Physical security policy

Published: 23 October 2023
Freedom of information class: How we manage our resources

This policy sets out Registers of Scotland's (RoS) commitment to the security and safety of its colleagues, persons working on behalf of RoS, and third-party organisations accessing RoS premises, as well as its physical and electronic assets.

1. Purpose and Scope

1.1 This policy sets out RoS commitment to the security and safety of its colleagues, persons working on behalf of RoS, and third-party organisations accessing RoS premises, as well as its physical and electronic assets.

1.2 This policy applies to all RoS colleagues, persons working on behalf of RoS and third-party organisations acccessing and using RoS premises.

2. Guiding principles

2.1 The principles of the policy are to ensure the security and safety of all RoS colleagues, persons working on behalf of RoS and third-party organisations accessing and using RoS premises.

3. The policy

3.1 RoS will take all suitable and proportionate measures to protect its colleagues and those persons working on behalf of RoS, and third-party organisations accessing RoS premises, as well as its physical and electronic assets.

3.2 Physical security is an important control to prevent unauthorised physical access, damage, interference or loss of any of RoS premises, information and/or assets.

3.3 RoS will consider the appropriate layout and design of facilities, combined with suitable security measures, to prevent any unauthorised access to its buildings, and to protect people, information, materials and infrastructure as much as is reasonably practicable.

3.4 RoS will put into place, or build into the design, measures that prevent, deter, delay and detect attempted or actual unauthorised access, acts of damage, disorder, theft and/or violence in the workplace.

3.5 The required physical security controls will depend on different factors such as the nature of identified threats and vulnerabilities, the cost effectiveness of the associated controls, the building and its surrounding environment, whether it is sole or shared occupancy or has public access requirements.

3.6 All colleagues, persons working on behalf of RoS and third-party organisations accessing and using RoS premises must be aware of the Physical Security Policy and comply with the associated standard operating procedures (SOP).

4. Roles and responsibilities

4.1 RoS’s Information Security Assurance Group is responsible for the content of this policy, its approval and review. They are responsible for ensuring its implementation in practice and for monitoring this over time. They are responsible for ensuring that appropriate procedures, guidelines or standards as are required to support this are maintained and ownership for these assigned.

4.2 RoS’s Head of Procurement and Estates is responsible for reviewing this policy on an annual basis, unless earlier review is appropriate.

4.3 All colleagues, persons working on behalf of RoS and third-party organisations accessing and using RoS premises must be aware of the Physical Security Policy and comply with the associated standard operating procedures (SOP).

5. Approval and review

5.1 This policy will be reviewed and approved by the RoS Information Security Assurance Group (ISAG) annually on an annual basis unless earlier review is required.

Author Estates Officer: Security
Reviewed Estates
Cleared Director of People
Approval Information Security Assurance Group
Approval date October 2023
Policy version 1.1
Review responsibility Head of Procurement and Estates
Review date 1 October 2024
Suitable for publication Y
Contactestatesservicedesk@ros.gov.uk