A physical security risk analysis is required when the institution has a security plan and a draft technical security system that must be approved by the police. In short, this assessment determines the vulnerabilities of a business, and the risks can be mitigated after the implementation of the recommendations from the risk assessor.
There are three situations in which the analysis must be revised, “according to art. 4 of the Instructions of the Ministry of Internal Affairs number 9 of February 1, 2013 on performing risk analyzes on the physical security of the units subject to Law number 333/2003 on the protection of objectives, assets, values and protection of persons ”. The document is revised in one of the following situations:
- at least once every three years, to correlate with the dynamics of internal and external parameters that generate and / or modify the risks to the physical security of the unit;
- within 60 days from the occurrence of a security incident at that unit;
- within maximum 30 days from the modification of the architectural, functional characteristics or of the object of activity of the unit;