[BCM] [MBS] [E3] [BIA] [DP] [CBF] [6] Security & Surveillance

Sub-CBF / Process

Key Activities

Example at MBS

CBF-6.1 Access Control & Identity Management

• Granting, revoking, maintaining staff, guest, contractor access credentials (badges, biometric, cards).

• Controlling physical access to sensitive areas (casino vaults, server rooms, restricted zones).

• Visitor registration, screening.

• Integration of access control systems with HR / staff systems for timely updates.

At MBS, the CEM access control system is used. For instance, fingerprint readers in high-security areas, staff visitors, etc.

CBF-6.2 Surveillance & Monitoring

• CCTV / video monitoring (gaming / non-gaming / public spaces).

• Central Monitoring / Security Operations Centre (SOC) that watches alarms, alerts.

• Patrols by security officers.

• Monitoring of staff behaviour for policy compliance (both in guest‐interaction, cash handling, etc.).

• Event monitoring (e.g., for large conventions or theatre shows).

MBS has a dedicated role of Surveillance Officer (Casino) monitoring gaming, non-gaming, and cash areas. Also, Surveillance Technician roles for installation, maintenance and response.

CBF-6.3 Security Operations / Response

• Security patrols, guard deployment.

• Emergency response (fire, bomb threat, medical emergency, crowd control).

• Coordination with external agencies (police, fire department).

• Incident command during a crisis.

• Post-incident recovery & investigation.

At MBS: “Security Officer (Hotel/Casino/Mall)” duties include responding to emergencies and alarms, bomb threats, building evacuation, and crowd management. Also, Security Planning Executive plans for events, contingencies, site-walks, etc.

CBF-6.4 Equipment Maintenance & Technical Surveillance Infrastructure

• Installation, commissioning, testing, and calibration of CCTV, sensors, alarms, etc.

• Routine maintenance (cleaning, replacing parts, checking function).

• Responding to breakdowns.

• Ensuring redundancy (extra cameras, backup power supplies, spares).

• Firmware/software patching for surveillance systems or access control / networked control.

MBS has “Surveillance Technician” jobs covering installation, commissioning, maintenance, testing, and repairing of CCTV & other equipment.

CBF-6.5 Security Administration & Policy Management

• Developing, updating security policies, procedures, SOPs (access, incident response, surveillance, emergencies).

• Licensing, regulatory compliance (e.g., casino regulations, privacy and data protection laws, PLRD security license).

• Record keeping: incident logs, staff training, audit trails.

• Staff recruitment, rostering/shift scheduling.

• Budgeting for security: tools, manpower, upgrades.

Examples: the Administrator (Surveillance) role at MBS handles internal files, budget reports, accounting, procurement for equipment leases, and maintaining personnel records. Also, the Security Planning Executive handles contingency planning for events.  Licensing (e.g. PLRD license) requirement for security staff.

CBF-6.6 Training, Drills & Human Resources Security

• Security staff training (use of CCTV, access control, emergency response, first aid, conflict de-escalation).

• Regular drills (fire, evacuation, bomb threat, mass casualty, etc.).

• Continuity of staffing (backup, relief, cross-training).

• Screening, background checks of security personnel.

• Health, safety, and welfare of security staff.

At MBS, roles require PLRD licensing; Surveillance Officers and Security Officers work in shifts, including nights, weekends, and public holidays. careers.marinabaysands.com+2careers.marinabaysands.com+2 Also, training expectations are part of job descriptions.

CBF-6.7 Incident Reporting & Investigation

• Logging of security & safety incidents (loss, theft, trespass, fraud, damage, accidents).

• Immediate investigation of anomalies, breach of policy, and equipment failure.

• Liaison with legal / insurance / regulatory bodies as needed.

• Root cause analysis; implementation of corrective/preventive actions.

• Communication to stakeholders.

Example: Surveillance Officers’ job includes responding to suspicious activity and escalating. The Administrator Surveillance tracks data and logs. After events (e.g., major event security), a post-event review is done. While specific published examples are less visible, these are standard in large resorts like MBS.

CBF-6.8 Event Security & Crowd Control

• Pre-event risk assessment; security planning for conferences, shows, and large visitor influxes.

• Deployment of additional security/surveillance resources.

• Managing ingress, egress, crowd density, and crowd flow.

• Communication (public announcements, signage).

• Contingency planning for worst-case (stampedes, panic, evacuation).

At MBS, the Security Planning Executive role includes attending pre-event meetings, site walks, briefing stakeholders, planning resources, and contingency for major events. careers.marinabaysands.com

CBF-6.9 Access to External Support & Liaison

• Coordination with external agencies: police, fire, emergency medical services, regulatory bodies.

• Outsourced monitoring/backup facilities.

• Mutual aid and contracts with vendors/service providers.

• Legal & compliance liaison, especially for regulatory compliance.

MBS must comply with Singapore’s regulatory/licensing regime. For example, casino regulation, external law enforcement in security incidents. Also, Fire / SCDF in emergency response.

CBF-6.10 Security & Surveillance Business Continuity Tasks

• Defining acceptable downtime/service levels for security systems (CCTV, alarms, access control).

• Backup power / UPS for surveillance & security systems.

• Redundancy in critical equipment.

• Alternative operating sites or remote monitoring in case of disaster.

• Business continuity planning specifically for the security function: what happens if the surveillance centre is disabled, or the security staff are incapacitated.

For example, ensuring CCTV is on backup power; staff trained so that if the core monitoring room is inaccessible, another location can assume monitoring; scheduled testing of alarms and equipment. While MBS roles show maintenance and technician work, likely these processes exist, though not all in the public domain.

Sub-CBF / Process

Dependencies / Inputs

Outputs / Deliverables

Role in Continuity / Risk Mitigation

CBF-6.1 Access Control & Identity Management

• Access control hardware/software (e.g., badge readers, biometric readers).

• HR data on staff movement, roles.

• Policies on clearance, levels.

• Integration with surveillance/alarm systems.

• Logs of access events.

• Real-time status of restricted‐area entries.

• Alerts on access violations.

• Regular audits of access permissions.

• Prevents unauthorised entry and insider threats.

• Minimizes risk of theft, sabotage, or other damage.

• Enables quick lockdown or response if a breach occurs.

• Supports forensics after an incident.

CBF-6.2 Surveillance & Monitoring

• Surveillance hardware (CCTV, sensors), communication channels.

• Trained surveillance officers, standard operating procedures (SOPs).

• Power and network redundancy.

• Procedures for escalations, incident logging.

• Real-time detection of safety/security incidents.

• Recorded video evidence.

• Incident reports.

• Alerting and escalations.

• Periodic surveillance audits and coverage assessments.

• The “eyes” to detect issues early (fire, crowd congestion, intrusion, suspicious behavior).

• Enables timely response to avoid escalation.

• Essential for subsequent investigations and for restoring operations.

CBF-6.3 Security Operations / Response

• Well-defined emergency plans; communication systems; training and drills; staffing and shift planning; coordination protocols; backup power.

• Incident response plans; Drill reports; Post-incident analysis and corrective actions; Notification to stakeholders.

• Limits damage during incidents; ensures safety of guests, staff; quick restoration of operations; supports resilience.

CBF-6.4 Equipment Maintenance & Technical Surveillance Infrastructure

• Technical teams; supply of spare parts; IT / network support; vendor maintenance contracts; defined schedules; documented testing.

• Maintenance logs; uptime reports; fault-incident reports; replacement schedules; system performance statistics.

• Ensures that surveillance & access control systems are reliable, preventing gaps in coverage or failures when they are most needed; supports detection and response.

CBF-6.5 Security Administration & Policy Management

• Regulatory requirements; Risk assessments; Internal audit findings; HR data; budget approvals; stakeholder input.

• Approved policies; Compliance certificates; Training records; Budget reports; Roster and manpower plans.

• Ensures clarity of roles and responsibilities; legal compliance; prevents lapses due to undefined processes; supports consistent, reliable security operations; ensures readiness.

CBF-6.6 Training, Drills & Human Resources Security

• Training curriculum; external agencies; internal safety / HR department; scheduling; budget.

• Certified staff; Drill evaluation reports; Staffing backups; Documented competencies; Fitness for duty records.

• Staff readiness ensures that when incidents occur, response is effective; reduces human error; ensures resilience if some staff are unavailable; supports quick recovery.

CBF-6.7 Incident Reporting & Investigation

• Incident logs; CCTV evidence; staff reports; access logs; policies; legal counsel; insurance.

• Incident reports; forensic evidence; improvement plans; recommendations; updated SOPs.

• Helps prevent recurrence; limit liability; supports continuous improvement; ensures lessons learned feed back into the system to strengthen resilience.

CBF-6.8 Event Security & Crowd Control

• Event schedules; expected attendance; floor/layout plans; coordination with other departments (events, hospitality, facilities).

• Security manpower; temporary infrastructure; surveillance coverage; communication systems.

• Event security plans; staffing rosters; traffic / crowd flow plans; contingency / evacuation plans; after-event evaluation.

• Large events are higher risk; proper control avoids incidents that could damage brand/cause injuries; ensures continuity of business functions (events revenue, guest safety).

CBF-6.9 Access to External Support & Liaison

• Contact directories; formal memoranda or contracts; clear escalation pathways; mutual understanding in crises; regulatory frameworks.

• Agreed protocols; contact lists; joint drills; formal SLAs; regulatory approvals, certificates.

• In major incidents, internal capacity may be exceeded; external support ensures recovery; regulatory non-compliance penalties avoided; trust & reputation maintained.

CBF-6.10 Security & Surveillance Business Continuity Tasks

• Infrastructure - power / generators; spare equipment; offsite backups; staff cross-training; risk scenarios; BCM plans.

• Continuity plans & playbooks; testing and validation; resource inventories; rosters with backups; alternative workflows.

• Ensures that security & surveillance does not become a single point of failure

• Enables MBS to maintain safety & security even during disasters (fire, flood, power outage, IT failure, etc.).

• Essential to overall business continuity.

Dependency / Enabler

Potential Risks / Failure Points

Mitigation / BCM-related Controls

Reliable power supply, backup generators / UPS

Power failure could bring down CCTV, alarms, and access control.

Backup generators; uninterruptible power supplies; periodic testing; redundancy.

Network/data connectivity

Surveillance systems are increasingly IP-based; a network outage affects real-time monitoring.

Dual network paths; offsite backups; local storage with fallback; resilience in network design.

Skilled manpower, shift coverage

Staff sickness, mass absence, or event overload could reduce monitoring/response capability.

Cross-training; hiring enough roster; overlapping shifts; contract/temp support; defined roles for backup.

Equipment maintenance and spare parts supply

Delay in repair or lack of spare kills coverage; broken cameras leave blind spots.

Preventive maintenance schedules; stock of critical spares; maintenance contracts, monitoring of equipment health.

Regulatory/legal compliance

Non-compliance (e.g., casino regulations, licensing, privacy laws) leads to fines, shutdowns.

Regular audits, legal reviews, ensuring licenses, keeping policies updated, and staff training.

Physical threats (terrorism, natural disasters, fire, flood)

Could damage facilities, disrupt operations, risk lives.

Emergency planning; building design that resists hazards; evacuation plans; fire suppression; external agency coordination.

System failures (alarm, software, server)

Could disable access, monitoring, and notifications.

Redundant systems; failover; testing; backup software/cloud options.