WM-IT-002 Alarm System Control Policy and Procedure – Docs

Revision Table

Release No.	Date	Revision Description
Rev. 0	05-FEB-2018	New Release
Rev. 1	26-SEP-2022	Amendment To Template Layout And Cover Page Amendment To Approval By Name And Position Revised, Restructure And Strengthen Existing Policy New Annual Review Section
Rev. 2	25-SEP-2023	Remove Revision & Date Revised From Page 1 to 5 On Header Section Remove Next Review On Page 2 Move Approval From Page 4 To Page 5
Rev. 3	06-NOV-2023	Remove Remarks On Page 2 9.0 Alarm Panel And Strobe Light Location – Update Main Section Title Added New Sub-Section 9.4 – 9.4 Alarm Strobe Light Picture 3.0 Annual Review – Update Annual Review To Review
Rev. 4	19-DEC-2023	Approval – Update New Layout And Move To Page 3 2.0 Review By – Move To Page 3
Rev. 5	27-NOV-2024	Revised, Restructure And Strengthen Existing Policy
Rev. 6	07-JAN-2025	Move Entire Policy To Cloud For Easy Access From Anywhere. Revised Header And Sub-Header Numbering

1. INTRODUCTION

Widetech Manufacturing Sdn Bhd is committed to ensuring the highest standards of security across all its facilities, operations, and supply chain processes. As part of this commitment, the company has established this Alarm System Policy and Procedure, which serves as a fundamental component of its security framework. This policy is designed to safeguard company assets, personnel, and critical infrastructure by implementing and maintaining a robust alarm system in compliance with the Customs-Trade Partnership Against Terrorism (CTPAT) requirements.

Alarm systems play a crucial role in preventing unauthorised access, detecting security breaches, and enabling a swift response to potential threats. To achieve this, Widetech Manufacturing Sdn Bhd has developed structured procedures to govern the installation, operation, maintenance, and monitoring of these systems. This ensures that all security measures are proactive, effective, and continuously improved in line with technological advancements and evolving security risks.

This document outlines the policies and procedures governing the company’s alarm systems, detailing roles and responsibilities, compliance requirements, monitoring protocols, and incident response measures. It applies to all employees, contractors, service providers, and visitors who interact with the company’s security infrastructure.

By adhering to this policy, Widetech Manufacturing Sdn Bhd strengthens its overall security posture, ensuring a safe and controlled environment while upholding international security standards in its operations.

2. SCOPE

This policy is applicable to all Widetech Manufacturing Sdn Bhd facilities where alarm systems have been installed, including but not limited to manufacturing plants, warehouses, administrative offices, and any other operational premises owned or managed by the company. It encompasses all aspects related to alarm systems, including their installation, operation, maintenance, monitoring, and response protocols.

The provisions outlined in this policy are binding on all individuals and entities that interact with the company’s facilities or security infrastructure. This includes permanent employees, contractors, external service providers, and visitors. Regardless of the nature or duration of their engagement with the company, all parties are required to adhere to the measures and guidelines set forth within this document.

This policy is designed to ensure consistency in the deployment and management of alarm systems across all company locations, thereby enhancing the security and safeguarding of assets, personnel, and operations. It seeks to establish a unified approach to addressing potential security risks while fostering accountability among all individuals accessing or interacting with Widetech Manufacturing Sdn Bhd’s facilities.

By extending its application to all relevant stakeholders, this policy underscores the company’s commitment to maintaining the highest standards of security and compliance with industry best practices and international security requirements, including those stipulated under the CTPAT initiative.

3. POLICY STATEMENT

Widetech Manufacturing Sdn Bhd is steadfast in its commitment to implementing and upholding robust security measures, with a particular emphasis on the strategic use of alarm systems that fully comply with the standards and requirements set out under the Customs-Trade Partnership Against Terrorism (CTPAT) initiative. These alarm systems are a critical component of the company’s overarching security framework and will be deployed, managed, and monitored in a manner that ensures maximum effectiveness and reliability.

The company is dedicated to utilising these systems to:

Detect and deter unauthorised access or breaches: Alarm systems will serve as a primary tool for identifying and preventing unauthorised entry, thereby safeguarding personnel, assets, and sensitive areas.
Provide timely alerts in the event of intrusions or emergencies: Immediate notifications will enable swift responses to potential security incidents, reducing risks and mitigating impacts.
Ensure proper installation, testing, and maintenance to maintain system reliability: Alarm systems will be installed by certified professionals, with rigorous and regular testing and maintenance schedules to ensure consistent performance.
Monitor all access points, sensitive areas, and perimeter security effectively: Comprehensive coverage will be provided across all critical areas, ensuring a secure and controlled environment at all times.

To achieve these objectives, all personnel, including employees, contractors, and visitors, are expected to adhere to the procedures, responsibilities, and guidelines outlined in this policy. Compliance with these measures is essential to maintaining the security and operational integrity of Widetech Manufacturing Sdn Bhd’s facilities and supply chain.

This policy reflects the company’s unwavering commitment to fostering a secure working environment and ensuring that all security systems are implemented in line with best practices, industry standards, and international security requirements. Through the diligent application of this policy, Widetech Manufacturing Sdn Bhd aims to uphold its reputation for security excellence while safeguarding its people, property, and operations.

4. INSTALLATION AND SYSTEM REQUIREMENTS

4.1 Certified Professional Installation

All alarm systems must be installed by certified security system professionals to ensure compliance with industry standards, operational reliability, and adherence to Widetech Manufacturing Sdn Bhd’s security policies. The certification of these professionals must be verified and documented to maintain accountability and quality assurance.

4.2 Mandatory Features of Alarm System

The alarm systems deployed across Widetech Manufacturing Sdn Bhd facilities must incorporate a comprehensive range of features to address potential security threats effectively. These features include, but are not limited to:

Intrusion detection: Advanced sensors capable of identifying unauthorised access or attempts to breach secure areas.
Motion sensors for sensitive areas: Strategically placed motion sensors to detect movement in high-security zones, such as storage areas for sensitive materials, intellectual property, or valuable assets.
Door and window sensors at access points: Devices installed at all primary and secondary access points to monitor and alert on unauthorised entry or tampering.
Audible alarms and silent notifications to security teams: Dual-function systems that can both deter intrusions through loud alarms and silently notify designated security personnel or monitoring services for rapid response.

4.3 Integration with Complementary Security Systems

To provide a layered and comprehensive security framework, all alarm systems must be fully integrated with the following systems:

CCTV (Closed-Circuit Television): Alarm triggers must synchronise with CCTV systems to provide real-time visual verification of security incidents and support post-incident investigations.

This integration ensures seamless communication between systems, enabling a more effective and immediate response to security threats. Additionally, it provides a consolidated platform for monitoring and managing facility security, supporting Widetech Manufacturing Sdn Bhd’s commitment to safeguarding its people, assets, and operations.

By adhering to these procedures, Widetech Manufacturing Sdn Bhd ensures that its alarm systems are not only compliant with CTPAT requirements but also optimally designed and operated to mitigate risks and uphold the highest standards of security.

5. MONITORING AND RESPONSE

5.1 Immediate Response by Security Personnel

In the event of an alarm trigger, designated security personnel are required to respond without delay, following a standardised response protocol to minimise risks and address potential threats effectively. The key steps in the response process include:

Verifying the nature of the alarm: Security personnel must promptly assess the alarm trigger to determine whether it is a false alarm (e.g., caused by equipment malfunction or human error) or an actual breach. This involves reviewing data from integrated systems such as CCTV and access control logs to validate the event.
Notifying law enforcement or emergency services if necessary: In cases of verified breaches, unauthorised access, or emergencies, security personnel must contact the appropriate authorities, including local law enforcement or emergency response teams, to ensure a swift resolution.

Security personnel must also follow internal escalation protocols, notifying the Information Technology Department and other relevant stakeholders about the incident.

5.3 Logging and Weekly Review of Alarm Events

To maintain accountability and support continuous improvement in security operations, all alarm events, regardless of severity, must be thoroughly documented. The alarm event log must include:

Date and time of the alarm trigger.
Location of the triggered alarm.
Nature of the alarm (e.g., intrusion detection, system fault).
Actions taken in response to the alarm, including personnel involved and authorities contacted.
Outcome of the incident and any follow-up measures implemented.

The Information Technology Department is responsible for conducting a detailed review of the alarm event log on a weekly basis. This review process aims to:

Identify patterns or recurring issues in alarm triggers.
Evaluate the effectiveness of response protocols.
Implement corrective actions to address system weaknesses or procedural deficiencies.
Ensure compliance with regulatory and CTPAT requirements.

By adhering to these monitoring and response procedures, Widetech Manufacturing Sdn Bhd ensures a proactive and structured approach to managing alarm triggers, safeguarding its assets, and maintaining the safety and security of its facilities and personnel.

6. MAINTENANCE AND TESTING

6.1 Monthly Testing to Ensure Functionality

Alarm systems installed at Widetech Manufacturing Sdn Bhd must undergo rigorous testing on a monthly basis to verify their functionality and operational reliability. This testing process is crucial for identifying any potential issues or malfunctions before they compromise the overall security infrastructure.

Testing procedures include:

Activating alarm triggers in controlled conditions to confirm that sensors, motion detectors, and audible or silent alarms are functioning correctly.
Verifying the integration of alarm systems with CCTV and access control systems, ensuring seamless communication between all components.
Assessing the responsiveness of the monitoring service to alarm triggers during testing.

Test schedules will be documented and communicated to relevant personnel to minimise disruption to daily operations while ensuring compliance with this policy.

6.2 Maintenance Logs for Audit and Compliance

A detailed log of all maintenance and testing activities must be maintained and securely stored for audit and compliance purposes. Each log entry should include the following information:

Date and time of the maintenance or testing activity.
Names of personnel or service providers conducting the activity.
Details of the components tested or serviced, including results of functionality checks.
Any issues identified during testing and corresponding corrective actions taken.
Verification of system performance post-maintenance.

These logs must be reviewed periodically by the Information Technology Department to ensure that the alarm systems remain compliant with industry standards, CTPAT requirements, and the company’s internal policies.

6.3 Immediate Repairs for Detected Malfunctions

In the event that a malfunction or issue is detected during testing or daily operations, immediate action must be taken to rectify the problem. This includes:

Promptly notifying the Information Technology Department and relevant maintenance personnel or contractors.
Scheduling repairs at the earliest possible opportunity to restore full functionality.
Conducting post-repair testing to confirm that the alarm system is operating correctly.

All repair activities must be recorded in the maintenance log, including details of the fault, the corrective actions undertaken, and the date and time of resolution. Where necessary, backup systems or temporary measures must be deployed to maintain security during the repair period.

By adhering to this maintenance and testing protocol, Widetech Manufacturing Sdn Bhd ensures the continued reliability and effectiveness of its alarm systems, reinforcing the company’s commitment to maintaining robust security measures in line with CTPAT and industry best practices.

7. ACCESS TO ALARM SYSTEMS

7.1 Restricted Access to Alarm Systems

Access to the alarm systems at Widetech Manufacturing Sdn Bhd is strictly limited to authorised personnel to ensure the integrity, security, and proper functioning of the systems. Only individuals who have been explicitly approved by the company’s management and security team are permitted to:

Access the physical control panels or digital interfaces of the alarm systems.
Configure settings or modify the functionality of the systems, including adjustments to sensitivity levels, notification protocols, and integration with other security components.
Activate or deactivate the alarm system, whether for testing, maintenance, or operational purposes.

Unauthorised access is strictly prohibited and will be treated as a serious breach of security protocol, subject to disciplinary action or legal consequences. All personnel must adhere to this policy to prevent potential security risks arising from misuse or tampering.

7.2 Maintaining and Reviewing Authorised Personnel Lists

A comprehensive and up-to-date list of all individuals authorised to access the alarm systems must be maintained at all times. This list should include:

Full names and job titles of the authorised personnel.
The specific level of access granted to each individual (e.g., operational, configuration, or administrative).
Dates of authorisation and any subsequent modifications or revocations of access rights.

This list must be securely stored and reviewed on a quarterly basis by the Information Technology Department to ensure its accuracy and relevance. During the review process:

Any personnel no longer requiring access (e.g., due to role changes or employment termination) must have their access rights revoked immediately.
New personnel requiring access must be formally approved and trained before being granted authorisation.

To further enhance security, access control measures such as unique passcodes, biometric verification, or access cards must be implemented to prevent unauthorised entry to the alarm system interfaces. Any access attempts, whether successful or unsuccessful, must be logged and monitored for irregularities.

By enforcing these access control measures, Widetech Manufacturing Sdn Bhd ensures that its alarm systems are safeguarded against unauthorised use, tampering, or breaches, maintaining the reliability and security of its operations in accordance with CTPAT and industry standards.

8. INCIDENT REPORTING

8.1 Immediate Reporting and Documentation of Security Incidents

All security incidents, including breaches, system malfunctions, or any other issues related to the alarm systems at Widetech Manufacturing Sdn Bhd, must be reported immediately to the Information Technology Department. This requirement ensures that swift action is taken to mitigate risks, minimise damage, and maintain the integrity of the company’s security framework.

Upon detection or awareness of an incident, the individual involved must:

Notify the Information Technology Department or the designated point of contact without delay, providing preliminary details of the incident, such as the time, location, and nature of the event.
Initiate any immediate actions required to contain or address the situation, such as activating backup security measures or alerting additional personnel.

All incidents must be thoroughly documented in the Incident Report Log, which serves as an official record for analysis, auditing, and compliance purposes. Each entry in the log should include:

Date and time of the incident.
Description of the incident, including the affected systems or areas.
Actions taken during the initial response.
Personnel involved in the response.
Any preliminary findings or suspected causes.

The Information Technology Department is responsible for ensuring that the Incident Report Log is complete, accurate, and securely stored for future reference and regulatory compliance.

By establishing a robust incident reporting and review process, Widetech Manufacturing Sdn Bhd ensures continuous improvement in its security practices and maintains compliance with CTPAT requirements and industry best practices. This approach reinforces the company’s commitment to protecting its assets, personnel, and operations from security threats.

9. ROLES AND RESPONSIBILITIES

To ensure the effective operation, maintenance, and monitoring of alarm systems at Widetech Manufacturing Sdn Bhd, clearly defined roles and responsibilities have been established for all stakeholders. This structure promotes accountability and facilitates the smooth implementation of security measures in compliance with CTPAT requirements.

9.1 Information Technology

The Information Technology holds overall responsibility for the management and oversight of the alarm systems and is entrusted with the following duties:

Operational Oversight: Ensures that all alarm systems are functioning effectively, including monitoring performance, managing configurations, and addressing any operational challenges.
Compliance Assurance: Guarantees that all security policies, procedures, and practices align with CTPAT requirements, industry standards, and internal protocols.
Audits and Inspections: Conducts regular audits and inspections of the alarm systems to assess their reliability, identify vulnerabilities, and ensure adherence to company security standards.
Incident Report Review: Reviews all documented incidents in the Incident Report Log, identifying trends or recurring issues, and recommending corrective actions where necessary.
Training and Guidance: Provides training and guidance to employees and other stakeholders on alarm system policies and procedures to promote awareness and compliance.

Coordination with Providers: Works closely with certified alarm system providers to ensure the proper installation, configuration, and integration of alarm systems across all facilities.
Maintenance Scheduling: Oversees the scheduling of routine maintenance and testing activities to ensure the reliability and longevity of the alarm systems.
Issue Resolution: Facilitates the prompt repair or replacement of alarm system components in the event of malfunctions, coordinating with vendors and service providers as needed.
Record-Keeping: Maintains records of all installation, maintenance, and repair activities, ensuring that they are accessible for audit and compliance purposes.

The Information Technology acts as the primary point of contact for all matters related to the alarm systems and ensures that any issues are addressed promptly and effectively.

9.2 Employees

All employees have an important role to play in maintaining the security of Widetech Manufacturing Sdn Bhd’s facilities. Their responsibilities include:

Observation and Reporting: Reporting any observed security issues, unusual activity, or alarm system malfunctions to the Information Technology Department immediately. This proactive approach helps to identify and address potential risks before they escalate.
Compliance with Policies: Adhering to all security policies and procedures, including those related to access control, alarm system operation, and incident reporting.
Supporting Incident Response: Assisting the Information Technology or other designated personnel during security incidents, as directed, to ensure an effective and coordinated response.

Employees serve as the first line of defence in maintaining a secure environment and are expected to act responsibly and promptly in all security-related matters.

10. COMPLIANCE AND REVIEW

This policy is subject to regular and thorough review to ensure it remains aligned with the evolving requirements of the Customs-Trade Partnership Against Terrorism (CTPAT) and effectively addresses any advancements in security technology or emerging risks to the company’s operations. These reviews are essential for maintaining a robust and adaptable security framework at Widetech Manufacturing Sdn Bhd.

10.1 Periodic Reviews

The Information Technology will coordinate periodic reviews of this policy, which will take place at least annually or more frequently if:

New CTPAT requirements or updates are introduced.
Significant technological advancements in alarm systems or related security measures are identified.
Security incidents occur that necessitate an evaluation of existing protocols.
Changes in the company’s operations or facility layouts introduce new security risks.

During each review, the following aspects will be evaluated:

The effectiveness of the alarm systems in detecting and responding to security threats.
The adequacy of current procedures and whether they align with best practices and industry standards.
Feedback from employees, contractors, and other stakeholders on the practical application of the policy.
Any patterns or trends identified in the incident report logs that indicate recurring issues or vulnerabilities.

Amendments or updates to the policy will be communicated to all relevant personnel, and training sessions will be provided to ensure continued compliance and awareness.

10.2 Ensuring Compliance

Strict adherence to this policy is mandatory for all personnel, contractors, and service providers involved in the operation, maintenance, or interaction with the alarm systems at Widetech Manufacturing Sdn Bhd. Compliance will be monitored through:

Regular audits conducted by the Information Technology to verify adherence to the policy.
Incident reviews to assess whether established procedures were followed appropriately.
Inspections of maintenance logs, access control lists, and other relevant documentation.

10.3 Consequences of Non-Compliance

Non-compliance with this policy will be regarded as a serious breach of company regulations and may result in disciplinary actions in accordance with the Employee Code of Conduct. Potential consequences include:

Verbal or written warnings for minor infractions.
Suspension or termination of access to alarm systems for individuals who fail to comply with protocols.
Formal disciplinary actions, up to and including termination of employment, for severe or repeated violations.
Legal action if non-compliance leads to a security breach or significant loss for the company.

Widetech Manufacturing Sdn Bhd is committed to fostering a culture of accountability and continuous improvement. By ensuring that this policy remains current and rigorously enforced, the company reinforces its dedication to maintaining high security standards, safeguarding its assets, and complying with CTPAT and industry requirements.

11. VISUAL AND PROCEDURAL DOCUMENTATION

11.1 Alarm Control Panel

11.2 Alarm Strobe Light

11.3 Alarm Backup Battery

Alarm Battery