Assessment & Master Planning Services
Our Security Risk Assessment services have one clear goal: ensuring the objectives of your security program hit the mark every time. Risk assessments are tailored to the client’s unique needs utilizing qualitative or quantitative analysis of critical assets, relevant threats, and vulnerabilities. Our services include:
Threat & Vulnerability Security Review
An expert “snapshot” qualitative analysis for clients requiring rapid, time sensitive security improvement insights. These can be limited to guard operations, program organization, single facilities, Security Operations Centers (SOC), or a current state review of larger enterprise operations.
Site & Enterprise Risk Assessment
A full-scale qualitative and quantitative risk assessment that reviews every facet of an existing, or planned security operation for the enterprise. Butchko goes beyond surface evaluations through incorporation of multi-disciplined insights and recommended solutions to address the interrelation of security, safety, production, and enterprise operations and maximize reduction in enterprise risk. The team matches the right methodology to the client’s needs, ensuring alignment with the ISO 31000 international best-practice standard for risk management, and results that senior management values. We have experience working with multiple methodologies including API, AS/NZS 4360:2004, Sandia Labs, and ARM. We also work with internal corporate methodology for client Enterprise Risk Management (ERM) program continuity.
Program Master Planning
A detailed road-map used to translate risk-based, prioritized management decisions into an effective program design. This extension of risk assessment results provide security executives with a master plan (or road-map) for program execution. Organizational structure, manpower allocation, technology investment, and budget phasing are all incorporated into a clarified program vision which is aligned with the Business Mission and Business Master Plan.
Compliance Audits & Analysis
An independent survey and analysis of current-state security programs, policies and procedures. This is an objective review of an organization’s compliance with corporate or existing regulatory standards such as CFATS, ISPS, MTSA, Homeland Security, US DOT, NERC-CIP.
Enterprise Program Management
This program management approach ensures intelligent design decisions, targeted allocation of resources towards countermeasures, project management structure, system implementation, business integration needs and prioritization of operations. A single team coordinates all program tasks, allowing for more effective scheduling, manpower deployment, communication, and consistency of solution. Solution design and operational integrity is maximized through continuity of solution team knowledge and participation.
Crisis & Emergency Management Planning
A risk-based blueprint for business continuity taking into account mitigation, preparedness, response and recovery – or comprehensive emergency management (CEM).
Independent Technology & Vendor Assessment
A neutral, third-party expert analysis of current technology and vendors in the marketplace. This assessment ensures an unbiased, clear-eyed approach to vendor and product evaluation and selection, weighing benefit and cost.