LUL - 5-461
The Overarching Security Standard
|Publication Date:||1 April 2004|
This Standard applies to
All Company assets, including those held on behalf of third parties. Assets shall include Premises, installations, mobiles (e.g. trains and vehicles), materials, cash and value stock, Information and Communication Systems, knowledge, intellectual property, information, data, documentation and archives.
The Company's activities including all processes and procedures required to deliver train and station services and to provide supporting and corporate functions.
All persons representing LU or working on its behalf with directors, managers and staff of outside parties, contractors, suppliers and agents.
All persons interfacing with LU and its operations such as customers, neighbours, tenants and the public.
Security threats arising from both internal and external sources are to be considered.
This Standard shall be enforceable from the date shown on the title page.
Separate standards (as listed in 6.1.1 and 6.1.2 below) to detail the requirements for security provisions in accordance with this standard, and legal obligation or industry regulation, are required for:
Customer Services, setting out the requirement to be achieved for the provision of actual and perceived security for customers.
Information Systems, including non-operational communications, to include contingencies for disaster recovery.
Information including all business information, the control of Engineering information and the retention of security information and records. This should include security classifications of data and obligations under the Freedom of Information Act and any related legislation.
Operations, dealing with all physical and procedural security on operating sites, including the interface with InfraCos and the security of personnel. They include the on-site handling of cash, stock and other valuables. In addition to these operating standards there are a number of guidance statements including those for the management of security equipment and of incidents on the operating railway, both at the network and local levels.
The handling and management of cash or cash equivalent and treasury operations including the services provided by third parties.
Non-operating sites, including office accommodation.
Engineering assets including the physical requirements for items such as fencing, construction of secure buildings and storage, lighting, CCTV, access control, communications, power etc.
London Underground's Security Policy was introduced to acknowledge the Board's commitment to "manage effectively the security of its customers, personnel, assets and information".
The purpose of this Standard is to set out the framework of standards, processes and responsibilities by which the Company ensures that it has an appropriate and consistent approach to the security of all its assets, activities and people who may be affected by its activities.
To this end, security plans help to mitigate the threat through the use of processes or physical installations, whilst security responses are the deliberate actions taken to deal with the outcome of a threat when it has been realised.