SS-033 Ver 1.0 (May 23)
CBRE must ensure the Security service provider obtains Standard Operating Procedures (SOPs) from the Client via CBRE for any Control rooms they are required to operate. If no adequate SOPs are available, they must inform CBRE and an agreement is to be reached on developing appropriate procedures.
If suitable SOPs are not available, the Security service provider is responsible for developing and implementing them. Control Room SOPs are essential to ensure correct, effective and compliant operations of Security and emergency systems
1. Overview
Confidential & Proprietary | 2024 CBRE Inc.
3. Useful Links
Provisions of work (SOP)
The Security service provider shall ensure the minimum SOP's are administered:
Standards to Apply
Access to any databases shall be limited to Security service provider’s authorized personnel only. They will be responsible for ensuring that access databases (PC and server databases) are always kept secure
Data that may contravenes data protection regulations shall not be maintained – if the Client requires such data to be kept in the access database, then the Security service provider must inform CBRE and an appropriate written instruction must be obtained from the Client
Access to PCs, including terminals, shall be password protected with user access levels controlled by personal password to include operator, administrator and supervisor.
Access control data must be used only for its intended legitimate purpose. The beneficial purpose may be used for reporting peak flow times, congestion, times a site is in use – such data use must not contravene national data protection laws
Compliance is key -
Control room operators must receive proper training and system experience to operate the systems effectively, legally and appropriately. Training for new operators must be as supernumerary to the Control room operations team until they are adequately trained for the role
Purpose and use of the Security and emergency equipment
Maintenance of logs
and records
Creation and maintenance
of reports
Communications
Data Protection
Control of access to the control centre
Business Continuity role (if any)
Escalation / reporting of incidents
Emergency procedures
Fault reporting
If there is any fault in the control room equipment, it must be reported as soon as possible to CBRE helpdesk and CBRE Site Manager should be informed in case there is any security or safety risk.
The Security service provider must ensure that: