Theory

Security

The Old Dutch word “veil” means “without danger.” “Safe” refers to a situation without danger. “Safety” can either refer to the degree of absence of potential causes of a dangerous situation, or to the degree of absence of protective measures against those potential causes.

In Dutch usage, a distinction must be made between “safety” and “security.” Safety concerns accidental or unintended incidents such as fire, short circuits, workplace accidents, and food safety, whereas security concerns intentional incidents such as burglary, aggression, and sabotage.

Social safety refers to the extent to which people feel protected against threats to their physical, psychological, and social integrity caused by human behavior. The concept has both an objective aspect (the actual occurrence of incidents such as violence, intimidation, or discrimination) and a subjective aspect (the feeling of safety that people experience).

Vertas focuses primarily on security and social safety. Safety falls outside that framework but still requires elaboration. The instrument known as a Risk Inventory and Evaluation (RI&E) is well suited for that purpose.

Environmental psychology

The field of environmental psychology studies the interaction between people and their physical surroundings, and how this interaction influences behavior, well-being, and safety. By understanding how people experience and use spaces, we can design environments that positively influence behavior and enhance feelings of comfort and safety.

Key areas of focus include:
• Experience and perception: how people perceive a space in terms of clarity, safety, and sense of security.
• Behavioral influence: encouraging desirable behavior and discouraging undesirable behavior through design and layout.
• Social interaction: facilitating encounters and connections between people to strengthen social cohesion.
• Stress reduction and well-being: creating environments that reduce stress and promote mental well-being, for example through (natural) light, greenery, and quiet zones.

When identifying potential risks and formulating related recommendations for the interior of a building, the following principles from environmental psychology can be applied:

Environmental Stress Theory

The environmental stress theory describes how environmental factors such as noise, crowding, temperature, and lack of privacy can cause psychological stress. When these stimuli are unpredictable or uncontrollable, they can lead to feelings of insecurity, mental overload, and loss of self-regulation.

Acoustics

Good acoustics are essential for reducing environmental stress and overstimulation. In environmental psychology, noise pollution is considered a major stressor that increases cognitive load, reduces the sense of safety, and raises the risk of escalation or withdrawal behavior.

Privacy

Privacy is a fundamental environmental-psychological need that enhances the sense of autonomy, control, and safety. Visual, auditory, and physical privacy all contribute to feelings of autonomy and security—an essential factor for individuals or groups with heightened vulnerability or trauma.

Prospect & Refuge Theory

The Prospect & Refuge Theory posits that people feel safest in environments where they have both visual overview (prospect) and the ability to shield themselves or withdraw (refuge). This balance between openness and protection supports a sense of control, orientation, and psychological calm.

Control and Choice

Experiencing control over one’s environment—such as choosing where to sit, when to engage with others, or adjusting light levels—reduces stress and enhances well-being. This aligns with self-determination and autonomy, key factors in the perception of safety.

Crowding and Capacity

Crowding refers to the subjective experience of too many people in too little space, regardless of square footage. Social density determines whether residents experience stress or control. Spatial design can positively or negatively influence this perception.

Defensible Space

The Defensible Space theory emphasizes that physical environments should be designed in ways that foster a sense of ownership among residents. This promotes social control, discourages undesirable behavior, and enhances the feeling of safety. Clear boundaries between private, semi-private, and public spaces are crucial.

Arousal Theory

The Arousal Theory holds that both excessive and insufficient stimulation (arousal) negatively affect behavior and well-being. A balanced level of stimulation promotes alertness and relaxation, while imbalance can lead to stress, fatigue, or boredom.

The Stress Curve (Yerkes and Dodson Law) illustrates this relationship between arousal and performance.

Attention Restoration Theory

The Attention Restoration Theory suggests that exposure to natural elements helps restore mental fatigue and reduce stress. Greenery and natural light provide calming stimuli and improve overall well-being.

CPTED

Crime Prevention Through Environmental Design (CPTED) — in good Dutch, Veilig Ontwerp en Beheer (VOB) — is a globally recognized approach that prevents crime (objective) and enhances the sense of safety (subjective) by adapting the physical and social environment.

First-Generation CPTED

The so-called first-generation CPTED, focusing on the physical environment, considers aspects such as:
• Visibility – sightlines, lighting, and natural surveillance (“being seen”)
• Clarity and legibility – defining ownership and permissible activities (“what belongs to whom, and what is or isn’t allowed here?”)
• Access control and compartmentalization – managing who may or may not enter certain areas
• Attractiveness and maintenance – keeping areas clean, green, intact, colorful, and well cared for

Second and Third Generations

In addition, second-generation CPTED promotes social cohesion, community connectedness, and adequate facilities, while third-generation CPTED focuses on sustainable, inclusive, and equitable communities, as well as green, biodiverse, and healthy environments.

Recommendations based on identified risks can fall within the domains of design (layout and physical measures), management, organization, and communication.

CPTED in the Netherlands

In the Netherlands, CPTED is promoted by the Stichting Veilig Ontwerp en Beheer (SVOB), which serves as one of the national chapters of the International CPTED Association (ICA).
The CPTED methodology is partly based on ISO standard 22341:2021 and European standard CEN/EN 14383-1.

Certified CPTED Experts (RCEs) apply CPTED principles in their professional practice, and the SVOB manages the official RCE register. In 2024, InHolland University of Applied Sciences established a research group dedicated to CPTED and VOB.

National Instruments and Policy Support

Several CPTED-based instruments in the Netherlands are managed by the Centre for Crime Prevention and Safety (CCV), including:
• The Police Label for Secure Housing (PKVW)
• The Secure Business Certification Scheme (Keurmerk Veilig Ondernemen)
• The Safety Impact Assessment (Veiligheids Effect Rapportage, VER)

The Ministries of Justice and Security and the Interior and Kingdom Relations actively support the CPTED philosophy. They have recently co-funded the development of the New Handbook for Veilig Ontwerp en Beheer, published by SVOB, and have previously supported other initiatives such as the PKVW.

Applications Beyond Public Space

Although CPTED was originally developed for application in public spaces, its principles are equally relevant as a first step in security management within buildings or industrial sites.
Organizations such as Rijkswaterstaat and the Government Real Estate Agency (Rijksvastgoedbedrijf) use CPTED as an instrument in their strategies for enhancing social safety.

www.svob.nl

Security Risk Management

Security Risk Management (SRM) encompasses the entire process of identifying, assessing, controlling, and monitoring security risks. Risks are assessed based on threats (potential incidents), interests at stake, and the existing level of control. Based on the outcomes of this assessment, an organization can choose to accept, control (by reducing the likelihood or mitigating the impact), or avoid certain risks.

There is an important distinction between security management and security risk management during the assessment process:

Security management assumes that an incident can occur anytime and anywhere.

Security risk management, on the other hand, involves an explicit risk trade-off and prioritization process.

Policy Framework

To make such risk-based decisions—aligned with organizational objectives—policy choices are required.
This security policy, which applies to all sites and assets of the organization, should describe, among other things:

the security objectives to be achieved,

the threat profiles considered,

the assets and interests to be protected (both for the organization and its immediate environment),

the incident scenarios (types and frequencies) that are taken into account, and

the method of risk assessment used.

The results of the risk assessment are also recorded within this policy framework.

The Three Security “Gates”

Within the SRM approach, three “gates” are distinguished—each representing a potential point of intrusion:

The logical gate (cyber) – concerning digital and information security

The personnel gate (reliability) – concerning insider threats and trustworthiness

The physical gate (protection) – concerning access and physical safeguarding

Each gate requires its own detailed elaboration.
In the context of this assignment, we focus solely on the physical gate.

Control Measures

The policy choices described are translated into control measures, which are categorized as:

Organizational

Structural (or architectural)

Electronic
(often referred to together as OBE measures).

Additionally, the effectiveness and cost-efficiency of each measure are evaluated along the security chain, consisting of the following stages:

Proaction – eliminating risks as much as possible during the design phase (e.g. CPTED, zoning, architectural adjustments)

Prevention – controlling residual risks through additional measures (e.g. access control, CCTV)

Preparation – preparing for potential incidents (e.g. training, exercises, procedures, and instructions)

Pre-emption – intervening before an incident occurs (e.g. surveillance, profiling, monitoring)

Repression – responding during an incident (e.g. deployment of security staff, enforcement officers, police)

Aftercare – support following an incident (e.g. assistance, counseling, incident registration)

Integrated Process Control

By applying this security chain, the entire process of risk control is managed in a structured and coherent way.
The earlier measures are implemented within this chain, the more cost-effective the overall risk management process becomes.

Policy development, including the formulation of objectives and Security Impact Assessments (SIA), precedes this operational process.