- Identify assets to determine their value loss impact and criticality.
- Assess the nature of the threats so that the scope of the problem can be determined.
- Conduct a physical security survey in order to identify the vulnerabilities of the organization.
- Perform a risk analysis so that appropriate countermeasures can be developed.