Integrated Physical Security
Design & Engineering
Security isn’t an afterthought—it’s built into the design from the very first sketch, enhancing the architecture of the property. We operate as a dedicated discipline of the project team, staying involved from initial concept through commissioning, construction administration, and the post‑occupancy performance review.
Security that is designed in has a fundamentally different character
Retrofitted security is expensive, visually disruptive, operationally compromised, and almost always less effective than security that was considered from the outset. The difference is not marginal — it is structural.
We work directly alongside architects, structural and MEP engineers, landscape designers, and facilities managers — contributing at every design stage, coordinating across disciplines, and ensuring that protection measures are resolved within the building rather than appended to it. Security is a named line on the consultant schedule, not an afterthought.
Capital projects in this space routinely span one to five years. We provide continuity of expertise and institutional knowledge across the full lifecycle — so that the security decisions made in the final year of a project are made with full awareness of what was decided at the start of briefing.
"Security design is not a specialist overlay applied at the end of the architectural process. It is a design discipline in its own right — one that must be present at the table from the moment the brief is written."
Scope of Service
The scope below covers everything from the site perimeter to the security operations room. Each discipline is designed in relation to the others as a seamless, unified solution.
Hostile vehicle mitigation and blast engineering are engaged on a case-by-case basis where the threat profile warrants specialist structural input. See dedicated service pages.
Access Management System
Design of the complete access control hierarchy — from site perimeter, Vehicular & Pedestrian entry/ exits points through to floor access and in some cases room-level access management. Credential technologies, system architecture, and management software are specified in full coordination with fire escape, disability access, and visitor management requirements.
Video Surveillance System
Coverage design driven by threat-informed surveillance objectives — specifying CCTV camera types, fields of view, mounting positions, and recording infrastructure to meet operational and evidentiary standards. Fully coordinated with architectural finishes, lighting design, and network infrastructure to eliminate late-stage conflicts.
Intruder Detection & Alarm Systems
Detection layer design covering perimeter, internal, and asset-level intrusion — specifying sensor technologies, zone logic, and alarm management protocols. Designed for proportionality to the risk profile, minimised false alarm rates, and full integration with access control and response procedures.
Security Lighting & Landscape Integration
Security lighting developed as part of the architectural lighting scheme from the start — not as a separate afterthought. We work with landscape architects and lighting designers to embed illumination levels, CPTED principles, natural surveillance, and sightlines into the external environment design at the earliest stages.
Command & Control / Security Operations Centre
Design of the physical and technical infrastructure for security operations — from single-operator monitoring positions to full Security Operations Centre facilities. Covering spatial layout, ergonomics, technology integration, resilience, and communications, designed to support the specific operational model the security function requires.
Systems Integration & Open Architecture
All systems are specified on an open architecture basis — ensuring interoperability between various heteroginious systems, and avoiding proprietary lock-in that limits future flexibility. Integration design accounts for current requirements and the building's anticipated operational evolution over its full lifecycle (future scalability).
How we work within the project team
We become an active part of the project team, participating in design reviews, producing coordinated drawings, and taking full ownership of the security discipline from the initial brief through to final handover.
Design Team Integration
We attend design team meetings, contribute to design reviews at every RIBA stages, and maintain a formal security design register throughout the project. Our drawings and specifications are issued through the project document management system alongside all other disciplines.
Coordinated Drawing Production
We develop security‑system layouts, equipment schedules, single‑line diagrams, power budgets, and structural‑penetration details in close collaboration with the architectural, structural, MEP, and IT teams. By coordinating these documents early, we catch and resolve conflicts before construction begins, eliminating the expensive change orders that typically result from isolated design workflows.
RFP Preperation & Tendering Assistance
At ARRC we prepare request‑for‑proposals (RFPs) with our own, continuously‑refined proprietary methodology.
Each RFP is structured into four clear modules: Business Requirements, Functional Requirements, Technical Requirements and Bill of Quantities (BOQ) with cost estimates.
All specifications are written to be vendor‑neutral and based on an open‑architecture framework, so the client can freely choose, maintain, upgrade, or switch suppliers after the project reaches practical completion.
Our tendering and procurement support includes: Pre‑qualifying potential vendors to ensure they meet the baseline criteria; Conducting a technical evaluation of all submitted bids and Compiling a concise bid‑summary report that equips the client with the insight needed to make an informed award decision..
Construction Administration
Regular site attendance during installation, review of contractor
shop drawings and submittals, RFI responses, and variation assessment
— ensuring the installed works reflect the design intent.
We witness and sign off commissioning tests, review as-built documentation,
and confirm system performance before handover to the client.
Brownfield & Operational Projects
Occupied Environments
We have extensive experience managing security upgrades in live operational buildings — where construction phasing, temporary security measures, and operational continuity must be managed simultaneously with design and installation works.
Legacy System Integration
Many brownfield engagements require new systems to interface with existing infrastructure. We assess legacy systems independently — specifying replacement, upgrade, or integration on the basis of performance and lifecycle cost, not vendor preference or installed-base inertia.
Phased Delivery
Where budget or operational constraints require phased implementation, we design the full end-state first — ensuring each phase is a coherent step toward a defined outcome, rather than a series of disconnected additions that collectively never reach an integrated system.
Long-Tenure Continuity
Capital projects routinely span multiple years. We maintain institutional knowledge of the project's security design intent throughout — so that decisions made late in the programme are made with full awareness of what was established at the outset of briefing.
Design Deliverables
A structured set of outputs, issued progressively across the project stages and formatted to meet the requirements of the design team, contractor, and client.
Security Design Brief
A risk-informed security requirements document establishing the performance criteria against which all subsequent design decisions are made and evaluated. Produced at RIBA Stage 1.
Concept & Developed Design Drawings
Security zoning plans, system concept layouts, and coordinated developed design drawings — issued progressively at Stages 2 and 3 in full coordination with the wider design team.
Technical Specification & Equipment Schedule
Full performance and prescriptive specifications for all security systems, with equipment schedules, cable schedules, and installation requirements — suitable for inclusion in the contract tender package.
Tender Documents & Evaluation Support
Procurement documents, technical evaluation criteria, and clarification support during the tendering process — ensuring contractor selection is based on demonstrated capability, not lowest cost.
Construction Review & CA Records
Site inspection reports, shop drawing review records, RFI responses, and variation assessments — maintained as a formal Construction Administration (CA) record throughout the build programme.
Commissioning Certificate & As-Built Review
Witnessed commissioning test records and a formal certificate of practical completion — confirming installed systems meet the design specification and are fit for operational handover.
Red Team Assessment & Post-Occupancy Security Review
After a building is occupied, the only reliable way to know whether its security performs as designed is to test it adversarially — under conditions that simulate how an actual attacker would approach the site. That is what a red team assessment does, and it is a service we offer as a natural continuation of our design engagement.
A note on discretion
All red team engagements are conducted under explicit written authorisation from senior client leadership. Scope boundaries, escalation protocols, and out-of-scope limitations are agreed in writing before any testing begins.
Findings are classified and handled in accordance with the client's information security requirements. We do not publish, reference, or disclose the outcomes of red team engagements without explicit written consent. No two reports are alike, and no report leaves our hands without the client's approval of its classification and distribution.
Adversarial Simulation
Structured physical penetration testing in which our practitioners attempt to access restricted areas, bypass access controls, defeat detection systems, and exploit procedural vulnerabilities — using the methods, resources, and tradecraft available to a credible threat actor. All test scenarios are grounded in the specific threat profile established during the original TVRA, not generic attack patterns.
Penetration Scenario Library
Scenarios are designed for each engagement — typically covering tailgating and piggybacking, social engineering and pretext access, perimeter and vehicle barrier circumvention, CCTV blind spot exploitation, detection system response time testing, and guard force response evaluation. Each scenario is rated by threat realism, required skill level, and potential consequence if successful.
Design Intent Gap Analysis
Red team findings are mapped directly against the original security design — identifying precisely where the built outcome diverged from design intent, where operational practices have undermined technical controls over time, and where the threat environment has evolved beyond the risk assumptions that informed the original brief.
Periodic Re-Audit Programme
For ongoing operational environments, we design structured re-audit programmes — typically at 12 to 24 month intervals — to ensure the security posture keeps pace with changes in the threat landscape, the operational model, occupancy patterns, and the physical estate. Security degradation between audits is a predictable and manageable risk, not an inevitable one.
Classified Findings Report
A classified findings report documenting every tested scenario — successful and unsuccessful — with a full account of the method used, time taken, vulnerabilities exploited, and the root cause of each finding. Accompanied by a prioritised remediation plan with indicative cost ranges and implementation complexity ratings, structured for presentation to board level if required.
Security Team Debrief & Development
A structured debrief with the security operations team reviewing test scenarios, discussing detection and response performance, and identifying specific training and procedural improvements. Delivered in a constructive format that builds operational capability rather than simply cataloguing failure — the goal is a security team that performs better after the exercise, not one that has simply been found wanting.
Project Experience
Our security design practice spans the full range of the built environment — greenfield and brownfield, simple and highly complex, across multiple geographies.
Security risk and design complexity vary significantly by sector. We bring specific experience to each project type — not a single methodology applied uniformly regardless of context.
Commercial & Mixed-Use Campuses
Critical Infrastructure
Facilities of National importance
Hospitality, Education campuses and Holy Places
Manufacturing Industries & Warehousing
Gated townships and Condominiums
Hotels, Malls, Stadiums and Places of large gatherings
Banks and Data Centres
Bring security into the design conversation early
Whether your project is at feasibility, in design development, under construction, or already occupied and in need of review — the right time to engage an independent security designer is now.
Initial conversations are obligation-free. We will discuss your project's current stage, what security design input would deliver most value, and what that engagement would involve — before any commitment is made.