I've acted as SQSS for BREEAM Hea 06 Security Needs Assessments on a good number of BREEAM NC 2014 projects, so I wanted to take a look at how the security component of the BREEAM New Construction scheme has changed from the current version to the recently released draft 2018 version.

Security and sustainability professionals, please let me know what you make of the changes.

Hea 06 - Security

Firstly and most obviously, security now has its own section. In NC 2014 security and safe access were both found under Hea 06 and the title of safety and security. For me, this always felt like security was a bit of an afterthought, so I'm pleased to see that security now has its own section (still Hea 06) and that the relationship between security and sustainability and wellbeing is made more explicit.

Value

That leads us to the 'Value' section, which is a new element across NC 2018. I don't think there's anything controversial here, and its good to see the emphasis on risk and phrases like 'considered specification' as well as the aforementioned link to wellbeing.

Credits

Here's where things start to get interesting... As in NC 2014, there is a single credit for completion of a Security Needs Assessment by a Suitably Qualified Security Specialist. But NC 2018 also brings in an Exemplary Performance credit, which is achieved by using a 'compliant risk based security rating scheme'. 

This will come as no surprise to those who know that BRE has launched just such a scheme in the form of SABRE, which develops the risk based approach of the SNA into a comprehensive rating scheme for buildings. It's going to be very interesting to see how this extra credit affects the take-up of SABRE and vice-versa.

The Security Needs Assessment

The scope of the SNA is essentially the same in NC 2014 and 2018: site survey, consultation and risk assessment for the new development in order to allow the identification and evaluation of security solutions. 

Recommendations or Controls?

In NC 2014, the SNA concludes with a set of recommendations that address the issues identified by the SQSS. NC 2018 looks to improve on this slightly vague and reactive approach by swapping out recommendations for controls, which include 'design and layout', physical security' and 'technological security'. In the end, this probably won't change the content of SNAs very much but I'm pleased that the wording reflects a more deliberate approach to security design.

The Suitably Qualified Security Specialist

Anyone involved in producing Security Needs Assessments, certainly in London in the last couple of years, will note that NC 2018 no longer lists the Crime Prevention Design Advisor or similar as the first option in who can act as SQSS. As limited police crime prevention resources are now focused on delivering Secured By Design and have been unwilling to act as SQSS, this should remove some confusion.

BRE have rightly left the door open to police CPDAs etc to act as SQSS (if they meet the other qualification criteria) so if you're lucky enough to have a project in a force area that will support you in that way, you may be on your way to a free credit. 

Reflecting the increasing professionalisation of security design, NC 2018 notes that any practising security professional can act as SQSS provided they meet the experience, qualification and membership criteria. Those criteria are largely unchanged, but again watch this space with regard to SABRE certification.

Conclusions?

For me the changes to Hea 06 in the draft NC 2018 have improved the bits that needed improvement and retained the bits that brought benefits in NC 2014. I'm really interested to see how the market for SABRE certification has developed by the time NC 2018 goes live, and to see whether that Exemplary Performance credit will be picked up.

Introduction

If you’re an architect, a project manager or developer involved in commercial property then you’ve probably reviewed security designs from specialist and other consultants. Beyond being able to show prospective tenants a few cameras in the landlord areas and some turnstiles in the lobby, did your project see enough value from them? In this post I’m going to highlight some ways that I think that your security designer should be enabling your building to appeal more to tenants.

Security design should support you in achieving marketable building certifications

Maybe you’re not convinced that many of your prospective tenants place any great stock in security design, so I'll start with something related. I'm sure that you do believe that tenants are interested in sustainability, and I’d wager that you’re targeting a BREEAM rating for most if not all of your buildings.

If you’re paying a consultant to design security for your office building, then the risk assessment and recommendations from that consultant could be packaged so as to contribute a BREEAM point to the project. Of course the consultant has to meet the criteria set out in BREEAM Hea 06 in order to be a ‘Suitably Qualified Security Specialist’ and the development has to actually build the recommendations. But if you employ someone who is qualified and experienced then neither of those should present a problem and your project should be lined up to add a valuable BREEAM point.

Would your potential tenants value a building with a badge from Secured By Design Commercial, BRE SABRE or the City of London Crime Prevention Association’s Building Security Accreditation? I suggest that you ask your property consultant to assess the appeal to your target tenant profiles.  If your tenants are considering terrorism insurance then there's a good chance that they would be interested in a certification that led to a reduction in their premium.  

Security specifications should support the technology and operational choices of your tenants

Is your development seeing the security and business benefits of the latest technology? Or is your security designer rolling out specifications based on the same analogue cameras and (hacked) proximity card technology as ten years ago?

If you receive interest from a tech savvy potential tenant, will they be impressed by what they see? Or will they wonder why the first layer of security for their office building is out of date, easily circumvented and incompatible with the systems that they plan to install within their demise?

For example, are you thinking about leasing some or all of the space to a coworking provider? If so, how is the landlord’s access control system planned to integrate with the tenant’s use of coworking management systems like Cobot or Nexudus? More generally, maybe you can provide some preparation in the base build to limit the works required from tenants in installing security measures, such as providing containment between comms rooms and likely access controlled doors or providing robust fixing locations where shutters within the tenant demise would protect their assets. 

In short, your security designer should be consulting with you, the design team and your property consultant to determine target tenant profiles and specify systems in support of those. This takes time and effort on behalf of the security designer, but it doesn't have to increase the security budget significantly and in my experience it pays off when tenants see the effort that the base build has made so that they won’t have to.

Security designs should clearly respond to current threats

Can you describe to prospective tenants that likely crime and terrorism scenarios were considered in the design of the building and security systems, and demonstrate how the landlord areas and the building management procedures will help to protect their staff? 

Maybe only 5 years ago this kind of discussion was only likely to be had with banks, multinational corporations or large infrastructure companies. In 2017 smaller companies in more diverse sectors are concerned that their staff could be affected by a targeted or indiscriminate terrorist attack and are asking what protection their office buildings will provide to those inside. 

If your security designer didn’t do much more than table some plans with cameras and controlled doors in the usual locations, maybe an intercom for out of hours access, then your tenant isn’t going to see a level of protection that they can describe to their management and employees as part of the benefits of a move. On the other hand if you have can table a threat assessment and a vulnerability assessment and show how those are mitigated by a combination of physical, electronic and operational systems which are designed and operated in accordance with legislation and documented industry best practice then you can appeal not only to their security manager but to information security, human resources and other disciplines.

Summary

If you want to differentiate your commercial space for tenants, considered security design in the base build can help. A qualified, experienced and diligent security consultant should be able to assist you in demonstrating that your building will support the things that your tenants care about from the obvious protection of assets, through technical system integration to sustainability.

Introduction

My last blog post (http://toren.co.uk/shoul48c3) introduced a series of posts discussing the various security assessment and certification schemes available for buildings in the UK and gave some pointers on Secured By Design. Part of that article described SBD as a prescriptive standard, as compared to risk-based schemes like BREEAM Security Needs Assessments. So this week, I'm going to take a look at the BREEAM Hea 06 SNA and consider its pros and cons.
What is a BREEAM Hea 06 Security Needs Assessment?

BREEAM

BREEAM is “the world's leading sustainability assessment method for master planning projects, infrastructure and buildings” according to its authors BRE. The BREEAM schemes assess the design, procurement, construction and operation of a development against targets, and rate them as Pass, Good, Very Good, Excellent and Outstanding.
The BREEAM standards are available from BRE at http://toren.co.uk/breea3284. Note that this article refers to the UK versions of the standards, rather than the International versions. The full wording of BREEAM Hea 06 in the current (2014) UK new construction scheme can be found at http://toren.co.uk/hea06fa48.

BREEAM Hea 06 Security Needs Assessment

BREEAM grants a point towards a development’s rating if a Security Needs Assessment is completed and the recommendations from that report are implemented.
Specific criteria apply to both the Security Needs Assessment report and the ‘Suitably Qualified Security Specialist’ who can be employed to complete it.

Security Needs Assessment Criteria

Hea 06 defines a Security Needs Assessment as “the project and site specific assessment of security needs”, and requires:

• A visual audit of the site and surroundings
• Formal consultation with relevant stakeholders
• Identification of risks specific to the use and user groups of the building
• Identification of any detrimental effects the development may have on the existing community

These requirements reflect some of the elements of a typical security consultant’s report for a property. As late involvement in projects is a constant lament of security consultants and other specialists, the requirement of Hea 06 that this assessment is undertaken during RIBA Stage 2 is welcome. Note that there is a clarification that the points can be achieved later if the SQSS confirms that the implementation of security measures has not been ‘restricted, impaired or are not possible as a result of their later involvement’.

The requirement to consult with stakeholders such as the police Designing Out Crime Officer (DOCO) or Counter Terrorism Security Advisor (CTSA) ensures that up to date information on specific local and emerging crime types and criminal methods can be included. As the DOCO is a planning consultee, early engagement with them via a security consultant is normally recommended anyway.

Who can help?

BREEAM allows three routes to be considered suitably qualified for the purposes of Hea 06:

• Crime Prevention Design Advisors (CPDA) or Architectural Liaison Officers (ALO), Counter Terrorism Security Advisor (CTSA); or
• A specialist registered with a BREEAM-recognised third party accreditation scheme for security specialists.
• A practising security consultant that meets the following requirements:
  • Minimum of three years relevant experience within the last five years. This experience must clearly demonstrate a practical understanding of factors affecting security in relation to construction and the built environment, relevant to the type and scale of the project being undertaken.
  • Hold a suitable qualification relevant to security.
  • Maintains (full) membership to a relevant professional body or accreditation scheme that meets the following:
    • Has a professional code of conduct, to which members must adhere; and
    • Ongoing membership is subject to peer review.

Increasingly, police DOCOs (replacing the outdated terms referenced in Hea 06) are found to be too stretched to act as SQSS and produce a Security Needs Assessment. While I am unable to point to published policy, this has been a trend that has been confirmed by DOCOs and by developers, architects and BREEAM Assessors when seeking Hea 06 points. The DOCO will usually still meet the design team to advise on crime patterns etc but, probably fairly, will often not produce a fully compliant Security Needs Assessment.

There are not currently any BREEAM-recognised accreditation schemes, meaning that the most likely route to achieving a compliant SNA is to appoint a consultant meeting the experience, qualification and membership criteria.

Should you go for a Security Needs Assessment?

To be absolutely clear, there isn’t a separate badge for completing a BREEAM Security Needs Assessment like there is with SBD; there are only points towards your BREEAM rating. So the short answer is that if you need a BREEAM point, then you should consider a Security Needs Assessment.

The benefits of the approach taken by BREEAM to Security Needs Assessments are largely the flexibility that it allows. You can try to use the police DOCO as SQSS, or engage a professional security consultant. You can follow Secured By Design (as described in a clarification in Hea 06), or you can take a more bespoke approach. You can produce the Security Needs Assessment report in whatever format is best for the project and for the BREEAM Assessor’s later ease in verifying that measures have been included.

The ease with which a Security Needs Assessment actually contributes BREEAM points though ultimately depends upon the alignment of the SQSS’s recommendations with the project’s architecture and budget. Anecdotal evidence and a recent small survey by Toren Consulting indicate that incompatibility of the security recommendations with a project’s design and cost plan are the main reasons that assumed Hea 06 points in a BREEAM Assessment are ultimately not achieved.
(If you’d like to contribute to the survey, it remains open at http://toren.co.uk/breea29a8)

Summary

I believe that it is encouraging to see security represented in sustainability standards. The relationship between the two is something that I will explore in future posts.

Simplistically, engaging an SQSS to complete an SNA could be seen as an easy and affordable way to achieve a BREEAM point, but it should be remembered that to actually get the points the recommendations have to be implemented. There’s no reason this shouldn’t be achievable, but the architect and QS should ensure that the SQSS gives them a clear understanding of the implications of the SNA.

Introduction

There’s a fairly broad range of security awards available for buildings, whether at construction, fit-out or in use. But do you need to go for them? Should you be targeting Secured by Design for your new residential development? What about the City of London Crime Prevention Association’s Building Security Accreditation (catchy!) for your commercial office? BRE started with BREEAM Security Needs Assessments and are now offering SABRE - it's BRE so surely it's worth going for?

In a series of posts I’m going to take a look at the nature of these schemes, and try to give you a steer on their applicability and usefulness. We’ll also be giving away a comparison template for ease of reference to security schemes versus building types.

If you’re involved in the design, construction or fit-out of commercial or residential property, then you’ve probably bumped into some of these security design certificates. Maybe you’re a property developer, architect or planning consultant who found that you had a planning requirement to achieve Secured By Design certification. Perhaps you’re a BREEAM Assessor looking to include points available for security under Hea 06. Maybe you’re even a building operator or tenant looking for assurance that the building that you’re housing your people in has a suitable degree of security or perhaps you're trying to satisfy insurers. Let's start with probably the best known of them all.

Secured By Design

What is it?

SBD (not SbD, on pain of marketing death) is “The official UK Police flagship initiative combining the principles of 'designing out crime' with physical security”.

That means that the SBD schemes combine elements of Crime Prevention through Environmental Design (CPTED, worthy of a series of posts or maybe a PhD) and physical products tested to security standards (again, the strengths and weaknesses of these standards and their applicability will be the subject of future posts).

What types of building or uses does it apply to?

SBD is, in my experience, most commonly and most usefully applied to residential developments. The academic assessments of SBD and CPTED have also tended to focus on residential developments There was a peak in this while Code for Sustainable Homes was still going, as CfSH gave some points for achieving SBD New Homes 2014 ‘Section 2 Part Compliance’. There is also sometimes a specific planning requirement, though in my experience this has often been a rumour on projects that was not strictly true.

SBD has also launched National Building Approval. NBA accredits building types so that developers can deploy the same building nationally without reapplying each time. In order to facilitate that approach, SBD NBA necessarily only covers physical security measures and not the CPTED elements which are inherently more location specific.

As well as SBD Homes 2016, there are also SBD Design Guides for Commercial Buildings (2015), New Schools (2014) and Hospitals (2005).

What sort of standard is SBD?

Secured by Design is (mostly) a prescriptive standard. While it gently encourages you to use products from Secured By Design Members (www.securedbydesign.com/members/), SBD for the most part refers to products tested to British and occasionally European standards (see EN 1627 discussion below).

Where SBD deviates slightly from being a fully prescriptive standard is that it gives final sign off, and discretion over any non-compliances, to the individual assigned police Designing Out Crime Officer. This means, naturally, that some deviation from one DOCO to the next. Some will accept design alternatives or reduced product specs to allow compatibility with your architecture or operation, and some won't.

Probably the most common example of this at the time of writing is the use of EN 1627 RC3 doors; there is a much broader and more appealing range of products tested to this than to the PAS 24 standard that SBD requires. Some DOCOs will allow them and some won't, in my experience. I'll pick this up again in a future technical post on SBD, in the meantime there's a note from SBD at www.securedbydesign.com/wp-content/.../SBD_THSG_1627_March_2013-2.pdf.

Should you apply for Secured By Design certification?

If you're a residential build-to-sell property developer, I think that you should consider it. With the introduction of Building Regulations Approved Document Q mandating some of the more significant physical security elements of SBD, there seems little reason not to at least evaluate the compatibility of your scheme.

If your property is PRS, student accommodation or other rented multi-dwelling residential property then perhaps you should also consider the in-use operational benefits of an enhanced level of security beyond ADQ, which SBD provides.

Outside of residential property, the SBD offering is less clear. SBD Commercial Buildings takes a similar approach to SBD Homes, tackling both physical security products and more design related crime prevention theories. However it seems to me that in trying to cover the breadth of commercial building types the standard may have become complex and diluted. In my experience SBD Commercial has lost ground to more flexible security schemes that allow a security consultant to blend project-specific risks with building-appropriate measures.

BREEAM Hea 06 references Secured By Design, but also requires the site-specific parts of a BREEAM Security Needs Assessment on top. At the time of writing it seems that police Designing Out Crime Officers are not always willing to act as SQSS for BREEAM purposes, and will only participate in a project if it is going for Secured By Design certification. If that continues to be the case then it may be that some projects should apply for SBD as a means of gaining access to specific local crime information that can't be gleaned from the publicly available statistics.

Who can help?

Individual SBD applications have to be made via a local police Designing Out Crime Officer (also known as a Crime Prevention Design Advisor or an Architectural Liason Officer). You can find the application forms at http://www.securedbydesign.com/industry-advice-and-guides/ and a list of DOCOs at http://www.securedbydesign.com/contact-secured-by-design/.

If you're considering Secured By Design National Building Approval, then you should contact SBD at sbdnba@police-cpi.co.uk.

We recommend that before you engage with the DOCO you should understand at a high level the security threats to your development; the type of security that your building's users will expect and value; the compatibility of those things with SBD; and the compatibility of SBD with your proposed layout and materials, particularly your facade system and door specifications.

Summary

If your scheme is residential, then you should consider applying for Secured By Design Homes 2016 because the crime reduction benefits are proven and the additional expenditure beyond complying with Approved Document Q may be low. 

I'll revisit Secured By Design Homes 2016 in greater detail in a future post, and provide some commentary on the specific measures that it requires.

If your scheme is commercial, then you may be better served at this time by a building-specific security assessment. We will cover more schemes aimed at commercial buildings in coming posts.

To get some independent security design advice at any stage in your design or construction process, contact us at https://torenconsulting.co.uk/contact-us/.

All of the Secured By Design Guides are available from http://www.securedbydesign.com/industry-advice-and-guides/