Frequently Asked Questions

Below our team have collated various questions often asked by users of the SABRE scheme. Use the tabs to see if your question has already been answered.

Still Have Questions?

Please contact us at sabre@bre.co.uk and we will do our best to resolve your query.

General

New Facilities

In-Use Facilities

General

How much does it cost?

Licensed Companies determine their fees for SABRE assessment services and these will normally be quoted as a fixed sum or time based charge. The Licensed Companies quote should also itemise the BRE Global charges for facility registration and QA audits. These are fixed fees and are detailed in FS084.

Who conducts the SABRE assessment?

Assessments are completed on behalf of Licensed Companies by SABRE Registered Assessors. A complete list of SABRE Registered Assessors can be found at www.redbooklive.com.

What is a SABRE Registered Professional?

Certain activities that contribute to security risk management require the involvement of competent persons. A ‘competent person’ is someone who has sufficient training and experience or knowledge and other qualities to allow them to assist you properly. The level of competence required will depend on the complexity of the situation and the particular help you need.

For example, a threat assessment which helps an organisation understand the nature of the malevolent threats facing it, will influence all subsequent security decision making. If this is not conducted by a ‘competent person’, it may lead to investment in security measures that were not necessary or result in vulnerabilities that could have been mitigated cost effectively. It is therefore vital that if an organisation does not have ‘competent persons’ internally, that they seek external support.

Certain credits within the SABRE scheme require the SABRE Registered Assessor to look for evidence of the involvement of a competent person. If you require support in completing these parts of your management system, you can refer to www.redbooklive.com to find a list of SABRE Registered Professionals who can support you in completing these important tasks.

Who submits a SABRE application?

You should appoint a SABRE Registered Assessor to complete your application. Assessors understand the process and this will prevent any delay that could result due to the provision of incomplete or incorrect information.

What SABRE Rating should I target?

The five SABRE Ratings, from Acceptable (1 Star) to Outstanding (5 Star) provide scheme users with the ability to compare and benchmark their security risk management performance. In Issue 1.x of the scheme, SABRE Ratings have been set as follows:

Acceptable Rating (1 Star)   Top 50% of facilities
Good (2 Star)                         Top 40% of facilities
Very Good (3 Star)                Top 25% of facilities
Excellent (4 Star)                   Top 10% of facilities
Outstanding (5 Star)             Top 1% of facilities

In setting target Ratings, users should take into account factors internal to the organisation e.g. asset value; and external factors such as the assets target attractiveness and the marketability of a particular SABRE Rating given the type and location of the facility.

Will I need to spend more on security measures to achieve SABRE certification?

No. SABRE does not prescribe any particular level of investment in security or attempt to prescribe particular protective security solutions. Through compliance with the risk based and systematic approach of SABRE, end users will only be procuring those security measures that contribute directly to the achievement of their security objectives.

What is security risk management?

Activities conducted to direct and control security risk(s).

What is a management system?

A management system is the way in which an organisation manages the parts of its business that support the achievement of certain objectives. Creating a safe and secure operating environment for your business is likely to be more difficult and costly if you do not have clearly defined objectives and if you are not systematic in your approach to achieving these objectives.

Management systems are deployed across a range of business objectives such as quality, environmental performance and health and safety. SABRE is the new global standard for facility security risk management.

Does certification cover my organisation?

The SABRE standard has been designed in recognition that location, tenure and a range of other factors specific to the built environment influence the security of a building, infrastructure asset or managed space. With many organisations operating out of multi-tenanted buildings and outsourcing facility management services, it is simply not possible to ignore these issues. As such, certification is awarded at a facility level, rather than for an organisation.

If you wish to certificate your entire portfolio of built assets, you should contact sabre@bre.co.uk as it may be possible to reduce the costs of certification by adopting a portfolio approach.

Does SABRE certification result in insurance discounts?

If your insurer recognises proactive risk management activities when determining their pricing, they should recognise SABRE certification when quoting for your business.

There is no fixed discount for SABRE certification as every facility and portfolio is different. Pricing will depend on your claims history as well as a range of other factors.

Beware of fixed price discounts as they may not always be as good as they sound. You should look closely at the policy particulars when determining if a policy is appropriate for your needs and whether it represents good value for money. Ask yourself this question, if you are adopting best practice when it comes to risk management and your insurer is not offering you any recognition for it, who is receiving the benefit of your efforts?

New Facilities

What is a pre-assessment?

A pre-assessment workshop, led by a SABRE Registered Assessor, provides a developer and their project team with an opportunity to set a target SABRE Rating and to identify the credits that will contribute to the agreed target. Early engagement will ensure that all project team members understand their role in supporting certification.

When should a SABRE application be made?

It is important that an aspiration for SABRE certification is communicated to the project team at the earliest possible opportunity. Early registration by the SABRE Registered Assessor will fix the scheme version against which the project will be assessed.

Can SABRE be used to discharge planning conditions relating to security?

It depends on the specific wording of the condition but generally we anticipate planning authorities accepting SABRE certification as evidence that a developer has met the crime prevention and protective security requirements of the National Planning Policy Framework (NPPF).

How do I ask my project team for SABRE certification?

It is as simple as specifying SABRE certification as a performance criteria in tender documentation and there is an extensive list of Licensed Companies able to deliver assessment services.

How does SABRE affect my BREEAM Rating?

The award of credits within Hea06 of the BREEAM UK New Construction 2018 scheme requires applicants to demonstrate that they have planned and implemented effective measures that provide an appropriate level of security to a facility. To find out how SABRE certification can improve your BREEAM score, refer to ‘SGN01 – SABRE and BREEAM UK New Construction 2018’.

How long does it take to achieve certification?

The timeframes for the certification of development projects are dictated by the project schedule. Applicants can apply for design (interim) certification which will typically take place at RIBA Stage 4 put possibly before depending on the documentation available. Shell & Core or Full certification is awarded at practical completion.

What is the benefit of Interim (design or shell & core) certification?

Interim certification provides confidence to the project employer and stakeholders, such as a planning authority, that security has been an integral part in the design of a new facility.

Interim certification is a useful performance management tool for the employer, allowing them to monitor progress towards the target SABRE Rating and ensure that the agreed design is fully implemented at construction stage. Equally, interim and full certification provides the project team with an objective way to evidence performance with contracted requirements.

Will SABRE change how I normally approach security on my projects?

Clearly it depends on your current approach. Some developers consider security early in the design process and they employ specialists to plan measures based upon the specific needs of their project. For these developers, SABRE certification will be very achievable and offer them the ability to communicate their commitment and the quality of their developments.

For developers who do not currently address security early in the development of their projects, do not employers specialists to support them, and implement measures without a project specific risk assessment, a change of approach will be required to be eligible for SABRE certification.

In-Use Facilities

How do I know if I’m ready for certification?

You should refer to the SABRE security risk management standard LPS2082 and SABRE Essentials guidance document ‘Working Towards SABRE In-Use Certification’ to get a feel for the criteria being assessed by the scheme.

A SABRE Registered Assessor can provide a pre-assessment service to help you understand whether your current approach to security is likely to achieve certification, to set a realistic SABRE Rating target and identify opportunities for improvement prior to full assessment.

What is a pre-assessment?

Pre-assessments usually take the form of a workshop and are delivered by SABRE Registered Assessors. The Assessor will ask the facility’s security stakeholders a series of targeted questions to understand whether the current approach to security is likely to achieve certification, to set a realistic SABRE Rating target and identify opportunities for improvement prior to full assessment.

When should a SABRE application be made?

A facility should be registered on the scheme by a SABRE Registered Assessor prior to conducting pre-assessment activity.

How long does it take to achieve certification?

It depends and a pre-assessment will help you understand the timeframes involved for your facility. If there is a well-documented management system in place for security at your facility, then certification is likely to be very swift. However, if there is a need for improvements, certification will take longer.

Will SABRE change how I normally approach security?

Clearly it depends on your current approach. If you operate a security risk management system at your facility, then certification will be very achievable. If on the other hand your security is driven by vendors, there is poor planning and documented evidence of implementation, then you need to consider improvements. You can contact a Licensed Company at www.redbooklive.com for advice.

Why should our business establish a management system for security?

Although security has often been approached differently to other business objectives, establishing a security risk management system can offer the same internal and external benefits.

Internally, setting objectives and performance targets will improve performance and will give confidence (and evidence) to stakeholders that investment in security is supporting business policy and objectives.

Externally, as a result of terrorist attacks, high profile cyber breaches and increasing levels of organised crime, many businesses and consumers are becoming increasingly security conscious. Obtaining independent certification of your security risk management system can provide assurance to regulators, investors, insurers and customers that you can manage such risks. For a number of sectors, survey results have shown that this can act as a differentiator and hence lead to a competitive advantage over organisations that not able to communicate their security credentials.

How complicated is it to establish a security risk management system?

It really isn’t that complicated to get started. If you recognise the value that good security brings to your business and are committed to achieving your objectives, establishing a management system should make it easier to achieve good results. As a systematic approach leads to the most operationally and cost effective solutions, the sooner this is initiated the better.

The level of complexity of your management system will depend on a range of factors, including the size and type of organisation and whether your organisation shares its facilities with other organisations. For some organisations, especially smaller ones, it may simply mean having strong leadership and clear definition of expectations. This does not necessitate extensive documentation. However, the higher the level of assurance desired, the more extensive the documentation required. To find a SABRE Registered Assessor, go to www.redbooklive.com. They can provide guidance on security risk management systems and SABRE certification.

I outsource my security provision, why do I need SABRE?

You cannot outsource your facility security. However, you can be supported in delivering effective security by service providers. They should be contracted with an understanding of your security objectives and the role they play in achieving them.

By establishing a security risk management system, you will be able to communicate your objectives, document roles and responsibilities, set targets and measure performance. Achieving and maintaining a SABRE Rating and Certification is an excellent motivator for your security organisation, whether or not you rely on the services of external providers.