Entity SPTL

BU Plant

Slno. GENERAL INFORMATION

1 What is the total land area included in the factory campus?

2 What is the occupation of total building floor area included in the factory
campus (Take photo of building. At external view)?
3 How many people are working in this facility on 1st shift?

4 How many people are working in this facility on 2nd shift?

5 How many security guards are present during 1st shift, and what is their
working time?
6 How many security guards are present during 2nd shift, and what is their
working time?
7 How many Contractual Labour / Adhoc Employees work in each Shift?

8 How many Employee / Visitor - entrances/exits gates are there?

9 At what time are gates secured in the evening?

10 At what time are gates opened in the morning?

Inputs / Details from Plant
Checklist Header and Filling Instructions
Entity SPTL
BU Plant
Colunm # Check list Header
A Sno.

B Broad Area

C Applicable (Yes/ No)

D Responsibility (Function)
E Details of available of
Documentation/ Evidence etc

Self Assessment Remarks by

F stakeholders

G Documented (Yes/Partial/ No)

ons

Instructions
Serial No.

Assertions / Questionarire / Coverage as per Audit Scope

Please check whether checkpoint is applicable to the facility? If yes, please check the "Audit Requirement" for
compliance self assessment. (Select from Drop -down Data Validation)
Tentative Responsilbility for Complying with the the Check point Assertion/ Risk.
(Please change / modify incase different stakeholders is aligned)
Audit Requirements include evidence to show compliance with controls e.g.:
1. Document; Records, Registers, SAP entries, Reports, Dashboards etc. Evidence in any form like soft / hard copy;
2. Email Communication;
3. Physical Verification / availability evidence;
4. CCTV backups;
5. Minutes of Meeting;
6. e-NFA;
7. Photo evidence
8. Sharefolders

Self Assessment Remarks: please provide comments whether the highlighted check point is applicable, if yes
whether Facility Management could evidence its compliance to auditors for the audit period as per Column-E. In
case there are exceptions, whether management is aware and has adequate approvals in place to address the
exceptions along with plan to address the issue in foreseen future.

Please check (yes) only if Documented Evidence / Data is available with the Security team prior to start of audit?
"Partial" if some data is available but complete details are not present for audit. Select "No" in case no supporting
document available / or in possession of management, may need exception approval.
Entity
BU
A
A.1

A.2

A.3

A.4

A.5

A.6

A.7

A.8

A.9

A.10

B
B.1

B.2

B.3

B.4

B.5
B.6

B.7

C
C.1

C.2
C.3

C.4

C.5

C.6

C.7

C.8

D
D.1

D.2
D.3

D.4

D.5

D.6

D.7

D.8

D.9

D.10

E
E.1

E.2

E.3

E.4

E.5

E.6
E.7

E.8

E.9

E.10

E.11

E.12

E.13

E.14

E.15

E.16

E.17

E.18

F
F.1
F.2

F.3
F.4

F.5

F.6

F.7

F.8
F.9
F.10

G
G.1

G.2
G.3

X
SPTL
Plant
Existence and Review of Security Policy & Procedure;
Whether Security Manual, SOPs, Guidelines are documented and archieved in one place for ready reference?

Whether all security policy and guidelines are in line with Vedanta Philosophy of security?

Whether clear Code of Conduct have been defined and rolled out for all employees and partners ?

Whether clear policies, manuals and guidelines have been defined w.r.t.
- Deployment of security personnel,
- Violation reporting - Theft, Loss, negligence, etc.
- Corrective Action Procedures,

Whether BU maintains documented procedure defining access controls around Physical Access Controls and Security
Measures for all employees required to present identification upon entering the facility?
Whether BU maintains documented procedure defining access controls around Physical Access Controls to control the
issuance of keys, and are keys recovered and/or locks changed in the event of employee exit?
Whether BU maintains documented procedure defining access controls around Physical Access Controls and Security
Measures around employee ID system to control access to authorized areas only?
Whether BU maintains documented procedure defining access controls around Physical Access Controls and Security
Measures defining the controls for visitor access to facility?
Whether BU maintains documented procedure defining access controls around Physical Access Controls and Security
Measures around DOA / Approval Matrix for Material Moving IN or OUT of the facility?
Whether BU have IT Security Policies and procedures in place?

Security Manpower and overall arrangements.

Whether BU has clearly defined Organizational Structure of Security Department, wthether it is documented and
displayed at approprite places ?
Whether BU has clealy defined Authority, Roles and Responsiblities Matrix for security personnel deployed at the
premises?
Whether BU maintain and regularly update list of secuirty persons, personal profiles for all security personnel deployed
on and around premises e.g. name, age, blood group, background check, qualifications, locations maps- deployed at
etc. inluding separate list of ex-service men presently deployed?
Whether BU maintain and regularly update Training and Deployment calendar, Security Mock Drill schedule, Security
Briefing minutes(MOM) and Job Rotation log books ?
Whether BU maintains and regularly update list of all Black Listed Serurity Personnel?
Whether BU maintains and regularly update list of License of fire arms and ammunition used by deployed Security
Personnel?
Whether BU maintains and regularly update Police Back Ground Verification for all Security Personnel Deployed by the
Security Agency?

Security Contracts - Tendering, negotiations, Fixation of Security,

Whether BU maintains and regularly update Security Contracts with Security Agencies along with all Addendums and
Annexures for last three FY ? Whether Security Contracts are archived and readily available for reference?

Whether vendor selection backup papers for all the Security Agencies for last three FY are archived and readily
retrivable , docuemnts like ;
- Comparative quote analysis
- Negotiations file note
- Approval etc
Whether BU has introdued any new Security Agency in last FY, if yes ? Whether complete backup of all Vendor selection
and deployemnt are readily available?
Whether all Security Contracts are within defined and approved Security Budget ? Exception if any has been approved
as per applicable DOA?
Whether all Security related Capex have been within defined and approved Security Budget ? Exception if any has been
approved as per applicable DOA?
Whether BU maintains and regularly update list of all operational / non-operational Security Capex (e.g. IT
Equipments, Security Equipments etc. )
Whether BU maintains AMC contract for Security Infrastructure (e.g. IT Equipments, Security Equipments etc. )?

Whether BU has valid PO in place for all AMC contract for Security Infrastructure and Fire Fighting Equipment?

Reporting and Monitoring

Whether BU maintains a record of exceptions/ violation including incidence of theft, burglary, pilferage, violence,
intrusion, trespassing, etc along with the details of corrective actions taken, if any?
Whether BU made presentations to Senior Management w.r.t. Security Assessment on a regular basis?
Whether BU maintains, regularly update and share Daily and Monthly Security MIS including (Cases around Security
Hazards, Near Misses, Accidents, theft, burglary, pilferage, violence, intrusion, trespassing, etc along with the details of
corrective actions taken)?
Whether BU keep details of Overtime for all security personnel? If yes, whether approvals for overtime in case of
contractual labour "Requisition form" from authrorized official have been taken and documented for future reference?

Whether BU keep adequate monitoring around Security Capex planned and in progress (Budget, CERs, Actual
expenditure, expected completion date, actual completion date, payback, etc.)?
Whether BU has done any Risk Assessment / Third Party review / Certification / Audit on Security situation in last 3 FY?

Whether BU maintains and regularly update list of all Security Hazards present with in the premises (e.g.
Malfunctioning / non-operating equipment's, area under repair/ re-constraction etc.)
Whether BU maintains and regularly update Statutory records of Principal Employer with respect to the labour Act for
Security Personnel?
Whether BU maintains complete reords for Contractual Labour and Adhoc employees working within the facility?

Whether BU ensures job rotation within adequate time for all Security Personnel Deployed within facility?

Physical Access Management and Security;

Whether facility has physical barrier such as a 100% fencing or equivalent to protect the company premise? If no,
whether unprotected area is identified and guarded properly?
Whether BU has more than one Entry / Exits? If yes, whether all Entry/ Exits have been manned / guarded as per
Contract ?
Whether BU ensures access controls provided positive identification of all employees, visitors and vendors at all points
of entry?
Whether BU provide access to visitors only on presenting photo identification for documentation purposes upon
arrival? Does company management or security personnel adequately control the issuance and removal of employee,
visitor and vendor identification badges?
Whether only employees are given access to those secure areas needed for the performance of their duties?

Whether Emergency Exit Plan has been displayed on all pre-identified areas as per security layout plan?
Whether BU / Facility has alarm systems and video surveillance cameras utilized to monitor premises and prevent
unauthorized access to critical
areas?
- Is alarm system activated when the facility is not occupied?
- Is the alarm system monitored?
- is the alarm and video surveillance cameras are on power back up?

Whether BU maintains a separate Security Control Room to monitor all Security Cameras/ CCTV installed along with
Location ? Whether CCTV recording are being archived for resonable period of time? Whether a log book is maintain for
its physical access and maintenance?
Whether Security Control Room has readily available Layout Plan for the premises along with Security Deployment
information?
Whether BU maintains list of all authorized officials / personnel incase of emergency at Entry Gate, Reception and
Control Room?
Whether BU maintains log book for details of security infrastructure not working ?

Whether BU maintains a list of all key registers along with serial number and time period? Whether all key registers are
archived for last 3 FY for ready reference?
Whether BU maintains list of all authorized officials allowed to entertain visitors in office along with Specimen
Signature Copy?
Whether Security Briefing and Emergency Exit Plan have been shared with all Visitors before entry?

Whether BU has a separate parking area for private vehicles, separate from the shipping loading dock and cargo areas?
Do barriers or other means separate parking area from shipping dock areas?
Whether BU captures and maintains details of all Vehicle entering and Exiting the facility either manually or digitally
through CCTV / motion sencoring cameras?
Whether BU has practice of physical checking all vehicle entering and exiting the facility? If yes, whether records have
been maintained for exceptions noted?

Control over incoming and outgoing material;

Whether BU maintains separate Gate Entry registers for all Incoming / Outgoing Material?
Whether BU maintains separate area for Incoming Material / Weighment and Outgoing Material / Weighment? If no,
whether separate man power deployed to handle Material IN and Material Out Weighment recording?

Whether BU maintains and regularly updated a list / register of all company and contract vehicles ?
Whether BU ensures Drivers present photo identification prior to cargo being received / released to / from their
custody?
Whether BU maintains list of all authorized officials at Entry / Exit Gates who can authorize material movement ?

Whether BU maintains complete details of Weigh-bridge along with time roll of security personnel deployed at Gate
Entry?
Whether BU maintains / create log in separate register for material uploading activities carried out on holiday &
beyond working hours?
Whether BU maintains Shift records/Attendance register for security personnel and contractual labourer ?
Whether BU have Procedures and Security Controls in place to track the movement of all departing Cargo?
Whether BU maintains and track Purchase Rejections and Sales Return separately including all vehicle movements
associated with it?

Other Security Aspects

Whether BU has done Security Assessment Exercise in past two quarters w.r.t.
- Quality and Coverage of information captured by Security Infra including review and reconciliations;
- Adequacy of Security Infrastructure including equipment and Statffing;
- Maintenance of Security Infrasrtructure;
- Training and Security Mock Drills
- Emergency Preparedness;

Whether BU has adequate Power Back system for Security Infrastructure?

Whether BU has adequate Security Manpower deployment at Night and on Holidays?

X
Applicable Responsibility Details of available of Self Assessment Remarks by
(Yes/ No) (Function) Documentation/ Evidence etc Stakeholders

Security

Security

HR/ Admin

Security

Security

Security

Security

Security

Plant Head

IT/ Technical
Services
Applicable Responsibility Details of available of Self Assessment Remarks by
(Yes/ No) (Function) Documentation/ Records etc Stakeholders

Security

Security

Security

Security

Security

Security

Security

Applicable Responsibility Details of available of Self Assessment Remarks by

(Yes/ No) (Function) Documentation/ Records etc Stakeholders

SCM

SCM
 SCM

Finance

Finance

Finance

SCM

SCM
Applicable Responsibility Details of available of Self Assessment Remarks by
(Yes/ No) (Function) Documentation/ Records etc Stakeholders

Security

Security

Security

Finance

Finance

Security

Security

HR/ Admin

HR/ Admin

Security
Applicable Responsibility Details of available of Self Assessment Remarks by
(Yes/ No) (Function) Documentation/ Records etc Stakeholders

Security

Security

Security

Security

Security
Admin /
Security
 Admin /
Security

Admin /
Security

Admin /
Security
Admin /
Security
Admin /
Security
Admin /
Security
Admin /
Security
Admin /
Security
Admin /
Security

Security

Security

Applicable Responsibility Details of available of Self Assessment Remarks by

(Yes/ No) (Function) Documentation/ Records etc Stakeholders
Security

Security

Security

Security

Security

Security

Security

HR/ Admin
Security

Security

Applicable Responsibility Details of available of Self Assessment Remarks by

(Yes/ No) (Function) Documentation/ Records etc Stakeholders
 Security

Security
Security

X X X X
 Documented
(Yes/ Partial / No)

Documented
(Yes/ Partial / No)

Documented
(Yes/ Partial / No)
 Documented
(Yes/ Partial / No)

Documented
(Yes/ Partial / No)
 Documented
(Yes/ Partial / No)

Documented
(Yes/ Partial / No)
X X X X