Professional Documents
Culture Documents
Technical Document
Version 0 – June 2019
R AFFLES \ ORIENT EXPRESS \ BANYAN TREE \ DEL ANO \ SOFITEL LEGEND \ FAIRMONT \ SL S \ SO \ SOFITEL \ THE ORIGINAL S
RIXOS \ MANTIS \ MGALLERY \ 21C \ ART SERIES \ MONDRIAN \ PULLMAN \ SWISSÔTEL \ ANGSANA \ 2 5HOURS HOTEL S
H Y D E \ M ÖV EN P I C K \ G R A N D M ER C U R E \ P EP P ER S \ T H E S EB EL \ M A N T R A \ N OVOT EL \ M ER C U R E \ A DAG I O
MAMA SHELTER \ TRIBE \ BRE AKFREE \ IBIS \ IBIS S T YLES \ IBIS BUDGE T \ JO& JOE \ HOTELF 1
Security Standards | Technical Document
1. Guidelines | 2. Building | 3. Technical Equipment | 4. Human Action
Glossary of Terms
Term Definition Term Definition Term Definition
AACS Automated Access Control System GTS Guard Tour System NPR Number Plate Recognition
ACS Access Control System HMA Hotel Management Agreement NVR Network Video Recorder
ADA Americans with Disabilities Act HPG High Profile Guests Payment Card Industry –
PCI-DSS
Data Security Standard
ATM Automated Teller Machine HR Human Resources
PDSCR Pedestrian Screening
AV Audio Visual HVM Hostile Vehicle Mitigation
PIDS Perimeter Intrusions Detection System
BR Burglar Resistant Information & Communications
ICT
Technology PIN Personal Identification Number
BW Biological Warfare
ID Identification PTZ Pan-Tilt-Zoom
CBR Chemical Biological Radiological
IDS Intruder Detection System Redundant Array of
RAID
CCTV Closed Circuit Television Independent Disks
Standards issue by the International
IEC
CEO Chief Executive Officer Electro-Technical Commission RDD Radiological Dispersal Device
Crime Prevention Through IED Improvised Explosive Device RFID Radio-frequency Identification
CPTED
Environmental Design
IP Internet Protocol SSCR Safety & Security Control Room
DT Dual Technology
IR Intruder Resistant SRA Security Risk Assessment
EKMS Electronic Key Management System
International Organisation for TSA Technical Services Agreement
ISO
FEBR Forced Entry Ballistic Resistant Standardisation.
UPS Uninterruptable Power Supply
FoV Field of View IT Information Technology
WTMD Walk-Through Metal Detector
GUI Graphical User Interface KAC Key Access Control
1. Guidelines
1.1 Introduction Supported by a strong network of partnerships with the diplomatic and consular
authorities and with the security managers of international businesses, the safety
and security department runs and coordinates a unified and pragmatic security
Security is a key aspect of the “contract of confidence” existing between
policy designed for the group’s staff and establishments.
AccorHotels, its clients and its colleagues. The company is a responsible business
which must assume its security obligations in a disciplined and professional
The effectiveness of this policy is dependent upon its strict application.
manner, anticipating any risks in as far as possible. The decision-makers have
permanent responsibility and even liability on this point, and may be obliged to
provide proof at all times not only that no fault was committed within the company 1.2 Development of Document
but also that relevant and sufficient risk prevention measures were taken. The
slightest carelessness or negligence may result in criminal, financial or commercial In developing this document, establishing an overarching global baseline required
consequences, particularly those resulting from a loss of reputation for the brand. an in-depth review of security-related standards pertaining to physical, technical
and operational practices. In doing so, standards, regulations, laws and best
Additionally, the need for security felt by clients and staff is further heightened practices of the following six regions were focused on:
by a complex, fast-changing and often stress-inducing climate where security
—— Western Europe
is concerned. AccorHotels must propose solutions which are both effective and
reassuring. Our acquired knowhow in the security field should be a source of added —— Eastern Europe
value, enabling us to exploit future growth opportunities by innovating in the way
—— North America
we manage risks.
—— South America
With this in mind, AccorHotels has set up a safety and security department with —— Middle East & Africa
the aim of defining and supporting a comprehensive security strategy, under the
authority of the group’s deputy Chief Executive Officer (CEO). A network of security —— Asia Pacific
correspondents and managers enable it to monitor and support the deployment of
this strategy. 1.3 Purpose of Document
Technical documents, operational information and communication resources have In keeping with AccorHotels’ security mission and objectives, the approach to
been developed and made available to all stakeholders in order to generate a security management for AccorHotels’ hotels and assets, is to maintain safety
genuinely dynamic interactive process, conducive to responsiveness, adaptation and security and to prevent terrorist and criminal acts before they take place,
and dialogue. This agility is all the more vital as the subject is a multifaceted and thereby ensuring the safety and security of AccorHotels’ guests, visitors,
constantly changing one. employees, contractors, assets and reputation.
This document does not supersede local security and safety laws and regulations 3. Provide guidance that may be used to develop the detailed security designs for
where applicable, but serves as a point of reference for evidence of a security risk the mitigation of security risks to AccorHotels’ hotels and assets.
mitigation strategy.
4. Describe what must be done to ensure the most effective and cohesive security
plans are developed.
Whilst first response to an incident will be conducted by the onsite safety and
security team, when the incident has escalated beyond local control, the local 1.5 Ownership & Responsibilities
authorities shall maintain primacy over policing and emergency response in the
event of an incident, and the local AccorHotels security plans shall support their An effective security system is, in the first instance, contingent upon the
needs. AccorHotels will work closely with national law enforcement agencies. commitment of institutional leadership. This responsibility extends beyond the
Group Safety & Security management team. Security systems will inevitably fail
To facilitate the integration and effectiveness of security across AccorHotels in the absence of commitment from the top echelons of AccorHotels down to
hotels and assets, this document sets the guidelines for the implementation of the lowest levels. Furthermore, top down leadership at a strategic level is vital to
security throughout each location. The implementation of this document, and regularly reviewing the threat environment to all AccorHotels assets, and to adapt
supporting security management plans, is to be managed by the local hotel risk management systems accordingly.
Safety & Security Manager.
Security measures are to be applied based on the security risks to individual assets, 1.6 Global Brand Standards Review
tailored to address specific risks and in accordance with appropriate legislation.
AccorHotels Safety & Security Management shall review this document on an annual
This document serves as the minimum baseline standard for security to be applied basis to ensure its continuing suitability, adequacy and effectiveness. This should be
to all AccorHotels’ hotels and assets, regardless of type, size or location. factored into an annual implementation plan, which involves the continued review
of identified critical sites, assets and risks, and reassessing mitigation requirements.
1.4 Aim of Document It is the responsibility of the AccorHotels Safety & Security Management department
to ensure this document remains pertinent by continually revising the document
The aim of this document is to provide guidelines for the implementation of security in accordance with changing laws, regulations, standards, and Best Practice
risk management and security design of new builds and at existing hotels and requirements. Where required, input should be sought from other departments,
assets. To achieve this, AccorHotels should aim to: such as Legal, Finance, Facilities Management, Health & Safety, to ensure that any
1. Ensure a coordinated, and wherever possible, integrated approach to security changes do not breach any non-security laws and regulations. Any changes to this
planning across individual and collective AccorHotels sites. document should be approved by the AccorHotels Security and Safety, and Design
and Technical Services departments before being implemented.
2. Provide the ‘security doctrine’ by which planning and design should be
completed for the security management of AccorHotels’ departments, facilities
and systems.
1.7.1 Security Risk Definitions A site located within a stable political-economic environment, with
good support from local government and law enforcement and no
AccorHotels will assess and determine the security risk level for the location of contemporary history of civil or political unrest. Historical and forecast
each development; it shall be referenced in the Technical Services Agreement extremist activity is low or non- existent; there is no reported history
of organised or violent crime against the hotel sector or its guest
(TSA) and the Hotel Management Agreement (HMA). As part of these agreements, LOW
profiles, and no local Non-Government Organisations (NGOs) or brand
AccorHotels will determine if the specific risk level requires the engagement of a considerations. This site is in an established and traditionally low-crime
qualified Security and Risk consultant who will be appointed by the Owner. For area, likely to be adjacent to similar business premises and is integrated
projects that are identified in a High Risk or Red Zone, a security consultant will be with the local and regional community. The only notable problems
concern petty crime and late night rowdiness.
mandatory. This consultant will be responsible for the design and implementation
of the security systems as defined in this section.
A site located within a generally stable political-economic environment
that has support from local government and law enforcement and no
Security risk evaluates the likelihood of state or non-state actors engaging in actions
immediate incidents of civil or political unrest. Historical and forecast
that harm the financial, physical and human assets of a company, and the extent to extremist activity is low but information suggests that this situation
which the local government is willing and able to protect those assets. Actors that may change. There is active organised or violent crime within the local
may pose a security risk to companies can include political extremists, direct action environment but not specifically within the hotel sector or its client profiles.
MEDIUM
There may be local Non-Government Organisations (NGOs) or brand
groups, security forces, foreign armies, insurgents, petty and organised criminals,
considerations. This site is located in an area that has frequent reports
computer hackers, protesters, workforces, local communities, indigenous groups, of opportunist crime and there may also be minor local and/or regional
corrupt officials, business partners, and in-country company management and staff. community considerations. Guests are advised to avoid walking in
The impact of security risk on companies can include war damage, theft, injury, the vicinity of the hotel after dark and all journeys are made via hotel
transport or cabs.
kidnap, and death, destruction of assets, information theft, extortion, fraud and
loss of control over business. Security risk may vary for companies and investment
projects because of factors such as industry sector, investor nationality and A site located within an unstable political-economic environment, with
geographic location. little immediate support from local government and law enforcement
and a history of civil or political unrest. Extremist activity within the
region is reported with a historical targeting of western hotels and/
or clients, particularly through the use of vehicle borne and personal
borne improvised explosive devices, and kidnapping. There may also be
HIGH a history of organised or violent crime against western businesses and
their client profiles, and regional Non-Government Organisations (NGOs)
or brand considerations. This site is possibly located in a high-crime
area and may experience organised hostility toward brand or premises
within the local and regional community. Guests are advised to remain
within the hotel environs at all times and all journeys are made via hotel
transport or pre-booked liveried taxis.
1.7.2 Security Audits, Risk Assessments 1.8 The Security Risk Assessment
& Re-evaluation
The Security Risk Assessment (SRA) provides an overview of AccorHotels’ critical
sites and assets as well as the threats, both current and forecasted to these. By
Security Risk Management is a cyclical process involving the review of the risk and
analysing where a critical asset may be vulnerable to an identified threat, a risk
commensurate revision in mitigation measures. The robustness of systems can be
to the project is identified. These identified risks are categorised by their level of
revised upwards or downwards based on this review process, thus streamlining
risk to operations, which allows for decisions to be made regarding the level of
security operations into a cost-effective process which does not compromise the
protection provided. The Security Risk Assessment (SRA) is the responsibility of the
asset in question.
local Security Manager who is charged with continually revising the document to
ensure that it remains current with changing laws, regulations, standards, and Best
The appropriate protective measures are incorporated from the very design phase
Practice requirements.
of a project (whether this concerns a new build or renovation) or deployed as part of
an action plan and quickly adapted to the changing threat status.
1.8.1 The Process
The AccorHotels Safety & Security management team shall review the local policies
and procedure documents, and the Security Risk Assessment (SRA) document for The findings of the Security Risk Assessment (SRA) will inform and guide the
each asset on at least an annual basis to ensure its continuing suitability, adequacy subsequent security planning and design strategies. The methodology applied
and effectiveness. This should be factored into an annual implementation plan, should follow international standards and best practice, such as ISO 31000. At a
which involves the continued review of identified critical assets and risks, and minimum, this process will involve the following activities:
reassessing mitigation requirements. Should evident requirement arise – due to an
obvious change in risk level or a noteworthy trend of increasing security incidents, —— Establishing Context: This involves gaining an understanding of Stakeholder
for example – then the frequency of review should be increased. requirements, a detailed understanding of the project and the geography of
the region.
Whilst the local security manager is typically best placed to conduct this annual review,
—— Risk Analysis and Evaluation: This entails identifying and analysing the threats
if necessary, an outside company/consultant can be appointed to perform this task. This
that may confront AccorHotels’ sites, assets and people; the vulnerabilities to the
process of review requires the completion/updating of the Asset’s Risk Register.
identified threats; and the potential impacts of those threats upon operations.
The current risks to AccorHotels’ sites are thereby identified, and rated in order to
The survey is to take into consideration the local authorities and the hotels near
illustrate their relative importance in the context of the project.
the site or in the region. This assessment is deemed vital in countries or regions
threatened by terrorism and where the geopolitical situation dictates that such a —— Risk Mitigation: The security strategies will be developed to provide the possible
risk could arise. treatment options for the identified risks.
An annual review of the Security Risk Assessment (SRA) shall be completed and
may be required to be rewritten in the intervening period, should its material
precepts and/or security threat level significantly change in the intervening period.
1.8.2 The Two Identified Major Risks Facing 1. The national socio-economic situation;
AccorHotels —— The risk of a deterioration in the social fabric, resulting in an increase in acts
of incivility and minor criminality;
1. The risk of malicious acts —— The growth of violent local movements representing ethnic, political or social
minorities, or extremist groups;
— The hotels may be the target of several types of risk, the seriousness of which
may vary in degree: —— The local presence and specific objectives of international terrorist or
anarchist organisations;
— Offences committed in the surrounding environment and in the outdoor
or indoor car parks: Armed robbery, theft from vehicles, theft of vehicles, —— Public opinion concerning the nationality of the company and its staff.
miscellaneous thefts, damage caused to vehicles, setting fire to vehicles, etc. 2. The governmental response. Preventative policy and law enforcement
— Offences committed inside the hotel: assault, assault with a deadly weapon, action plan:
thefts from bedrooms, direct theft from individuals, theft in the hotel, —— The legitimacy enjoyed by the government in place and the strength of
disorder, drug-taking or prostitution, etc. opposition movements;
2. The specific risk of terrorism —— The relationship of the country in question with France, the European
— The terrorist threat is now an endemic phenomenon which has led AccorHotels institutions and more generally the West;
to take security measures within its establishments in order to: —— The level of involvement and commitment of the authorities handling
— Dissuade terrorists from targeting these establishments domestic security and the quality of the cooperation between these
authorities.
— Reassure guests and staff
3. The AccorHotels in the countries concerned
The efforts already initiated by AccorHotels to protect itself from this threat
must be continued relentlessly. The media impact in the event of a terrorist —— Its image, its activities and its history;
attack is felt internationally. Such events remain etched in people’s minds, for —— The outlook for future development;
a very long time.
—— Its strategic proximity to other companies;
This assessment results from the country’s geopolitical situation. This threat —— The layout of the premises;
increasingly targets hotels, which are both major stakeholders in the tourism sector —— Vulnerabilities linked to the urban environment (town centre, suburbs or
and places where large numbers of local people and/or foreign visitors are gathered. industrial estate) or the rural environment (isolation);
The threat status. This is assessed based on the following points:
—— The effectiveness of the local security services; AccorHotels is committed to combating sexual tourism involving children,
particularly in countries in which this problem exists or is spreading.
—— Effectiveness of the local health and emergency services (fire brigade, hospitals, etc.).
The Group’s activities are organised in line with ECPAT and the World Tourism
1.8.4 The Changing Nature of Risks to Existing Hotels Organization, which lays down the key principles for the deployment of an active
policy in this particular field.
The preventive measures detailed in the technical guide must always be considered
and adapted to each hotel’s particular context. AccorHotels has concluded agreements with Non-Government Organisations
(NGOs) like ECPAT and works closely with the public services and local embassies in
During the operational lifetime of the hotel, the nature, frequency and scale of the those countries in which the Group operates.
risk may change and require that additional measures be taken, adapted to this
The WATCH programme was developed to provide hotels with the resources and
new context.
information they need to combat this scourge.
Close monitoring of local information and of the AccorHotels’ “security intranet”
resources should result in the implementation of these additional measures which, 1.8.6 Security Risk Treatment – The ‘B.T.H’
in certain cases (terrorist threats) may be extremely urgent.
Security Method
1.8.5 Human Exploitation The “B.T.H” security method operated by AccorHotels establishes the minimum
baseline for security for physical, technical and operational security measures to be
Sexual Exploitation of Human Beings implemented at AccorHotels’ hotels and other assets, in order to avoid all reasonably
foreseeable malicious acts of crime and terrorism. In this instance, “reasonably
The free circulation of people facilitates the movement of prostitutes from one foreseeable” means that:
country to another as part of “prostitution networks” organised and managed —— New Builds – Preventative measures are selected based on the outcome of a
remotely by unscrupulous individuals. Security Risk Assessment.
—— Existing Sites – The careful monitoring of events makes it possible to identify the
The Internet allows for discreet contacts to take place between clients and
additional measures required, including their priority and urgency.
prostitutes, who use our hotels to carry on their business, for short periods
(6 to 10 days) but on a regular basis, involving rotation, moving discreetly from
The “B.T.H” security method is based on the following areas of security focus:
one hotel to another.
—— B = Building This means taking full account of the problem of security from the
AccorHotels provides training and awareness building kits to combat the sexual design stage onwards, and subsequently during the construction or renovation
exploitation of human beings. of a hotel.
These security design guidelines in this document define the level of security • Technical surveillance
counter measure only that shall be developed and installed during the Design and • Roving security guard patrols
Immediate external vicinity of
Construction phases. For each site (new or existing) consideration must been given building. Public access area;
• General Crime Prevention Through
Environmental Design (CPTED) principles
to the variances in building structure and resort layout that will require a plethora PUBLIC Access control dependant on
• Physical security barriers
of solutions to fully provide the appropriate level of counter measures. The layout district security measures and
procedures. • Appropriate signage
of properties will change considerably depending on the development type (hotel, • District wide security measures and
resort, serviced residences etc). procedures
Throughout the document, reference may be made to particular security industry An area that is accessible to • Technical surveillance
the general public. Security • Ability to restrict access
recognised standards for risk, planning, design and operations. If a standard is not SEMI
has the capacity to restrict • Roving and static security guard presence
applicable to a particular region, there is a Regional Standards Correlation table at PUBLIC access to this area during • Visible boundary
Appendix A that can be used by the local Hotel Security Manager to identify the times of heightened threat. • Appropriate signage
equivalent regional standards.
• Access Control
• Technical surveillance
1.9.1 The Security Masterplan
An area that is predominantly
SEMI-
private but has a requirement • Screening equipment
PRIVATE for authorised public access. • Security checkpoints or stations
A security master plan must be drawn up according to the changing nature of the • Appropriate signage
threat, for which the group safety and security department will provide its help
• Access control
and support. • Physical security barriers
A high security area that
• Technical surveillance
If necessary, the services of an approved outside company may be used. PRIVATE permits access to only
• Roving security guard patrols
building services staff.
The preventive measures detailed in the technical guide must always be taken into • Appropriate signage
account and adapted to each hotel’s particular context. • Consistent physical boundary
In all cases, the security master plan must be coherent vis-à-vis the project and the • Advanced access control (e.g. two factor
reconciliation of the “Security” and “Fire Safety” masterplans are vital. Highest security level – Secure authentication)
zone that prevents access to • Technical Surveillance
RESTRICTED even the most determined • Physical protection as per required
All hotel construction or renovation projects should incorporate and facilitate the attacker. Stringent access standards where applicable (e.g. structural
subsequent deployment of security equipment in order to be able to respond as control. hardening)
quickly as possible to a deteriorating security situation. • Appropriate signage
Within given zones, there may be a requirement for individual rooms to have an
Term Security Measures
increased level of protection, however this will be on a case-by-case basis. The
following Security Zone Matrix displays the minimum-security requirements at CCTV Closed Circuit Television Surveillance
transition points between zones. A glossary below provides definitions for the
systems outlined in the matrix. IDS Intruder Detection System
Table 1–3: Access Control Zoning – Security Equipment Deployment Matrix Table 1–4: Access Control Zoning – Glossary of Terms
To ensure that the holistic approach to security is truly incorporated within the fabric • Pedestrian access points (guest, visitor, back of house and colleague
of, correct planning and design focused on particular building locations and functions Perimeter entry points)
Access • Vehicle access points (guest, taxi, heart of house)
will ensure that the different user groups are recognised and understood with regards
• Vehicle access parking (guest, valet, hotel vehicle, taxi, waiting)
to how they interact with the site (i.e. transitioning between Access Control Zones as
previously described); as well as ensuring the site not only protects at a baseline level, • Main entrance
but has adaptability physically and operationally incorporated to increase the security • Loading Dock
Building
posture of the hotel depending upon changes to the threat environment, special events • Fire exits
Access Points
and/or different times of the day. • Car parking access points
• Other vehicular or pedestrian access points
Below is a list of areas for consideration where a focus on security is required: • Reception desk
Reception
• Elevator/Lift lobbies
Facilities
• Seating Areas / Informal meeting areas
Security Focus High Level Protection Objectives Design Focus High Level Protection Objectives
Exit doors open if a fire alarm sounds and Emergency
Public Fire safety
Provide monitoring and situational awareness for public, private Vehicle Access Routes
Monitoring &
and restricted areas.
Communications Personal liberty Compliance with laws concerning video surveillance
Establish room/centre for monitoring and controlling security Hotel reception Inspection and verification measures must be acceptable
Command and systems. This function will play an integral role in the support and measures to the guests
Control success of events allowing for resource deployment and incident Access control measures must be adapted to the various
response coordination. Disabled access
disabilities
Compliance with laws concerning the refusal of entry to
Use fixed and pan-tilt-zoom (PTZ) cameras for monitoring and Human rights
undesirables
recording. Systems to be active (monitored live), passive (only
Video
reviewed following an incident or query), and/or intelligent
Surveillance Urban planning rules Nature and height of the fencing
(augmented with analytic algorithms that analyse data and
provide alerts to specific events or behaviours)
The environment Energy consumption of all security systems; light pollution
Provide physical barriers to restrict movement between areas,
Access Control
including mechanical or electronic controls. Vehicle controls & roads Department of transport
In seeking to respond to different functions, you may find that some measures
Alarms and Provide sensors and signalling devices to alert personnel about a
Intrusion change in the physical environment that may require a response or appear incompatible with one another.
Detection investigation.
I.E. Security and fire safety may be incompatible concerning the locking of doors.
Conversely, other measures satisfy several functions simultaneously.
Table 1–5: Security Systems
I.E. Fire safety measures and protection against theft are compatible with the
LANDSCAPING
prevention of terrorist-related risks.
INT. DESIGN
ARCHITECT
SECURITY
LIGHTING
SIGNAGE
TRAFFIC
Furthermore, hotel construction or renovation projects should incorporate and
FIRE
facilitate the subsequent deployment of security equipment in order to be able to SECURITY COMPONENT
IT
rapidly respond to a deteriorating security situation.
CPTED, raised curbing, bollards, planters, etc.
I.E. immediately fitting the housings for the future installation of a CCTV system.
Provision for vehicle screening, searching
Example: the fitting out of the basement in those places at which security and rejection
equipment is likely to be subsequently installed (don’t run pipework near security Provision for quick deployment of personal
gates, in order to leave the possibility to subsequently install a retractable and baggage screening equipment at building
road-blocker). entrances
define security measures which are compatible, realistic and effective in all fields.
Create common pathways for pedestrian travel
throughout the Master Plan, limiting short-cuts
Below is an example of a design coordination matrix that would assist with
Provide natural surveillance within the
ensuring effective coordination takes place on projects. development and to/from adjacent public ream
areas and roadways
Minimise areas of entrapment and/or ambush
such as narrow corridors, stairwells, overly dense
landscaping, etc.
Way-finding
Pedestrian Crossings
Technical security
Whether directly and/or via its correspondents, the safety and security department
operates an information exchange network with the diplomatic representatives
and those of the local authorities. It shares feedback on best practices collected
from AccorHotels’ experience and operations, but also from its contacts in various
business sectors encountering the same problems.
—— Undesirable or hostile intrusions by people or vehicles 3. The minimum overall wall / fencing system height shall be 2 metres and buried
300mm below the ground. Consideration should be given on deploying double
—— The theft of vehicles or theft from vehicles
fence layers to create sterile zone based on the threat/ risk level.
—— The risk of an attack: ram raiding and/or car bomb
4. Where there is a requirement for “sterile zone”, the spacing between internal
However, all measures taken to secure the hotel perimeter must also guarantee
and external fences should be free from climbing aids
access for the security services and for security firms transporting cash:
—— It must be possible for the fire brigade / local Civil Defence / emergency response 5. Where increased security Hostile Vehicle Mitigation measures are required, the
vehicles to neutralise security equipment in order to gain access to the site wall / fencing system shall have a compliant crash-tested rating.
under all circumstances
6. Any openings within the wall or fence in excess of 620 sq. cm and which
—— Access for security firms transporting cash must be guaranteed without pass through or under the perimeter wall, shall fitted with additional security
requiring them to get out of their vehicle screening or bars to prevent them being used to by-pass the wall.
7. Selection of perimeter security fence type depends on the threat/ risk level
2.1.1 Wall / Fence (Low, Medium or High) security, and protection measure shall provide at least 2
minutes’ delay against climbing, cutting or burrowing attacks.
Perimeter Security fencing typically provide the first component of the overall Delay
function, whilst also demarcating the boundary of the site and creating a defensible 8. At least 5m stand-off distance between the fence line and any significant
space around the asset. structures, roads or climbing aids will be maintained.
The perimeter shall be inspected a minimum of once per week for damage and 9. The ANTI-CLIMB measures shall be applied to the security perimeter fence
signs of intrusion by the Security Guard Force and records of inspections shall be and walls to enhance the site perimeter protection and make it difficult for
kept. This inspection will also include recording signs of vegetation that has grown intruders to climb the wall / fencing system.
to a height that can conceal an intruder, and where vehicles and equipment have
been stored near the perimeter that could be used as a climbing aid. A regular 10. There are a variety of anti-climb structures/ security topping can be installed
program of wall maintenance shall be implemented and damages which may to the top of the fence or wall such as Concertina coil, razor mesh panel, wall
compromise the integrity of the wall shall be repaired as soon as possible. shark tooth, spike rails, etc.
2.1.2 Security Gatehouse 2.2 Vehicle Access Control & Hostile Vehicle
The gatehouse can serve as the control hub and shelter for security personnel. The
Mitigation (HVM)
gatehouse is to be, designed to support a minimum of three security personnel. As
The securing of access points reserved for clients, suppliers, staff and service
a control hub, the gatehouse controls the vehicle barricades, traffic control devices,
providers has two key objectives:
access control, lighting and vehicle screening operations.
—— To force vehicles and pedestrians to use access points at which they can be
checked by security staff.
PROTECTION OBJECTIVES —— To prevent any (unauthorised) person or vehicle from entering the site, without
needing to assign a member of the security staff to this task.
1. The security gatehouse shall be of suitable sighting and construction that they
provide a good direct view of the entrance system and external approaches. —— To successfully reject unauthorised vehicles without compromising the security
posture of the site, nor disrupting operations.
2. Within each of the gatehouse there shall be adequate domestic facilities for
the guard force (such as air conditioning and water provision) and adequate
To achieve this, obstacles (ditches, chicanes, low walls, embankments and
internal and external communications.
vegetation) should block any attempted intrusion (particularly by vehicles to be
3. The gatehouse windows shall be strong enough to resist stones, and the used for ram raiding or packed with explosives). In certain cases, parking should be
gatehouse doors shall be of a suitable design and construction that they can prohibited and above all impossible near the buildings.
withstand forced entry.
The aim is to prevent unauthorised access by vehicle whether benign or
4. The internal lights of the gatehouses shall not destroy the night vision hostile, without it being necessary to assign a member of security staff to
of patrolling security officers and should not expose security guards to monitor the access point.
observation at night from outside the site.
5. Where guard facilities are located near the roadway, provide a minimum
platform width of 914 mm behind the curb. This width is the minimum
necessary for security personnel to stand post adjacent to the facility,
therefore additional platform width is recommended to provide additional
safety through increased lateral clearance and space for security personnel
carrying weapons or equipment.
6. The gatehouse must have space for the storage of manual vehicle screening
equipment including under vehicle mirrors, explosive trace detectors “sniffers”,
and other loose equipment required for conducting routine and elevated
security operations.
1. The speed reduction measures on approach to vehicle gates and around site will 9. The security system must take account of the risk of a person or child getting
significantly force approaching vehicles to slow down and reduce the impact of snagged on the gate, who could then become trapped against a wall or a
hostile vehicles on sites. Chicanes are a typical form of speed reduction measures. fixed structure.
3. The use of crash-tested vehicle barriers such as rising bollards, road blockers, crash 15. Automatic control (entrance and exit) using vehicle sensors (which can be
sliding gates, V-gates, manual crash arm barriers, landscaping and street furniture turned on or off from reception) or Main Security Control Room.
will create a continuous line of Hostile Vehicle Mitigation (HVM) around the 16. A direct communication link between the vehicle access gate (entrance and
perimeter of the site, with no gaps greater than 1200mm. exit) and security by means of an audio or video intercom unit (embedded).
4. The vehicle access gates and pedestrian access gates should be the same height
as the fences (minimum 2m), with the top bar being fitted with “shark’s teeth”, 17. Bollards or kerbs either side to prevent the jambs from suffering impact damage
ensuring that there are no bollards, blocks or other features nearby which could be
used to aid anyone trying to climb on them.
18. Barriers monitored by CCTV
5. The planned protective measures must nevertheless allow access for the fire
brigade / Civil Defence / emergency services under all circumstances.
6. The vehicle security gates and other automatic equipment must be covered by Dependent upon the individual Hotel requirements (i.e. site survey and assessed
maintenance contracts to ensure that they are always kept in good working order. risk), the following additional design measures are to be considered:
—— Boom barriers installed in front of the door or mesh gate with several control
7. The design should avoid any risk of anyone getting accidentally knocked over.
options from reception or from the automated units themselves: boom barrier
alone, boom barrier + door or mesh gate.
8. Electrical equipment, earth connections, automated equipment and security
features must comply with standards and regulations, avoiding any accidental risk —— Security electrical power supply via the security electrical panel backed-up by
of a person or vehicle coming in contact with the gate when it is still moving. the generating set.
—— Locally controlled by means of magnetic cards, passes or ID cards for hotel staff.
Vehicle Entrances & Exits
—— Automatic opening when a vehicle approaches, activated at certain times from
reception. The entrances and exit points for vehicles are equipped with an automatically-
opening door or mesh barrier. Particular attention should be focused on lighting,
—— Entry and exit points equipped with parking payment points, accepting
video surveillance and access systems.
magnetic cards or bank cards directly.
The underground car parks and their access points can be the scene of:
The door opening or floor selection system on the lift must
—— Physical assaults be equipped with access control systems.
FROM THE HOTEL
—— The theft of, or from, vehicles TO THE CAR PARK All elevators within the car park must stop at the Ground
Floor level (upwards and downwards travel).
The underground car parks and their access points must be suitably equipped to
prevent these specific risks.
To ensure the security of individuals, the emergency exit
doors must open by simply turning a handle or pushing
CAR PARK an anti-panic bar. The emergency doors are under video
EMERGENCY surveillance and when they are opened, an alarm is
EXITS automatically relayed to the security office or to reception. In
all cases, it must be possible for staff to be aware that these
doors are being opened the moment this happens.
Car parks that give access to the loading docks must have
LOADING DOCKS roller shutter doors designed-in to provide the ability to “lock
down” the entrance out of hours.
2.3.1 Crime Prevention Through Environmental Landscaping and Urban Design should be seen as an enabler to implementing
passive security measures within the design; which can benefit the site by achieving
Design (CPTED) many of the security-related principles and concepts adopted for both vehicle and
pedestrian access control, surveillance, and the mitigation of blast effects within the
CPTED methodologies should be the basis of all security planning, incorporating plot. The adoption of the following principles can provide these benefits:
architecture, lighting, and circulation planning with security design. It is
—— Hostile Vehicle Mitigation – Landscape features and urban design shall be used
predominantly aimed at new buildings as it is much easier to influence a new
to exclude vehicles from specific areas.
design, and encompasses design methodology for the layout of buildings within the
environment to minimise the potential threat to a premise. The principles can also —— Boundary Definition – Design and changes in construction materials can be used
apply to existing hotels where there is scope to review the current layout and make to define the transition zones between public and restricted areas.
changes to reduce potential threats.
—— Topology – Changing elevations and angles can delineate the change in
ownership and intended use of an area, as well as provide protection against
CPTED is not related to different threat levels but rather is associated with
vehicle ingress or explosive threats.
eliminating weaknesses in architectural and landscape design – vis-a-vis,
“designing-out” security vulnerabilities. It encourages building designers to adopt —— Way Finding – Using landscaping and the built environment to intuitively draw
crime prevention measures in the design of developments, creating a safer and pedestrians and vehicles to desired locations.
more secure environment. The aim is to produce a safe and secure environment for —— Natural Surveillance – Creating clear sight lines that balance the need for privacy
users of public space without creating an enclosed high profile security barrier. and shading, with the need for surveillance and lighting around the hotel grounds.
CPTED promotes four key strands: —— Landscape Selection – Selecting materials that don’t impede natural surveillance
(low shrubs and high canopy trees), or plantings that deter attempts at
—— Natural Surveillance – Natural surveillance increases a site’s deterrence by taking unauthorised entry (thorny bushes, etc.)
steps to increase the perception that people can be seen if conducting illicit acts.
—— Lighting – Providing sufficient lighting to promote a sense of security through
—— Natural Access Control – Natural access control limits the opportunity for crime adequate intensity as well as consistency.
by taking steps to clearly differentiate between public space and private space.
—— Territorial Reinforcement – Territorial reinforcement promotes social control 2.3.3 Asset Hardening
through increased definition of space and improved proprietary concern.
Some areas may require additional “hardening” to prevent unauthorised access,
Activity Support – Activity support increases the use of a built environment for
i.e. forced entry, sabotage, vehicle impacts, etc. This shall include increasing
safe activities with the intent of increasing the risk of detection of criminal and
the physical strength of a feature (window, wall, door, etc.). It can also include
undesirable activities.
increasing the number of physical layers between a space and an asset, adopting
a “defence-in-depth” approach.
The hotel shall design in adaptability, allowing for security operations to elevate 1. Security Lighting must deter the intruder by creating a feeling of uncertainty;
when the threat environment changes, or when specific high-profile visits or provide light to assist the detection of intruders; and avoid creating shadows that
local events take place. This will ensure that the Hotel can safely remain “open for could offer concealment.
business” without requiring additional security risk to be accepted. Examples of
adaptability can include:
2. Security Lighting must also be able to conceal guards; assist with visual
—— Rising bollards / road blockers at vehicle access points. Normal operations they observation; and Support other detection methods (e.g. Video Based
would be in DOWN position, heightened threat level they would be in Detection).
UP position.
—— Power & Data points at strategic locations (including Hotel entrance points) 3. Security Lighting must not cause a hazard; be a nuisance; disadvantage the
guard force.
where people and baggage screening systems can be deployed.
2.4 Lighting Security lighting will be in operation around the entire perimeter and at key
locations throughout the Hotel, including Critical Assets, entries to hotels, other
Lighting is a very perceptible security feature for guests and a good way of accommodation types and back of house areas within the car park and pedestrian
dissuading people from committing malicious acts, particularly in the car parks walkways. Exterior building doors shall be illuminated with lights by the use of
and the pedestrian access areas. However, you should ensure that the lighting is dedicated fixtures or area lighting. There shall be area lighting at each parking area,
coherent for the whole “secured zone”. and the pedestrian routes to those parking areas to provide illumination at night
time. All security lighting fixtures shall be inspected not less than once per week
to ensure system integrity and proper operation. Repairs shall be made promptly.
With the exception of accent lighting, illumination should maintain uniform lighting
levels across all the areas that are lit. The following are recommended Lux levels for
security lighting deployment:
—— No trespassing
Emergency Exits 50
—— Prohibited items and substances
General Outdoor Areas 10
—— Visitor directional
—— CCTV in use
Interior Spaces (when unoccupied) 5
—— Any other signage details required by law
Gate House/Guard House 300
Parking 15 Both during the day or at night, the buildings may be the subject of:
—— The risk of a terrorist attack: suicide bomber, bombs contained in luggage, etc.
—— High-rise building
PROTECTION OBJECTIVES 1. External building doors shall be of steel, solid core wood or industrial glass
construction, and any exposed hinges shall have their pins spot welded to
1. Reception desk: The reception desk must be positioned so as to provide a preclude knocking out of the pins and removal of the door from the hinge side.
direct view of:
a) The hotel entrance 2. All exterior building doors shall be closed and locked at all times when not in
b) The lifts to the bedrooms use, during periods of minimal staffing, and on nights, holidays, and weekends.
c) The bottom of the main staircase
d) All public areas or at least their access points 3. Overhead and rolling doors shall be secured from the inside using high-security
e) The lifts from the car parks padlocks or similar locking devices.
4. The practice of securing overhead doors with a hasp and padlock on the exterior
2. Mobile reception:
side should be avoided unless there is no other means to secure the door.
a) Security, reception and concierge staff must always be able to monitor
people’s comings and goings through the building entrance points.
b) W arning systems and remote door closure systems must be immediately 5. Locks should be appropriate for security applications that are consistent with
accessible to them. international standards.
c) A
video feed of people accessing the hotel entrance must be available on
the mobile equipment available to them to enable them to fulfil their tasks. 6. The lock mechanism should include a suspension device.
3. Filtered access control: 7. It should be possible to change lock cylinder combinations or replace the entire
a) Areas designated for the use of enhanced security measures (entry gates, cylinder so that the loss of keys will not increase the risk of intrusion.
tunnels, detectors, etc.) must be located a sufficient distance from the hotel
so as not to endanger those people already inside the building. 8. Lock boards should be made of anti-rust steel to protect the lock box from
corrosion and tampering.
4. Roof access: Doors that give access to the roof shall have the following: 9. There should be minimal distance between the bolt and the handle.
a) Contact sensors on doors alarmed to Safety & Security Control Room (SSCR).
b) Video surveillance of door.
10. Balcony doors must be provided with Child Restrictors positioned at minimum
c) Guard Tour System “touch” point for patrol check confirmation.
1.5m from base of door.
Where a double door entrance is designed, the interior of the double door entrance
is equipped with an intercom system connected to the reception telephone.
2.7.3 Emergency Exits
The second door is reinforced in the incoming direction to be able to resist any
In order to prevent intrusion by undesirables or the introduction of any illegal items,
attempted forced entry (the door should be able to withstand around fifteen
the emergency exit doors must always be under video surveillance and equipped
minutes of attempted forced entry). The second door can be remotely opened or
closed from the reception desk. with audible alarms providing notification of unintended opening.
Guest room doors shall be of a construction commensurate with Fire & Life Safety
codes, and shall have a door viewer (minimum 160-degree view), with disabled PROTECTION OBJECTIVES
rooms having a second door viewer at 1.2m (4ft) high. It shall be connected to the
Guest Room Locking system.
1. No emergency exit door should ever be locked but should remain closed.
Interconnecting guest room doors shall be of a similar construction to the main
guest room door and shall be fitted with a mechanical thumb lock, with clean face
on the opposite side. 2. A means of emergency egress from occupied buildings shall be provided
at all times.
For non-key locked rooms, a safety chain/night latch shall be fitted to the inside of
the guest room door. 3. Each building should have a minimum of two doors designated as ‘Emergency
Exits’ at opposite ends of each floor or section of a building to facilitate the
effective evacuation of personnel in case of a fire or other emergency.
2.7.2 Key Management & Control
4. Doors should only open in an outwards direction, close and latch automatically
Lock and key security forms a vital element in the protection of the Hotel perimeter (un-pulled), and not require any special knowledge to operate.
and buildings within, protecting the Hotel from criminal and terrorist threats. Locks
may be attacked by picking, force, or breached using lost or stolen keys. Therefore, 5. ‘Emergency Exit’ should be clearly marked with luminous/ illuminated signs
key security is designed to reduce the exposure to such an attack. The systematic that can be seen in the dark and through fire smoke. All signs shall be code
control of locks and keys is one of the most important components of any security compliant and in accordance with AccorHotels Fire Global Brand Standards.
program. Without proper key control, locks provide little deterrence to illegal or
unauthorised entry into a facility. 6. Routes to these doors should also be marked with luminous/ illuminated arrow
signs so that personnel can see the way to these doors.
The Electronic Key Management System (EKMS) restricts access to physical keys,
and is used for the control of physical keys within the hotel. EKMS imposes control 7. The doors should comprise wood, be covered with a steel sheet, and have non-
to ensure that physical keys can only be withdrawn by authorised personnel. The visible, anti-rust hinges; should not have handles, but instead, have push bars
EKMS software can be integrated with the Electronic Access Control system, on the inside so they cannot be opened easily except in an emergency.
allowing security management to control authorisation permissions review / audit
staff accessing the keys. All mechanical key type locks, including padlocks are to be
registered on the Hotel master key system.
2.7.4 Windows, Roof Vents and Hatches 2.8 Mitigating Blast Effects
Window protection must meet two objectives: There are certain structural and non-structural measures that may need to be
implemented in order to minimise injury and damage in the event of the detonation
—— To prevent the risk of anyone falling out/being pushed out of the window from
of an explosive. These measures shall be:
inside, on the hotel’s floors.
—— Included in the design of all new buildings
—— To prevent intrusions by unauthorised persons from outside, on the ground floor
or in other places, by climbing. —— Incorporated into existing buildings, where applicable
For the bedrooms, these windows must be equipped with an opening limitation The majority of injuries following a bomb blast are from glass fragments (which are
system. Additionally, windows protected from the outside must include safety classified as secondary fragments).
glazing matching the level of risk faced by the site.
Injury to occupants from glazing is categorized into one of the following three levels:
PROTECTION OBJECTIVES —— Superficial hazard: Glass debris would travel into the room at a low velocity and
land within 1m (3ft) of the window. Unless a person was standing directly next
1. Windows, roof vents and hatches shall be secured at all times when not in use. to the window at the time the glass breaks, he or she would only sustain
superficial cuts.
2. All opening windows in guest rooms are to be restricted to 100mm maximum —— Low hazard: Glass debris would be expected to be thrown into the room for a
opening; only possible to be opened from inside guest room. distance of not more than 3m and not exceeding 0.5m (1’-8”) above the floor at
3. Exterior windows should face on to main, well lit, busy thoroughfares and not this distance. Injuries would be limited to cuts on the lower body, and fatalities
on to isolated passageways. would not be expected, although a person standing within 1–2m (3– 6ft) of the
window could be seriously injured.
4. These windows should be made of tamper proof material or from glass sheets
with appropriate properties for burglar resistance. —— High hazard: Glass debris would be thrown much further into the room at high
velocities above the 0.5m (1.6ft) height. Serious injuries, cuts to the upper body
5. Windows should be consistent with international standards, such as ISO 20492. and face, and fatalities would be expected.
8. Balcony barriers must be minimum 1.1m from finished floor to top of balcony rail.
Descriptor Performance Level Protection Level Hazard Level Description of Window Glazing Response
Low Hazard
Glazing cracks. Fragments enter space and land
on floor and impwact a vertical witness panel at a
4 Medium Medium
distance of no more than 3m (10ft) from the window
at a height no greater than 0.6m (2ft) above the floor.
2.9 Internal Hotel Security Access to the attractions shall have clear and uninterrupted views from inner
reception areas to observe whether unauthorised personnel “tailgate” authorised
guests into membership areas.
2.9.1 Reception Facilities
All attractions (spa/health club/fitness centre, swimming pool, bars, clubs,
At the Hotel entrance and reception areas, Hotel security and concierge staff retail outlets, conference centres, etc.), shall be secured and alarmed when not
will be stationed to guide visitors creating a “controlled area”. This area will be operational (outside of opening hours). This shall include door alarms at access
monitored by video surveillance cameras. In operational hours, Hotel security and points and movement detection within the domain of the attraction.
concierge staff will be stationed to assist guests and visitors at the reception areas.
The layout of the reception area shall provide the front desk and concierge desk Automatic Teller Machines (ATMs) shall have dedicated alarm facilities that are
a clear view of the entrance, elevators and waiting areas. The reception area shall monitored by the security control centre. A silent panic alarm facility shall be located
be in clear view of the entrance and shall be positioned so that entrants cannot adjacent to Automatic Teller Machine (ATM) replenishment areas. This area shall also
bypass it for direct access to the guest elevators. During periods of high security, be covered by a motion detector and a CCTV camera which automatically displays
personnel and baggage screening will be deployed in this reception area; providing when an alarm is activated.
a security check of all guests and visitors. During this time, it is essential that all
other pedestrian access points are closed / locked-down so all personnel on the site
premises are processed through the screening area. Panic alarm facilities shall be
2.9.3 Public & Guest Areas
provided at the reception desk area for staff to alert the Security Office.
All public areas shall be free of access control facilities unless there is a requirement
to restrict access to an area for a specific purpose. This shall be decided on a site-
2.9.2 Food & Beverage / Conference & Banqueting by-site basis. Access control facilities shall be required to restrict access to areas
where activities are limited to authorised staff and guests through hotel residency
Cafés, restaurants, bars and conference/banqueting facilities will present increased or memberships, such as spa/health club/fitness centres, swimming pools, and
risks from fire, harassment, and anti-social behaviour. The security strategy and conference facilities.
design will need to consider these factors. Restaurants will be required to conform
to guidelines issued by AccorHotels in regards to their in-house security systems. External general surveillance cameras shall provide images of the communal areas
Nonetheless, the basic general measures below are likely to feature as minimum between the Hotel perimeter and the buildings themselves. This shall be limited to
requirements of this guide: vehicular and pedestrian access routes unless additional coverage is deemed necessary.
—— Video surveillance to deter/detect petty crime and suspicious behaviour. For general surveillance, fully functional cameras shall be installed in strategic locations
to provide good coverage of all general access routes.
—— Intrusion detection to alert security operator of a breach to retail unit during
closed hours. Areas covered include:
—— Cash / credit card handling procedures. —— Front of house corridors
—— Additional security personnel during conferences/banquets to control access. —— Guest rooms
—— Segregation of users through locking down area/routes to unauthorised persons.
—— Public elevator / lift lobbies Plant rooms, fuel stores, etc. shall also be locked and alarmed when not in use.
All external access points to plant rooms shall be enhanced to the same level as
—— Spa/ Health club/ Fitness centres/ Swimming pools
building access points.
—— Retail facilities
Loading dock access points into the building shall also be enhanced to robust levels
—— Automatic Teller Machines (ATMs)
so that in the event of attack these doors can be secured and locked.
—— Gardens There shall be sufficient “no-entry” signage that warns guests of restricted rooms or
areas within the hotel.
—— Swimming pools
—— Tennis courts Heart of House Areas shall include:
The Heart of the House areas will be monitored by video surveillance cameras, with —— Plant rooms
specific coverage of access points to staff and service areas from outside of the —— Laundries
building or from internal public areas.
—— Sewerage
All back office secure areas which handle cash or secure storage areas shall be —— Heating/cooling plant
alarmed with entry points being physically locked and door alarms fitted as well as
movement detectors within the secure area. —— Electricity/Power supply (including generators/transformers)
—— Safety deposit box safe room
The hotel must: 10. A luggage storage room should be fitted out near reception to store guests’
—— Guarantee guests that suitable measures to protect them are in place left luggage.
—— Secure the staff changing rooms 11. The structure of the luggage room’s interior walls must be explosion-proof, to
—— Protect its premises against the risks of theft or violent attacks contain the blast from any possible explosion.
12. This room must be kept locked and subject to access control measures,
PROTECTION OBJECTIVES including access card entry.
PROTECTION OF BEDROOMS
13. A video camera is placed inside, and covering the entrance to the room.
1. Guests must be protected against violence and potential thefts in the bedrooms.
PROTECTION OF HOTEL STOREROOMS
2. The lifts and stairways providing access to the hallways where the bedrooms
are located must be subject to access control. Doors and windows providing 14. Rooms containing products which are likely to be stolen (particularly
access to balconies must be lockable from the inside. consumable products, wine and alcohol) must be equipped with card key type
locks and CCTV coverage.
3. Direct access to bedrooms from the outside or via passageways must be
studied on a case-by-case basis. PROTECTION OF STAFF CHANGING ROOMS
4. The door surround for the door providing entry to the bedroom must be able 15. The hotel staff must have individual lockers, closed using a lock or a padlock
to sufficiently withstand any attempt to break in and must feature a lock which are logged in the master key system.
compliant with the “security system standards brand”.
5. The bedrooms are equipped with safes meeting the group’s “safe brands 16. The changing rooms must be equipped with locks or access control systems.
standard”. A disclaimer for valuables must be provided with the safe.
9. A minimum of 5 double-key safety deposit boxes per 100 guest rooms shall
be provided.
Safety Deposit Box rooms provide guests with a secure location to deposit
Security containers are an important part of the security design, as they offer
items that is over and above the standard of the in-room safes. The minimum
staff and guests a secure place to store money, important documents and
requirements for the Safety Deposit Box Rooms are:
valuable items.
—— The room shall be located at the ground floor left, next to lobby but in the back-
2.10.1.1 Guest Room Safes of-house area.
—— The door of the room shall be controlled using an electronic access control system.
Each hotel room must have a battery powered in-room safe with a manual override
system integrally designed-in. It must be secured to the fabric of the room (i.e. —— There shall be sufficient video surveillance coverage of the room entrance and
the masonry wall) and place at a height that is comfortable for guests to use. At a inside the room.
minimum, the safe must be able to accommodate a 432mm/17” laptop computer. It
—— All Safety Deposit Boxes shall be affixed to the fabric of the building (i.e. the wall
must not have any electrical outlets. Minimum requirements of the safe include:
and/or floor).
—— Minimum dimensions 200mm high x 500mm wide x 400mm deep
—— The construction of the walls, ceiling and floor shall be concrete.
—— UL-1037 certified
—— Each box shall be opened with 2 keys (1 key each with guests and duty manager)
—— American with Disabilities Act (ADA) compliant telephone style keypad
—— The protection level shall meet the following standards:
—— 4 or 6-digit guest code
—— EN-1143-1/UL Class TXTL 60 or equivalent for burglary protection
—— LED display for easy user guidance
—— EN-1047-1/NT Fire 017/UL class 350 or equivalent for fire protection
—— Confirmation buzzer to open/close
—— Room shall be located at ground floor or below ground level in the finance office
In each room, a note shall be displayed warning guests against keeping high-
—— Common structural capacity is 400kg/square meter
valuable items in their room, even in the safe of the room. The note must
encourage them to deposit their high-valuable items in the safe of the hotel. —— The room shall be located at the ground floor or below, next to the finance office.
The note must be explicit, written in English and in local language.
—— The door of the room shall be controlled using an electronic access control system.
—— There shall be sufficient video surveillance coverage of the room entrance and
inside the room, and dedicated coverage of the cashier’s safe.
The SSCR interface will allow system operators to simultaneously view, monitor and
action the most appropriate fire/anti-intrusion/CCTV system alarms from a single
point of control, monitoring the entire event from a video wall (with data input from
video imagery, lift controllers, emergency routes, audio communications and alerts,
etc.). It should be designed ergonomically to provide a safe and comfortable working
environment. This room will act as the Crisis Control room should an incident occur.
1. The Safety & Security Control Room (SSCR) is required to successfully 5. All safety & security systems will need to be monitored and controlled either local,
coordinate and manage Hotel security operations on day to day basis and centrally or both, by an appropriate number of fully trained staff. This is required
during special situations as an emergency or crisis events. to ensure that alarms can be assessed and verified in the shortest period of time.
This in turn will provide authorized personnel with the maximum amount of time to
respond to the event.
2. At a minimum, the following systems shall be monitored:
a Video Surveillance System
b Access Control System
c Intrusion Detection System 6. Where a Safety & Security Control Room (SSCR) cannot be established a room
must be allocated to house the security control room, which should be subject
d Call for Assistance / Intercom System
to access control, in which the CCTV cameras can be monitored.
e Panic Alarm System
f Vehicle Barrier Controls
g Guard Tour System
h Fire Management System
7. Entry to the control room should also be monitored by video cameras, enabling
i Elevator Management System
a staff member to control access to the room.
j Gas Leak Detection System
k Public Address System
3. The purpose of effective security control room is to reduce the response 8. The proposed layouts will be effective under high and low staffing levels and
time of security personnel to a security incident and to ensure effective ensure that each operator’s workspace does not enter other’s ‘intimate zones’
communication and co-ordination of their deployment or that of law and compliance with ISO 11064 (Control Room Ergonomics).
enforcement officers to critical, real time alarms generated by the
security systems.
9. Storage for the video recordings and other systems equipment should be in
4. Safety & Security Control Room (SSCR) relies heavily on the appropriate a secure Systems Equipment Room; in a separate location from the Safety &
operational configuration of security systems and clearly developed security Security Control Room (SSCR) and only accessible to specially authorised persons.
policies and procedures supporting a clearly defined security and incident
management plan.
2.13 Safe Haven / Room When designing a room to be used as a safe haven, the recommended minimum
attributes are:
A safe haven/room provides immediate refuge for staff in the case of a criminal or —— A hardened solid door (260mm thick), jamb, door hardware, and locks.
terrorist incident at the Hotel. The safe haven/room will be known to staff members,
—— Walls, floor and ceiling to be reinforced or internal erection of modular Safe
and they will be given specific instructions as to what thresholds will be met for Haven/Room in larger room or space (BS EN 1063 Class BR6NS). The walls and
them to be alerted to go to the safe haven/room. ceiling shall not also form part of the building exterior.
—— A duress alarm,
PROTECTION OBJECTIVES —— Either no windows or window hardening,
2. At a minimum, it shall have six-sided hardening of the floor, ceiling, and walls —— Storage for bottled water
appropriate against forced entry/ballistics resistance standard
—— 1m2 for each person who will occupy the room
3. It shall be strategically positioned taking into considerations boundary —— An internal light source connected to a separate power source
hardening, space allowances, route considerations, communication systems,
and utility needs. —— Toilet facility
4. The time it takes to get into and secure it should be on the order of seconds.
2.14 Protecting the Air and Drinking Water
5. The escape path to the Safe Haven/Room should not cross the expected The establishment’s air and water treatment systems must be protected against the
assault path of an intruder.
risks of attack by chemical or bacteriological pollution.
9. It shall provide up to 8 hours’ independent endurance with no external power 3. The water production sites (desalination, pumping, etc.) or water treatment and
requirement. processing sites must be secured to avoid any risk of pollution.
2.15 Chemical, Biological & Radiological Protection 2.15.1 Background on Chemical, Biological,
Radiological Materials
Chemical, Biological, Radiological (CBR) is a general term that covers three distinct
groups of hazards:
2.15.1.1 Chemical
—— Chemical, Poisoning or injury caused by chemical substances, including ex-
military chemical warfare agents or legitimate but harmful household or Toxic and corrosive chemicals generally affect their victims relatively quickly
industrial chemicals. (minutes or hours later). The options for deliberate attack range from household
chemicals available over the counter, through the use of industrial chemicals such
—— Biological Illnesses caused by the deliberate release of dangerous bacteria,
as cyanide, to chemical warfare agents such as the nerve agent sarin.
viruses or fungi, or biological toxins (e.g. ricin, a natural toxin occurring in plants).
—— Stains or dampness on the packaging. Upon detonation, no nuclear explosion is produced but, depending on the type of
the radioactive source, the surrounding areas become contaminated. As well as
—— Sudden onset of illness or irritation of skin, eyes or nose.
causing a number of casualties from the initial blast, there may well be a longer-
term threat to health.w
2.15.2 Protecting Against Chemical, Biological, 2.16 Securing Funds and Transactions
Radiological Attacks
The hotel must consider the security of those persons handling and possibly
transporting cash. External Cash-In-Transit companies are to be used for the safe
CBR counter measures have not yet been proven in a civil / commercial
collection and transportation of hotel cash and valuables. In extreme cases where
environment and therefore advice shall be obtained from local government sources.
these companies do not operate, staff may be authorised to transport hotel cash and
valuables, however this will be subject to a risk assessment and detailed route planning.
However, there are some basic design measures that shall be considered in the
design of a building to minimise the potential effect of a CBR incident. These are to
Decisions concerning the transportation of cash must be taken based on the
be addressed during the design by the MEP consultant.
location of the hotel, the risk incurred, the total amounts of cash to be collected,
money management, the layout of the buildings and access points, and the
possibility or otherwise of depositing cash with bank branches. Additionally,
PROTECTION OBJECTIVES
depending on the environment, special attention should be paid to:
1. Review the physical security of your air-handling systems, such as restricting —— The security of transactions and of cash registers;
access to intakes and outlets.
—— The security of the safe;
2. Restrict access to water tanks and other key utilities. —— The method used for transporting cash (the company’s own staff, professionals, etc.).
3. Consider whether you need to make special arrangements for mail or parcels,
PROTECTION OBJECTIVES
e.g. a separate post room, possibly with dedicated air-handling, or even a
specialist off-site facility.
SECURING TRANSACTIONS & CASH REGISTERS
4. Limit unauthorized access to building construction drawings, particularly those 1. The transaction points must be designed in line with PCI-DSS requirements
relating to building services. concerning in particular video surveillance for electronic transactions and the
storage of banking data.
5. Secure all building services plant and equipment rooms to prevent
unauthorized access. 2. The cash desk should be housed in a secure draw and contain only a small
amount of cash.
6. Limit unauthorized access to the roof area, particularly if the roof is overlooked.
In general, the roof is the most vulnerable point of entry to the building. SECURING THE SAFE
THE CASH TRANSPORTATION CIRCUIT PAYMENT CARD INDUSTRY DATA SECURITY STANDARD (PCI-DSS) REQUIREMENTS
1. The amount of cash present on-site will vary from hotel to hotel depending on 7. Build & Maintain a secure network
the level of electronic transactions. a) Install and maintain a firewall configuration to protect cardholder data.
b) Do not use vendor-supplied for system passwords and other security parameters.
2. Handling, collection route and deposit in vehicle must be out of public view.
8. Protect cardholders data
a) Protect stored cardholders data
3. A number of basic rules must be observed. The route taken by the b) Encrypt transmission of cardholders data across open, public networks.
“cash carriers” within the building and the rooms accessible to the cash
transportation company should be well-lit and kept clear of all obstacles which
could hinder or present a danger to the security guards transporting the cash. 9. Maintain a Vulnerability Management Program
a) Use and regularly update anti-virus software or programs.
b) Develop and maintain security Systems and applications.
4. The schedule for collection shall be known only to the General Manager.
3. Technical Equipment
3.1 Access Control Should there be any areas where additional security is required, it is possible to
require additional security provisions to validate the credentials of the person
presenting the access card. Validation methods are use of a Personal Identification
The primary objective of Access Control is to mitigate the risk of intruders accessing
Number (PIN), biometrics (such as fingerprint or voice) or by provision of two
restricted/sensitive areas of the Hotel and in particular areas where valuable items
different persons’ access cards (two-man rule).
are stored, which are vulnerable to attack. A secondary objective may be to enable
the Hotel’s Human Resource function’s (HR’s) monitoring of employees’ access
Where access control measures are employed for guests, some of the access points
through offices for performance, disciplinary, and other purposes.
may require communications systems (intercoms) to enable guests to contact
a hotel staff member who can remotely grant them access should they have
The hotel must possess the necessary, fully operational technical equipment for
difficulties with their access cards.
ensuring effective access control over the entrances and exits and to deal with
all risks of intrusion. This equipment must be compatible with the evacuation
This technical access control equipment adds to and reinforces the measures
procedures if a fire alarm sounds and the protection level they provide must be
already taken at the architectural stage, based on the “Building” objectives:
determined based on the risk assessment:
Automatic vehicle gates and pedestrian gates;
—— Access control for the public (the signposting and equipment available to the
—— Retractable bollards;
public must be easily understood and usable by disabled guests);
—— Automatic boom barriers;
—— Special checks carried out on clients and luggage;
—— Height bars;
—— Access control for personnel;
—— Lighting;
—— Access control for deliveries;
—— Control systems (access passes, other proximity devices);
—— Access control for cash transportation companies;
—— Security screening gate;
—— Technical access control.
—— Doors (entrance, double-door entrance, bedrooms, peep-hole, door-chain,
double-locks);
3.1.1 Electronic Access Control System
—— Safe (bedroom, hotel);
Automatic Access Control Systems are used to monitor and control access through —— Windows / Balcony doors;
doorways and provide a method of identifying users in secured areas. As well as
monitoring the movement of persons, systems can be configured to track the —— Intrusion alarm;
movement of assets such as high value items like Audio Visual (AV) equipment or
—— Perimeter Intrusion Detection.
lower value items such as laundry carts.
When access passes, proximity cards or biometric data are used, rules for their —— Doors with readers installed should have automatic, magnetic closing
management need to be defined and strictly applied. Cards, badges and passes mechanisms fitted; be alarmed; and covered by video surveillance for
must not include any markings enabling a third party to work out what they are monitoring. Doors’ mechanisms should be adjusted to shut within a few
used for. seconds after opening so that intruders cannot immediately follow behind
card users (‘tail-gate’) to gain unauthorised access. All doors should have the
An electronic Access Control System shall be installed at the doors of the functionality to automatically unlock and be operated manually in the event of
aforementioned vulnerable areas and zones in order to either physically permit fire or power failure.
access or mitigate the risk of intrusion by personnel through these spaces.
—— The system should have the functionality to record the access activity of readers
and produce statistical reports on usage for analysis and evidence.
PROTECTION OBJECTIVES
3.1.1.2 Access Control Cards
1. The electronic Access Control System (ACS) shall provide credential to
authorised person accessing restricted areas of AccorHotels. Main categories of Access Control cards to be issued. The first category comprises
cards for employees, cards for contractors, and cards for visitors and cards for
2. The Access Control System (ACS) shall be integrated with physical barriers such guests.
as doors, automatic rising barrier, barricade, etc. and remotely operated from
a central control station or via the use of local smart & biometric card readers
—— Employees’ cards should be blank, with the exception of a simple, coded marking
deployed at these locations.
with a number, such as ‘E-001’ for example, in case they are lost. In which case,
potential intruders who find a lost card would not know from whence the card
3. All staff, visitors, guests & contractors within or visiting the Hotel will be originated. For the same reason, contractors’ cards should also be blank, but
provided with security pass/ card/guest room card which will grant access into
also marked with a ‘C’ and a number such as C-001 for example, to differentiate
predefined areas. All critical areas and rooms will be protected by electronic
locking mechanism, and only personnel with right privileges on their cards will them from employees’ cards.
access these secured areas.
—— Cards should be programmed to only permit employees and contractors access
to those zones where they work and no more. Unauthorised cards should initiate
an alarm to a monitor that can consequently be responded to.
3.1.1.1 Minimum System Requirements
—— The stairways must also be fitted with access control systems while at the
same time meeting the evacuation requirements for emergency exits. PROTECTION OBJECTIVES
—— The bedroom doors
1. The Intrusion Detection System (IDS) system components ideally shall
—— RFID magnetic locks allowing for access traceability. They must be equipped be continuously monitored for normal, alarms and trouble conditions.
with a spy-hole and a door chain. The Intrusion Detection System (IDS) will indicate deviations from normal
conditions at any location in the system which includes identification of the
—— RFID magnetic locks must be provided by an AccorHotels approved sensor in which protected zone occurred and whether the deviation is a false
preferred supplier. alarm or malfunction.
This feature is vital to the establishment’s security as it immediately detects Depending upon the Security Risk Assessment, a Perimeter Intrusion Detection
whenever a door is opened. This is a vital accessory to accompany the CCTV system. System (PIDS) may be required. There are different technologies available which
The following doors must always be equipped with break contacts: can be used based on the sterile zone applications/ double fence layers and site
conditions. Types of PIDS include:
—— The hotel’s final emergency exits;
—— Video Surveillance Video Motion/ Analytics system
—— Staff entrances;
—— Fibre fence-mounted detection system
—— Delivery entrances;
—— Long-range Passive Infra-red (PIR) detectors
—— Access points for security firms collecting cash;
—— Microwave system
—— Access to service rooms, outdoor enclosures or outdoor technical facilities.
—— Buried fibre detection system
—— The car parks’ emergency exits;
—— Buried leaky co-axial cable
—— The doors to rooms where cash is kept and strong rooms.
The main unit for the intrusion alarm system must be located in the security control
room or in immediate proximity to reception. In all cases, should an alarm be PROTECTION OBJECTIVES
triggered this must be immediately noticeable and make it possible to intervene
1. The Perimeter Intrusion Detection System (PIDS) shall provide early
right away. This equipment and all of its wiring and cables:
detection of intruders attempting to breach the perimeter wall /
—— Must be totally independent of the fire alarm system and the electromagnetic fencing system.
locking systems
2. Upon detection of intruders, the system shall send visual & audible alarm
—— May be combined with CCTV notifications to the operator in the security control room
3.1.2.2 Windows 3. The Perimeter Intrusion Detection System (PIDS) software shall provide
indicate the alarmed zone on graphical site map, to assist the security
The above-mentioned intrusion alarm system may be accompanied by equipment guards to react & response and minimise damage or theft to the site.
designed to detect any abnormal presence on, or attempted entry via the façades:
—— Anti-intrusion seismic detectors 4. The Perimeter Intrusion Detection System (PIDS) can be installed solely or
combined with other sub-security systems such as Internet Protocol (IP)
—— Presence or movement detectors Video Surveillance to provide full & robust protection for the site perimeter
—— Photocells
This feature is vital to the establishment’s security as it immediately detects Depending upon the Security Risk Assessment, a Perimeter Intrusion Detection
whenever a door is opened. This is a vital accessory to accompany the CCTV system. System (PIDS) may be required. There are different technologies available which
The following doors must always be equipped with break contacts: can be used based on the sterile zone applications/ double fence layers and site
conditions. Types of PIDS include:
—— The hotel’s final emergency exits;
—— Video Surveillance Video Motion/ Analytics system
—— Staff entrances;
—— Fibre fence-mounted detection system
—— Delivery entrances;
—— Long-range Passive Infra-red (PIR) detectors
—— Access points for security firms collecting cash;
—— Microwave system
—— Access to service rooms, outdoor enclosures or outdoor technical facilities.
—— Buried fibre detection system
—— The car parks’ emergency exits;
—— Buried leaky co-axial cable
—— The doors to rooms where cash is kept and strong rooms.
The main unit for the intrusion alarm system must be located in the security control
room or in immediate proximity to reception. In all cases, should an alarm be 3.1.3 Luggage / Guest / Colleague Screening
triggered this must be immediately noticeable and make it possible to intervene
right away. This equipment and all of its wiring and cables: At a minimum, it is recommended that floor boxes with power and data are
designed at the Hotel entry foyers. This should also be included where a dedicated
—— Must be totally independent of the fire alarm system and the electromagnetic
luggage screening room is provided, and at other strategic locations to allow for
locking systems
screening equipment to be installed if required in the future. This ensures that
—— May be combined with CCTV cables area not run across the floor making the area unsightly and dangerous.
Various technologies can be used to detect a wide range of contraband such as
narcotics, weapons, and dangerous goods.
3.1.2.2 Windows
—— Photocells
4. Where low light / Day-Night cameras are not used, sufficient external lighting
3. The baggage x-ray machine should ideally be located at the access points of shall be provided to support the CCTV System.
the facility or key buildings within a pedestrian searching area. 5. The security contractor shall be competent and ensure that the requirements
of the cameras, lighting, viewing, recording and remote monitoring are clearly
understood & achievable
4. The Walk-Through Metal Detector (WTMD) should ideally be positioned
adjacent to the x-ray machine, and have the capability to detect hazardous 6. The CCTV System (shall have its own emergency power.
metal objects with high density carried by the person.
7. The system shall meet local laws, international codes & standards.
—— Inform guests that the hotel area is covered by a CCTV system, in accordance
with the applicable legislation.
—— At the hotel entrance, install an LCD-type video monitor in the hall, which
should be visible by all clients entering the building.
3.2.2 Baseline Video Surveillance Specifications
—— Only a single camera should be connected to this monitor, providing a wide-
BASELINE SPECIFICATIONS
angle view of everyone coming in.
1. The video surveillance system will include (a) video cameras, (b) computer
—— Install cameras under secured domes indoors, and in temperature-controlled display screens, (c) network video recorders (NVRs), and (d) relevant cabling to
housings outside. enable live viewing by operators and the automated viewing, recording, and
storage of recorded image data.
2. Reassuring clients
2. The video surveillance system cables linking the system’s separate pieces of
—— The presence of a clearly displayed CCTV system is always a reassuring equipment will be concealed and placed in steel pipes to mitigate the risks of damage
security feature for guests. to cables by inclement environmental conditions, feral animals, and criminals.
3. Checking and monitoring sensitive areas 3. The video surveillance system will be linked to sensor and alarm systems so
that when these systems are activated, cameras automatically focus on the
—— Install a camera with a field of view which covers all of the vehicles and the
areas they cover and network video recorders (NVRs) begin to record at a
guests arriving at the car park entrance.
higher quality level (see the following Sensors and Alarms sections of this part).
—— Install a camera with a field of view which covers clients arriving at the hotel’s 4. External cameras will be encased in tamper resistant housings suitable for the
main access points. environment they are deployed in. These shall be fixed securely to walls to
mitigate the risk of damage.
—— Install a camera which covers areas in which safety risks are identified
5. External cameras will have auto-opening lenses to adjust focus so that images
such as the children’s swimming-pool, fitness centre to allow monitoring
can be clearly viewed and recorded in fluctuating light and dark (lux) levels.
and quick response.
6. All cameras will have colour (rather than black and white) functionality, enable
—— Install a video monitor to be placed on the reception desk or a feed to a
clear viewing and recording in the dark, and have sufficiently high resolution to
mobile terminal to enable the receptionist to monitor and control all of the enable clear viewing and recording of peoples’ identities in all conditions.
site’s cameras easily.
7. Cameras should have the functionality to be remotely operated with pan, tilt,
—— Install a video feed to the manager’s office, displaying all of the hotel’s main and zoom to facilitate the remote viewing and recording of designated areas
entrances and reception. in detail by operators if required. Often, this is not possible, however, due to
prohibitive costs and many cameras tend to be fixed. Nevertheless, all and
4. Identifying people especially fixed cameras should be positioned such that they have overlapping
arcs of view to ensure there are no blind spots.
—— When handed over to the police, recordings stored in accordance with the
conditions authorised by the regulations of the country in question can help 8. Network video recorders (NVRs) should be of high resolution and have time-
lapse functionality.
identify the perpetrators of malicious acts.
9. Network video recorders’ (NVRs) recordings will be stored for a minimum of 30
days before deletion/ recording over.
10. L arge, high resolution screens will be available at premises to facilitate the
effective viewing of multiple camera recordings simultaneously.
3.2.3 Placement of Video Surveillance Cameras 11. Car parks & drop off (indoor and outdoor):
a) Entrances and exits (in some cases there may be requirement to enable
At a minimum, video surveillance cameras shall be positioned to observe vulnerable reading of vehicle license plates and person identification)
spaces/areas to enable the unobtrusive identification of people and their behaviour. b) Pan-Tilt-Zoom (PTZ) and fixed cameras in car parking areas
c) A
t pick-up and drop-off points of (in some cases there may be requirement
Equally, cameras are to be positioned so that their view is not obstructed by
to enable reading of vehicle license plates and person identification)
obstacles. The Hotel will aim to meet the following baseline video surveillance
camera coverage requirements:
12. Service delivery loading and unloading areas
Whilst the Rotakin method is still widely used, it was developed during era of 3.2.5.2 Recording
analogue cameras. Since the introduction of Internet Protocol (IP) cameras, this
method is slightly more difficult to use and so the CCTV industry has focused on The data collected by the video surveillance system is recorded on a digital medium
pixel density in the horizontal dimension (refer to BS EN 62676-4) to achieve the and stored in accordance with the following standards. Hotel’s shall also comply
target operational requirement (Identification, Recognition, Detection, Monitoring, with local legislation requirements. This data must be stored in a dedicated area,
Number Plate Recognition). The term “pixel density” refers to the number of pixels away from the security control centre, this storage area being kept locked, with
representing the object of the operational requirement (ie. the human). access reserved strictly for those persons authorised to this effect. As a baseline,
the following recording standards shall be applied:
For use within a field of view classification system, the minimum shall be:
—— Identification - 120% or 250 pixel/m BASELINE RECORDING REQUIREMENTS
—— Recognition - 50% or 125 pixel/m 1. There shall be a minimum 30 days of recording stored.
—— Detection - 10% or 25 pixel/m
2. Recorded direct to a suitable network storage media. Future expansion of
—— Monitoring - 5% or 12 pixel/m recording shall be allowed for.
—— Number Plate Recognition (NPR) view – 120% or 250 pixel/m 3. Capable of simultaneously streaming multiple video compression standards,
In general, the location of each camera will determine the classification applied, and with a maximum video frame-rate of 30 frames per second (fps).
shall be as follows: 4. Video encoding/compression technology – Capable of transmitting video with
H.264 compression, while also simultaneously transmitting MPEG-4 and/or
—— All Main entrances, exits, main/sub emergency exits (at grade) – Identification.
Motion-JPEG images.
—— Reception desk, lift lobbies, etc. – Recognition.
5. Cameras shall be capable of transmitting various frame-rates, allowing for high
—— All lobbies, internal corridors and general surveillance cameras – Detection. frame-rate live viewing, with comprehensive frame-rate images recorded.
—— Pan-Tilt-Zoon (PTZ) cameras at widest lens angle – Monitoring, or greater. 6. A minimum recording frame rate of 6 frames per second (fps) shall be utilised
—— Vehicles’ entries/exits (for number plate recognition) - NP at a resolution of 4CIF-D1.
10. Depending upon each Hotel, a higher frame rate/resolution shall be utilised for
Where the hotel has a security control room and depending on the level of the specific high-security areas, or as identified by AccorHotels as necessary.
threat, a member of the security staff appointed to view the images recorded by the
11. The video recording solution shall be flexible to allow for Operator adjustment
cameras will be present at all times.
to recording quality, allowing up to 25(PAL) or 30(NTSC) frames per second
recording.
3. The intercom system will be considered part of the Access Control System
(ACS) allowing visitors, and others who do not have ACS cards, to communicate BASELINE RECORDING REQUIREMENTS
with the Security Control Rooms or other locations, an intercom system will be
installed at designated locations such as main access points. 1. The panic alarm system shall be integrated into the SSCR.
2. The panic alarm Graphical User Interface (GUI) shall display the location of the
activated panic alarm.
4. The system shall consist of a master intercom station which will be placed in
the security control room, and handset/slave intercom anticipated to be placed 3. Activated panic alarms shall only be reset from the SSCR GUI.
in the guardhouses and selected offices. 4. The panic alarm system shall be integrated with the CCTV system, so nearest
cameras will be alerted to areas of generated alarms.
5. A full alarm history shall be provided by the panic alarm system.
6. The panic alarm system will shall have ability to incorporate hand held mobile
wireless alarms.
4. Human Action
4.1 Security Management To help them accomplish these tasks, the hotel managers:
—— May involve their security correspondents or the security and safety department;
4.1.1 Security Manager —— May arrange for themselves and their staff to benefit from the training
programmes organised by the AccorHotels Academy;
Key to ensuring that all security countermeasures are implemented and enforced
is having effective security management at the hotel. The Security Manager shall —— May call in outside experts and service providers approved and listed by
ensure that appropriate resources are available to implement and maintain a cost- AccorHotels;
effective security programme. In order to achieve the Security mission, vision, and —— May benefit from access to the group’s security intranet resources and the
objectives with a risk-cost-benefit strategy and programme management tactics, information made available;
the Security operations should be managed and supervised by a designated
—— Are included in the AccorHotels crisis management system.
function that comprises an established structure consisting of a Security
department with designated roles and responsibilities. Accordingly, a Security
department with clearly defined roles & responsibilities should be established. 4.1.1.2 Hotel Security Assessments
4.1.1.1 Responsibilities The hotel managers must perform and submit an annual security assessment for their
establishment. This assessment should enable them to manage and monitor all areas
The hotel managers are responsible for guaranteeing the security of their for improvement and all key benefits of the security system deployed.
establishment, which includes and is not limited to:
It enables the security correspondents and where necessary the security management
—— Assessing the risks of malicious acts;
department to receive alerts and notifications concerning day-to-day management
—— Drawing up a risk prevention plan, if necessary; issues (outside the scope of crisis situations, which are managed based on a special
—— Ensuring that the hotel staff are sufficiently trained; procedure) concerning security and requiring particular support.
—— Handling external relations; An assessment tool shall be used making it possible to quickly and regularly assess
—— Organising the surveillance and monitoring of their staff, with the help of an the extent to which all of the Group’s hotels are suitably equipped and to decide on
outside company if required; the action plan to be implemented.
—— Applying risk prevention procedures and managing incidents as they arise; Each hotel should have an action plan adapted to the risk assessment and updated
—— Ensuring the feedback of any information concerning incidents occurring. periodically depending on the changing nature of the threat.
Around twenty security-related points are included in the quality audit, and these —— Individual rooms
make it possible to assess the extent to which all of the Group’s hotels are
—— Luggage
suitably equipped.
—— Safety & Security Control Room (SSCR) operations
4.1.1.3 Liaison & Key Relationships
Prior to employment, the security personnel, shall be required to undergo a
successful pre-employment background check. Any security personnel whose
The Hotel must continuously track changes in its environment in order to anticipate
duties may require them to operate a motor vehicle shall possess a valid driver’s
risks, to comply with rules and local customs, to be in a position to deal with any
license and have passed a competency test before being allowed to operate Hotel
unexpected events and to benefit from the necessary assistance.
vehicles. It is the responsibility of the Hotel Security Manager to ensure that all
security personnel are provided with the necessary and required training.
The sharing of information with other hotel operators in the region can be
useful when it comes to assessing the nature and status of the threats facing
4.1.2.1 Contracted Security Companies
the establishment.
Contract security guard force companies that are used to supplement manning
The Hotel (Security) Manager should cultivate an ongoing working relationship
requirements for the Hotel shall be properly licensed in accordance with local
with the authorities and public services in the area: Embassy, Consulate, Town Hall,
laws and shall meet all applicable AccorHotels’ contractual requirements. It is the
Police, Fire Brigade, Medical emergencies, Hospital, Ambulances, Electricity, Gas,
responsibility of the Hotel Security Manager to ensure that the contracted guard
etc., in addition to the other hotel operators, not only those of AccorHotels but also
force understand these requirements and adhere to them.
the other hotel chains.
The Hotel Security Manager shall determine the nature and scope of the security —— The service provider’s reputation and know-how. The recruitment tests and
team’s duties in order to provide adequate protection for personnel and physical methods used by the service provider.
assets. Minimum duties of the security team include:
—— Assessing security guards: Morality, behaviour, interpersonal skills, rotation of
—— Access Control security guards, etc.;
—— Perimeter —— Knowledge in fields such as first aid, firefighting, evacuation, familiarity with
the electronic systems used in the hotel: video, anti-intrusion system, fire
—— Building
alarm, etc.;
—— Searches
—— Checks carried out on the security guards by the company;
—— Site-wide
—— Attire – Uniform;
—— Building
—— Maintaining a log;
—— Equipment – radio link; updated as necessary on an annual basis, or as operational changes demand.
Targeted instructions are written for different staff members according to their
—— Compliance of the job with the labour laws applicable in the country
duties which should be drawn up and distributed or displayed in order that
in question;
each person is fully aware of the checks and activities that he or she should be
—— Insurance – Cover and guarantees required of the surveillance company. performing before the event.
—— Using the services of a surveillance company: The Hotel Security Manager shall prepare and maintain comprehensive Policies,
—— The term “surveillance and security” includes “human surveillance” activities Procedures and Instructions in accordance with the threat level of their Hotel
used by the hotel chains when looking to perform site surveillance to avoid location. These will be displayed at each area where security guards are present,
any malicious acts. and in the Safety & Security Control Room (SSCR). These will include at a minimum
the roles and responsibility of the guard force personnel, the daily duties to be
Hotel managers wishing to use the services of security guards under a permanent performed, and actions for dealing with security incidents.
annual contract are advised to initially draw up a schedule of conditions and
specifications and to invite the surveillance and security firms listed and approved 4.1.3.1 Displaying Useful Information
by the AccorHotels’ Purchasing Department to take part in a tender.
The emergency numbers should be known by staff and permanently displayed in a
The AccorHotels’ security department will provide support with the choice and clearly visible manner in appropriate areas (reception, security stations, manager’s
implementation of such a solution, whether temporary or permanent. office, maintenance area).
Clear and concise written documentation is the foundation of smooth security The Hotel will maintain security records for auditing and compliance purposes.
operations; this can come in many forms, but is usually packaged as a set of This will include but not be limited to:
policies and/or procedures. These documents and formulate the mission and vision —— Incidents on site;
of a security program, outlining strategic objectives, while defining operational
guidelines for achieving security goals for the branches: —— Updates to polices or procedures;
Policies are often a short leadership document that are intended to have a —— Updates to Risk ratings;
document life-cycle of approximately 3-5 years, updated along with organisational —— Faults in security equipment.
strategic planning, or long term missions. While minor edits to this document can
be undertaken regularly, the intent of the document is to remain stable.
4.1.4 Operating within the Law
Procedures on the other hand are intended to be a living document, strategically
aligned to the security risk management. This document can be framed in many Security personnel must operate within the law and the limitations placed on their
ways, but is typically an event driven document, outlining the required actions to authority by the law in order to ensure Hotel security guard personnel operate
be taken in the event of a security incident. This document should be reviewed and strictly within the boundaries of the law whilst carrying out their duties.
4.1.4.1 Right to Legitimate Defence The safety and security department can help support the implementation of
targeted training activities.
There may be instances where the use of force is reasonably allowed in self-
defence. The use of force must be justified and the security personnel will be held 4.1.5.2 Drills and Exercises
accountable for his consideration of it. Hotel security personnel must at all times
adhere to the local laws in their personal actions. The Security Manager shall implement drills and exercises annually or as applicable
laws or regulations mandate. These programs enable the Security Manager to
In accordance with local laws only, Hotel security personnel have the right to defend identify any related security deficiencies that may need to be addressed. Annual
themselves, or to defend others but this is strictly only applicable when all elements drills and exercises should be documented to include the date, time, type of
of the local laws are met regarding this. These may include the following conditions: drill and/or exercise conducted, participants, duration, recommendations and
lessons learnt.
—— If the security personnel reasonably believe that he personally faces imminent
danger, or other persons face imminent danger;
4.1.6 Staff Recruitment & Vetting
—— If the security personnel do not have time to contact the Police or other local
authorities to repel the imminent danger;
AccorHotels will conduct the screening and vetting of personnel to a degree equal
—— The security personnel have no other choice of protection and is unable to escape; to, or exceeding, industry standards. Personnel may join the company only after
successful completion of the formal process described in the recruitment and
—— The force used is the minimum necessary to resist an attack.
vetting policy. They are also required to be able to pass those same standards
throughout their service with the company or risk disciplinary action, including
4.1.5 Security Training and Awareness the possibility of dismissal, if ever they fall below the standards set.
4.1.5.1 Training
4.2 Safety & Security Control Room Operations
The hotel staff must be able to handle monitoring and surveillance, to manage
The Safety & Security Control Room (SSCR) is a vital part of the Hotel’s overall
security and to deal with the various foreseeable events, acting appropriately in line
security strategy. The SSCR plays a significant role in ensuring that all guests,
with their duties.
staff, contractors, and visitors are safe whilst working / visiting the Hotel. These
responsibilities include:
Periodical or thematic meetings (i.e.: WATCH, Active Shooting), held each quarter for
example, are organised in order to pass on information and instructions and to hear —— Protection of individuals, including guests, staff, contractors, and visitors.
any comments or suggestions from the parties concerned.
—— Protection of Hotel property and buildings, including building perimeters,
entrances and exits, lobbies and corridors, critical assets.
Special meetings are held whenever the threat level justifies the implementation of
a higher and more stringent level of security measures. —— Patrol of perimeters (internal & external), buildings (internal & external),
critical assets.
SSCR acts as the hub for all Security Activities by monitoring the site live, and Video surveillance monitoring will be conducted in a professional, ethical and
provides the necessary support essential to the daily Security Operations. It acts as cultural manner. Personnel involved in monitoring will be appropriately trained and
the link between Security, Safety, Fire, Police, Civil Defence and all Hotel staff in the supervised in the responsible use of this technology.
case of an emergency.
A Code of Ethical Behaviour is to be developed by the Security Manager, and any
It is the first incident reporting and responding centre for all hotel safety and violations of this may result in disciplinary action consistent with the rules and
security related incidents and emergencies; and may act as the Crisis Management regulations governing Hotel staff.
Centre in case of an emergency.
4.3 Access Control Procedures
It provides command and control support for the Security Manager through the
control of the telephone, radio network, security vehicle movement and key control.
4.3.1 Management of Cards, Keys & Locks
4.2.1 Video Surveillance Monitoring 4.3.1.1 Electronic Access Control System
The Hotel should be subject to continuous surveillance day and night to monitor
When keys, access passes, cards, other proximity devices or biometric data are
both the “security” and “fire safety” aspects:
used to control access, rules for their management need to be defined and strictly
1. Continuous, 24-hour-a-day hotel surveillance: applied. Among other things, these rules include:
a) The surveillance should be handled by a security control room or by —— The procedure for attributing cards and passes in addition to the related rights;
reception staff.
—— The frequency and procedure for drawing up an inventory of the cards and passes;
b) If night surveillance is handled by one person alone, this person should be
—— The procedure to be followed if a card or pass is lost or stolen;
equipped with a system connected to a monitoring centre which provides
warnings and information, and if possible to another neighbouring hotel. —— The storage procedure for non-issued cards and passes;
2. Heightened surveillance at times when the threat is greatest: —— The methods for storing the history files for the access control system and the
correct behaviour to be adopted if any abnormal log entries are detected;
a) At times when a threat is present, the hotel should take additional measures,
using an approved security company. —— Room attendant’s electronic keys must be kept under their care and control at all
times and must not be left on the cart or trolley;
b) The hotel management should make staff aware of the procedures for
reporting and managing incidents. An announcement to clients will also be —— The master electronic key must be kept in a secure place when not in use and a
drawn up. log kept of its use;
c) Staff in contact with guests should be highly vigilant concerning any —— Master electronic keys which can operate the deadbolt or override the privacy
suspicious behaviour or attitudes. feature must be restricted to the General Manager and nominated deputies.
—— All of the keys are stored in a secure location; The management of the “keys” and ongoing checks on bedroom doors should
prevent the risk of theft from the clients’ bedrooms. In order to effectively prevent
—— An initial inventory of the keys is drawn up, including the master keys, with the
any thefts from bedrooms which occur without breaking and entering:
names of their users;
—— The procedure for allocating keys to clients should be scrupulously applied;
—— The presence of all keys, including master keys, is checked against the
initial inventory; —— The security procedures during the cleaning of the bedrooms should be
scrupulously applied;
—— The master key must be kept in a secure plaice when not in use and a log kept of
its use; —— The door surround and door lock provide a high degree of security;
—— Master keys which can operate the deadbolt or override the privacy feature must —— Replacement keys must only be issued to persons registered to that room.
be restricted to the General Manager and nominated deputies. Positive identification must be requested and provided;
—— Guest electronic keys must not be programmed with private guest data that is
4.3.1.3 Magnetic Locks not required for the functioning of the lock.
—— The encoding system for master key cards is stored in a secure location;
The access control measures and video surveillance make it possible to refuse to
—— The key for dismantling the locks is stored in a secure location; open up to certain people but this may not be enough. Turning away clients can
present problems in as far as we must avoid any form of discrimination and in some
—— An initial inventory of the cards is drawn up, including the master key cards, with cases, face aggressive behaviour.
the names of their users;
The presence of all cards, including master key cards, is checked against the initial Staff at reception should act cautiously and should not hesitate to call the manager
inventory. or even the local authorities if necessary.
—— Assign a numbered ticket to each item of luggage, and issue the counterfoil to
its owner.
4.3.2.4 Storerooms —— When the hotel is open to the exterior (a beach or natural environment with
unenclosed grounds), security guards should be deployed, who will observe and
—— Ensure that the room is always closed; identify any suspect behaviour. The staff should be equipped with radios or
other mobile communication equipment adapted to the site layout and
—— Draw up a list of staff authorised to enter the room.
the terrain.
4.3.2.5 Changing Rooms —— When access is directly via the hotel lobby, electronic doors should be used at
times of high tension and above all security guards should be manning these
—— Ensure that the room is always closed; permanently, with the task of identifying any suspect behaviour.
—— If possible, allocate a locker with a padlock to each staff member having access
to the room. 4.3.3.2 Checking Items Left in the Luggage Room
—— Only luggage and personal items identified by reception are allowed in there, to
The Hotel should not admit clients who clearly present a risk of malicious acts or the exclusion of any others.
whose behaviour may disturb other guests. At times of heightened threats, the
hotel should check all clients and staff. In all cases, deliverymen and outside service 4.3.3.3 Checking Staff
providers should be subject to security checks.
—— All access measures for employees must be unique;
When the threat level requires this, and based on the information available
—— Each employee will have a pass showing his identity and photo;
at that time, the Hotel must immediately introduce appropriate additional
security measures. —— At a time of heightened threats: Employees are checked (identity and bags)
when they arrive for and leave work.
This involves the use of an outside company approved in advance by the hotel,
providing surveillance services and security guards. 4.3.3.4 Checking Service Delivery Personnel
4.3.3.1 Guest Security Checks (Heightened Threat Level) —— Before the delivery, the supplier should provide the hotel with:
4.3.3.5 Checking Outside Service Providers There shall be a provision for a back-up communications system in the event of a
major disruption to, or failure of, the primary system.
Any service provider entering the hotel must be accompanied by a member of the
hotel staff, particularly in the technical areas. The security communications system shall be tested on a daily basis and details
of the test shall be recorded in the Daily Report. Any needed repairs shall be
4.3.3.6 Checking Rooms initiated promptly.
—— Surveillance of, and security guards in car parks; Satellite phones must be kept in good operating conditions and tested regularly.
Recommendations on material is issued by corporate safety-security department
—— Outdoor security patrols;
and accessible through intranet website.
—— Security patrols inside the hotel.
4.4.3 Guest room Telephones
4.4 Hotel Telecommunications Systems Telephone calls must not be connected to guest rooms without the hotel employee
verifying with the caller the name of the guest registered to the room. There
4.4.1 Hotel Operations Telephones shall be no ability for external telephones to be able to contact the guest room
telephone directly.
Radio links or other dedicated resources for communication between staff make
it possible to enhance the protection of the establishment and of its employees.
These should always be deployed.
With this in mind, the table from the “APACHE” crisis management manual has It is important the contact details of the Hotel Safety & Security Control Room
been circulated to the managers of all of the group’s hotels. This document (SSCR) are displayed at all times around the Hotel. This should be clearly displayed
should enable them to identify the crisis cell members for their particular unit (the on all notice boards at security gate houses, inside buildings and offices, etc.
designated individuals and their replacements), to deploy the crisis management
system and to help them best manage any crisis situation with which they may find The Safety & Security Control Room (SSCR) will be the primary point of contact
themselves confronted. during incidents that will coordinate the relevant response.
Two versions of the crisis management manual have been produced, one for the Premises should have designated members of staff ‘On-call’ (contactable by
hotels, the other for the head offices. This provides an organisational and training telephone) out of working hours who can respond within half-an-hour of being
guide in crisis management. contacted by Security.
If necessary, under the control of the hotel head office’s crisis coordinator, it is The home telephone and GSM numbers of designated staff should be submitted to the
possible to add any information or instructions deemed useful to ensuring that the security control room with a clear call out flow chart and defined incidents that should
manual is perfectly adapted to local circumstances. warrant this. This needs to be reviewed and updated monthly to ensure accuracy.
—— Prostitution – pimping; The specific measures related to the event will be assessed and implemented as a
result of preparatory meetings with the organisations concerned (town hall, Olympic
—— The arrest of a client;
Committee, UEFA, etc.). In the absence of a dedicated organisational committee,
—— The arrest of a staff member; the safety department may issue recommendations and instructions aimed at
improving security for clients, staff and establishments.
—— Death of a client / staff member;
—— Armed robbery; Staff must undergo specific awareness building exercises or even training when the
event presents a particular risk (the G7 summit or political summits).
—— Serious accident befalling a client;
—— Flood; The Hotel may hire extra-security personnel or provide additional security systems
—— Natural Disaster; (metal detectors, X-ray machines, video surveillance cameras, etc.) in accordance to
compensate technical weaknesses or strengthen access monitoring.
—— Food Safety.
As for major events, the Hotel will work out a clear agenda and identify specific
measures with the security leader of the high profile guests (HPG) to inform
properly its staff.
4.8.1 Guest Awareness For each occupied guest room that has not been serviced, contact must be made
with the guests at least once daily. If no contact is made with the guest, the guest
rooms must be visually checked.
Clients must be informed of the hotel’s preventive security measures but above all
of the precautions which they themselves must take to protect their property and
to guarantee their security. The information can be passed on verbally by staff at
reception and better still by means of a concise brochure with pictures.
This brochure, which is very useful, can be bundled with the fire safety instructions.
It will be more effective if it is handed to the client and explained to him at the same
time as he receives his key, rather than being left in the bedroom.
—— The use of safes; Information must be provided in the Guest Directory advising
guests of the availability of safety deposit boxes.
Guest room numbers must not be announced or printed on the outside key packet/
envelope or on electronic keys.
WESTERN EUROPE EASTERN EUROPE NORTH AMERICA SOUTH AMERICA MIDDLE EAST & AFRICA ASIA PACIFIC
SECURITY • CPNI - Integrated • Federal Law of 6 • U.S. General Services • Abu Dhabi Urban • ANZCTC -
PRINCIPLES AND Security; A Public March 2006. № 35-FZ Administration Public Planning Council Australia’s Strategy
PLANNING Realm Design Guide “On Combating Buildings Service Safety and Security for Protecting
for Hostile Vehicle Terrorism”. - The Site Security Planning Manual Crowded Places from
Mitigation - Second Design Guide-2007 (SSPM) v1 2013 Terrorism-2017
Edition-2014 • FEMA 430 - Site and • ANZCTC - Hostile
• NaCTSO - Crowded Urban Design for Vehicle Guidelines For
Places Guidance Security-2007 Crowded Places-2017
v1-2017 • Federal Emergency • Guidelines
• RIBA guidance Management Agency for Enhancing
on designing for (FEMA) 426: reference Building Security in
counterterrorism-2010 manual to mitigate Singapore-2018
• Home Office potential terrorist
Protecting Crowded attacks against
Places: Design and buildings
Technical Issues-2014
WESTERN EUROPE EASTERN EUROPE NORTH AMERICA SOUTH AMERICA MIDDLE EAST & AFRICA ASIA PACIFIC
WESTERN EUROPE EASTERN EUROPE NORTH AMERICA SOUTH AMERICA MIDDLE EAST & AFRICA ASIA PACIFIC
VIDEO • BS EN 50132-7: 2012 • GOST R 51558-2008 • UFC 4-021-02NF • Abu Dhabi MCC • AS 4806:2008 –
SURVEILLANCE CCTV Surveillance “equipment and Security Engineering Video Surveillance CCTV suite, which
Systems for Use in systems television. Electronic Security Systems Standards includes
Security Applications General technical Systems, with Change 1 V5.0 – 2017 – AS 4806.1:2006
• BS 7958 – Code requirements and test • Dubai SIRA Law 12 – Closed circuit
of Practice for the methods”. • Qatar Law 9 television
Management and • P 78.36.002-99 / • Kuwait Ministry (CCTV)-Management
Operation of CCTV GUVO the Russian of Interior Security – AS 4806.2:2006
• BS 8495 – Code of Interior Ministry, System General – Closed circuit
television (CCTV)-
Practice for Digital “Selection and use Dept. CCTV
Application guidelines
CCTV recording of television video Security Cameras
– AS 4806.3:2006
systems for the control systems” Requirements for the
– Closed circuit
purpose of image Recommendations Critical infrastructures television (CCTV)-PAL
export to be used as • KSA Ministry signal timings
evidence. of Interior CCTV – AS 4806.4:2008
Security Cameras – Closed circuit
Requirements television (CCTV)-
Remote video
WESTERN EUROPE EASTERN EUROPE NORTH AMERICA SOUTH AMERICA MIDDLE EAST & AFRICA ASIA PACIFIC
WESTERN EUROPE EASTERN EUROPE NORTH AMERICA SOUTH AMERICA MIDDLE EAST & AFRICA ASIA PACIFIC
WESTERN EUROPE EASTERN EUROPE NORTH AMERICA SOUTH AMERICA MIDDLE EAST & AFRICA ASIA PACIFIC
WESTERN EUROPE EASTERN EUROPE NORTH AMERICA SOUTH AMERICA MIDDLE EAST & AFRICA ASIA PACIFIC
WESTERN EUROPE EASTERN EUROPE NORTH AMERICA SOUTH AMERICA MIDDLE EAST & AFRICA ASIA PACIFIC