Security Operations Guide

How to Audit Your Physical Security Camera System: A Practical Checklist

A security consultant once told a Reddit thread that during penetration tests, they routinely find cameras that have been offline for weeks, pointed at walls, or recording to NVRs with full hard drives that stopped saving footage months ago. Nobody noticed. This guide provides a systematic process for auditing your camera system so you can find these problems before an incident exposes them β€” and set up ongoing checks so they don't recur.

1. Why camera audits matter more than camera counts

Properties love to advertise their camera counts. β€œ120 cameras on-site” sounds impressive in a marketing brochure. But a camera count tells you nothing about whether those cameras are actually working, recording, and covering the areas that matter.

Industry data paints a troubling picture of actual camera system health:

  • 15-25% of cameras are non-functional at any given time on poorly maintained systems. This includes cameras that are offline, have degraded image quality, or have been physically obstructed.
  • 30-40% of NVR/DVR storage systems have configuration issues that affect retention β€” overwritten footage, insufficient recording days, or failed hard drives.
  • Camera drift affects outdoor PTZ and dome cameras over time. Wind, vibration, and temperature changes cause cameras to shift position, sometimes by enough to miss their intended coverage area entirely.
  • Network infrastructure decay causes intermittent connectivity issues that result in dropped frames, recording gaps, or complete camera dropouts that may go unnoticed for weeks.

The difference between a property with 120 cameras and one with 90 working cameras that have been audited and verified is significant. The second property is more secure, despite having fewer cameras on paper.

2. The most common camera system failures

Before diving into the audit process, understanding what you're looking for helps focus your effort. These are the failures that physical security penetration testers find most frequently:

  • Offline cameras with no alerts configured. The most common failure. A camera loses power or network connectivity, and because nobody configured offline alerts in the VMS or NVR, nobody knows until someone manually checks. Cameras can sit offline for weeks or months.
  • Cameras pointed at walls or obstructions. Physical movement from weather, cleaning crews, or curious individuals can shift cameras. A dome camera rotated 30 degrees may be staring at a wall instead of a parking lot, and the thumbnail on the NVR still shows it as β€œactive.”
  • IR illuminators failed or degraded. Night vision depends on infrared LEDs that degrade over time. A camera may show a clear daytime image but record nothing useful after dark β€” which is when most security incidents occur.
  • NVR hard drive failure. DVRs and NVRs use hard drives that are rated for continuous write operations, but they still fail. A single drive failure in a RAID-less system can mean days or weeks of lost footage.
  • Time synchronization drift. Cameras and NVRs that lose NTP synchronization can have timestamps that are off by minutes or hours. This makes forensic review unreliable and can invalidate footage as evidence.
  • Default credentials still active. A staggering number of IP cameras and NVRs are still running default admin/admin or admin/12345 credentials. This is an open door for anyone who can reach the network.

3. The physical security camera audit checklist

Walk through each step systematically. Budget approximately 1-2 hours per 20 cameras for a thorough audit.

Per-camera checks

  • Camera is powered on and connected (check status LED or NVR connection status)
  • Live feed is visible and clear β€” no blur, no artifacts, no black screen
  • Field of view covers the intended area (compare against original installation map if available)
  • Camera housing is intact, lens is clean, no spider webs or condensation
  • Mounting bracket is secure β€” physically test for wobble or rotation
  • Night vision test: verify IR illumination after dark or in a darkened room
  • Check camera firmware version against manufacturer's latest release
  • Verify credentials have been changed from defaults

Network checks

  • Each camera is reachable via ping from the NVR/VMS
  • PoE switches are providing adequate power (check for underpowered ports)
  • Camera network is segmented from the general property network (VLAN or physical separation)
  • No unauthorized devices on the camera network segment
  • Bandwidth utilization is within acceptable range (high utilization causes dropped frames)

4. NVR/DVR and storage audit

The recording infrastructure is where many audits find the most critical failures. A camera system that looks fine on the monitors may not be recording properly.

  • Storage health:Check SMART data on all hard drives. Look for reallocated sectors, pending sectors, and temperature warnings. Replace drives that show early failure indicators β€” don't wait for complete failure.
  • Retention verification:Actually pull up footage from 7 days ago, 14 days ago, and 30 days ago for several cameras. Don't trust the NVR's reported retention days β€” verify that the footage is actually there and playable.
  • Recording schedule: Confirm all cameras are set to record 24/7 (or per your intended schedule). A common misconfiguration is cameras set to record only on motion detection, which misses slow-moving events and pre-incident context.
  • Resolution and frame rate: Verify cameras are recording at their configured resolution and frame rate. NVRs sometimes auto-downgrade quality when storage gets tight.
  • Time synchronization:Compare NVR clock against a known accurate time source. Any drift greater than 30 seconds needs correction. Configure NTP and verify it's working.
  • Export test:Actually export a clip to USB or network share. Verify the exported file is playable in a standard video player. Many insurance and law enforcement requests fail because the property can't produce usable footage exports.

5. Coverage mapping and blind spot analysis

A coverage map shows exactly what your cameras can and cannot see. Creating one is straightforward but reveals gaps that are invisible from the NVR screen:

  • Print a property site plan. Mark each camera location and draw its approximate field of view as a cone. Use different colors for functional cameras, degraded cameras, and offline cameras.
  • Walk the property perimeter. Identify every entry point β€” gates, doors, fences, parking entrances. Mark which ones fall within camera coverage and which do not.
  • Map transition zones.Areas where people move from one camera's coverage to another should have overlap. If there are gaps, a person can enter one camera's view and disappear before entering the next.
  • Check vertical coverage. Cameras mounted too high may capture the tops of heads but not faces. Cameras mounted too low may be easily obstructed or tampered with. Ideal mounting height for identification is 8-10 feet.
  • Test at night. Repeat the walk-through after dark. Many coverage areas that work fine in daylight become blind spots at night due to insufficient IR range, glare from lights, or dark pockets between illuminated areas.

Your coverage map becomes a living document. Update it after every audit and whenever cameras are added, moved, or replaced. It's also invaluable when discussing security improvements with management β€” visual blind spots on a map are more persuasive than written reports.

6. Setting up ongoing monitoring

A single audit catches today's problems. Ongoing monitoring prevents tomorrow's. Here are practical approaches to continuous camera health monitoring:

  • NVR/VMS email alerts.Every modern NVR supports email notifications for camera disconnection, storage warnings, and recording failures. Configure these first β€” they're free and catch the most critical issues.
  • Network monitoring tools. Tools like PRTG, Nagios, or even simple ping monitors can check camera availability every few minutes and alert on dropouts. Many IT departments already have these tools and can add camera IPs in minutes.
  • AI-based camera health monitoring. Some edge AI solutions can detect when a camera feed has degraded β€” blur, obstruction, image quality issues β€” beyond simple online/offline checks. For example, Cyrano's edge device monitors all connected feeds and can flag when a camera's view has changed significantly or image quality has degraded, in addition to its security monitoring functions. This catches problems like camera drift or obstruction that a simple ping check would miss.
  • Scheduled spot checks. Even with automated monitoring, schedule a brief manual check of all camera feeds weekly. Pull up each camera for 5 seconds and verify the image is clear and the coverage area is correct. This takes 15-30 minutes for a 60-camera system and catches issues that automated tools miss.

7. Recommended audit schedule

Different audit activities should happen at different intervals:

FrequencyActivityTime Required
Daily (automated)Camera online/offline check, NVR storage alerts0 min (automated)
WeeklyVisual spot check of all camera feeds15-30 min
MonthlyFootage retention verification, NVR health check30-60 min
QuarterlyFull physical camera inspection, night test2-4 hours
AnnuallyComplete system audit, coverage mapping, credential rotation1-2 days

A camera system that gets regular audits will outperform a more expensive system that's installed and forgotten. The most sophisticated cameras in the world are worthless if they're offline, pointed in the wrong direction, or recording to a full hard drive. Make auditing part of your routine maintenance β€” it's the highest-value activity in physical security management.

Add AI monitoring to your existing cameras

15-minute call. We'll show you how Cyrano's edge AI monitors camera health and detects security events on your existing DVR/NVR system β€” no camera replacement needed.

Book a Free Demo

No commitment. Installs in 2 minutes on any DVR/NVR.