UofG PHYSICAL SECURITY POLICY 2026
UofG PHYSICAL SECURITY POLICY 2026
Contents:
- Policy Statement
- Scope
- Legislation and Standards
- Responsibilities
- Policy Implementation
- Intruder Alarms and Access Control Systems
- Closed Circuit Television (CCTV) Systems
- Monitoring and Evaluation
- Related Policies and Further References
- 0 Policy Statement
- 0 Scope
The University will endeavour to ensure, as far as is reasonably practical, the personal safety and security of all students, staff, visitors and contributors at all University campuses and University controlled buildings.
Responsibility for security and personal safety rests with all persons who study, work or reside in, or who visit the University campuses. All students, staff, visitors and contractors should assist University staff with physical security responsibilities in ensuring the success of the policy.
Providing physical security will require a balancing of what resources are needed and what resources the institution can afford. The University will use a security threat and risk analysis process to measure the University’s vulnerabilities. Vulnerabilities will be assessed and reviewed, and recommendations made for improvement plans.
Physical security is an essential part of any security plan. It protects and preserves physical, human and information assets. The threats to these assets are usually natural disaster, vandalism, theft, sabotage, violence, catastrophes caused by human failure, accidental damage, terrorism, and other non-traditional threats.
Physical Security requires appropriate ‘layering’ of physical and technical security such as appropriate building construction, suitable emergency preparedness, reliable power supplies, adequate climate control, alarm systems and CCTV. (Security by design and secure environments accreditation should be targeted as part of the policy).
In general terms, physical security means the positioning of physical and procedural obstacles to prevent unauthorised access to buildings and other physical assets. This policy specifically addresses the responsibilities and governing framework for the management, installation and maintenance of the following:
- Intruder Alarm Systems including area surveillance sensors, volumetric sensors, high security perimeter protection, infra-red devices, etc
- Access Control Systems including card systems, biometrics, turnstiles, trap doors, etc
- Closed Circuit Television (CCTV) Systems including video surveillance, cameras, 360-degree surveillance domes, switching matrixes, IP video, digital recording, image analysis, privacy zone protection, etc.
Physical Security will also involve a balance between physical presence and use of technology. The level of physical presence, e.g., patrols and guarding, is an ongoing evaluation/assessment and the use of technology will require constant monitoring to ensure it is working and operating as intended.
- 0 Legislation and Standards
- 0 Responsibilities:
Statutory and Common Law applicable to the physical security policy includes:
- Disability Discrimination Act 1995
- Electricity at Work Regulations 1989
- Electromagnetic Compatibility Regulations 1992
- Fire (Scotland) Act 2005
- GDPR 2018
- Health and Safety at Work Act 1974
- Human Rights Act 1998
- Private Security Industry Act 2001
- Race Relations (Amendment) Act 2000
- Regulation of Investigatory Powers Act 2000
- Sex Discrimination (Gender Re-assignment) Regulations 1999 (RIPSA)
- Terrorism (Protection of Premises) Act 2025
Standards applicable to the physical security policy include:
- BS7499:2013 Static Site Guarding and mobile patrol service – Code of Practice
- BS8495:2007 Code of Practice for digital CCTV recording systems for the purpose of image export to be used as evidence
- BS7958:2015 Closed Circuit Television (CCTV) Management and Operation – Code of Practice
- BSRIA FMS 3/98 “Standard Specification for Electronic Security Systems” Building Services Research and Information Association (BSRIA)
- SFG 20
Shared responsibility for security rests with all students, staff and visitors to the University. Everyone should report all activity, suspected or real, of a criminal nature or any suspicious activity immediately to the Security team. Within this overall responsibility some particular elements are defined as follows:
|
a) Campus Safety Working Group (CSWG): The CSWG is formed to set direction and advise the University Senior Management Group (SMG) in relation to security related matters, prioritise security related developmental improvement, validate potential projects with security related outcomes, fund security related projects (where appropriate), generally oversee the security of University assets in a consistent fashion through one consistent route as part of an overarching physical security policy to continuously and proactively enhance the safety and security of staff, students, visitors and the community. The strategic endorsement and prioritisation management of security related issues across the University and associated resources will be co-ordinated through the CSWG chaired by the Secretary of Court. The CSWG will approve the Physical Security Policy and ensure that support and resources are available to staff for the implementation of the Policy through endorsement from the SMG. Necessary measures to improve security in essential areas will receive priority consideration. Where appropriate, specific training to achieve acceptable standards of operation will be supported and properly resourced. The CSWG has authority to decide on approval of all new installations. Colleges and University Services considering security related issues will submit (either verbally or in writing) to the CSWG for corporate consideration and approval. |
|
b) Head of Security and Logistics: overall development, planning and implementation of physical security strategy, policies, specification, procedures and the monitoring of their effectiveness and efficiency. Investigation of breaches in physical security and related crimes; liaison with police, emergency services and local authorities; monitoring and management of intruder, access control and CCTV systems. |
|
c) Estates Directorate: training of estates staff in physical security issues; installation and maintenance of intruder alarm, CCTV and access control systems agreed with IT Services and MIS. Maintain an asset register of all intruder alarm, CCTV and access control systems including log of repairs. Procure and communicate contracted suppliers and systems. |
|
d) IT Services: training of IT staff in physical security issues; installation, maintenance and contract management of SALTO access control software and IT hardware including log of repairs. Provide asset register of all maintained access control systems. Procure and communicate contracted suppliers and systems. Responsible for Information and cyber security. |
|
e) Data Protection and Freedom of Information Office: Advise and liaise regarding intruder alarm, access control and CCTV specifications and related signage and ensuring compliance with DPA. Produce the University’s CCTV Code of Practice. |
|
f) Heads of Colleges and Services: have a key role in promoting security within their buildings. The actual responsibilities will vary according to the location and the nature of the activity taking place. A number of specific responsibilities can be identified:
|
|
g) Staff: All staff must ensure they are familiar with and follow the procedures in the University Physical Security Policy, paying particular attention to those issues which are relevant to their activities. They must also co-operate with requests from Security Staff, especially in emergency or evacuation situations and in relation to physical security procedures. Staff to be encouraged to carry their University identity cards at all times when on University property. |
|
h) Students: have a responsibility to look after University facilities properly and to give due consideration to physical security issues. They must follow security procedures designed to protect University property, in particular regulations governing access to IT systems, University equipment and resources. Students must co-operate with requests from Security Staff, especially in emergency or evacuation situations and in relation to physical security procedures. Students who are residents in University Residences should follow procedures (which include security instructions) issued to Students by Accommodation Services and the Resident Life Team. |
|
i) Visitors: Any person visiting campus including contractors have a responsibility to look after the University facilities whilst on campus and to give due consideration to physical security issues. In particular they must follow security procedures designed to protect University property and where issued, wear their visitors’ badge at all times. Visitors must follow instructions from Security Staff and from their host College, School or Service, particularly in emergency situations. |
- 0 Policy Implementation
- 0 Intruder Alarms and Access Control Systems
The University will adopt a layered approach to security and will:
5.1 Secure the perimeters of its buildings by taking all reasonable measures to prevent unauthorised access.
5.2 Reserve the right to limit access to its buildings to students, staff, visitors, clients, and contractors.
5.3 Take additional security measures to protect its high value assets, high-risk facilities, and confidential documentation storage areas.
5.4 Provide additional security measures to ensure the protection of staff and equipment. These measures include, where applicable: -
5.4.1 The provision of access control systems on doors where necessary.
5.4.2 The requirement for all IT equipment to be marked with a unique identification code and all servers to be installed in secure locations.
5.4.3 Liaison with staff who work offsite to ensure appropriate measures are taken to minimise the risk to their personal safety and the security of any equipment being transported.
5.5 Provide a range of Personal Protection Security measures for those staff that work in high-risk situations. These measures may include: -
5.5.1 The introduction and operation of CCTV surveillance in sensitive or higher risk areas in or around the University estate as agreed in conjunction with the SMG and the University’s CCTV Code of Practice.
5.5.2 The provision of high visibility security patrols
5.5.3 Implementation of personal safety app and provision of linked panic alarms for strategic and higher risk locations or on person
5.6 The University will, in utilising these measures, ensure full compliance with The Data Protection Act 2018 and revisions thereof and any relevant University Code of Practice and revisions thereof.
5.7 The University will employ Security Staff that are trained in compliance with BS 7499.
5.8 The University will employ Security Staff that are trained and authorised to operate and monitor CCTV equipment, where necessary.
5.9 To ensure uniformity of standards, fitness for purpose and to limit costs, the
University will adopt standard specifications for the following items of security equipment:
- Intruder Alarm Equipment
- Access Control Systems including Identity Cards
- CCTV surveillance and CCTV recording equipment
- Door furniture, locks and suiting
- Digital Locks
- Security Lighting
5.11 The University in pursuance of the purpose of this policy will:
5.11.1 Reserve the right to conduct spot checks to ensure that individuals in the University can provide evidence that they are genuine learners, staff, visitors, or contractors to the premises.
5.11.2 Reserve the right to require individuals who cannot provide evidence that they are genuine students, staff, or visitors to leave the premises.
5.11.3 Request police assistance in the event of any suspected criminal offence being committed on University property.
5.11.4 Provide advice to students and staff on personal safety and the security of items and equipment.
5.11.5 Provide adequate lighting in and around University buildings such as car parks and access routes.
5.12 The University layered approach will be generally defined as follows.
The grounds of the University will be open to pedestrians with certain restrictions as is appropriate to the use and contents of buildings on the University estate.
The external part of all University buildings should have a minimum of two means of security. In practice this will mean locks on doors and windows along with a suitable and efficient intruder alarm system to be utilised when the building is not in use. There will be buildings on the University estate which will require additional measures such as the focused use of CCTV and Campus Security staff on hand to physically test that buildings are secure.
Internally buildings should have easy open access to public areas as appropriate.
Access from open areas to secure areas within a building should be incremental and appropriate to the use, contents and sensitivity of the area to be protected.
There are a wide range of means to secure movement from one area to another. A threat and Risk Assessment process should be carried out by Campus Security in which building users and other interested parties may raise issues, concerns, threats, challenges etc to provide an informed platform for Campus Security to make recommendations for consideration commensurate with the threats and risks identified.
There will be areas where it is important to restrict and control access which is authorised. It may be relevant to consider input from external bodies to ensure compliance with national standards. This will include the Home Office for the storage and secure management of controlled drugs or the Police in relation to sensitive laboratory areas.
Intruder Alarms and Access Control Systems operate on campus. Access controlled barriers/doors are an effective method of preventing unauthorised access and the University will implement a phased access control system program across the campus. Access cards should be regarded for security purposes as the same as a key. Cardholders must safeguard their card and report any loss to Security & IT Staff as soon as possible, so the card access can be cancelled.
- 0 Closed Circuit Television (CCTV) Systems
- 0 Monitoring and Evaluation
The University has a CCTV Code of Practice owned by the Head of Security and Logistics which details the management and operations, storing and viewing of images, disclosure and retention of recorded images amongst other related matters. A copy of the Code of Practice and Policy can be obtained from the Security web page.
Responsibility for monitoring and evaluation of the Physical Security Policy lies with the University’s Campus Safety Working Group (CSWG) and SMG. The policy will be reviewed every two years or when any new legislation or statutory obligations arise as identified by the (CSWG).
In addition, an Internal Audit of Campus Security measures will be conducted when required by the Audit Committee of the University Court.
- 0 Related Policies and Further References
CCTV Code of Practice
CCTV Policy
Critical Incident Guidelines
CT Plan
MAIRG
Security CT Risk Assessment
Security Strategy
Threat and Risk Assessment of University Events
Revision History
|
Revision |
Date |
Description |
Author (s) |
Reviewed by: |
Approved by: |
|
01/06/2020 |
Initial Release |
Gary Stephen |
Gary Stephen |
David Duncan |
|
16/01/2026 |
Review, update to wording, current standards and legislation |
Jethro Barclay, Conall Rodgers |
Gary Stephen |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|