Base Building Security/Annex D

< Base Building Security
Revision as of 15:28, 9 June 2020 by Genevieve.brunet (talk | contribs) (Creation of Base Building Security Standard - Building Categorization)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Annex D to the Base Building Security Standard

Building Categorization

The concept of categorization of buildings will assist in the threat and risk assessment (TRA) process, and other activities involved in base building security operations. It is one of the tools promoting standardization of the Base Building Security Program as it contributes to reducing and delineating costs associated with security measures in real property assets and infrastructure. The levels defined below do not denote activities that are funded by PSPC, but are used to help define the risk of certain occupancies.

The following describe how buildings are categorized:

Level One - High Security Posture: National security and law enforcement facilities where the tenant departments and agencies assume responsibilities for base building security. The Property and Facility Management (PFM) service line provides advice and guidance on site selection and design. It should be a single-occupancy building.

Parliamentary Precinct offices and their support facilities are considered Level One - High Security Posture, because of their symbolic value to the nation, and the Property and Facility Management service line provides base building security for them as they are part of Public Services and Procurement Canada. The exceptions within the Parliamentary Precinct are the Centre, West and East Blocks where Parliamentary Protection Service (PPS) provides all of the security, including base building security.

Level Two - Medium Security Posture: National headquarters facility for departments and agencies with defined exterior perimeter and reception area covered by integrated security controls.

Level Three - Basic Security Posture: General offices with basic base building security to ensure a level of protection from criminal activity outside the building and in the public areas, as well as to ensure no unlawful access the building.

Level Four - Federally-Controlled Critical Infrastructure: Other buildings requiring a range of specific security controls, such as those for heating plants, dams, bridges and warehouses which are departmental assets under its custodial care. This also includes data storage centres managed by Shared Services Canada.

Note: Security provisions are required during any construction, renovation or refit to ensure that the security posture is maintained.

Table 1 Categorization of buildings and security regimes and building attributes

The concept of categorization of buildings is one of the tools promoting standardization of the Base Building Security Program, as it will contribute to reducing and delineating costs associated with security measures in real property.


Table categorizing the four levels of base building security with examples and identifying the tenants security responsibilities
Levels Examples of key building attributes Tenants' requirements
Level One - High Security Posture Types of organizations*:
  • National security and law enforcement facilities
  • Parliamentary affairs (Parliamentary Precinct)
  • National security and/or intelligence organizations, or those organizations with significant information holdings impacting the national interest
  • Tenants whose operations may impact the security of other departments or organizations
  • Departments housing certain critical services or assets (such as server farms, etc.)

*As determined by a threat and risk assessment

Threat and risk assessments and security design briefs will provide recommendations that may include, but are not limited to, the following:
  • Special care in site selection so that these organizations are not co-located next to or near to tenants who themselves have a high security risk profile (e.g. banks, Royal Canadian Mounted Police (RCMP)).
  • A physically-defined perimeter large enough to provide appropriate standoff space, controlled entrances and parking areas. May also require standoff space from neighbouring buildings in order to protect from electronic penetration.
  • Regional offices open to the public may require the same security provisions as the main office.
  • Smaller regional offices with limited visitor access in multi-tenant buildings may require specialized security provisions, in particular protection against electronic penetration.
  • 18
  • Increased security screening for employees at various levels at various hours.
  • Security controls to provide safety for staff offices, by means of controlled access for visitors and others on official business, as well as at loading docks and rooftop access points.
  • The application of ballistic- and bombproof structural capability, as well as reinforced entrance doors.
  • High-level access controls and high-level security controls built into support-facility design.
  • Ability for security posture to be heightened in periods of increased threat.
  • Enhanced security screening for all privately-owned amenity spaces within the facility.
  • The PFM service line provides advice and guidance on planning, site selection, and design for national security and law enforcement facilities.
  • Tenant may require ongoing integrated operational support from the PFM service line, or may provide its own security.
  • Tenant may require PSPC staff and contractors to have enhanced security screening after commissioning.
Level Two - Medium Security Posture Types of organizations:
  • A departmental headquarters housing ministers / deputy ministers
  • An organization whose mandate and activates may impact the application of Base Building Security
  • An organization whose national threat assessment will impact the application of Base Building Security
Threat and risk assessments and security design briefs will provide recommendations that may include but are not limited to the following:
  • May be located in a multi-tenant building which is largely government that may have some integration of private business Access controls by means of integrating electronic devices, such as alarms and CCTV, with locks and doors.
  • Continuous security monitoring 24/7 of access controls, and adequate response time to security incidents.
  • Support from a guard force controlled by base building, with post orders (written documents that outline duties, responsibilities and expectations of guards) delineating base building and tenant responsibilities.
  • May require clearly defined lead tenant roles and responsibilities.
  • Appropriate plans and arrangements to increase security of the whole facility under the control of the lead tenant and PSPC or third parity provider.
  • May require screening of private businesses, and restriction of access during times of heightened security.
  • After-hours access may be limited to authorized personnel.
  • Parking may be controlled by the lead facility tenant.
  • Clearly-defined reception zones.
  • Ability for security posture to be heightened in periods of increased threat.
  • Parking elevators should open into a reception zone in the ground floor elevator lobby.
  • May require security screening at a level corresponding to the security level of information and assets in the building.
  • All employees that work in privately-owned amenity spaces within the secure perimeter may be required to have security status of reliability at a minimum.

Example: Terrasses de la Chaudière and Place du Portage

Level Three – Basic

Security Posture

Types of organizations:
  • General offices space in Crown owned or leased space.
Threat and risk assessments and security design briefs will provide recommendations that may include but are not limited to the following:

General office space:

  • Defined zones, with base building security centre of expertise providing advice and guidance for the public and reception areas, in co-operation with the tenant’s security requirements.
  • Ensure that access controls for the tenants’ space are supported by a guard force so that there is 24/7 continuous monitoring, and there is an adequate response time to security incidents.
  • Security screening at the appropriate level corresponding to the security level of information and assets in the building.
  • Escorted maintenance personnel.
  • Ability for security posture to be heightened in periods of increased threat.
  • May require a Building Security Committee, and security incidents should be reported to National Base Building Security Centre of Expertise.
  • Parking elevators should open into a reception zone in the ground floor elevator lobby.
  • The base building security objective is to ensure protection from criminal activity outside the building and in the public areas, as well as to ensure there is no unauthorized access to the building.
  • Planning, design and site selection must include base building security requirements.
  • Leases and occupancy agreements must include all necessary security provisions.
  • If the tenant’s mandate and activities require additional security controls, these are implemented in the planning and design phase, or when there are changes in the security requirements.

Example: Constitution Square

Level Four -

Federally-Controlled Critical Infrastructure

Types of facilities:
  • Heating plants, dams, bridges and warehouses (assets under PSPC custodial care).
  • Data storage centres managed by Shared Services Canada.
When produced for federally-controlled critical infrastructure facilities, threat and risk assessments must be written using an all-hazard approach, and with the understanding that each type of facility requires specific security controls. They may include but are not limited to the following:
  • Ability for security posture to be heightened in periods of increased threat.

These are critical infrastructure facilities where function, locality and the national threat assessment will impact on the department’s security posture for each type of facility.



Main BBSS page
Français