- Gallery Security Master Plan
Burns & McDonnell created a security master plan for a major art gallery in the Eastern U.S. Our team assessed the security staff, policies and procedures as well as the electronic measures and cybersecurity of the security network. The gallery wanted to fully integrate the protective staff with its daily technology and define a strategic road map to create a Common Operational Picture for the Security Command Center. The team evaluated the FISMA certification and accreditation package for the network. The assessments culminated in a Security Master Plan with staffing, electronic measure, and cybersecurity recommendations.
We evaluated the deployment of protective staff throughout the gallery's facilities to determine how the protective staff is able to meet security goals. The team assessed the staff level, duties and expectations of protective staff as well as the capability of the staff to respond appropriately to a security incident. The policies and procedures in use by the security organization needed updating to reflect the current threat environment. We worked with security leadership and benchmarked similar institutions to identify an approach. The policies and procedures identified were then refined to develop an implementation plan that garnered institutional buy-in and support.
The physical security systems and electronic measures provided the security staff with alarms from the fire system and the galleries, but the staff did not have a complete situational awareness of the facilities. The team assessed the installation and use of cameras and the alarm integration system looking for ways to improve beyond forensic evidence. The team recommended improvements to cameras and the integration system and changes to the Security Command Center’s video display system.
The gallery had begun a cybersecurity assessment of the physical security systems and network before engaging Burns & McDonnell, so the cybersecurity team reviewed the FISMA certification and accreditation package and interviewed the staff with focused questions about the use and configuration of the systems and the segregated network.
- Federal Information Security Management Act (FISMA) cybersecurity assessment
- Risk Management Framework (RMF) assessment
- Physical security system assessment
- Security staffing assessment
- Security master plan