Table Revision
| Release No. | Date | Revision Description |
| Rev. 0 | 05-FEB-2018 | New Release |
| Rev. 1 | 26-SEP-2022 | Amendment To Template Layout And Cover Page Amendment To Approval By Name And Position Revised, Restructure And Strengthen Existing Policy New Annual Review Section |
| Rev. 2 | 25-SEP-2023 | Remove Revision & Date Revised From Page 1 to 5 On Header Section Remove Next Review On Page 2 Move Approval From Page 4 To Page 5 |
| Rev. 3 | 21-NOV-2023 | Remove Remarks On Page 2 3.0 Annual Review – Update Annual Review To Review 10.0 CCTV Summary Quantity And Location – New Section 12.0 Digital Recording Procedures – New Section With Sub-Section 17.0 CCTV Decoder Images – New Section With Sub-Section |
| Rev. 4 | 19-DEC-2023 | Approval – Update New Layout And Move To Page 3 2.0 Review By – Move To Page 3 17.0 CCTV Decoder Images – Remove |
| Rev. 5 | 03-OCT-2024 | 17.0 CCTV Surveillance For Critical Areas – New Section |
| Rev. 6 | 27-NOV-2024 | Revised, Restructure And Strengthen Existing Policy |
| Rev. 7 | 07-JAN-2025 | Move Entire Policy To Cloud For Easy Access From Anywhere. Revised Header And Sub-Header Numbering |
1. INTRODUCTION
This policy outlines the organisation’s commitment to employing Closed-Circuit Television (CCTV) systems as an essential component of its security framework. The primary aim is to enhance overall safety, deter unauthorised access, and provide continuous monitoring of activities within the organisation’s premises. By leveraging CCTV technology, the organisation seeks to safeguard its employees, assets, and sensitive information against potential security threats.
In alignment with the Customs-Trade Partnership Against Terrorism (CTPAT) requirements, this policy underscores the importance of maintaining robust Information Technology security protocols. CCTV systems play a critical role in monitoring high-risk and sensitive areas, ensuring that any breaches, suspicious activities, or unauthorised access attempts are promptly detected and addressed.
Furthermore, this policy establishes the organisation’s commitment to ensuring that CCTV systems are installed, managed, and utilised responsibly, adhering to both legal and ethical standards. The implementation of these systems reflects the organisation’s proactive approach to creating a secure environment, protecting against potential risks, and maintaining compliance with international security best practices.
2. SCOPE
This policy is applicable to all individuals who access areas monitored by Closed-Circuit Television (CCTV) systems within the premises of Widetech Manufacturing Sdn Bhd. It encompasses employees, contractors, visitors, vendors, and any other persons who may enter or utilise spaces under surveillance.
The scope of this policy extends to all physical locations where CCTV cameras are installed, including but not limited to, entrances, exits, production floors, storage facilities, Information Technology server rooms, and other designated sensitive or restricted areas. These systems are critical in ensuring the safety and security of the organisation’s assets, personnel, and operations.
By implementing this policy, Widetech Manufacturing Sdn Bhd ensures that all individuals on its premises are aware of the use of CCTV systems and their role in maintaining a secure environment. This includes understanding that their presence and activities may be recorded in compliance with legal requirements and organisational policies.
This policy applies uniformly across all levels of the organisation, regardless of role or purpose of visit, and is intended to uphold the security measures required to deter unauthorised access, monitor critical areas, and support the organisation’s commitment to maintaining compliance with international security standards, including those outlined by CTPAT.
3. POLICY STATMENT
Widetech Manufacturing Sdn Bhd is dedicated to fostering a safe and secure environment for its employees, contractors, visitors, and vendors by implementing and utilising Closed-Circuit Television (CCTV) systems. In alignment with the security guidelines established under the Customs-Trade Partnership Against Terrorism (CTPAT), the organisation recognises the critical role that CCTV technology plays in enhancing security measures and mitigating potential risks.
The CCTV system is strategically designed to monitor, record, and securely store footage of designated sensitive areas, including entrances, exits, restricted zones, and other critical locations within the organisation’s premises. This ensures a robust layer of protection by deterring unauthorised access, detecting security breaches, and maintaining a comprehensive record of activities.
The organisation is committed to the responsible use of CCTV systems, adhering to all applicable legal and regulatory requirements. These systems serve to support safety protocols, assist in security investigations, and provide evidence in the event of incidents. By leveraging this technology, Widetech Manufacturing Sdn Bhd underscores its dedication to creating a secure working environment, safeguarding organisational assets, and maintaining compliance with internationally recognised security standards.
This policy reflects the organisation’s proactive approach to preventing security risks and upholding the highest levels of operational integrity, ensuring that all activities related to the CCTV system are conducted ethically, transparently, and in accordance with applicable data protection laws.
4. INSTALLATION AND PLACEMENT
CCTV cameras at Widetech Manufacturing Sdn Bhd will be strategically installed to ensure comprehensive coverage of key areas requiring enhanced security and monitoring. This careful placement supports the organisation’s commitment to safeguarding personnel, assets, and sensitive information. The designated areas for CCTV camera installation include, but are not limited to:
4.1 Certified Professional Installation
All CCTV must be installed by certified security system professionals to ensure compliance with industry standards, operational reliability, and adherence to Widetech Manufacturing Sdn Bhd’s security policies. The certification of these professionals must be verified and documented to maintain accountability and quality assurance.
4.2 Entrances and Exits
Cameras will be positioned at all entry and exit points to monitor the movement of individuals entering or leaving the premises, thereby ensuring that only authorised personnel have access.
4.3 Information Technology Server Rooms
Special attention will be given to the surveillance of Information Technology infrastructure, with cameras installed to monitor access to server rooms and other areas housing critical technological systems.
4.4 High-Value Storage Areas
Surveillance will cover locations used for the storage of valuable equipment, materials, or inventory to deter theft and unauthorised access.
4.5 Restricted or Sensitive Zones
Areas designated as restricted or containing sensitive operations will be under constant CCTV monitoring to prevent unauthorised entry and ensure operational integrity.
To uphold privacy and maintain ethical standards, CCTV cameras will not be installed in private areas, such as restrooms, changing rooms, or other spaces where individuals have a reasonable expectation of privacy.
Additionally, all areas under CCTV surveillance will be clearly marked with appropriate signage, informing individuals that they are being monitored. This not only ensures transparency but also acts as a deterrent to potential security breaches. The signage will comply with applicable regulations and include details such as the purpose of surveillance and contact information for further inquiries.
By adhering to these guidelines, Widetech Manufacturing Sdn Bhd ensures that its CCTV systems are deployed responsibly, effectively balancing security needs with respect for individual privacy rights.
5. CCTV MONITORING
The CCTV system at Widetech Manufacturing Sdn Bhd will be continuously monitored and managed to ensure it operates effectively as a core component of the organisation’s security infrastructure. The following measures outline the responsibilities and procedures for monitoring the system:
5.1 Real-Time Monitoring
The CCTV system will be actively monitored in real-time by trained and authorised security personnel. These individuals are tasked with observing live camera feeds to identify and respond promptly to any suspicious activities, unauthorised access attempts, or security breaches. Real-time monitoring is critical to ensuring swift action in the event of incidents that may threaten the safety of the premises or personnel.
5.2 Maintenance and Functionality Checks
Information Technology Department will conduct routine checks and scheduled maintenance of all CCTV equipment to ensure cameras, recording devices, and related systems function correctly. This includes verifying camera positioning, ensuring clarity of footage, and promptly addressing any technical faults or malfunctions. Maintenance logs will be maintained to track the operational status of all equipment and document any repairs or upgrades undertaken.
5.3 Access Control for Feeds and Recordings
Live CCTV feeds and recorded footage will be strictly restricted to personnel who have received prior authorisation from the management or security oversight team. Access will be granted on a need-to-know basis, and all access requests will follow a documented approval process.
5.4 Data Security
Recorded footage will be stored securely within a controlled environment, ensuring that only authorised individuals can retrieve or review recordings. Encryption and access control measures will be implemented to safeguard against unauthorised access or data breaches.
These procedures are designed to ensure the CCTV system functions optimally, maintains compliance with relevant security regulations, and supports the organisation’s commitment to protecting its assets, personnel, and sensitive information. By adhering to these monitoring standards, Widetech Manufacturing Sdn Bhd upholds its responsibility to provide a safe and secure environment.
6. DATA STORAGE AND RETENTION
Widetech Manufacturing Sdn Bhd is committed to ensuring the secure and responsible management of CCTV recordings in compliance with CTPAT guidelines and applicable data protection laws. The following procedures outline the organisation’s approach to the storage and retention of recorded CCTV footage:
6.1 Secure Storage of Recorded Footage
All recorded footage captured by CCTV cameras will be stored in a tamper-proof system designed to prevent unauthorised access or manipulation. This system will be housed in a secure location with access restricted to authorised personnel only. Measures such as redundant storage systems and off-site backups may be employed to ensure data integrity and availability, even in the event of system failures or unforeseen incidents. The retention of footage will comply with CTPAT requirements, with recordings stored for an average of 60 days to 90 days, as deemed necessary for specific operational needs or regulatory obligations.
6.2 Encryption for Data Security
To safeguard against unauthorised access, all CCTV recordings will be encrypted using industry-standard encryption protocols. This ensures that even in the unlikely event of a data breach, the footage remains protected and cannot be accessed or viewed by unauthorised individuals. Encryption keys will be managed securely, and access to decryption tools will be limited to authorised Information Technology and security personnel.
6.3 Retention Period and Disposal
After the specified retention period, recorded footage will be permanently deleted in a manner that ensures it cannot be recovered or reconstructed. This process will involve the use of secure deletion methods that comply with data protection best practices. Exceptions to this retention policy may apply if specific recordings are required for ongoing investigations, audits, or legal proceedings. In such cases, the relevant footage will be preserved securely and access restricted to authorised personnel until it is no longer required.
6.3 High-Quality 24-Hour Recording
All CCTV cameras must be configured to record at the highest possible quality to ensure clear and detailed footage that can be used for security investigations. The CCTV system must operate 24 hours a day, 7 days a week, capturing footage to ensure full coverage of monitored areas. System configurations should prioritise high-definition (HD) or higher resolution settings, ensuring clear visibility of details.
Regular system checks must be performed to ensure that recording quality is maintained and that no gaps occur due to system failures or storage limitations
6.4 Documentation and Audit Trails
Comprehensive logs will be maintained to track all activities related to the storage, access, and deletion of CCTV recordings. These logs will document who accessed the data, the purpose of access, and the actions taken, thereby ensuring accountability and transparency.
By implementing these data storage and retention measures, Widetech Manufacturing Sdn Bhd ensures that its CCTV recordings are managed securely, responsibly, and in compliance with both CTPAT requirements and applicable privacy laws. This approach demonstrates the organisation’s commitment to protecting sensitive information while respecting the privacy of individuals captured in CCTV footage.
7. ACCESS CONTROL
Widetech Manufacturing Sdn Bhd is committed to ensuring that access to CCTV systems, including data and equipment, is tightly controlled and managed in accordance with security best practices and CTPAT guidelines. The following procedures define the organisation’s approach to regulating access:
7.1 Restricted Access to Authorised Personnel
Access to CCTV data, live feeds, and equipment is strictly limited to authorised personnel who have received prior approval through a documented process. Authorised individuals include security staff, Information Technology personnel and designated management members responsible for overseeing the organisation’s security infrastructure. Requests for access must be formally submitted, reviewed, and approved to ensure access is granted only to those with a legitimate operational need.
7.2 Logging and Regular Review of Access Attempts
All access attempts to the CCTV system, including viewing or retrieving recorded footage, will be logged automatically. These logs will record critical details such as the identity of the user, the time of access, and the specific data or equipment accessed. Regular reviews of these logs will be conducted to ensure compliance with access protocols and to identify any unauthorised or suspicious activity. Discrepancies or breaches will be escalated to management for immediate investigation and corrective action.
7.3 Access for Visitors or External Parties
Visitors or external parties, such as contractors, auditors, or law enforcement personnel, who require access to CCTV data or equipment must submit a formal request. This request must outline the purpose of access and will be subject to thorough review and approval by management. Access will only be granted after careful consideration to ensure it aligns with the organisation’s security policies and regulatory obligations. All external access activities will be closely monitored and documented.
7.4 Additional Security Measures
7.4.1 Roles-Based Access Control
Permissions within the CCTV system will be assigned based on job roles, ensuring individuals can only access the specific areas and functions necessary for their responsibilities.
7.4.2 Confidentiality Agreements
All personnel with access to CCTV systems will be required to sign confidentiality agreements to ensure the responsible handling of sensitive data. Any breach of confidentiality or misuse of CCTV systems will result in disciplinary action and may involve legal consequences.
By implementing these robust access control measures, Widetech Manufacturing Sdn Bhd ensures that CCTV systems are operated securely, with minimal risk of unauthorised access or misuse. This policy reinforces the organisation’s commitment to maintaining the integrity of its security systems while adhering to both CTPAT requirements and applicable data protection laws.
8. SYSTEM SECURITY
Widetech Manufacturing Sdn Bhd prioritises the security of its CCTV systems to safeguard against unauthorised access and ensure their reliable operation. This section outlines the measures undertaken to protect the CCTV infrastructure in compliance with industry standards and CTPAT guidelines.
8.1 Integration with Information Tehcnology Infrastructure for Network Security
The CCTV system is integrated into the organisation’s Information Technology infrastructure to enable seamless monitoring and centralised management while ensuring robust protection against cyber threats. This integration allows for the implementation of advanced security protocols such as encrypted data transmission, secure access controls, and network monitoring tools to detect and address potential vulnerabilities in real time. By aligning CCTV operations with Information Technology security measures, the organisation ensures the system operates within a secure and resilient digital environment.
8.2 Use of Firewalls and Secure Passwords
To prevent unauthorised remote access, the CCTV system is protected by firewalls configured to block unauthorised traffic and restrict system access to authorised IP addresses only. Additionally, all access points, including user accounts and administrative controls, are secured with complex, regularly updated passwords. Multi-factor authentication is employed for enhanced protection, requiring users to verify their identity through additional security layers before accessing the system.
8.3 Firmware and Software Updates
The CCTV system’s firmware and software are regularly reviewed and updated to address security vulnerabilities and enhance system performance. Updates provided by the system manufacturer are applied promptly to ensure the latest security patches are in place. This proactive approach reduces the risk of exploitation by malicious actors and ensures the system remains compliant with evolving security standards. Maintenance schedules include regular checks for available updates and thorough testing to ensure system compatibility and stability.
8.4 Data Encryption and Secure Storage
All data transmitted within the CCTV system, including live feeds and recorded footage, is encrypted to prevent interception or tampering. Encrypted storage systems protect data at rest, ensuring that even if physical storage devices are accessed without authorisation, the data remains unreadable and secure.
8.5 Regular Security Audits
Periodic audits of the CCTV system’s security are conducted to identify and address potential vulnerabilities. These audits include assessments of network configurations, access control measures, and compliance with organisational and regulatory requirements. Recommendations from the audit are implemented promptly to maintain a high level of security.
8.6 Incident Response and Monitoring
Information Technology Department monitors the CCTV system for unusual activities, such as unauthorised login attempts or system anomalies. In the event of a security incident, an incident response plan is in place to isolate the affected systems, mitigate the threat, and investigate the cause. A detailed report of the incident and corrective actions taken is maintained for accountability and future prevention.
By adopting these comprehensive system security measures, Widetech Manufacturing Sdn Bhd ensures that its CCTV infrastructure operates in a secure, efficient, and reliable manner. These actions not only protect the integrity of the system but also reinforce the organisation’s commitment to meeting CTPAT requirements and safeguarding its premises, assets, and personnel.
9. INCIDENT REPORTING
Widetech Manufacturing Sdn Bhd is committed to the prompt and accurate reporting of security incidents detected through CCTV footage. This ensures that all incidents are addressed swiftly, mitigating potential risks and maintaining compliance with CTPAT requirements. The following procedures outline the process for reporting and documenting security incidents:
9.1 Immediate Reporting of Security Incidents
Any security incident detected through CCTV monitoring, such as unauthorised access, suspicious activity, or equipment tampering, must be reported immediately to the designated Human Resource Manager or Higher Management. This allows for a rapid response to contain and resolve the issue, preventing further escalation. Security personnel monitoring the CCTV system are responsible for ensuring that all incidents are reported without delay, following the organisation’s established communication protocols.
9.2 Comprehensive Incident Logging
A detailed log of each incident will be maintained to provide a complete record of events for investigative and audit purposes. The incident log will include the following information:
Timestamps: The precise date and time when the incident occurred, as well as when it was detected.
Affected Areas: Specific locations or zones within the premises where the incident took place.
Nature of the Incident: A clear description of the incident, including details of the observed activity or behaviour.
Actions Taken: A record of immediate actions taken to address the incident, such as contacting authorities, restricting access, or reviewing additional footage.
Involved Individuals: If applicable, the identification of individuals involved in the incident, including employees, visitors, or external parties.
9.3 Incident Escalation and Follow Up
For incidents of a serious nature, such as breaches of high-security areas or suspected criminal activity, the Information Technology Department will escalate the matter to senior management or external authorities as appropriate. A follow-up investigation will be conducted to determine the root cause, evaluate the effectiveness of the response, and implement corrective actions to prevent recurrence.
9.4 Incident Reporting to Relevant Authorities
Where required by law or organisational policy, security incidents will be reported to external bodies such as local law enforcement, regulatory agencies, or CTPAT officials. Reports will include all relevant details and supporting documentation, such as CCTV footage and incident logs.
9.5 Periodic Review and Analysis
Incident reports will be reviewed periodically to identify patterns or trends that may indicate vulnerabilities within the security system. This analysis will inform decisions on improving surveillance practices, equipment placement, and access control measures.
9.6 Confidentiality and Data Protection
All information related to incident reporting, including logs and footage, will be handled with strict confidentiality to protect the privacy and security of those involved. Access to incident data will be restricted to authorised personnel, and records will be stored securely.
By adhering to these incident reporting protocols, Widetech Manufacturing Sdn Bhd ensures that all security issues are addressed efficiently and effectively, maintaining the integrity of its operations and compliance with CTPAT guidelines. This structured approach to incident reporting reinforces the organisation’s commitment to creating a safe and secure environment for all stakeholders.
9.7 Auditing and Maintenance
Widetech Manufacturing Sdn Bhd is committed to maintaining the effectiveness and reliability of its CCTV systems through regular auditing and maintenance. These measures ensure the system remains compliant with CTPAT requirements, operates efficiently, and provides robust security for the organisation. The following procedures outline the auditing and maintenance processes:
9.7.1 Regular Audits of CCTV Operations
Scheduled audits of CCTV operations will be conducted to verify compliance with CTPAT requirements and internal security policies. These audits will evaluate key aspects of the system, including:
Coverage Adequacy: Ensuring that all critical areas are effectively monitored by CCTV cameras.
Access Control: Confirming that only authorised personnel have access to live feeds, recordings, and equipment.
Data Retention Compliance: Verifying that footage is stored securely and for the appropriate duration as per organisational policies.
Incident Handling: Reviewing incident logs to ensure they are complete, accurate, and properly documented.
Audit findings will be documented in detailed reports, highlighting any gaps or non-compliance issues. Recommendations for corrective actions will be provided, and follow-up audits will be conducted to ensure implementation.
9.7.2 Maintenance Logs for Equipment Repairs and Upgrades
Comprehensive maintenance logs will be maintained for all CCTV equipment, including cameras, recording devices, and supporting systems. These logs will include:
Routine Maintenance Records: Details of scheduled maintenance activities, such as lens cleaning, system calibration, and firmware updates.
Repairs: Documentation of repairs, including the nature of the issue, corrective actions taken, and the technician responsible.
Upgrades: Records of system upgrades, including hardware replacements, software enhancements, and improvements to system capabilities.
Regular maintenance ensures that all components of the CCTV system function optimally, minimising downtime and preventing security lapses.
9.7.3 Escalation of System Anomalies
Any anomalies or irregularities detected within the CCTV system, such as malfunctioning cameras, disrupted feeds, or unauthorised access attempts, will be escalated immediately to the Information Technology Department and Security Manager. Anomalies will be categorised based on their severity, and a structured escalation process will ensure timely resolution.
Minor Issues: Addressed during routine maintenance.
Critical Issues: Escalated for urgent attention, with immediate measures taken to mitigate potential security risks.
9.7.4 Preventive Measures and Training
To minimise the likelihood of system failures, preventive maintenance will be prioritised. Additionally, personnel involved in CCTV operations will receive training to identify potential issues and respond effectively. This includes understanding system alerts, performing basic troubleshooting, and documenting anomalies.
9.7.5 Compliance Reviews and Reporting
Maintenance and audit activities will be reviewed regularly to ensure they align with the latest CTPAT requirements and organisational policies. Summaries of these activities will be included in security compliance reports, which are shared with senior management and relevant regulatory authorities.
9.7.6 Continuous Improvement
Feedback from audits and maintenance activities will be used to enhance CCTV system operations. Lessons learned from incidents, repairs, and upgrades will inform future decisions, contributing to a more robust and reliable surveillance system.
By implementing these auditing and maintenance protocols, Widetech Manufacturing Sdn Bhd ensures the ongoing effectiveness of its CCTV system. This proactive approach supports the organisation’s commitment to maintaining a secure environment, mitigating risks, and achieving compliance with CTPAT and other applicable security standards.
10. ROLES AND RESPONSIBILITIES
The successful implementation and operation of the CCTV system at Widetech Manufacturing Sdn Bhd require clear allocation of roles and responsibilities. Each stakeholder plays a critical role in ensuring the system functions effectively, aligns with security standards, and complies with CTPAT requirements. The following outlines the key roles and their responsibilities:
10.1 Information Technology
The Information Technology Department is responsible for ensuring the secure functioning and technical integrity of the CCTV systems. Their responsibilities include:
Network Integration: Seamlessly integrating the CCTV system with the organisation’s Information Technology infrastructure to enhance security and monitoring capabilities.
Data Encryption: Implementing and maintaining encryption protocols to protect CCTV data, ensuring it is secure both during transmission and in storage.
System Maintenance: Conducting routine checks and maintenance of software and hardware, including applying firmware updates and troubleshooting technical issues.
Cybersecurity Measures: Safeguarding the CCTV system from cyber threats by implementing firewalls, secure passwords, and access control mechanisms.
10.2 Security Personnel
The security personnel are tasked with the day-to-day operation and monitoring of the CCTV system. Their responsibilities include:
Live Feed Monitoring: Actively observing CCTV footage in real-time to detect and respond to suspicious activity or unauthorised access attempts.
Incident Reporting: Promptly reporting any security incidents detected on CCTV to Information Technology Department.
First-Response Actions: Taking immediate action, such as contacting relevant authorities or escalating issues, when critical incidents are identified.
Access Management Support: Assisting in ensuring that only authorised personnel can access secure areas under CCTV surveillance.
10.3 Management
Management is responsible for overseeing the strategic and administrative aspects of the CCTV system. Their responsibilities include:
Access Approvals: Reviewing and approving requests for access to live feeds, recorded footage, and system controls, ensuring such access is granted only to authorised personnel with a legitimate need.
Policy Compliance Oversight: Ensuring the organisation’s use of CCTV systems complies with CTPAT requirements, internal policies, and legal regulations.
Resource Allocation: Allocating sufficient resources, such as funding and staff, to maintain and enhance the CCTV system.
Incident Review: Participating in the review and resolution of significant security incidents to improve processes and ensure accountability.
10.4 Collaboration and Accountability
The successful operation of the CCTV system requires collaboration among all stakeholders. Regular meetings, training, and reporting will ensure that everyone involved is aligned with their responsibilities and aware of updates to security policies or procedures. By clearly defining and adhering to these roles and responsibilities, Widetech Manufacturing Sdn Bhd ensures that its CCTV system remains effective, compliant, and aligned with CTPAT and organisational security objectives.
11. COMPLIANCE
Widetech Manufacturing Sdn Bhd is fully committed to upholding the standards and requirements outlined in this CCTV policy. Compliance with this policy is mandatory for all employees, contractors, visitors, and vendors who interact with or are affected by the organisation’s CCTV systems. This ensures the security of the premises, protection of sensitive areas, and adherence to CTPAT guidelines and relevant legal regulations.
11.1 Consequences of Non-Compliance
Failure to comply with this policy, whether through negligence, intentional misuse, or unauthorised actions, will be treated as a serious breach of organisational rules and responsibilities. Non-compliance may result in the following actions:
11.1.1 Disciplinary Measures for Employees
Employees found in violation of this policy may face disciplinary actions, including formal warnings, suspension, or other corrective measures as outlined in the organisation’s disciplinary procedures. For serious breaches, such as unauthorised access to CCTV systems, tampering with equipment, or misuse of recorded footage, the organisation reserves the right to terminate employment.
11.1.2 Contractor and Vendor Violations
Contractors or vendors who fail to adhere to the policy will face immediate termination of their contracts and may be prohibited from future engagement with the organisation.
11.1.3 Visitor Non-Compliance
Visitors who breach this policy, such as by attempting to access restricted areas or interfere with CCTV operations, will be denied further access to the premises and reported to the appropriate authorities if necessary.
11.1.4 Reporting to CTPAT Authorities
In cases where non-compliance involves actions that jeopardise the organisation’s adherence to CTPAT guidelines, the incident may be reported to CTPAT authorities for review. This includes breaches that result in significant security risks, unauthorised disclosure of sensitive data, or failure to meet CTPAT audit requirements.
11.2 Commitment to Education and Support
To minimise the risk of non-compliance, the organisation provides regular training and clear communication to ensure all stakeholders understand the importance of adhering to the CCTV policy. Support is available for employees or contractors who have questions or require clarification regarding their responsibilities under this policy.
By enforcing this policy and addressing non-compliance decisively, Widetech Manufacturing Sdn Bhd underscores its dedication to maintaining a secure and compliant operational environment. These measures not only protect the organisation but also reinforce its commitment to meeting the highest standards of security and regulatory compliance.
12. CORRECTIVE ACTION MEASURES
Widetech Manufacturing Sdn Bhd is committed to continuously improving its CCTV security system and ensuring compliance with CTPAT requirements. To maintain the effectiveness and integrity of the surveillance infrastructure, all identified deficiencies, security breaches, or non-compliance issues must be addressed promptly through a structured Corrective Action Plan (CAP).
12.1 Identification and Documentation of Issues
Any security weaknesses, equipment failures, unauthorised access attempts, or policy violations identified during CCTV monitoring, audits, or incident investigations must be documented in detail. Security personnel, Information Technology staff, or auditors responsible for identifying an issue must immediately report their findings to the Management. A Corrective Action Report (CAR) will be created, outlining:
- Nature of the Issue: A description of the identified deficiency or security concern.
- Date and Location: When and where the issue occurred.
- Personnel Involved: Any staff or external parties linked to the issue.
- Potential Risks: Assessment of security vulnerabilities posed by the issue.
12.2 Implementation of Corrective Actions
Once an issue has been identified, corrective actions must be implemented without delay to prevent further security risks. The designated personnel will determine the appropriate resolution, which may include:
- Immediate Fixes: Quick resolutions such as adjusting camera angles, updating access permissions, or rebooting malfunctioning systems.
- Technical Repairs or Replacements: If CCTV equipment is found to be defective, Facility Team personnel or certified contractor must repair or replace the affected components.
- Training & Awareness: Conducting additional staff training on CCTV policies and security procedures to reinforce compliance.
12.3 Tracking and Verification of Corrective Actions
All corrective actions taken must be documented in an official report, noting the measures implemented, responsible personnel, and the date of resolution. The CTPAT Coordinator and Information Technology will verify that the corrective action has been successfully implemented and that the issue has been fully resolved. A follow-up review will be conducted to ensure the problem does not reoccur and that security protocols remain effective.
12.4 Escalation and Continuous Improvement
If a security issue remains unresolved or poses a significant risk, it will be escalated to senior management for further intervention. Periodic reviews of corrective action reports will help identify recurring issues and develop long-term preventive measures. Lessons learned from corrective actions will be integrated into security policy updates and shared with relevant stakeholders.
By ensuring that all corrective action measures are properly documented and implemented as soon as possible, Widetech Manufacturing Sdn Bhd reinforces its commitment to security, compliance, and continuous improvement. This structured approach not only enhances CCTV operational effectiveness but also strengthens the organisation’s proactive response to security risks.
13. VISUAL AND PROCEDURAL DOCUMENTATION
As part of its commitment to maintaining a robust and proactive security system, Widetech Manufacturing Sdn Bhd requires all CCTV systems to be equipped with alarm and email notification capabilities. These features ensure immediate awareness and swift response to decoders faulty incidents, enhancing the overall effectiveness of the surveillance infrastructure.
13.1 CCTV Failure Alarm / Notification
13.2 CCTV UPS (Backup Battery)
13.3 CCTV Surveillance For Critical Areas
