Guide · IT

CCTV and access control inspection for the UK.

A practical guide to inspecting physical security systems on site, cameras, access control and alarms, with the privacy and signage evidence that a Surveillance Camera Code and UK GDPR review expects, from paper walkthroughs to a WhatsApp workflow your team already know.

Try the demo See pricing

14-day free trial. No card required.

The point

Software does not make the system compliant.

The competent installer or DPO does. Software makes the walkthrough easier to record, harder to miss a camera, and faster to hand to whoever signs it off. A good tool means nobody reconstructs which door failed, or which sign was missing, from memory in the car park afterwards.

Three systems, one walk

What a physical security inspection covers.

CCTV

Cameras, coverage and signage

Confirm each camera works, its field of view is right, footage is recording and retained, and the privacy signage the public sees is present and readable.

Access control

Doors, readers and fail states

Test readers, check that doors secure and release correctly, and confirm fail-safe or fail-secure behaviour matches the fire and security design.

Intruder alarm

Detection and response

Verify zones, tamper, and that a triggered alarm reaches the monitoring or response it is meant to, recorded with photos as evidence.

Privacy is part of the check

CCTV is personal data, not just kit.

A camera pointing at a public space processes personal data under UK GDPR, and the ICO expects signage, a lawful basis and a retention policy. A physical inspection that ignores the privacy side is only half done. Record the signage and the retention setting as you go, alongside the hardware.

Run security inspections on WhatsApp

No app install. No training.

Engineers use the phone they already have. Photograph the camera view, the sign, the reader. Dictate the fault. The report generates itself. Setup to first live workflow usually takes under a week.

Try the demo See pricing

A physical security system is only as good as its last honest inspection. The camera nudged off its view by a cleaner, the door that no longer fails secure, the privacy sign that fell off in the wind: none of them announce themselves. They surface when there is an incident and someone pulls the footage that was never recording. So the real question about CCTV and access control inspection software is not which tool has the slickest floor plan. It is which tool gets the walkthrough, and the privacy evidence, recorded accurately while the engineer is still on site.

The short version

  • A physical security inspection covers three systems on one walk: CCTV, access control and intruder alarm.
  • CCTV pointed at public space processes personal data under UK GDPR, so signage, lawful basis and retention are part of the inspection, not an afterthought.
  • The Surveillance Camera Code of Practice sets out principles for surveillance camera systems in England and Wales that a proportionate inspection should reflect.
  • Access control checks include fail-safe or fail-secure behaviour, which has to agree with the fire evacuation design.
  • Photo evidence at the point of observation, camera view, signage and reader, is worth more than a note typed up later.
  • The software captures the walkthrough and generates the report. It does not decide compliance. A competent installer or data protection officer does.

The point

What a physical security inspection is for

A physical security inspection confirms that the cameras, access control and alarm systems protecting a site actually work, cover what they should, and behave the way the design intended. It matters for safety, for insurance and, because surveillance touches personal data, for the law. A stale system is a liability that only reveals itself at the worst moment.

Software does not make the system compliant. The competent installer or data protection officer does. What software does is make the walkthrough easier to record correctly, harder to miss a camera or a door, and faster to hand to whoever signs it off. The tool's only job is to make on-site capture the path of least resistance for an engineer moving quickly through a large building.

CCTV and the law

Signage, retention and UK GDPR

A CCTV system that captures people processes personal data. Under UK GDPR and the Data Protection Act 2018, the operator needs a lawful basis, clear signage telling people they are being recorded and why, and a defined retention period after which footage is deleted. The ICO publishes video surveillance guidance that sets out what is expected. In England and Wales, the Surveillance Camera Code of Practice adds principles for public-space surveillance camera systems.

A physical inspection is the natural moment to check these: is the signage present and readable, is footage actually being retained for the stated period and no longer, is coverage proportionate to the stated purpose. Quickler captures the signage with a photo and records the retention setting as evidence. It does not decide whether your use of CCTV is lawful; that is a judgement for your data protection officer. Check the current ICO guidance and the applicable code, which have evolved.

Access control

Doors, readers and fail states

Access control is where physical security meets life safety. A reader test confirms a valid credential opens the door and an invalid one does not. But the more important check is behaviour on failure: a door on an escape route usually has to fail safe so people can get out, while a door protecting a secure area may fail secure. Getting this wrong is a fire safety problem as much as a security one, so the inspection has to confirm the fail state matches the agreed fire and security design.

Quickler records each door, its reader test and its fail-state behaviour with a photo, at the point of observation. It captures the evidence; it does not sign off that the fail-state design is correct. That is the competent installer's and the responsible person's call, coordinated with the fire strategy.

Alarms

Detection and response, verified

An intruder alarm inspection checks that detection zones cover what they should, that tamper protection works, and that a triggered alarm reaches its intended destination, whether a monitoring centre, a keyholder or an on-site response. The point that gets missed is the response path: an alarm that sounds but reaches nobody is a bell on a wall.

Quickler records the zone checks, tamper tests and the confirmed response path with photos and notes as the engineer works through the system. It stores that as timestamped evidence for the client, the insurer or the accreditation body. It does not monitor the alarm or replace the monitoring contract; it records that the inspection was done and what was found.

Pricing

Per report, not per seat

Most inspection apps charge per seat. For a security firm that is the wrong shape: the account manager who reads one report a month pays the same as the engineer filing four a week, and every subcontractor you add costs more.

Quickler charges per report, with unlimited users on every bundle. Bundles run from Quickler 50 at 50 pounds a month for 50 reports, up to Quickler 500 at 500 pounds a month for 500 reports. Add as many engineers, subcontractors, managers and admins as you like; you pay for the reports you file, not the people who could file them. Pricing is approximate and shifts, so check the current pricing page before you commit.

Questions, answered

What does a CCTV and access control inspection cover?

A physical security inspection covers three systems on one walk: CCTV (camera function, coverage, footage retention and privacy signage), access control (reader tests and fail-safe or fail-secure door behaviour), and intruder alarm (detection zones, tamper and the response path). Quickler records each with a photo at the point of observation and generates the report.

Is a CCTV inspection a data protection matter?

Partly, yes. CCTV that captures people processes personal data under UK GDPR and the Data Protection Act 2018, so signage, lawful basis and a retention period are in scope. The ICO publishes video surveillance guidance, and in England and Wales the Surveillance Camera Code of Practice adds principles for public-space systems. Quickler captures the signage and retention setting as evidence; whether your use is lawful is a judgement for your data protection officer. Check the current ICO guidance.

What is fail-safe versus fail-secure on an access-controlled door?

Fail-safe means the door unlocks on power loss so people can leave, usually required on escape routes. Fail-secure means the door stays locked on power loss to protect a secure area. The correct choice depends on the fire evacuation and security design, so an inspection confirms the fail state matches that design. Quickler records the observed behaviour; the design decision belongs to the competent installer and responsible person.

Can I run a security inspection over WhatsApp?

Yes. Quickler's workflow runs over the WhatsApp Business API. The engineer receives each question in their existing WhatsApp chat, replies with text, a voice note or a photo of the camera view or reader, and the completed report generates automatically. No separate app or login is required, and Quickler manages the WhatsApp Business API account on the firm's behalf.

Related guides

Keep reading

Related guides