Experience and Key Projects
Security Audit and Assessment for a Major Pharmaceutical Company
The BriefCornerstone were instructed by our client to carry out a comprehensive security audit and risk assessment at two NSW facilities. This was required as a prerequisite for obtaining a license to store and produce Schedule 8 substances, in particular medicinal cannabis.
This was required because new security standards from the Office of Drug Control have been provided to ensure organisations who cultivate, produce, or manufacture medicinal cannabis need to operate under the strict framework of Schedule 8.
Because the illicit value of cannabis makes the risk of theft or loss significant, robust and holistic security arrangements are required on a continual basis.
SolutionThe security arrangements necessary for a cannabis license involve a range of considerations, including, but not limited to, the people involved, the physical site and infrastructure where the cannabis is stored as well as operational procedures and information related to logistics operations.
During the survey and assessment Cornerstone met with key stakeholders from senior management through to administration and operations staff as well as security personnel. Extensive notes were taken, and information gathered which eventually developed into an operational requirement.
We also carried out inspections of physical systems including, digital video surveillance, access controls, intruder detection systems and barriers as well as building structure. Additionally, much attention was given to high security storage vaults and associated access controls.
After the surveys and assessments were completed, we provided a detailed report with various recommendations that covered all the above aspects and addressed gaps and deficiencies in their existing security plan.
Review Security Measures for a Sydney Trading Company.
The BriefOur Client trades in currency and spread betting as well as foreign exchange. The brief was to review all of their security technology and operations at the Barangaroo Head office and their disaster recovery site. We were required to conduct a full security audit and review of access control, intruder detection, digital video surveillance, and ID credential management as well as general security operations.
Other challenges were to solve complex issues between our client's access control system and the base building's system. Both were installed by different companies using different technology and our client wanted one credential to gain access through both systems and the elevators.
SolutionAfter the audit and review meetings with stakeholders, we identified numerous vulnerabilities in the existing security measures and developed a report with recommendations for improvement. New measures were put in place to integrate the access control systems at head office and the disaster recovery site as well as replace sub-standard, and vulnerable, CCTV equipment.
Additionally, we provided design guidance on reconfiguring the security systems to simplify operations and reduce servicing costs.
Review Security Operations for a Global Bank.
The BriefThe brief was to develop a long-term plan to transition all of the group's outdated and obsolete technology and infrastructure to the next generation and also develop a new security command centre that will be manned by outsourced security personnel.
During the initial phase we liaised extensively with the Global Head of Security and other senior IT Engineers as well as the corporate operational security and risk teams to gain an understanding of the current state and to develop design criteria for the next design phase.
SolutionThe final plan and drawings were developed to show how all the branches and corporate offices would be upgraded with new technology and how new dual redundant ICT infrastructure would be deployed to consolidate all security technology, BMS, alarm and video systems onto one common platform. All the new systems would be managed and controlled from a new security command centre with a backup "disaster recovery" centre established on the other side of the country.
The brief also called for innovative solutions such as behavioral analytics and centralized management of access control and staff Identification as well as remote control of contractors. It also called for vehicle and personnel tracking of key staff via GPS.
After the transition plan was finalised, it was presented to 11 members of the bank's executive committee.