Like auditing computer systems and networks that make up an enterprise systems, physical security should also be audited to reveal threats or gaps that may exist in the organization.

• A typical security assessment should focus on :

 Assessing the physical security risk level

 Planning an appropriate control to mitigate the risk

 Devising the security and administration processes

 Implementing the controls according to the laid down processes

 Managing the controls as per the security administration policy

 Auditing and evaluating the security level regularly after the defined

period

 Taking the corrective action if issues are discovered