Property Security Assessment Checklist

How to Use This Checklist

1. Perimeter Security Assessment

Evaluate all physical barriers and boundary controls that form the first line of defense against unauthorized access.

• ☐

  Fencing condition and integrity

  Inspect all perimeter fencing for damage, rust, gaps at ground level, and adequate height (minimum 7 feet for commercial properties). Check for anti-climb features such as barbed wire, razor wire, or rotating toppers where permitted by local ordinance.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Vehicle gates and barriers

  Verify that vehicle entry gates operate correctly, close automatically, and cannot be tailgated. Assess crash-rated barriers or bollards at high-value entries. Confirm gate arms, swing gates, or sliding gates have functioning access controls and failsafe positions.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Perimeter lighting coverage

  Measure illumination levels along the full perimeter fence line. Minimum recommended level is 0.5 foot-candles at ground level for general deterrence, 2.0 foot-candles at entry points. Identify dark spots, burned-out fixtures, and obstructed lights.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Warning signage and property markers

  Confirm the presence of trespassing warnings, surveillance notices, restricted area signs, and property boundary markers. Signs should be legible, properly maintained, and placed at intervals of no more than 100 feet along public-facing perimeter sections.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Landscaping and natural surveillance

  Check that trees, hedges, and shrubs do not create concealment opportunities near the perimeter, windows, or entry points. Ground-level vegetation should be trimmed below 3 feet, and tree canopies raised above 7 feet to maintain clear sightlines (the 3-7 rule).

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Perimeter intrusion detection

  Assess the presence and functionality of fence-mounted sensors, buried cable sensors, microwave beams, or video analytics along the perimeter. Verify alarm signals reach the monitoring station and generate an appropriate response.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Adjacent property and environmental risks

  Evaluate threats from neighboring properties including shared fences, adjacent rooftops providing elevated access, nearby vacant lots, and environmental factors such as flood zones, drainage channels, or construction access roads that could compromise perimeter integrity.

  Rating: ___ / 5    Notes: _______________________________________________

2. Access Control Evaluation

Assess all systems and procedures that regulate who can enter the facility, when, and through which points.

• ☐

  Primary entry point controls

  Inspect the main entrance for functioning electronic access control (card reader, keypad, biometric), proper door hardware (commercial-grade locks, closers, hinges on the secure side), and anti-tailgating measures such as mantraps, turnstiles, or guard verification.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Secondary and emergency exits

  Verify that all secondary doors, fire exits, and loading dock entries are secured from exterior access while maintaining code-compliant egress. Check for propped-open doors, disabled alarms, and unauthorized modifications to emergency exit hardware.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Key and credential management

  Review key control procedures including key issuance logs, master key restrictions, frequency of lock rekeying, and credential deactivation upon employee separation. Confirm that lost or stolen credentials are reported and revoked within 24 hours.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Visitor management protocols

  Evaluate the visitor sign-in process including photo ID verification, pre-authorization requirements, badge issuance, escort policies, and sign-out procedures. Visitor logs should be retained for a minimum of 90 days and include name, company, host, time in, and time out.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  ID badge and credentialing system

  Assess badge design for tamper resistance, photo quality, expiration dates, and access-level indicators. Verify that badges are worn visibly at all times and that employees are trained to challenge unescorted individuals without visible credentials.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  After-hours access procedures

  Review procedures for employees, contractors, and vendors who require access outside normal business hours. Verify that after-hours access is logged separately, requires pre-approval, and triggers notification to security personnel or monitoring services.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Delivery and loading dock controls

  Inspect loading dock security including scheduled delivery windows, driver verification, package screening procedures, dock door interlocks, and separation of delivery areas from main facility operations. Unattended dock doors should remain locked.

  Rating: ___ / 5    Notes: _______________________________________________

3. Surveillance Systems

Evaluate video surveillance infrastructure including camera placement, recording capabilities, and monitoring practices.

• ☐

  Camera placement and coverage mapping

  Verify that cameras cover all entry and exit points, parking areas, stairwells, elevators, hallways, high-value storage, and the perimeter. Identify blind spots by comparing camera views against a site map. Ensure overlapping fields of view at critical choke points.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Image quality and resolution

  Review recorded footage for clarity, particularly at identification-critical locations. Cameras at entry points should produce images capable of facial identification (minimum 80 pixels per foot). Check for backlight compensation, low-light performance, and IR capability.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Recording and storage capacity

  Confirm that the recording system (NVR/DVR/cloud) retains footage for the required period — minimum 30 days for general areas, 90 days for high-security zones. Verify redundant storage, RAID configuration, and automated alerts for storage failures or capacity warnings.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Live monitoring and response protocols

  Assess whether cameras are actively monitored in real time, on a scheduled basis, or only reviewed after incidents. Define escalation procedures for suspicious activity observed on camera. Evaluate operator workstation ergonomics and maximum monitor-to-operator ratios.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Camera maintenance and tamper protection

  Inspect cameras for physical damage, lens obstruction, spider webs, or condensation. Verify tamper-resistant housings and mounting hardware. Confirm that a preventive maintenance schedule exists and that camera health is monitored through the VMS with automated fault alerts.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Video analytics and integration

  Evaluate the use of video analytics such as motion detection zones, line-crossing alerts, loitering detection, license plate recognition, and facial recognition where legally permitted. Assess integration with access control and alarm systems for event-driven recording and verification.

  Rating: ___ / 5    Notes: _______________________________________________

4. Lighting Assessment

Adequate lighting is one of the most cost-effective deterrents. Assess illumination levels across all property zones.

• ☐

  Parking area illumination

  Measure light levels across all parking areas with a light meter. Recommended minimum is 1.0 foot-candle for open lots and 5.0 foot-candles for covered garages. Pay special attention to corners, ramps, stairwells, and elevator lobbies within parking structures.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Walkway and pedestrian path lighting

  Inspect all sidewalks, pathways, and pedestrian routes for consistent illumination without dark gaps. Lighting should enable facial recognition at a distance of 25 feet. Check for uniformity ratios — the ratio between brightest and darkest points should not exceed 4:1.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Building exterior and entry lighting

  Verify that all building entrances, loading docks, dumpster areas, and recessed alcoves are well-lit. Recommended minimum of 5.0 foot-candles at entry doors. Assess fixture vandal resistance and whether lights are on timers, photocells, or motion activation.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Interior common area lighting

  Assess lighting in lobbies, corridors, stairwells, restrooms, and break areas. Emergency lighting should activate automatically during power failures and maintain minimum 1.0 foot-candle along egress paths for at least 90 minutes per life safety codes.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Emergency and backup lighting systems

  Test all emergency lighting fixtures and illuminated exit signs. Verify battery backup duration, generator transfer timing, and that monthly 30-second tests and annual 90-minute tests are being conducted and documented in compliance with NFPA 101.

  Rating: ___ / 5    Notes: _______________________________________________

5. Alarm and Detection Systems

Review all electronic detection systems designed to identify and alert on unauthorized entry, fire, and emergency conditions.

• ☐

  Intrusion alarm coverage

  Verify that all exterior doors, accessible windows, skylights, and roof hatches are equipped with contact sensors. Interior motion detectors should cover corridors, high-value storage rooms, and server areas. Test alarm panel communication paths (primary and backup).

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Fire alarm and suppression systems

  Confirm fire alarm panel is current on inspections, all pull stations are unobstructed, smoke and heat detectors are within calibration dates, and sprinkler systems have been flow-tested. Review fire alarm monitoring path redundancy and average dispatch response time.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Duress and panic alarm systems

  Identify locations of fixed and portable duress buttons including reception desks, executive offices, cash handling areas, and guard posts. Test that activation generates a silent alarm to the monitoring center with the correct location identification and response protocol.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Monitoring center response verification

  Conduct an unannounced test of the alarm monitoring center response. Measure time from alarm activation to operator acknowledgment and time to dispatch notification. Industry standard is operator response within 60 seconds and law enforcement notification within 3 minutes.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Environmental and specialty sensors

  Assess the presence and condition of water leak detectors, temperature sensors in server rooms, glass-break detectors on vulnerable windows, and vibration sensors on safes or vaults. Ensure all sensor alerts route to appropriate personnel with clear escalation paths.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Alarm system maintenance and false alarm management

  Review the false alarm rate over the previous 12 months. Excessive false alarms (more than 3 per month) degrade response urgency and may result in municipal fines or deprioritized police response. Verify a documented maintenance schedule and service contract are in place.

  Rating: ___ / 5    Notes: _______________________________________________

6. Guard Force Evaluation

Evaluate the effectiveness and professionalism of on-site security personnel, whether proprietary or contracted.

• ☐

  Staffing levels and coverage

  Review the guard deployment schedule against a staffing analysis that accounts for site size, threat level, and operational hours. Assess whether current staffing provides adequate coverage for all posts, patrols, and break relief without leaving positions unmanned.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Post orders and standard operating procedures

  Review written post orders for completeness, currency, and accessibility at each guard post. Post orders should include specific duties, patrol routes and frequencies, emergency procedures, escalation contacts, and use-of-force guidelines. Confirm guards can articulate their post orders.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Training and certification records

  Verify that all officers hold current state licenses, have completed required pre-assignment training, and participate in ongoing training covering emergency response, first aid/CPR, de-escalation, report writing, and site-specific procedures. Review training documentation for the past 12 months.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Communication equipment and procedures

  Inspect radios, mobile phones, or other communication devices issued to guard staff. Test signal coverage throughout the property including stairwells, basements, and parking structures. Verify a communication check-in protocol exists with defined intervals and duress codes.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Patrol documentation and guard tour systems

  Evaluate whether guards use an electronic guard tour system with checkpoints placed at critical locations. Review patrol logs for consistency, completeness, and evidence of randomized timing. Fixed predictable patrol schedules create exploitable patterns.

  Rating: ___ / 5    Notes: _______________________________________________

7. Emergency Preparedness

Assess the organization's readiness to respond to emergencies including natural disasters, active threats, medical events, and facility failures.

• ☐

  Emergency action plan documentation

  Review the written emergency action plan for completeness, covering fire, severe weather, active shooter, bomb threat, hazardous material release, medical emergency, and utility failure scenarios. Plans should be reviewed and updated annually and distributed to all employees.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Evacuation routes and assembly areas

  Verify that evacuation route maps are posted on every floor, that primary and alternate routes are clearly marked, and that designated assembly areas are at a safe distance from the building with adequate capacity. Assembly areas should allow for headcount accountability.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Emergency contact lists and notification systems

  Confirm that current emergency contact lists are maintained and accessible, including local police, fire, EMS, hospital, poison control, utility companies, and key management personnel. Evaluate mass notification capabilities such as PA systems, text alerts, or emergency notification apps.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  First aid and AED availability

  Locate and inspect all first aid kits for completeness and unexpired supplies. Verify AED placement within a 3-minute response reach of all occupied areas, that AEDs are inspected monthly, pads are within expiration, and a sufficient number of CPR/AED-trained employees are on each shift.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Drill frequency and documentation

  Review drill records for the past 24 months. Fire evacuation drills should occur at minimum quarterly for high-rise or high-occupancy buildings and semi-annually for others. Active threat and shelter-in-place drills should be conducted annually. After-action reports should document lessons learned and corrective actions.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Business continuity and disaster recovery

  Assess whether a business continuity plan exists addressing sustained facility loss, IT system recovery, alternate work locations, and essential function prioritization. Verify that critical records, systems, and data are backed up off-site and that recovery time objectives are defined and tested.

  Rating: ___ / 5    Notes: _______________________________________________

8. Cybersecurity Basics

Physical and cyber security are inseparable. Assess foundational cybersecurity controls that intersect with physical security operations.

• ☐

  Network infrastructure physical security

  Verify that server rooms, network closets, and telecommunications equipment are in locked, access-controlled spaces with environmental monitoring. Unused network ports in public areas should be disabled. Check for unauthorized wireless access points or rogue devices connected to the network.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Security system network segmentation

  Confirm that surveillance cameras, access control panels, alarm systems, and other security devices operate on a dedicated VLAN or physically separate network from the corporate IT environment. Assess firewall rules governing cross-network communication and remote access to security systems.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Default credential remediation

  Check that all security devices (cameras, NVRs, access control panels, intercoms) have had factory-default usernames and passwords changed. Default credentials are publicly available for most manufacturer models and represent one of the most common attack vectors against physical security systems.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Security system firmware and software updates

  Verify that camera firmware, VMS software, access control system software, and alarm panel firmware are current with the latest security patches. Outdated firmware exposes systems to known vulnerabilities. Establish a quarterly patch review cycle for all security technology.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Data protection and access logging

  Assess controls around sensitive security data including video footage, access logs, incident reports, and guard tour records. Verify role-based access controls, audit logging of who accesses or exports security data, and compliance with applicable data privacy regulations for surveillance footage.

  Rating: ___ / 5    Notes: _______________________________________________

9. Employee Security Awareness

People are both the greatest asset and the greatest vulnerability in any security program. Assess the human element.

• ☐

  Security awareness training program

  Evaluate whether a formal security awareness training program exists covering topics such as workplace violence indicators, social engineering tactics, suspicious package identification, tailgating prevention, and clean desk policies. Training should occur at hire and at minimum annually thereafter.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Incident reporting procedures

  Confirm that employees know how to report security incidents, suspicious activity, or policy violations. Reporting channels should be clearly communicated, easily accessible (hotline, app, email, or in-person), and include anonymous reporting options. Assess whether a non-retaliation policy is in place.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Visitor and contractor escort compliance

  Observe whether visitors and contractors are consistently escorted in restricted areas, whether employees challenge unknown or unbadged individuals, and whether security policies are applied uniformly regardless of the visitor's perceived status or familiarity with staff.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Background screening practices

  Review the pre-employment background screening process for completeness, including criminal history, employment verification, education verification, and reference checks. Assess whether screening standards are applied consistently and whether periodic rescreening is conducted for employees in sensitive positions.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Termination and separation security procedures

  Verify that a documented offboarding process includes immediate credential revocation, key and badge collection, IT access termination, removal from access lists, and escort from the premises when warranted. Assess coordination between HR, IT, and security departments during separations.

  Rating: ___ / 5    Notes: _______________________________________________

10. Documentation and Compliance

Proper documentation is essential for liability protection, regulatory compliance, and continuous improvement of the security program.

• ☐

  Security licenses and permits

  Verify that all required state and local security licenses, guard registration cards, alarm permits, and surveillance notification registrations are current and properly displayed. For contract security providers, confirm their corporate license, insurance certificates, and bonding documentation are on file.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Insurance coverage adequacy

  Review general liability, property, crime, and cyber insurance policies to confirm adequate coverage levels, security-related exclusions, and compliance with any security requirements stipulated by the insurer. Many policies require specific security measures to maintain coverage validity.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Incident report quality and completeness

  Sample recent incident reports for thoroughness, accuracy, and timeliness. Reports should include date, time, location, involved parties, narrative description, evidence collected, notifications made, and follow-up actions. Assess whether incident data is tracked and analyzed for trends on a monthly or quarterly basis.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Security audit history and remediation tracking

  Review previous security assessments, audit findings, and inspection reports for the past 3 years. Verify that identified deficiencies were assigned to responsible parties with deadlines and that remediation was completed and documented. Recurring unresolved findings indicate systemic management failures.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Regulatory compliance verification

  Identify all applicable regulatory requirements including OSHA workplace safety, ADA accessibility, fire code compliance, local alarm ordinances, privacy laws governing surveillance, and industry-specific regulations (HIPAA, PCI-DSS, NERC CIP). Confirm current compliance status for each applicable standard.

  Rating: ___ / 5    Notes: _______________________________________________
• ☐

  Contract and vendor security requirements

  Review contracts with security service providers, technology vendors, and maintenance companies for clearly defined security responsibilities, service level agreements, performance metrics, insurance requirements, and termination provisions. Assess whether vendor performance is formally reviewed at least annually.

  Rating: ___ / 5    Notes: _______________________________________________

Scoring Guide

After completing all sections, calculate the total score for each area and the overall assessment. Each checklist item is rated on a 1–5 scale. Sum the scores within each section, then divide by the maximum possible score for that section to determine a percentage. Use the following thresholds to interpret results.

Priority Matrix

Not all deficiencies carry equal weight. Use this priority matrix to categorize findings and allocate remediation resources effectively. Consider both the likelihood of exploitation and the potential impact of a security failure when assigning priority levels.

Next Steps After Assessment

Completing this checklist is the first step in a continuous security improvement process. Follow these steps to translate assessment findings into measurable security improvements.

1. Compile findings into a formal report. Organize all observations, ratings, photographs, and notes into a structured assessment report. Include an executive summary that highlights critical and high-priority findings with estimated remediation costs and timelines. Present findings to senior management within one week of completing the assessment.
2. Develop a prioritized remediation plan. Create an action plan that assigns each deficiency to a responsible party with a specific deadline based on the priority matrix above. Include budget estimates and identify items that can be addressed immediately at little or no cost versus those requiring capital expenditure approval.
3. Obtain stakeholder buy-in and funding. Present the remediation plan to decision-makers with clear risk-based justification for each recommended improvement. Quantify potential loss exposure from unaddressed vulnerabilities where possible, including liability, business interruption, and reputational costs.
4. Implement improvements in priority order. Begin with critical and high-priority items that can be completed quickly (quick wins), such as rekeying locks, replacing burned-out lights, updating post orders, and changing default passwords on security equipment. These actions demonstrate momentum and reduce the highest risks first.
5. Verify remediation effectiveness. After implementing corrective measures, revisit each addressed item to confirm the improvement meets the intended standard. Update the checklist rating to reflect the current state and document the improvement for audit trail purposes.
6. Schedule recurring assessments. Security assessments should be conducted at minimum annually, with interim reviews following significant incidents, organizational changes, construction or renovation, or changes in the threat environment. Assign a security assessment coordinator to maintain the schedule and track year-over-year trends.
7. Engage professional support when needed. For properties with scores below 60% overall or critical deficiencies in multiple areas, consider engaging a certified security consultant (CPP, PSP, or PCI credentialed through ASIS International) to conduct an independent assessment and develop a comprehensive security master plan.