Frequently-Asked Questions (FAQs) (or at the least the questions that we wish you would ask….)
Our company has a culture that places great value on maintaining a friendly, open, and collaborative work environment. Can you help us to provide security in this environment?
Yes. We respect every organization’s unique culture and will design a security program that works within your specific environment. Yet, please recognize that some of the very values that you cherish may make it easier for a criminal or other adversary to exploit you. We help you to find the right balance between maintaining a friendly and open environment, and in providing an adequate level of security for your people and other important assets.
We have no clue as to how much security we need or how it should be provided. Can you help us?
Yes, absolutely. The most challenging time for many organizations is the period when they are too small to have a formal security program in place, yet big enough to begin experiencing the security problems faced by a larger company.
AB Security has helped many organizations through this period of transition. We generally recommend that a Security Assessment be conducted as the first step in developing a security program for your company. This assessment will identify your company’s security risks and help establish priorities for how security will be managed as your company continues to grow.
How can we tell if our present security program is adequate to meet our needs? Can we do a better job of security with the resources that we already have?
A formal Security Assessment will help you to answer these questions and more. The assessment can be thought of as being similar to the annual physical “check-up” that many people get from their physician. During the assessment, all aspects of the security program are examined, any weaknesses are identified, and suggestions for improvements are made. In addition, opportunities where costs can be reduced or where security operations can be made more efficient are identified.
Is the process you call a “Security Assessment” known by other names?
Yes. Different security practitioners sometimes have different names for this process. These names may include “Security Survey”, “Security Audit”, “Risk Analysis”, “Threat Assessment”, “Threat and Vulnerability Assessment” (TVA), “Risk Assessment” , “Security Gap Analysis”, and many others.
How does a Security Assessment conducted by AB Security compare with those performed by other consultants?
The Security Assessment process used by AB Security is one of the most comprehensive in the industry. (See a detailed description of our Security Assessment process in Security Assessments).
Our Security Assessment report is where we really differentiate ourselves from most of our competitors.
First, the report is intended to be read by a non-technical reader who may not be familiar with most technical security terms. We keep the use of acronyms and “buzz words” to a minimum, and use simple, easy to understand language whenever possible.
Second, we offer practical, proven security recommendations that can easily be understood and implemented. Unlike some consultants, we avoid making broad, generalized recommendations that are difficult to understand and nearly impossible to implement. We also carefully consider the operational and cultural impacts of what we recommend, and avoid suggesting things that would be impractical to implement at your facility.
Some consultants like to “bulk-up” their assessment report with lots of unnecessary photos, copies of articles from trade magazines, and other filler material. Our reports are very detailed, yet concise and to the point. The majority of the report will have been specifically developed for your project, and we use a minimum of “canned” or “boilerplate” material. When we include photos, they are directly related to specific findings or recommendations. and are not just used to fill up space.
Finally, we provide a prioritized action plan with each report. This plan provides a summary of recommendations and costs and groups them in order of priority. This allows you to do the most important things first, and implement the remaining recommendations later if desired.
Do you provide an “executive summary” or other abbreviated version of your Security Assessment Report?
Yes. Every report contains a one to three page executive summary, as well as a summarized listing of all recommendations. Either or both of these can be given to senior executives and others who don’t wish to read the entire report.
What methodology does AB Security use to conduct a Security Assessment?
There are numerous formal methods used to conduct security assessments. These include the CARVER Method, the RAM methodologies developed by Sandia Laboratories, and other systems developed by the Department of Defense, Department of Homeland Security, and other government agencies. All told, there are probably at least several dozen different risk assessment methodologies in common use.
Silva Consultants has studied most of the assessment methodologies described above and continues to keep track of the latest developments in security and risk assessment. However, we do not strictly follow any of the established methodologies; we take the best techniques from each methodology and combine them to provide a security assessment specifically designed to provide realistic and practical guidance to private-sector facility owners. Our assessment methods have been used for over 30 years on more than 1,000 assessments and are constantly being refined to keep up with the latest trends.