Transcript of interview with Facilities Manager

Physical Security
Facility Management
Compliance

Auditor: I’d like to discuss how physical security considerations are handled for company facilities. Could you outline some of the physical access controls in place?

Manager: Absolutely. Our buildings use layered security including guards, badging, biometrics, cameras and alarm systems. Sensitive areas have additional restrictions and monitoring in place.

Auditor: Good to hear. And how is access granted and revoked to facilities and restricted sones?

Manager: Access is provisioned based on HR system data and manager approvals. Terminations, transfers and other employment changes trigger automated disabling of badges and credentials.

Auditor: Excellent. Regarding contractors or visitors, what controls are in place?

Manager: Contractors are sponsored by employees and must check-in/out with guards. Visitors are screened, badged and escorted. Background checks are performed as needed per policy.

Auditor: That covers some key items. How would you describe collaboration with other internal teams like HR, IT and security groups?

Manager: We maintain close coordination to align on threats, respond to incidents, adjust policies and improve controls. Regular working sessions ensure we are aligned.

Auditor: How often are physical security controls and procedures reviewed and tested?

Manager: We perform audits at least annually including attempts to circumvent controls. Penetration testing is done biannually. Reviews help us continue improving protections.

Auditor: What training exists for facilities staff on physical security policies and emergency response?

Manager: Initial and annual training on guard duties, monitoring, access controls and emergency protocols. Drills ensure preparedness to enact procedures.

Auditor: How are new facility projects or renovations evaluated for security risks?

Manager: Our team conducts thorough risk assessments of designs, entrances/exits, lighting, alarm placement and other factors before finalising plans.

Auditor: What security mechanisms safeguard equipment rooms, utilities and other restricted infrastructure?

Manager: Multi-factor authentication, video surveillance, logger/watcher entry rules. Critical utilities have additional fail-safe controls to prevent disruption.