RDI
Menu
Start with RDIAssess maturity

RDI workflow

After-Hours Security Monitoring & Intruder Detection

the evidence system live view and cloud/local recordings enable PMs, site managers, and security officers to remotely detect, review, and respond to after-hours activity including trespass, break-ins, and unauthorised vehicle access.

Category
Security, Theft & Access Control
Frequency
Very Common
Confidence
High
Evidence records
35
Cost model
Qualitative

Trigger, activity, conclusion

01 · Trigger

An after-hours breach or suspicious event is identified — found by site staff on arrival, flagged during proactive overnight monitoring, triggered by a third-party security service, or surfaced by a motion detection alert.

02 · Activity

Reviewing preserved footage from the relevant after-hours time window to establish what occurred, who was involved, when, and what was damaged or removed.

03 · Conclusion

A footage clip with timestamps is exported and handed to the police. An insurance notification is raised if property was damaged. Protective measures implemented.

Workflow steps

  1. Step 01

    After-hours incident trigger occurs — a break-in discovered on arrival, a motion alert fires, a security company logs an alarm activation, or PM notices suspicious activity.

    Inferred
  2. Step 02

    Site manager or PM accesses the evidence system remotely and navigates to the relevant camera views for the period of suspected activity.

    Evidenced
  3. Step 03

    Cloud recordings reviewed to identify nature of incident: entry point, time of first appearance, number of individuals, vehicle(s), route through site, time of departure.

    Evidenced
  4. Step 04

    Identifying details noted: vehicle type, colour, partial/full plate, distinctive features of individuals, direction of approach and departure.

    Inferred
  5. Step 05

    If cloud recording resolution is insufficient, a local HFR recording export requested from the evidence system support for the relevant time window.

    Evidenced
  6. Step 06

    Relevant footage clips exported from the the evidence system platform and shared with site security and/or police.

    Evidenced
  7. Step 07

    Police provided with precise timestamps of the incident — the primary data point enabling cross-reference with adjacent public CCTV, ANPR, or traffic cameras.

    Inferred
  8. Step 08

    Insurance notification raised if incident involved property damage, theft, or entry to secure areas — footage provided alongside a damage/loss assessment.

    Inferred
  9. Step 09

    Footage retained as a formal record of the incident in the project archive.

    Evidenced
  10. Step 10

    Protective responses implemented before the next working day — changed access codes, additional barriers, reinforced perimeter — based on entry method identified from footage.

    Inferred

Evidence records

The timestamps were the key — even though we couldn't read the plate clearly, the police used the exact time from the evidence system to pull the vehicle from the council CCTV on the road outside. They had a suspect within 48 hours.
Anonymized evidence record 9.1
We check the the evidence system every morning before we go to site — not just for progress but to see if anything happened overnight. It's become part of the routine.
Anonymized evidence record 9.2
The intruders smashed the on-site camera on the way out — but because the evidence system is cloud-based, the footage was already uploaded and safe. We had a clear recording of them entering even though the camera was destroyed.
Anonymized evidence record 9.3

ROI model

Template C

security theft

Evercam prevents security incidents or reduces their cost through deterrence, faster investigation, and evidence for insurance/police. The baseline is incident frequency × cost per incident.

Formula

saving = (incidents_prevented_pct × incidents_per_year × avg_incident_cost) + (investigation_time_saved_hours × hourly_rate × incidents_investigated_per_year)