety intended to be supplied. 9.2.2 The purchasing authority shall familiarise itself with the benefits of BIS Certification and the ways and means to avail of such benefits. 9.2.3 The purchasing department shall familiarise itself with the general requirements of the BIS certification scheme for operation of a licence and ,in case of any observed deviation
Doc: ME 24(1394)c Dec 2014 by the supplier ,shall immediately bring it to the notice of the nearest BIS office and seek their guidance. 9.2.4 A list of Indian Standard Specifications related to Security Equipment is given at Annexure A. 9.3 Procurement of Uncertified Security Equipment 9.3.1 In cases where it may be essential to procure a type of product that may not be covered under the relevant IS Specification, proper justifications may be recorded for using such a product. 9.3.2 Before finalising the procurement of such a product, the organisation shall appoint a panel of experts to prepare the product specifications and test methods in line with the relevant existing IS Specification for the product. The members of the Panel shall be well versed with the engineering aspects of the product. 9.3.3 While preparing the specification, the panel shall ensure that dilution of quality parameters vis-à-vis the existing IS standard is not permitted. 9.3.4 No product shall be procured unless the manufacturer has demonstrated complete conformance to the specification prepared by the panel 9.4 In absence of Specification: Where no IS Specification exists for a product, possibility of urgently formulating an IS standard may be explored. Failing that, the procedure outlined at 9.3 may be followed. 9.5 Procurement of Equipment certified according to specifications other than IS Specifications 9.5.1 Where the necessity is felt to procure products conforming to some other standards bodies like EN or UL, the necessity of such action shall be recorded. 9.5.2 While taking the decision it shall be kept in mind that quality parameters of other standards may not necessarily suit the conditions arising in India . Accordingly, the suitability of product conforming to other standard specification over the Indian standard specification shall be examined and recorded. 9.5.3 While procuring such a product, it shall be ensured that (a) the quality is certified by an agency appointed or approved for the purpose by the concerned standards formulating body (b) the certifying agency accepts responsibility of quality. 10.0 PRE-SUPPLY / POST-SUPPLY QUALITY CHECK 10.1 A proper and effective conformity assessment of physical security equipment is not possible without systematic, destructive testing. In case of BIS certified products, this is taken care of by the third party quality assessment provided by BIS. 10.2 Considering the nature of the product and its usage, any corrective action becomes extremely difficult after installation of the equipment .Therefore ,wherever ,in the opinion of
Doc: ME 24(1394)c Dec 2014 the organisation , extra precaution is deemed necessary , ,it would be desirable to work out a methodology to institute checks during or immediately after supply. 10.3 The most effective way to install such a check would be through the BIS certification mechanism. It would be advisable to arrive at a sampling and assessment method, at the organisational level, in consultation with BIS. 10.4 For non-BIS certified products, a suitable scheme may be installed where a pre-supply inspection may be done by an agency appointed by the Bank. 10.5 A well thought out pre or post-supply quality check mechanism, will provide additional confidence to all concerned as well as act as a deterrent to production of sub-standard material. 11.0 MAINTENANCE OF SECURITY EQUIPMENT 11.1 Physical security equipment should not normally require periodic maintenance .However, as and when maintenance or repair are called for the following precautions shall be observed: (a) All repair and maintenance activities shall be undertaken strictly as per the terms of the contract between the Bank and the supplier of the equipment. (b) Before the supplier’s representative is allowed access to the equipment in need of repair or maintenance, the equipment shall be emptied and the contents shall be stored in an alternate facility. The acts of emptying and storing shall be done as per the policy of the concerned bank. (c) After the repair /maintenance is completed, it shall be verified that the equipment meets all its original quality and supply requirements. No alteration in the locking system or construction of the equipment shall be permitted. Where a replacement of lock is called for, an identical lock only shall be used. (d) Wherever the equipment is fitted with a combination lock, immediately after the maintenance activity, the combination shall be changed. (e) All such activities shall be recorded in detail. 12.0 SECURITY DEVICES 12.1 Security devices shall be installed as specified in the Security manual of the organisation. 12.2 Each device shall be tested periodically to ensure its readiness in the event of necessity. 12.3 While procuring any security device utility features shall always be given preference over other features which may not contribute significantly to enhancing security.
Doc: ME 24(1394)c Dec 2014 12.4 While procuring security devices, enquiries shall be made with other branches and /or other organisations about the on-spot performance history of such devices. Brands or devices having a history of frequent break-downs or requiring frequent maintenance or poor after-sales service record shall not be considered for procurement. 13.0 TRAINING: 13.1 Every Organisation shall provide appropriate training to its personnel on security measures. The training should be appropriate to the responsibilities and authorities of the persons concerned. 13.2 In the event of a trained person assuming different or higher responsibilities, it shall be the responsibility of the top management to provide him/her fresh training appropriate to the new responsibility. This may not be necessary where the concerned person has already received the required training within a reasonable period immediately preceding the change. 13.3 Security measures shall be a part of the induction training curricula for all classes of employees. 13.4 Specific guidelines containing Dos and Don’ts in the event of any security related incident shall be made available to employees on training. 13.5 Mock exercises shall be conducted to ensure that employees are familiar with the actions required to be taken in emergencies. The frequency of such exercise shall be decided in accordance to the security policy of the organisation. 13.6 Security trainings shall at least cover the following: (a) Importance of security measures; (b) Features and structure of the security programme installed in the organisation; (c) Knowledge about functioning of the security systems and devices; (d) Actions to be taken in the event of robbery or burglary; (e) Criteria of a good witness; (f) Actions to be taken to preserve evidence; (g) Dealing with threatening messages and kidnappings; and (h) Measures to be taken in the event of a fire outbreak. 14.0 SECURITY AUDIT: 14.1 At the time of opening or relocating a Branch, a preliminary security audit and risk categorisation shall invariably be done and actions taken accordingly.
Doc: ME 24(1394)c Dec 2014 14.2 Subsequently, every operating Branch shall be subjected to a multi-tier security audit in the following manner: (a) An internal security audit of every Branch shall be conducted periodically by a senior employee of the branch . The purpose of this audit shall be to verify whether all security norms, as applicable to the Branch , are being observed .In the event of detection of a deviation ,the matter shall be immediately brought to the notice of the Branch Head and appropriate actions taken . The matter shall be appropriately recorded. (b) An external security audit shall be conducted periodically by a Security Officer The purpose of this audit shall be to examine the security status of the Branch vis-a-vis the organisational policy and security categorisation of the Branch . The report of the internal audit shall be considered and verified while conducting this audit. (c) The organisation shall provide check-list and Report Proformae for both the audits and the audits shall be strictly conducted and reported accordingly . (d) At least once every three years ,every branch shall be audited for re-assessment of its risk categorisation (e) In addition, the organisation may institute audits and/or conduct re-assessment of risk categorisation as and when deemed necessary. (f) The periodicity of the audits shall be as determined by the top management. 15.0 RECORDS 15.1 Every organisation shall maintain relevant records with respect to the following, in accordance to the documentation policy of the Bank: (a) Incidences of robbery or burglary (b) Type of security devices the bank or financial institution has installed. (c) Frequency of maintenance of its security devices; (d) Training of its management and staff on security issues; (e) Security classification of Branches; (f) Branch-wise records of security training of the staff employed; and (g) Reports of Security Audits and consequent action taken report. 15.2 The records maintained shall adequately address the following :
Doc: ME 24(1394)c Dec 2014 (a) Bank’s internal Management Information System; (b) Requirements of regulatory Authorities; and (c) Audit requirements. Annexure A
Doc: ME 24(1394)c Dec 2014 IS.NO. TITLE IS 550(PT 1):2003 Safes: Part 1 Specification (fourth revision) IS 550(PT 2): 2005 Safes, Part 2 Tests for burglary resistance (fourth revision) IS 550(PT 3):2005 Safes, Part 3 Tests for fire resistance (fourth revision) IS 1046:1992 Cash boxes - Specifications (third revision) IS 5244:1991 Safe deposit locker cabinets - Specification (second revision) IS 7152:1992 Book room doors - Specifications (first revision) IS 11188(PT 1):1991 Vault (strong room) doors: Part 1 - Specification (first revision) IS 11188(PT 2):1991 Vault (Strong room) doors: Part 2 Test for burglary resistance ( first revision) IS 11188(PT 3):1991 Vault (Strong room) doors: Part 3 Tests for fire resistance ( first revision) IS 12187:1987 Specification for coffers IS 14203:1999 Fire resisting record protection cabinet - Specification (first revision) IS 14387:2005 Vaults - Air ventilators – Specifications (first revision) IS 14505:1998 Fire resisting magnetic media protection cabinets - Specification IS 14512:1998 Safe cum safe deposit lockers - Specification IS 14561:2007 Fire resisting (insulating) filing cabinets – Specification (first revision) IS 14562:1998 Fire resisting computer media protection cabinets - Specification IS 15369:2003 Code of practice for construction of vault (strong room)
Doc: ME 24(1394)c Dec 2014
FORMAT FOR SENDING COMMENTS ON BIS DOCUMENTS (Please use A4 size sheet of paper only and type within fields indicated. Comments on each clauses/sub- clauses/table/fig. etc be started on a fresh box. Information in Column 4 should include reasons for the comments and suggestions for modified wording of the clauses when the existing text is found not acceptable. Adherence to this format facilitates Secretariat’s work) It is desirable to send comments through email at : med@bis.org.in . IS. No./ Doc. No.: TITLE : NAME OF THE COMMENTATOR /ORGN.: _________________________ Sl. No. Clause/Subclause/ para/table/fig. No. commented Comments Justification Proposed change

Recomendados

Identifying risks in the workplace
Identifying risks in the workplaceIdentifying risks in the workplace
Identifying risks in the workplaceMichelle Lubbe
 
Physical Security Assessments
Physical Security AssessmentsPhysical Security Assessments
Physical Security AssessmentsTom Eston
 
Physical Security Presentation
Physical Security PresentationPhysical Security Presentation
Physical Security PresentationWajahat Rajab
 
Physical Security Assessment
Physical Security AssessmentPhysical Security Assessment
Physical Security AssessmentGary Bahadur
 
Physical Security Assessment
Physical Security AssessmentPhysical Security Assessment
Physical Security AssessmentFaheem Ul Hasan
 
System Security Plans 101
System Security Plans 101System Security Plans 101
System Security Plans 101Donald E. Hester
 
Comprehensive plans are in place to improve our institutional cyber security
Comprehensive plans are in place to improve our institutional cyber securityComprehensive plans are in place to improve our institutional cyber security
Comprehensive plans are in place to improve our institutional cyber securityJasonTrinhNguyenTruo
 
Cyber Security & Hygine
Cyber Security & HygineCyber Security & Hygine
Cyber Security & HygineAmit Arya
 

Recomendados

Identifying risks in the workplace
Identifying risks in the workplaceIdentifying risks in the workplace
Identifying risks in the workplaceMichelle Lubbe
 
Physical Security Assessments
Physical Security AssessmentsPhysical Security Assessments
Physical Security AssessmentsTom Eston
 
Physical Security Presentation
Physical Security PresentationPhysical Security Presentation
Physical Security PresentationWajahat Rajab
 
Physical Security Assessment
Physical Security AssessmentPhysical Security Assessment
Physical Security AssessmentGary Bahadur
 
Physical Security Assessment
Physical Security AssessmentPhysical Security Assessment
Physical Security AssessmentFaheem Ul Hasan
 
System Security Plans 101
System Security Plans 101System Security Plans 101
System Security Plans 101Donald E. Hester
 
Comprehensive plans are in place to improve our institutional cyber security
Comprehensive plans are in place to improve our institutional cyber securityComprehensive plans are in place to improve our institutional cyber security
Comprehensive plans are in place to improve our institutional cyber securityJasonTrinhNguyenTruo
 
Cyber Security & Hygine
Cyber Security & HygineCyber Security & Hygine
Cyber Security & HygineAmit Arya
 
ISO 27001 (v2013) Checklist
ISO 27001 (v2013) ChecklistISO 27001 (v2013) Checklist
ISO 27001 (v2013) ChecklistIvan Piskunov
 
Memory forensics.pptx
Memory forensics.pptxMemory forensics.pptx
Memory forensics.pptx9905234521
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityKumawat Dharmpal
 
Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control PresentationWajahat Rajab
 
Domain 1 - Security and Risk Management
Domain 1 - Security and Risk ManagementDomain 1 - Security and Risk Management
Domain 1 - Security and Risk ManagementMaganathin Veeraragaloo
 
Physical security
Physical securityPhysical security
Physical securityFerdinand Camilo Kimura
 
Customs-Trade Partnership Against Terrorism (C-TPAT): Supply Chain Security
Customs-Trade Partnership Against Terrorism (C-TPAT): Supply Chain SecurityCustoms-Trade Partnership Against Terrorism (C-TPAT): Supply Chain Security
Customs-Trade Partnership Against Terrorism (C-TPAT): Supply Chain SecurityLivingston International
 
Physical Security
Physical SecurityPhysical Security
Physical SecurityKriscila Yumul
 
It audit methodologies
It audit methodologiesIt audit methodologies
It audit methodologiesSalih Islam
 
Physical Security
Physical SecurityPhysical Security
Physical Securitykavitha muneeshwaran
 
Sensibilización basc y riesgos
Sensibilización basc y riesgosSensibilización basc y riesgos
Sensibilización basc y riesgosviseltda
 
Skyscraper Security Mgt Part IV- Bomb Threat Response- Richard Garrity
Skyscraper Security Mgt Part IV- Bomb Threat Response- Richard GarritySkyscraper Security Mgt Part IV- Bomb Threat Response- Richard Garrity
Skyscraper Security Mgt Part IV- Bomb Threat Response- Richard GarrityRichard Garrity
 
Integrating Physical And Logical Security
Integrating Physical And Logical SecurityIntegrating Physical And Logical Security
Integrating Physical And Logical SecurityJorge Sebastiao
 
Best Practices for Security Awareness and Training
Best Practices for Security Awareness and TrainingBest Practices for Security Awareness and Training
Best Practices for Security Awareness and TrainingKimberly Hood
 
Physical Security.ppt
Physical Security.pptPhysical Security.ppt
Physical Security.pptmaritesalcantara5
 
Physical Security Management System
Physical Security Management SystemPhysical Security Management System
Physical Security Management SystemDaniel Suchy, CPP, MSyI
 
Risk Assesments
Risk AssesmentsRisk Assesments
Risk Assesmentsabassociates
 
Behavior Based Safety (BBS).pptx
Behavior Based Safety (BBS).pptxBehavior Based Safety (BBS).pptx
Behavior Based Safety (BBS).pptxssuser02bb17
 
Cybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan PerspectiveCybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan PerspectiveIvan Sang
 
Module 10 Physical Security
Module 10 Physical SecurityModule 10 Physical Security
Module 10 Physical Securityleminhvuong
 
Physical Security - Why Your Business Needs It
Physical Security - Why Your Business Needs ItPhysical Security - Why Your Business Needs It
Physical Security - Why Your Business Needs ItTerra Verde
 
Security training for sis
Security training for sisSecurity training for sis
Security training for sischiranjib mukherjee
 

Mais conteúdo relacionado

Mais procurados

ISO 27001 (v2013) Checklist
ISO 27001 (v2013) ChecklistISO 27001 (v2013) Checklist
ISO 27001 (v2013) ChecklistIvan Piskunov
 
Memory forensics.pptx
Memory forensics.pptxMemory forensics.pptx
Memory forensics.pptx9905234521
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityKumawat Dharmpal
 
Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control PresentationWajahat Rajab
 
Customs-Trade Partnership Against Terrorism (C-TPAT): Supply Chain Security
Customs-Trade Partnership Against Terrorism (C-TPAT): Supply Chain SecurityCustoms-Trade Partnership Against Terrorism (C-TPAT): Supply Chain Security
Customs-Trade Partnership Against Terrorism (C-TPAT): Supply Chain SecurityLivingston International
 
It audit methodologies
It audit methodologiesIt audit methodologies
It audit methodologiesSalih Islam
 
Sensibilización basc y riesgos
Sensibilización basc y riesgosSensibilización basc y riesgos
Sensibilización basc y riesgosviseltda
 
Skyscraper Security Mgt Part IV- Bomb Threat Response- Richard Garrity
Skyscraper Security Mgt Part IV- Bomb Threat Response- Richard GarritySkyscraper Security Mgt Part IV- Bomb Threat Response- Richard Garrity
Skyscraper Security Mgt Part IV- Bomb Threat Response- Richard GarrityRichard Garrity
 
Integrating Physical And Logical Security
Integrating Physical And Logical SecurityIntegrating Physical And Logical Security
Integrating Physical And Logical SecurityJorge Sebastiao
 
Best Practices for Security Awareness and Training
Best Practices for Security Awareness and TrainingBest Practices for Security Awareness and Training
Best Practices for Security Awareness and TrainingKimberly Hood
 
Behavior Based Safety (BBS).pptx
Behavior Based Safety (BBS).pptxBehavior Based Safety (BBS).pptx
Behavior Based Safety (BBS).pptxssuser02bb17
 
Cybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan PerspectiveCybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan PerspectiveIvan Sang
 
Module 10 Physical Security
Module 10 Physical SecurityModule 10 Physical Security
Module 10 Physical Securityleminhvuong
 

Mais procurados (20)

ISO 27001 (v2013) Checklist
ISO 27001 (v2013) ChecklistISO 27001 (v2013) Checklist
ISO 27001 (v2013) Checklist
 
Memory forensics.pptx
Memory forensics.pptxMemory forensics.pptx
Memory forensics.pptx
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
 
Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control Presentation
 
Domain 1 - Security and Risk Management
Domain 1 - Security and Risk ManagementDomain 1 - Security and Risk Management
Domain 1 - Security and Risk Management
 
Physical security
Physical securityPhysical security
Physical security
 
Customs-Trade Partnership Against Terrorism (C-TPAT): Supply Chain Security
Customs-Trade Partnership Against Terrorism (C-TPAT): Supply Chain SecurityCustoms-Trade Partnership Against Terrorism (C-TPAT): Supply Chain Security
Customs-Trade Partnership Against Terrorism (C-TPAT): Supply Chain Security
 
Physical Security
Physical SecurityPhysical Security
Physical Security
 
It audit methodologies
It audit methodologiesIt audit methodologies
It audit methodologies
 
Physical Security
Physical SecurityPhysical Security
Physical Security
 
Sensibilización basc y riesgos
Sensibilización basc y riesgosSensibilización basc y riesgos
Sensibilización basc y riesgos
 
Skyscraper Security Mgt Part IV- Bomb Threat Response- Richard Garrity
Skyscraper Security Mgt Part IV- Bomb Threat Response- Richard GarritySkyscraper Security Mgt Part IV- Bomb Threat Response- Richard Garrity
Skyscraper Security Mgt Part IV- Bomb Threat Response- Richard Garrity
 
Integrating Physical And Logical Security
Integrating Physical And Logical SecurityIntegrating Physical And Logical Security
Integrating Physical And Logical Security
 
Best Practices for Security Awareness and Training
Best Practices for Security Awareness and TrainingBest Practices for Security Awareness and Training
Best Practices for Security Awareness and Training
 
Physical Security.ppt
Physical Security.pptPhysical Security.ppt
Physical Security.ppt
 
Physical Security Management System
Physical Security Management SystemPhysical Security Management System
Physical Security Management System
 
Risk Assesments
Risk AssesmentsRisk Assesments
Risk Assesments
 
Behavior Based Safety (BBS).pptx
Behavior Based Safety (BBS).pptxBehavior Based Safety (BBS).pptx
Behavior Based Safety (BBS).pptx
 
Cybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan PerspectiveCybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan Perspective
 
Module 10 Physical Security
Module 10 Physical SecurityModule 10 Physical Security
Module 10 Physical Security
 

Destaque

Physical Security - Why Your Business Needs It
Physical Security - Why Your Business Needs ItPhysical Security - Why Your Business Needs It
Physical Security - Why Your Business Needs ItTerra Verde
 
Common Security Guard/Police call signs
Common Security Guard/Police call signsCommon Security Guard/Police call signs
Common Security Guard/Police call signsKevin Oulette
 
The Business Of Identity, Access And Security V1.0
The Business Of Identity, Access And Security V1.0The Business Of Identity, Access And Security V1.0
The Business Of Identity, Access And Security V1.0theonassiokas
 
2015 Year to Date Security Trends
2015 Year to Date Security Trends2015 Year to Date Security Trends
2015 Year to Date Security TrendsTerra Verde
 
Introduction to biometric systems security
Introduction to biometric systems securityIntroduction to biometric systems security
Introduction to biometric systems securitySelf
 
The Future of Bank Branches Coordinating Physical with Digital
The Future of Bank Branches Coordinating Physical with DigitalThe Future of Bank Branches Coordinating Physical with Digital
The Future of Bank Branches Coordinating Physical with DigitalCapgemini
 
Banking Trends for 2016
Banking Trends for 2016Banking Trends for 2016
Banking Trends for 2016Capgemini
 
Security training module
Security training moduleSecurity training module
Security training modulepagare_c
 

Destaque (14)

Physical Security - Why Your Business Needs It
Physical Security - Why Your Business Needs ItPhysical Security - Why Your Business Needs It
Physical Security - Why Your Business Needs It
 
Security training for sis
Security training for sisSecurity training for sis
Security training for sis
 
Sop for security
Sop for securitySop for security
Sop for security
 
6 Physical Security
6 Physical Security6 Physical Security
6 Physical Security
 
SOP of Security supervisor
SOP of Security supervisorSOP of Security supervisor
SOP of Security supervisor
 
Call sign
Call signCall sign
Call sign
 
Common Security Guard/Police call signs
Common Security Guard/Police call signsCommon Security Guard/Police call signs
Common Security Guard/Police call signs
 
The Business Of Identity, Access And Security V1.0
The Business Of Identity, Access And Security V1.0The Business Of Identity, Access And Security V1.0
The Business Of Identity, Access And Security V1.0
 
2015 Year to Date Security Trends
2015 Year to Date Security Trends2015 Year to Date Security Trends
2015 Year to Date Security Trends
 
Introduction to biometric systems security
Introduction to biometric systems securityIntroduction to biometric systems security
Introduction to biometric systems security
 
The Future of Bank Branches Coordinating Physical with Digital
The Future of Bank Branches Coordinating Physical with DigitalThe Future of Bank Branches Coordinating Physical with Digital
The Future of Bank Branches Coordinating Physical with Digital
 
Physical security.ppt
Physical security.pptPhysical security.ppt
Physical security.ppt
 
Banking Trends for 2016
Banking Trends for 2016Banking Trends for 2016
Banking Trends for 2016
 
Security training module
Security training moduleSecurity training module
Security training module
 

Semelhante a Code of practice for physical security systems in banks

Enterprise_Bank_Security_Manual_2.doc
Enterprise_Bank_Security_Manual_2.docEnterprise_Bank_Security_Manual_2.doc
Enterprise_Bank_Security_Manual_2.docrichardkimlopez
 
(U fouo) committee on national security systems supply chain risk management ...
(U fouo) committee on national security systems supply chain risk management ...(U fouo) committee on national security systems supply chain risk management ...
(U fouo) committee on national security systems supply chain risk management ...PublicLeaker
 
(U fouo) committee on national security systems supply chain risk management ...
(U fouo) committee on national security systems supply chain risk management ...(U fouo) committee on national security systems supply chain risk management ...
(U fouo) committee on national security systems supply chain risk management ...PublicLeaks
 
Cert 2 in Scurity - VCI.pptx
Cert 2 in Scurity - VCI.pptxCert 2 in Scurity - VCI.pptx
Cert 2 in Scurity - VCI.pptxShahzaibChang1
 
Safety management system introduction
Safety management system introductionSafety management system introduction
Safety management system introductionS P Singh
 
Solution managment and monitoring services.docx
Solution managment and monitoring services.docxSolution managment and monitoring services.docx
Solution managment and monitoring services.docxsaadatali65
 
DRAFT of NEW White House Cybersecurity Executive Order leaked
DRAFT of NEW White House Cybersecurity Executive Order leakedDRAFT of NEW White House Cybersecurity Executive Order leaked
DRAFT of NEW White House Cybersecurity Executive Order leakedDavid Sweigert
 
Guidelines on Cyber Security in Power Sector 2021_R.pptx
Guidelines on Cyber Security in Power Sector 2021_R.pptxGuidelines on Cyber Security in Power Sector 2021_R.pptx
Guidelines on Cyber Security in Power Sector 2021_R.pptxsrinivascooldude58
 
Defentect cbrn threat_detection system
Defentect cbrn threat_detection systemDefentect cbrn threat_detection system
Defentect cbrn threat_detection systemSandeep Kumar
 
· THE INDUSTRY AND THE COMPANY AND ITS PRODUCT(S) OR SERVICE(S)A.docx
· THE INDUSTRY AND THE COMPANY AND ITS PRODUCT(S) OR SERVICE(S)A.docx· THE INDUSTRY AND THE COMPANY AND ITS PRODUCT(S) OR SERVICE(S)A.docx
· THE INDUSTRY AND THE COMPANY AND ITS PRODUCT(S) OR SERVICE(S)A.docxoswald1horne84988
 
Residential Install Standards
Residential Install StandardsResidential Install Standards
Residential Install StandardsJim Sutton
 
Safety Management System Manual
Safety Management System ManualSafety Management System Manual
Safety Management System ManualS P Singh
 
What is ism code
What is ism codeWhat is ism code
What is ism codejuneshwe
 
Big Bear Package Details
Big Bear Package DetailsBig Bear Package Details
Big Bear Package DetailsCharles_Scholz
 
ADAM ADLER FLORIDA
ADAM ADLER FLORIDA ADAM ADLER FLORIDA
ADAM ADLER FLORIDA AdamAdler10
 
Scada implement secure - architecture
Scada implement secure - architectureScada implement secure - architecture
Scada implement secure - architectureFelipe Prado
 
MWC Managers Job Description
MWC Managers Job DescriptionMWC Managers Job Description
MWC Managers Job DescriptionTrevor Else
 
MWC Managers Job Description
MWC Managers Job DescriptionMWC Managers Job Description
MWC Managers Job DescriptionTrevor Else
 
Module 4 pre construction
Module 4 pre constructionModule 4 pre construction
Module 4 pre constructionjohnbarsellona
 
Servexo client presentation
Servexo client presentation Servexo client presentation
Servexo client presentation NickChaires
 

Semelhante a Code of practice for physical security systems in banks (20)

Enterprise_Bank_Security_Manual_2.doc
Enterprise_Bank_Security_Manual_2.docEnterprise_Bank_Security_Manual_2.doc
Enterprise_Bank_Security_Manual_2.doc
 
(U fouo) committee on national security systems supply chain risk management ...
(U fouo) committee on national security systems supply chain risk management ...(U fouo) committee on national security systems supply chain risk management ...
(U fouo) committee on national security systems supply chain risk management ...
 
(U fouo) committee on national security systems supply chain risk management ...
(U fouo) committee on national security systems supply chain risk management ...(U fouo) committee on national security systems supply chain risk management ...
(U fouo) committee on national security systems supply chain risk management ...
 
Cert 2 in Scurity - VCI.pptx
Cert 2 in Scurity - VCI.pptxCert 2 in Scurity - VCI.pptx
Cert 2 in Scurity - VCI.pptx
 
Safety management system introduction
Safety management system introductionSafety management system introduction
Safety management system introduction
 
Solution managment and monitoring services.docx
Solution managment and monitoring services.docxSolution managment and monitoring services.docx
Solution managment and monitoring services.docx
 
DRAFT of NEW White House Cybersecurity Executive Order leaked
DRAFT of NEW White House Cybersecurity Executive Order leakedDRAFT of NEW White House Cybersecurity Executive Order leaked
DRAFT of NEW White House Cybersecurity Executive Order leaked
 
Guidelines on Cyber Security in Power Sector 2021_R.pptx
Guidelines on Cyber Security in Power Sector 2021_R.pptxGuidelines on Cyber Security in Power Sector 2021_R.pptx
Guidelines on Cyber Security in Power Sector 2021_R.pptx
 
Defentect cbrn threat_detection system
Defentect cbrn threat_detection systemDefentect cbrn threat_detection system
Defentect cbrn threat_detection system
 
· THE INDUSTRY AND THE COMPANY AND ITS PRODUCT(S) OR SERVICE(S)A.docx
· THE INDUSTRY AND THE COMPANY AND ITS PRODUCT(S) OR SERVICE(S)A.docx· THE INDUSTRY AND THE COMPANY AND ITS PRODUCT(S) OR SERVICE(S)A.docx
· THE INDUSTRY AND THE COMPANY AND ITS PRODUCT(S) OR SERVICE(S)A.docx
 
Residential Install Standards
Residential Install StandardsResidential Install Standards
Residential Install Standards
 
Safety Management System Manual
Safety Management System ManualSafety Management System Manual
Safety Management System Manual
 
What is ism code
What is ism codeWhat is ism code
What is ism code
 
Big Bear Package Details
Big Bear Package DetailsBig Bear Package Details
Big Bear Package Details
 
ADAM ADLER FLORIDA
ADAM ADLER FLORIDA ADAM ADLER FLORIDA
ADAM ADLER FLORIDA
 
Scada implement secure - architecture
Scada implement secure - architectureScada implement secure - architecture
Scada implement secure - architecture
 
MWC Managers Job Description
MWC Managers Job DescriptionMWC Managers Job Description
MWC Managers Job Description
 
MWC Managers Job Description
MWC Managers Job DescriptionMWC Managers Job Description
MWC Managers Job Description
 
Module 4 pre construction
Module 4 pre constructionModule 4 pre construction
Module 4 pre construction
 
Servexo client presentation
Servexo client presentation Servexo client presentation
Servexo client presentation
 

Último

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontologyjohnbeverley2021
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAnitaRaj43
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard37
 

Último (20)

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
 

Code of practice for physical security systems in banks

  • 1. DRAFTS IN WIDE CIRCULATION DOCUMENT DESPATCH ADVICE Ref: ME 24/ T-20 Date: 01-12-2014 SECURITY EQUIPMENT SECTIONAL COMMITTEE, MED 24 To: a) The interested members of Mechanical Engineering Division Council, b) All members of Security Equipment Sectional Committee, c) All others interested Dear Sir(s), Please find enclosed the following documents Kindly examine the draft Indian standards and forward your views stating any difficulties which you are likely to experience in your business or profession, if these are finally adopted as standards. Last date for receipt of comments: 31-01-2015 Comments, if any, may please be made in the format as given overleaf and mailed to the undersigned at the above address. In case no comments are received or comments received are of editorial nature, you will kindly permit us to presume your approval for the above document as finalized. However, in case of comments of technical in nature are received then it may be finalized either in consultation with the Chairman, Sectional Committee or referred to the Sectional committee for further necessary action if so desired by the Chairman, Sectional Committee. Thanking you, Yours faithfully (T.V. SINGH) Encl: As above Scientist ‘F’ & Head (Mech Engg) Phone/fax 011 23232509 email: med@bis.org.in Doc . No. TITLE Doc ME 24 (1394) Draft Indian Standard Code of Practice for Physical Security Systems In Bank.
  • 2. Doc: ME 24(1394)c Dec 2014 Draft For Comments Only Draft Indian Standard CODE OF PRACTICE FOR PHYSICAL SECURITY SYSTEMS IN BANKS Not to be reproduced without the permission of Last date for receipt of BIS or used as a STANDARD comments is 31-01-2015 NATIONAL FOREWORD (Adoption clause to be added later on) 1.0 SCOPE 1.1 This standard recommends practices to be followed for ensuring physical security in banks and financial institutions. 1.2 This standard does not cover internet banking or information security. 1.3 This standard is intended to be a guideline and the provisions herein shall be Subservient to all applicable rules and regulations and policies, unless otherwise mandated by a competent regulatory authority. 1.4 The Physical Security System of a bank is a function of various factors like threat Perception, location, construction, installed security measures, quality of security equipment and devices. This standard attempts to take a comprehensive view of the related factors and specify minimum measures to ensure desirable functioning of the system. 2.0 OBJECTIVE 2.1 The principal objective of this code of practice is to prescribe minimum security measures to be instituted by all banks and financial institutions for the purpose of : a) Creating and maintaining a secured environment to facilitate safe banking transactions, b) Promoting security awareness among management and staff in all banks and financial institutions, c) Minimise crimes and reduce losses, d) Assisting investigating agencies, and e) Building customer confidence and organisational image. 3.0 TERMINOLOGY
  • 3. Doc: ME 24(1394)c Dec 2014 3.1 For the purpose of this standard, the following definitions shall apply : (a) Branch : Any operating unit of a Bank or Financial Institution dealing with receipt and disbursal of cash and /or storage of valuables on behalf of its customers, (b) Branch Heads : The senior most official of the Branch ,under whose administrative authority the Branch functions, (c) Organisation : Any organisation classified as a Bank or a Financial Institution as per the law of the land, (d) Security devices : Any device employed to enhance the security measures through warning signals or generating evidence, (e) Security Equipment : Any product employed to store and protect currency and other valuables in the custody of a Branch, (f) Security Manual : A documented Physical Security Policy and Procedures Manual as described in 4.1 of this standard, and (g) Top Management: The Management of the organisation, or any person or group of persons representing the Management to execute a specific task. 4.0 ORGANISATIONAL RESPONSIBILITIES : 4.1 Security Manual 4.1.1 Every organisation shall have a documented security policy and procedure manual which shall be approved at the highest level of the organisation and implemented at all appropriate levels of the organisation. 4.1.2 The Security Manual shall provide the basis of a Security Programme, appropriate to the scale of operation of the organisation. It shall be the responsibility of the Top Management of the organisation to ensure successful implementation of the Security Programme. 4.1.3 The Security manual shall be formulated on basis of the Plan Do Check Act principle and shall, to the extent possible, follow the structure of IS/ISO 9001. 4.2 Security Programme: 4.2.1 The Security Programme shall address, at least, the following :- (a)Procedure for Risk Categorisation of branches, (b)Procedure for installing security programme , devices and equipment appropriate to the risk categorisation levels at various functional units of the organisation, (c)Procedure for deployment of security personnel in accordance to its risk categorisation,
  • 4. Doc: ME 24(1394)c Dec 2014 (d)the responsibilities and authorities of the personnel involved in implementing the security programme at appropriate levels of the organisation, (e)procedure for providing initial and periodic training to security staff and other employees about the organisation’s security policy , general security measures and specific responsibilities appropriate to his/her level, (f) Procedures for safekeeping of all currency, negotiable instruments, and other valuable items, whether owned by the organisation or by its customers (g) Procedures for ensuring security of strong rooms/vaults, (h) Special security measures to be taken during off-days or holidays, (i) Procedures for preserving evidence and assisting in identification of persons committing acts of robbery or burglary, (j) Procedures for selecting, procuring, operating, maintaining and disposal of security devices, (k) Procedures for selecting, procuring, operating, maintaining and disposal of security equipment, (l) Procedures for comprehensive periodic auditing of all aspects of security installed at the organisation, (m) Procedures for maintenance of appropriate records at various functional levels on implementation, administration and effectiveness of the security programme . 4.3 Designation of Responsible Officer: 4.3.1 Every organisation shall have a Security Department headed by a Chief Security Officer with appropriate responsibilities and authority. 4.3.2 Depending upon the organisational structure, Zonal and / or Regional Security officers may also be appointed with appropriate authorities to implement the security policy of the organisation. 4.3.3 It shall be the primary responsibility of the Branch Head to ensure appropriate measures in the Branch under his authority, in accordance to the Security Programme. The nomination of an alternate official to look after the day to day security activities of the Branch may also be considered wherever necessary. 5.0 LOCATION AND INFRASTRUCTURE: 5.1 Location: The following measures shall be ensured while deciding about the location of a Branch and the operational infrastructure therein: (a) The Branch shall not be located in an isolated and /or vulnerable place .
  • 5. Doc: ME 24(1394)c Dec 2014 (b) The Branch shall not be located in a crime prone area . The Security Officer of the Bank and the local police shall be consulted to assess the crime proneness of a locality and their views shall be taken in to account. (c) The Branch shall be located as near to the police station as possible. (d) During site selection, the possibility of any easements within or adjacent to the facility that could affect the security of personnel or assets should be examined. (e) Consideration should be given to potential and perceived threats. (f) The susceptibility of the area to natural calamities should also be considered. 5.2 Constructional Requirements 5.2.1 General (a) The design, layout and site location of buildings should facilitate natural surveillance by police and the public from the surrounding area (e.g., from nearby roadways or other buildings) unless this approach is deemed undesirable by organisational safeguarding strategies. (b) Structurally strong building should be selected for locating Branches. Old dilapidated buildings which may infringe on security requirements shall not be used ,even temporarily. (c) It shall be ensured that windows do not directly open into areas having direct access to the strong rooms ,storage facilities or sections dealing with liquid assets. (d) Where windows are unavoidable ,they should be fitted with strong grills embedded into the walls with strong steel rods, angles or flat bars. The grill shall be so designed as to deny access by human hand through it. (e) Irrespective of the location or design of the Branches ,the strong rooms shall be built in accordance to the relevant Indian Standard and in strict conformance to the guidelines issued by RBI. (f) RCC construction for Strong Rooms shall be as per relevant IS Specifications. (g) In cases where strong rooms as per specifications cannot be made available. (h) Safes shall be adequately embedded in to the walls by strengthening the walls with 6 inches thick RCC lining all around. (i) The future operational requirements should be considered while constructing the Branch. 5.2.2 Entry/Exit
  • 6. Doc: ME 24(1394)c Dec 2014 a) In addition to the wooden doors, the entrance at the front should have rolling shutters and collapsible grills. b) Rolling shutter shall have floor embedded central lock with slots made of steel . There shall be no gap between the lock lever and the hook of the door. c) Hanging locks shall not be used on the rolling shutter in place of the latch embedded locks. 6.0 SECURITY MEASURES: 6.1 Risk Categorisation: 6.1.1 Every Branch shall be assessed for its exposure to risk and categorised appropriately. 6.1.2 The security measures installed in a Branch shall be appropriate to its risk categorisation and in accordance to guidelines made available by the appropriate authorities. 6.2 Primary In-built Measures: 6.2.1 All Branches shall invariably ensure the following primary security arrangements : (a)There shall be only one entrance to a Branch. The entrance shall be situated at a place easily noticeable by a substantial part of the employees working in the Branch. (b) If there are more than one entrance to a Branch , only one entrance shall be used and all other entrances shall be securely closed from inside . It shall not be possible to gain access through these entrances without raising an alarm or drawing attention of persons present in the working area. (c) The doors and grills should have separate locking devices. (d) Strong and good quality high leverage locks with minimum 11 levers should be used. Locks with long arms should not be used as these are more amenable to break-in attempts. (e) Perimeter lighting should provide sufficient illumination in and around facilities to allow the detection and observation of people approaching the facility, discourage opportunistic criminal activity, address any other security threats that may apply and support surveillance features. (f) Emergency power must be provided in the Branch and particularly for the Security devices (g) The strong room facilities shall include the following:- (i) fire alarm security system; (ii) Intrusion detection security systems;
  • 7. Doc: ME 24(1394)c Dec 2014 (iii) 24 hours monitored surveillance cameras (CCTVs); (iv) secured locks and keys to avoid duplication; (v) Secured safes and storage equipments; and (vi) Adequate access control system. (h) Wherever Branches are functioning without a Strong Room facility, all valuable terms and documents are to be kept in FBR safe. 6.3. Essential General Measures: 6.3.1 Every Branch shall have the following security arrangements :- a) Entrance door shall be fitted with a grill gate, shutter with central lock. b) CCTV surveillance. c) Appropriate types of fire extinguishers at important places, including server/UPS rooms. d) Integrated intruder alarm system with sensors and auto-dialler connected to the emergency responders. e) UPS system shall have a separate circuit, independent of the usual electrical circuit of the Branch. f) Emergency lights and inverters or generator sets shall be installed to ensure that lights come on automatically in case of power failure . g) Every Branch shall be provided with a B Class strong room. Where, a B Class strong room cannot be provided for unavoidable reasons, the safe room shall be suitably provided with grills. h) Armed Guards shall be posted in accordance to the risk categorization of the Branch i) Important phone numbers like Police, Fire, Hospital, Bank Officials etc. shall be displayed at prominent places. j) Adequate Insurance cover for cash and valuables is to be obtained for an amount more than the combined value of the market value of the gold kept at the branch and cash, generally kept at the branch. k) Procedures for opening, closing and accessing the bank after working hours shall be rigidly followed. l) Accumulation or dumping of furniture ,files or any other objects shall not be permitted to happen in a manner so as to constitute a potential fire hazard and/or provide cover to intruders. 6.4 Desirable Additional Measures
  • 8. Doc: ME 24(1394)c Dec 2014 6.4.1 In addition to the measures described in 6.1 to 6.3 , it is desirable that every Branch should also take the following additional measures : (a) Security guards of nearby shopping or residential complexes etc may be requested to keep an eye on the branch at night and on holidays (b) The local police authorities may be requested to include the branch under the Police beat system. (c) Adequate perimeter lighting may be provided at the front rear and sides preferably on all exposed sides of the branch premises. (d) During the weekends and holidays, the Branch Head or any other designated staff should visit the branch premises at staggered timings to ensure the security of the premises. 7.0 OPENING, CLOSING AND ACCESING THE BRANCH AFTER WORKING HOURS: 7.1 The Security Manual of an organisation shall document the procedures to be followed for opening and closing a Branch as well as for accessing the branch after normal working hours, both by employees as well as customers. 7.2 Opening the Branch 7.2.1 Every Branch shall nominate an officer to open the Branch for starting the services. The documented procedure shall be strictly followed by the Branch. The nominated officer shall, in addition to any other responsibility outlined in the organisation’s procedures, ensure that the following actions are taken: a) Examine the premises from the outside to check whether any attempt to break in to the branch has been made. b) After opening the main entrance, the security alarm should be switched on in the day mode. c) While cleaning of the premises is carried out before the working hours under the supervision of the nominated officer/ employee, it shall be ensured that entry into the branch is not allowed to customers. d) The cleaning of the Branch shall be done only by authorised personnel. In cases where outside agencies have been contracted to do the housekeeping functions, the concerned person(s) shall be issued with proper identity document by the Branch Head. e) The cleaning shall be done under the supervision of nominated employees/ Branch Head.
  • 9. Doc: ME 24(1394)c Dec 2014 f) If any staff member is allowed entry during this time , it shall be ensured that he is identified properly. The collapsible gate should be closed and locked immediately after he enters. 7.3 Access after Working Hours: 7.3.1 Access to the Branch premises after working hours should be avoided. In situations where it becomes unavoidable, all following precautions should be taken to ensure the security of the Branch: a) After the banking hours, all entrances will be closed and secured from inside. b) If any customer is in the banking hall after the close of the business hours, they should be attended to as expeditiously as possible. c) Entry of outsiders after working hours shall be allowed only after obtaining permission from the Branch Head . Under no circumstances, the authority should be delegated to the guard, watchman, or attender. d) Whenever a customer is allowed to enter the premises before or after business hours, care should be taken to identify the person seeking entry in to the premises. The collapsible gate should be closed and locked immediately after he enters. Similarly, the collapsible gate should be closed and locked immediately after he leaves the premises. e) In case the Branch is functioning after normal working hours, the Branch Head should ensure that at least two or more staff members are present. f) Strangers or customers whose identities are not properly known shall not be entertained to stay back during lunch hours or after working hours. 7.4 Closing the Branch: a) Ensure that the Security alarm and CCTV are switched on and functional. b) Check that all doors, windows, strong rooms, storages are properly closed/ locked/ bolted in strict accordance to the procedures outlined in the Security Manual. c) Each Branch shall have a check-list of security points to be verified. The check-points shall be verified and authenticated by a responsible officer nominated by the Branch Head. d) Check that all electrical connections, except the UPS, are switched off. e) Check that all table drawers and almirahs are locked. f) Operational guidelines on dual control of keys should be strictly adhered to. 8.0 POST- INCIDENT ACTIONS:
  • 10. Doc: ME 24(1394)c Dec 2014 In the event of an attempted or successful burglary or robbery attempt, every Branch shall take the following actions: (a) Immediately report to the law enforcement agencies. (b) Report to the authorities as specified in the Security Manual. (c) Under these circumstances, the Branch entrance should not be opened until directions of the Branch Head/Regional Head/Security Officer are received., (d) Care must be taken not to touch anything and not to allow anybody into the branch. (e) A communication shall be sent to the nearest BIS office requesting them to examine whether the unaffected / untampered sides of the burgled equipment may be subjected to testing to assess whether the burgled equipment was made as per the required standard. (f) In the event of any recorded evidence that the equipment was actually burgled in less than its certified resistance time, an online complaint shall be registered with BIS giving necessary details of the burgled equipment. This shall be followed up with a written communication to the appropriate authority in BIS, with a request to conduct a suitable enquiry about the particular consignment /control unit of which the burgled equipment was a part. Note: Possible course of action in case of non-BIS certified equipment needs to be explored because similar investigative actions and consequent corrective measures may not at all be possible in such cases. 9.0 SECURITY EQUIPMENT: 9.1 Procurement (General): 9.1.1 Security equipment plays a vital role in enhancing security of banking operations, both during banking and non-banking hours. It is therefore imperative that the security equipment installed in branches must be procured and installed according to strict time tested norms that accrue the maximum benefits and safeguard to the organisation. 9.1.2 Only BIS certified Security Equipment shall be procured for all products where an IS Specification exists. 9.2 Procurement of BIS Certified Security Equipment 9.2.1 At the time of procurement, the procuring authority shall confirm whether the manufacturer holds a valid BIS certification marks licence with respect to the product, type, variety intended to be supplied. 9.2.2 The purchasing authority shall familiarise itself with the benefits of BIS Certification and the ways and means to avail of such benefits. 9.2.3 The purchasing department shall familiarise itself with the general requirements of the BIS certification scheme for operation of a licence and ,in case of any observed deviation
  • 11. Doc: ME 24(1394)c Dec 2014 by the supplier ,shall immediately bring it to the notice of the nearest BIS office and seek their guidance. 9.2.4 A list of Indian Standard Specifications related to Security Equipment is given at Annexure A. 9.3 Procurement of Uncertified Security Equipment 9.3.1 In cases where it may be essential to procure a type of product that may not be covered under the relevant IS Specification, proper justifications may be recorded for using such a product. 9.3.2 Before finalising the procurement of such a product, the organisation shall appoint a panel of experts to prepare the product specifications and test methods in line with the relevant existing IS Specification for the product. The members of the Panel shall be well versed with the engineering aspects of the product. 9.3.3 While preparing the specification, the panel shall ensure that dilution of quality parameters vis-à-vis the existing IS standard is not permitted. 9.3.4 No product shall be procured unless the manufacturer has demonstrated complete conformance to the specification prepared by the panel 9.4 In absence of Specification: Where no IS Specification exists for a product, possibility of urgently formulating an IS standard may be explored. Failing that, the procedure outlined at 9.3 may be followed. 9.5 Procurement of Equipment certified according to specifications other than IS Specifications 9.5.1 Where the necessity is felt to procure products conforming to some other standards bodies like EN or UL, the necessity of such action shall be recorded. 9.5.2 While taking the decision it shall be kept in mind that quality parameters of other standards may not necessarily suit the conditions arising in India . Accordingly, the suitability of product conforming to other standard specification over the Indian standard specification shall be examined and recorded. 9.5.3 While procuring such a product, it shall be ensured that (a) the quality is certified by an agency appointed or approved for the purpose by the concerned standards formulating body (b) the certifying agency accepts responsibility of quality. 10.0 PRE-SUPPLY / POST-SUPPLY QUALITY CHECK 10.1 A proper and effective conformity assessment of physical security equipment is not possible without systematic, destructive testing. In case of BIS certified products, this is taken care of by the third party quality assessment provided by BIS. 10.2 Considering the nature of the product and its usage, any corrective action becomes extremely difficult after installation of the equipment .Therefore ,wherever ,in the opinion of
  • 12. Doc: ME 24(1394)c Dec 2014 the organisation , extra precaution is deemed necessary , ,it would be desirable to work out a methodology to institute checks during or immediately after supply. 10.3 The most effective way to install such a check would be through the BIS certification mechanism. It would be advisable to arrive at a sampling and assessment method, at the organisational level, in consultation with BIS. 10.4 For non-BIS certified products, a suitable scheme may be installed where a pre-supply inspection may be done by an agency appointed by the Bank. 10.5 A well thought out pre or post-supply quality check mechanism, will provide additional confidence to all concerned as well as act as a deterrent to production of sub-standard material. 11.0 MAINTENANCE OF SECURITY EQUIPMENT 11.1 Physical security equipment should not normally require periodic maintenance .However, as and when maintenance or repair are called for the following precautions shall be observed: (a) All repair and maintenance activities shall be undertaken strictly as per the terms of the contract between the Bank and the supplier of the equipment. (b) Before the supplier’s representative is allowed access to the equipment in need of repair or maintenance, the equipment shall be emptied and the contents shall be stored in an alternate facility. The acts of emptying and storing shall be done as per the policy of the concerned bank. (c) After the repair /maintenance is completed, it shall be verified that the equipment meets all its original quality and supply requirements. No alteration in the locking system or construction of the equipment shall be permitted. Where a replacement of lock is called for, an identical lock only shall be used. (d) Wherever the equipment is fitted with a combination lock, immediately after the maintenance activity, the combination shall be changed. (e) All such activities shall be recorded in detail. 12.0 SECURITY DEVICES 12.1 Security devices shall be installed as specified in the Security manual of the organisation. 12.2 Each device shall be tested periodically to ensure its readiness in the event of necessity. 12.3 While procuring any security device utility features shall always be given preference over other features which may not contribute significantly to enhancing security.
  • 13. Doc: ME 24(1394)c Dec 2014 12.4 While procuring security devices, enquiries shall be made with other branches and /or other organisations about the on-spot performance history of such devices. Brands or devices having a history of frequent break-downs or requiring frequent maintenance or poor after-sales service record shall not be considered for procurement. 13.0 TRAINING: 13.1 Every Organisation shall provide appropriate training to its personnel on security measures. The training should be appropriate to the responsibilities and authorities of the persons concerned. 13.2 In the event of a trained person assuming different or higher responsibilities, it shall be the responsibility of the top management to provide him/her fresh training appropriate to the new responsibility. This may not be necessary where the concerned person has already received the required training within a reasonable period immediately preceding the change. 13.3 Security measures shall be a part of the induction training curricula for all classes of employees. 13.4 Specific guidelines containing Dos and Don’ts in the event of any security related incident shall be made available to employees on training. 13.5 Mock exercises shall be conducted to ensure that employees are familiar with the actions required to be taken in emergencies. The frequency of such exercise shall be decided in accordance to the security policy of the organisation. 13.6 Security trainings shall at least cover the following: (a) Importance of security measures; (b) Features and structure of the security programme installed in the organisation; (c) Knowledge about functioning of the security systems and devices; (d) Actions to be taken in the event of robbery or burglary; (e) Criteria of a good witness; (f) Actions to be taken to preserve evidence; (g) Dealing with threatening messages and kidnappings; and (h) Measures to be taken in the event of a fire outbreak. 14.0 SECURITY AUDIT: 14.1 At the time of opening or relocating a Branch, a preliminary security audit and risk categorisation shall invariably be done and actions taken accordingly.
  • 14. Doc: ME 24(1394)c Dec 2014 14.2 Subsequently, every operating Branch shall be subjected to a multi-tier security audit in the following manner: (a) An internal security audit of every Branch shall be conducted periodically by a senior employee of the branch . The purpose of this audit shall be to verify whether all security norms, as applicable to the Branch , are being observed .In the event of detection of a deviation ,the matter shall be immediately brought to the notice of the Branch Head and appropriate actions taken . The matter shall be appropriately recorded. (b) An external security audit shall be conducted periodically by a Security Officer The purpose of this audit shall be to examine the security status of the Branch vis-a-vis the organisational policy and security categorisation of the Branch . The report of the internal audit shall be considered and verified while conducting this audit. (c) The organisation shall provide check-list and Report Proformae for both the audits and the audits shall be strictly conducted and reported accordingly . (d) At least once every three years ,every branch shall be audited for re-assessment of its risk categorisation (e) In addition, the organisation may institute audits and/or conduct re-assessment of risk categorisation as and when deemed necessary. (f) The periodicity of the audits shall be as determined by the top management. 15.0 RECORDS 15.1 Every organisation shall maintain relevant records with respect to the following, in accordance to the documentation policy of the Bank: (a) Incidences of robbery or burglary (b) Type of security devices the bank or financial institution has installed. (c) Frequency of maintenance of its security devices; (d) Training of its management and staff on security issues; (e) Security classification of Branches; (f) Branch-wise records of security training of the staff employed; and (g) Reports of Security Audits and consequent action taken report. 15.2 The records maintained shall adequately address the following :
  • 15. Doc: ME 24(1394)c Dec 2014 (a) Bank’s internal Management Information System; (b) Requirements of regulatory Authorities; and (c) Audit requirements. Annexure A
  • 16. Doc: ME 24(1394)c Dec 2014 IS.NO. TITLE IS 550(PT 1):2003 Safes: Part 1 Specification (fourth revision) IS 550(PT 2): 2005 Safes, Part 2 Tests for burglary resistance (fourth revision) IS 550(PT 3):2005 Safes, Part 3 Tests for fire resistance (fourth revision) IS 1046:1992 Cash boxes - Specifications (third revision) IS 5244:1991 Safe deposit locker cabinets - Specification (second revision) IS 7152:1992 Book room doors - Specifications (first revision) IS 11188(PT 1):1991 Vault (strong room) doors: Part 1 - Specification (first revision) IS 11188(PT 2):1991 Vault (Strong room) doors: Part 2 Test for burglary resistance ( first revision) IS 11188(PT 3):1991 Vault (Strong room) doors: Part 3 Tests for fire resistance ( first revision) IS 12187:1987 Specification for coffers IS 14203:1999 Fire resisting record protection cabinet - Specification (first revision) IS 14387:2005 Vaults - Air ventilators – Specifications (first revision) IS 14505:1998 Fire resisting magnetic media protection cabinets - Specification IS 14512:1998 Safe cum safe deposit lockers - Specification IS 14561:2007 Fire resisting (insulating) filing cabinets – Specification (first revision) IS 14562:1998 Fire resisting computer media protection cabinets - Specification IS 15369:2003 Code of practice for construction of vault (strong room)
  • 18. FORMAT FOR SENDING COMMENTS ON BIS DOCUMENTS (Please use A4 size sheet of paper only and type within fields indicated. Comments on each clauses/sub- clauses/table/fig. etc be started on a fresh box. Information in Column 4 should include reasons for the comments and suggestions for modified wording of the clauses when the existing text is found not acceptable. Adherence to this format facilitates Secretariat’s work) It is desirable to send comments through email at : med@bis.org.in . IS. No./ Doc. No.: TITLE : NAME OF THE COMMENTATOR /ORGN.: _________________________ Sl. No. Clause/Subclause/ para/table/fig. No. commented Comments Justification Proposed change