Secure by Design

Residential Security Handbook 2022: SMART Estate Living Editor's Choice, Residential Estate (Industry), Training & Education

Rob Anderson’s new book, Secure by Design: A Guide to Residential Estate Security, is a very welcome and necessary handbook on the South African electronic security scene. Not since the 2013, third edition, publication of the Consumer Goods Council of South Africa’s Recommended CCTV Industry Guidelines, has there been a more useful guide.

Not only has the past decade seen a surge in reported crime, but the perceptions of crime in South Africa have also played an important role in the continued fast pace of the development of residential estates and in many areas of our country, ‘gated’ suburbs. This growth has, of course, seen a concomitant growth in the number of security services and products serving these markets.

The growth of the latter and the recent harsh economic realities of our country, have seen the blossoming of many registered and unregistered security service providers providing, at best, questionable levels of quality advice and service in the electronic security environment, which they offer at cut-throat prices; the Afrikaans idiom, ‘goedkoop is duurkoop’, springs to mind here.

Being an electrical engineer by profession, with more than 20 years in the security industry, Rob approaches his topic from a practical perspective; the guide’s content is almost equally split between ‘theory’ and ‘practice’. The aim of Secure by Design is to educate all parties, whether security service providers, homeowners, or body corporate board members and provides a good basis to do so.

Perhaps the best approach, in a review such as this, is to list some of the contents of the publication and hope that it elicits the desired level of salivation by the reader.

Secure by Design has three Parts, covering a rather comprehensive and delightful number of subject areas:

Part 1 – The Principles of Security Engineering

1.1. Basic Security Concepts

1.1.1. The Crime Triangle

1.1.2. Crime Prevention Through Environmental Design

1.1.3. Risk Assessment and the CPTED Audit

1.1.4. Intelligence and Information

1.1.5. Investigation and Reporting Tool (the 5W1H)

1.1.6. The 5 Ds in Security

1.1.7. The Game of Numbers

1.1.8. What is Cyber Security and why should we be worried?

1.2. The Generic Solution

1.2.1. Guarding Staff

1.2.2. Electronics

1.2.3. Data/Cyber Security

1.2.4. Intelligence

1.2.5. Monitoring and Control

1.2.6. Security Management

1.2.7. The Audit Process

1.2.8. Entrances and Access Control

1.2.9. Perimeters and Detection

Part 2 – A Guide to Control Rooms

2.1. A Structured Approach

2.2. Defining Requirements

2.3. Engineered Approach

2.4. Key Components and Technologies

2.5. The Control Facility Spaces

2.5.1. General

2.5.2. Equipment Room

2.5.3. Administration and Management Offices

2.5.4. The Control Room

2.5.5. The Desk and Workstation Layout

2.5.6. Drawings and Sketches

2.5.7. Disaster Management

2.6. Putting the Ideas into Practice

2.6.1. Finance

2.6.2. The Construction Project

2.6.3. The People

2.6.4. Staff Hierarchy

2.6.5. Interpretation of Data

2.6.6. Managing the Control Room

Part 3 – Putting Principles into Practice

3.1. The Risk Assessment

3.2. Developing a Security Plan and Operating Procedures

3.2.1. How to Make a Plan

3.3. Security Plan

3.4. The Emergency Response Plan

3.4.1. Possible Emergency Events

3.4.2. Emergency Plan Procedures Outline Templates

3.5. Medical Emergency

3.6. Fire Emergency

3.7. Bomb Threat Emergency

3.8. Hostage Emergency

3.9. Armed Robbery Emergency

3.10. Civil Unrest

3.11. Extreme Weather Emergency

3.12. Applying CPTED and Undertaking a CPTED Audit

3.12.1. Design Principles

3.12.2. Considerations

3.12.3. Understanding the Concepts

3.13. CPTED Audit Template

3.14. The Standard Orders and Procedures Document

3.15. Access Control Schedule

3.16. Security Audit Checklist

3.17. References

Most appealing for me is Rob’s drawing together the various elements of a well-thought-out security programme, with a focus on the risk assessment as the cornerstone. He looks at the three component aspects of a properly considered security risk management system – the three Ps: People, Products (technology) and Paperwork (risk assessment, plans, procedures, etc.) which inform the design and selection of appropriate risk mitigation measures. The failure of far too many security risk management programmes is rooted in the absence of a properly conducted security risk assessment and a siloed approach to implementing and managing the risk mitigation measures.

Another big plus for me is the short section ‘The People’, buried away about halfway through the guide. It would be great to see a bit more comprehensive guidance on this, as people failures are a large cause of electronic security systems failing to perform optimally. However, I understand in taking a dig at Rob, that people and engineers don’t always get on well together.

A further useful aspect is the provision of several document templates to aid those people establishing or wishing to improve the documentation of their security management system. In my experience, basing a set of procedures, etc. on a Quality Management System such as the ISO 9001 QMS standard, is very useful and enhances the level of the security service, if conducted properly.

It is very pleasing to see that the important aspect of cybersecurity and data/privacy is covered in this guide, because it is still ignored in far too many instances. However, I believe that a bit more space should have been given to the legal aspects, such as those contained in the Protection of Personal Information Act, No. 4 of 2013.

Indeed, perhaps a future edition could list the legislation which applies to electronic security and the data collected and stored by an estate’s security services and offer guidance as to whom, between the estate’s governing body, management and security service provider/s is responsible for which aspects of cybersecurity and data/privacy protection. Allied to this would be some guidance of the principles of ‘secure design’, given that many networked devices (IoT – Internet-of-Things) used in electronic security are still not sold with acceptable levels of built-in security.

Another opportunity for improvement in my view, would be to list in the References section, a comprehensive selection of relevant standards, such as those published by the various standards development organisations, for ease of reference.

The final analysis: A ‘must-have’ for those who have an interest in implementing or reviewing their electronic security systems as an integral aspect of their estate’s professionally run security risk management programme.

For more information on obtaining Secure by Design: A Guide to Residential Estate Security, got to www.robanderson.co.za



Bruce Robertson.

Bruce Robertson is a security governance and management consultant in the converged security field, with 35 years’ experience in the Police Crime Intelligence, corporate and private security environments (the latter in the EMEA context). He is a member of, inter alia, SABS/TC 0068 ‘Electrical and electronic security systems’ and SABS/TC 0001/SC 40 ‘IT Services Management and IT Governance’ (also serving as a SABS representative on ISO/IEC JTC 1/SC 40) and follows the activities of the major foreign regional and national standards development organisations in this regard. Bruce is a past chairman of the South African Institute of Security (SAIS).


Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

SMARTpod talks to Armata’s Richard Frost
Technews Publishing SMART Security Solutions Videos
SMARTpod, the podcast by SMART Security Solutions, recently spoke to Richard Frost from Armata about the company's new 'all-in-one' cybersecurity bundle designed to relieve cyber stress in the SMB market.

Read more...
Here’s to a SMART 2025
SMART Security Solutions Editor's Choice News & Events
This is the final news brief from SMART Security Solutions for 2024, and the teams would like to take this opportunity to thank our readers, advertisers and partners and wish everyone a safe and secure festive season.

Read more...
Organisations fear AI-driven cyberattacks, but lack key defences
Kaspersky Information Security News & Events Training & Education
A recent Kaspersky study reveals that businesses are increasingly worried about the growing use of artificial intelligence in cyberattacks, with 56% of surveyed companies in South Africa reporting a rise in cyber incidents over the past year.

Read more...
Physical security technology trends to watch in 2025
Technews Publishing News & Events
There are some exciting developments and significant changes, some technical and some operational, taking place in the market that security professionals should be aware of as they plan for the year ahead.

Read more...
SA company develops world-first safe K9 training for drug detection
Editor's Choice News & Events Security Services & Risk Management Government and Parastatal (Industry)
The Braveheart Bio-Dog Academy recently announced the results of its scientific research into training dogs to accurately detect drugs and explosives without harming either the dogs or their handlers.

Read more...
AI-powered automation for an operational efficiency edge
Editor's Choice AI & Data Analytics IoT & Automation
In the fast-moving world of digital transformation, businesses are under immense pressure to accelerate their operations and adapt quickly to stay competitive in an era dominated by AI and technological advancements.

Read more...
2025 Southern Africa OSPAs entries now open
Technews Publishing Editor's Choice News & Events Training & Education
Entries are now open for the 2025 Southern Africa Outstanding Security Performance Awards (OSPAs). The OSPAs are designed to be both independent and inclusive, providing an opportunity for outstanding performers, to be recognised and their success to be celebrated.

Read more...
Elvey to distribute Tiandy
Elvey Security Technologies Editor's Choice Surveillance News & Events
Tiandy’s presence in South Africa was boosted in November with the announcement that Elvey Security Technologies will distribute a broad range of Tiandy equipment through its channel partners and provide project assistance.

Read more...
Securing access against unwanted visitors
Intelliguard Access Control & Identity Management Residential Estate (Industry) Products & Solutions
In today's residential estates and complexes, one of the biggest concerns is preventing unauthorised access, while ensuring a smooth and convenient experience for residents and approved visitors.

Read more...
Fire safety in commercial kitchens
Technews Publishing Kestrel Distribution Products & Solutions Fire & Safety Commercial (Industry)
Fire safety in commercial kitchens is becoming increasingly critical. Defender is Europe’s first EN 17446:2021-approved kitchen hood fire suppression system and offers the indispensable safety measures required.

Read more...