The needs can be determined by the use of accurate threat and vulnerability analyses. Factors affecting threats are the geographic location, the environment surrounding the facility, the proximity to population centers, the sensitivity of the data, the importance of the target, the opportunities for attack, and the security awareness of the organization. The vulnerability analysis should address four categories of vulnerability: administrative, physical, technical, and personnel. This analysis should also include a review and revalidation of security and safety policies and procedures as well as their basic assumptions. The information from these analyses should be processed using the threat matrix approach to develop an integrated security system designed to be effective at the specific site. Figures. (Author abstract modified)