Royal Canadian Mounted Police
Symbol of the Government of Canada

Common menu bar links

G1-026 Guide to the Application of Physical Security Zones

Physical Security Guide
Lead Agency Publication   G1-026

Issued: September 2005

Table of Contents

 

1.  Introduction

1.1   Purpose and Scope

The physical environments of facilities can be designed and managed in order to reduce the risk of unwanted events. Zoning is one component of physical security designed to reduce such risk. It should not be considered as a means that will eliminate risk, nor should it be considered as the only method to address risk. Instead, it should be viewed as an integral component of the overall risk management strategy.

This document provides information to assist departments in the application of the Government Security Policy (GSP) and the Operational Security Standard on Physical Security (OSSPS) as they relate to zoning.

1.2   Roles and Responsibilities

The Government Security Policy (Section 10.8 - Access Limitations) stipulates that “departments must limit access to classified and protected information and other assets to those individuals who have a need to know the information and who have the appropriate security screening level”.

The Operational Security Standard on Physical Security (Section 6.2 - Hierarchy of Zones) states that “departments must ensure that access to and safeguards for protected and classified assets are based on a clearly discernable hierarchy of zones”.

This guide should be reviewed in conjunction with the Threat and Risk Assessment (TRA) in order to develop an effective zoning strategy for each facility.

Departments are responsible for the implementation of this guideline and can contact the RCMP Technical Security Branch (the lead agency) to obtain safeguards above baseline threats based on a TRA. The RCMP is responsible for the development, approval and issuance of this guide and for advising on its application.

2.  Zoning

2.1  Design Strategy

Zones, when appropriately integrated, should contribute to the overall security environment of a facility. The security environment may be defined as those physical and psychological measures that contribute to a reduction in criminal activity and the fear of crime. Zoning should promote a sense of ownership or territorial reinforcement, provide opportunities for natural surveillance and establish a clearly defined sequence of boundaries through which a visitor or departmental employee may or may not pass.

Before a person proceeds from one zone to another, they should perceive the zoning boundary (implied or actual) and understand the rules / limitations associated with crossing it. The departmental functional space requirements must also be taken into consideration when establishing zoning boundaries.

Zoning should not be implemented by simply adhering to the prescribed technical requirements for zones (refer to Section 3.4 for baseline zone requirements), or by integrating zones into the plan based solely on functional space requirements. Security measures that are excessive, inappropriate or that have not taken into account a department’s functional space requirements will eventually be bypassed and become ineffective. Any incentive for unauthorized personnel to cross zoning boundaries (i.e., washrooms, cafeteria, etc.) should be removed.

2.2  Need-to-Know

A fundamental requirement of the Government Security Policy is to limit access to sensitive information to those whose duties require such access; that is, to those who need-to-know the information.

A significant threat to a department’s assets comes from insiders, i.e., those who have authorized access. Limiting the areas where personnel are authorized or able to access will reduce the opportunistic threat that these people pose.

While personnel screening levels may grant access to certain levels of sensitive information, application of the need-to-know principle restricts access within those levels to specific items, topics or types of sensitive information. Personnel are not entitled to access merely because it would be convenient for them to know or because of status, rank, office or level of clearance.

An effective way of implementing / maintaining the need-to-know principle consists of segregating and controlling access to the sensitive assets through the effective use of zones.

2.3  Zone Selection

In order to determine the appropriate zone(s) for the processing, storage or destruction of sensitive assets, it is first necessary to establish the minimum baseline requirements. The Operational Security Standard on Physical Security assigns zones based solely on the confidentiality of the asset and corresponding injury that would result from its unauthorized disclosure, destruction, removal, modification, interruption or use. The zone selection made at this point is the baseline minimum requirement.

Zone Selection
Sensitivity of information
(see Note 1)
Injury level
(see Note 2)
Baseline threat
(see Operational Security Standard on Physical Security, Section 5)
Enhanced threat
Protected A Limited injury Operations Zone

Operations Zone
Protected B Serious Operations Zone

 

A TRA must be completed to determine the safeguards
Protected C Extremely serious Security Zone
Confidential Injury Operations Zone
Secret Serious Security Zone
Top Secret Exceptionally grave Security Zone

NOTES:

  1. Consult with the RCMP for storage requirements of assets other than information having high integrity and availability requirements.
  2. The “Operational Standard on Identification of Assets” requires that injury assessment levels be assigned for the integrity, availability and value of the asset. Refer to the standard for definitions of the various injury levels. It may be necessary to increase the zone requirement if the assigned injury level is greater than the level established for confidentiality.

2.4  Baseline Zone Requirements

2.4.1  Fundamental zone types

The Operational Security Standard on Physical Security identifies five fundamental zone types as well as the baseline security requirements for each. The following charts summarize those baseline requirements.

Public Zone
Definition “Where the public has unimpeded access and generally surrounds or forms part of a government facility”.
Examples “The grounds surrounding a building or public corridors and elevator lobbies in multiple occupancy buildings”.
Perimeter Refer to Operational Security Standard on Physical Security, Section 7.37.
* Monitoring N/A

* Monitoring - to watch for or detect a breach of security.

 

Reception Zone
Definition “Where the transition from a public zone to a restricted-access area is demarcated and controlled”.
Examples “Typically located at the entry to the facility where initial contact between visitors and the department occurs; this can include such spaces as places where services are provided and information is exchanged. Access by visitors may be limited to specific times of the day or for specific reasons”.
Perimeter May be delineated by signage, perimeter may vary depending on the time of day.
Monitoring The extent of monitoring will vary depending on the time of day or as indicated by the TRA.

 

Operations Zone
Definition “An area where access is limited to personnel who work there and to properly escorted visitors”.
Examples Typical open office area.
Perimeter “Must be indicated by a recognizable perimeter” or a secure perimeter as indicated by the TRA.
Monitoring * Monitored periodically.

* Monitored periodically - to confirm on a regular basis that there has not been a breach of security. The frequency and diligence of monitoring is based on the recommendations of a Threat and Risk Assessment. Examples include a guard patrol or employees working at the location.

 

Security Zone
Definition “An area to which access is limited to authorized personnel and to authorized and properly escorted visitors”.
Examples “An area where secret information is processed or stored”.
Perimeter “Must be indicated by a recognizable perimeter or a secure perimeter as indicated by the TRA”.
Monitoring Monitored continuously **, i.e., 24 hours a day and 7 days a week.

** Monitored continuously - to confirm on a continuous basis that there has not been a breach of security. Examples include electronic intrusion detection systems or someone guarding a particular point on a constant basis.

 

High Security Zone
Definition “An area where access is limited to authorized, appropriately screened personnel and authorized and properly escorted visitors”.
Examples “An area where high-value assets are handled by selected personnel”.
Perimeter “Must be indicated by a perimeter built to the specifications recommended in the TRA”.
Monitoring “Monitored continuously **, i.e., 24 hours a day and 7 days a week and where details of access are recorded and audited”.

** Monitored continuously - to confirm on a continuous basis that there has not been a breach of security. Examples include electronic intrusion detection systems or someone guarding a particular point on a constant basis.

 

The forgoing definitions do not preclude the establishment of a temporary restricted zone either inside or outside a controlled area. For example, a temporary security zone could be established around a seized vessel or truck under continuous guard. It could also be a desk in an open office area that normally functions as an Operations Zone, as long as the person processing sensitive information and assets in that area controls access to the asset on a need to know basis.

The first two zones (Public, Reception) establish access conditions for the three restricted zones (Operations, Security, High Security).

The minimum requirement stipulates that access be controlled in Operations Zones and higher. Since no two facilities are identical, the locations where Operations Zones begin will also be different from one facility to another. The following examples, however, illustrate some generic facility types.

2.4.2  Example 1

Site Plan

Floor Plan

The building in this example is a single-purpose government building on government land. The Public Zone consists of the grounds around the building. Although departments may wish to monitor this area, there is no requirement to control access. A Reception Zone is located at the front entry. Within this zone there is a means for the public to make initial contact and exchange information. This may happen at a reception desk, where there will be personnel present to monitor the space. Entry beyond the Reception Zone is required to be restricted to those who have a need to access. There should be a recognizable perimeter such as a doorway or an arrangement of furniture which clearly demarcates the entrance to the restricted access area. Access should be controlled from this point on. Access should also be controlled at every other point which enters into an Operations or Security Zone.

2.4.3  Example 2

Building Section

Upper Level Floor Plan

The building in this example is a multi-storey building in which the government is a tenant on one or more floors. The Public Zone includes the main floor lobby as well as the elevator and corridors on each floor. There is a Reception Zone located adjacent to the Public Zone on one side of the floor. The remaining office areas are Operations Zones.

Control of access is required at all entry points into the Operations Zones. In this example it is possible to enter an Operations Zone from either a Reception Zone or a Public Zone (the corridor). Departments should make it clear to any visitors that entry into an Operations Zone is for authorized personnel only. Typically this is done with signage which should also direct the individual to the location of the Reception Zone.

In addition to meeting this minimum requirement, departments may wish to establish additional levels of restricted-access areas in order to further limit access within a facility. The requirement for Security or High Security Zones within a facility will depend upon the levels of information handled, as well as the specific threats to the department’s assets.

Zones should be implemented in a progressively restrictive manner, proceeding from the least restrictive (Public) to the highest zone required, so that sequential entry points must be passed through.

2.4.4  Example 3

An entry point is a design feature that channels traffic in such a way that effective control of access is possible at that point. Entry points between zones should be clearly identifiable. The boundary of the zone cannot permit access except at an entry point. The floor plan below illustrates the relationship between zones.

Ground Floor Plan

Different means of controlling access may be appropriate depending on the zone accessed by the entry point. For example, a personal recognition system might be acceptable at an entry to an Operations Zone; however, a biometric system might be selected when entering a High Security Zone. In addition, there should be a corresponding level of personnel security screening and physical barriers to support the access control measures.

3.  Frequently Asked Questions

Can a zone of a given type be skipped?

Typically, zones should not be skipped. They should instead be implemented in a progressively restrictive manner, proceeding from the least restrictive (Public Zone) to the highest zone required.

However, reality dictates that there are instances where it is difficult or impractical to implement the full range of zones. In these limited cases, a single zone can be skipped, provided that the security measures of that zone are compensated for in the subsequent zone.

Can Secret information be stored in an Operations Zone?

As a minimum, the Operational Security Standard on Physical Security (Appendix B) requires that Secret information be stored in an approved container (see RCMP Security Equipment Guide) within a Security Zone.

In limited circumstances, consideration may be given to permitting the storage of small amounts of Secret information within an Operations Zone provided the proposed compensatory measures are submitted to the RCMP for review / recommendation.

Can the zone designation of an area vary, depending on the time of day / evening?

It is possible that the zone designation could change once the office area is locked up during non-work, non-business, limited access hours or time periods outside of normal business hours. This will depend on the type of security measures (locked doors, monitoring) that are implemented when the area is closed up during the evening and who (security guards, cleaning personnel) is granted access.

4.  Advice and Guidance

Advice and assistance regarding this guide or concerning site-specific issues related to zoning that are not covered herein, contact:

Client Services, Technical Security Branch
Royal Canadian Mounted Police
1426 St. Joseph Boulevard
Ottawa, Ontario  K1A 0R2

E-mail: TSB-ClientServices@rcmp-grc.gc.ca

5.  References

6.  Conclusion

This document presents an overview of the application of physical security zones that is intended to provide guidance to departments by describing the range of options on how to meet the minimum zoning requirements. Departments should frequently re-evaluate how they are meeting these requirements in conjunction with their ongoing evaluation of the threats and risks.


To read Adobe Acrobat (PDF) files, you may need to download and install the free Adobe Reader available from Adobe Systems Incorporated.