A security assessment is a systematic review or analysis conducted by professional security consultants to examine the effectiveness of current security practices. The assessment identifies security deficiencies and includes a review of all security measures presently in place to determine their effectiveness and functionality as well as their usefulness to the overall security effort. Once the assessment is completed, recommendations are made to correct deficiencies, mitigate security risks, and protect the school’s assets. Ideally these recommendations become the road map that school administrators use to develop a security plan as a part of the school’s business plan.
Specific buildings within an institution may have a higher threat profile due to their function or the assets they contain. Limiting a security assessment to a single building allows organizations to be responsive to security needs and the protection of assets within a limited budget.
A security assessment starts by prioritizing assets so that organizations better understand the purpose of the security features that are (or should be) in place. Whether assessing an entire campus or a single building, we then follow a proven procedure for developing and implementing a security plan:
We begin with a Threat Assessment. This answers questions like: What are the real threats? How likely are they? And what are the costs? When we consider the likelihood of a particular threat (probability) and the severity of the event (criticality), we end up with a way of understanding and prioritizing the risks faced by the organization. A clear prioritization helps us develop pragmatic and cost effective plans.
We follow the Threat Assessment with a Security Survey. This answers questions like: What security assets are available? How effective are they? After having a clear understanding of threats and a clear order prioritization, we diagnose how well current physical, procedural, and psychological security features are performing.
When we combine the results of the Threat Assessment and the Security Survey, we can then assess the organization’s vulnerabilities. Once we know the vulnerabilities, we can begin to make recommendations that are appropriate and sustainable.
Action Plan and Prioritized Budgets
A $100,000 dollar plan isn’t much good for a $10,000 budget. Being able to prioritize and make practical plans that minimize the greatest amount of risk is the essence of a good security plan. Our final deliverable is a complete review of the current security program and an actionable plan for cost-effective improvements.