Cannabis Businesses Need a Yearly Facility Security Audit
The STIRM Group provides physical security audits completed by an internationally board-Certified Protection Professional and Certified Fraud Examiner specializing in internal controls and top-down failures. Our team has handled the security for nuclear, criminal, transportation, high-value, and high-risk components.
The CCC also certified the STIRM Group to provide the required annual security audits and reports [in accordance with 935 CMR 501.110(10)]. In addition to being CCC RVT-approved vendors, STIRM brings forth our security-industry expertise to the annual audits to go above and beyond the CCC requirements and provide complete risk-mitigation analysis.
Our physical security audits consist of three phases:
- First is the review of the company’s security and emergency response policies and procedures, which is performed off-site. We ask that the client forward a PDF version of all the company’s security and emergency response policies and procedures when they sign the contract. Once the policies and procedures are deemed to comply with CCC regulations and industry best practices, we will move to the next step.
- Next is the physical, in-person inspection. We examine every piece of security equipment, including all security systems, locks, cameras, motion detectors, door alarms, glass alarms, entries, exits, trash receptacles, and more, to ensure that it is working properly and that the required data is being maintained properly. All potential means of entry or exit are checked for tampering, that the individual locks are working properly, and they are in good working order. Typically, we will start the exterior portion of the audit during the early morning hours to ensure the exterior security lighting is working properly. Penetration testing is performed on every potential means of egress to ensure each method is secured and the locking and alarm mechanism for each point of egress is working properly. Outside trash is verified to comply with CCC requirements. We will review your cash-handling and transportation procedures for vulnerabilities. The physical security audit must be completed during off business hours, either before facility opening or after closing. We will coordinate any inspections and testing with the CCC, local police and fire departments, and the client’s alarm company in advance. We will notify you of the scope of work, the date and time, and who is scheduled to be on site from both the client and SG.
- The final inspection report is sent to our client via certified mail within 15 days of the physical inspection, so it is available for you to submit to the CCC within 30 days of the completion of the security audit in accordance with the statute.The report will include exterior and interior pictures of the facility. Any discrepancies we discover are photographed and documented in the final inspection report. Besides being CCC mandated, our security, mystery shopper evaluations, and reports can be submitted to your insurance carrier, as some insurance companies offer a discount for having yearly security audits completed by a qualified security professional. Our security audits are customizable to your needs. Not only will you be CCC compliant, but we will help you to actively manage and mitigate your risk as a business owner, manager, or stakeholder.