Security Master Plans

An effective Security Master Plan enables an organization to identify, prioritize, budget for and implement risk mitigation measures that can be adapted as the threat environment and organizational risk profile evolves.

Contact us
/en-ca/services/security-risk-management/security-consulting/security-master-plans service

Best practice security risk management begins with a master plan—a vision of the security goals for the organization, how it intends to reach and finance those goals and how implementation can be measured.

Kroll has often assessed Security Programs that are almost exclusively responsive in nature and budgets that are expended yearly on diverse issues with no formal programmatic goals and milestones. When security departments are “putting out fires” with their yearly budgets instead of progressing towards clearly identified objectives, Kroll tends to find patchwork programs with significant variance in quality and capabilities across program components. We also often see programmatic elements that were prioritized but abruptly dropped when new “fires” arose, leaving incomplete and ineffective security measures in place.

Kroll begins the assessment or development of a Security Master Plan with a review of the currently deployed program, the stated and documented goals of the program from both a corporate and a security management perspective and current initiatives being undertaken by the department.

Due to constant budget constraints in the deployment of effective security  measures, Kroll  focuses on the existing processes for security budget development with the objective of identifying the means for the department to optimize the planning of programmatic upgrades over budget cycles to ensure feasibility and prioritization of program elements.

A primary goal of a Security Master Plan is to optimize needed program development over a chosen timeline with clearly defined milestones and measurable goals. This “roadmap” for the security department allows the prioritization of those elements of the program deemed to be the most important and the forecasting of concrete timelines for deployment.

As important as the timelines and priorities are, flexibility is also paramount in today’s risk management environment. As has been seen in the recent past, security departments must be able to move from response to civil unrest to temperature screening of personnel in a professional and efficient manner. This requires flexibility in budgeting and timelines, which are addressed in a formal Security Master Plan. A roadmap with sufficient alternate routes to adapt to changing conditions allows for an efficient and effective security program.

While often built on best practices developed by Kroll over 30 years, we can customize our Security Master Plans for your organization’s unique needs. In our experience, the most effective plans will incorporate responsibilities not only for preventing, detecting, investigating and responding to incidents but also for ongoing monitoring and updating of the plan itself.


Peter McFarlane
Managing Director
Forensic Investigations and Intelligence
Timothy V Horner
Timothy V. Horner
Senior Managing Director and Global Head of Security Risk Management
Security Risk Management

How we can help

Security Program Assessment

Ensure your organizational security function is appropriately staffed, resourced and situated.

Threat Vulnerability Assessments

Mitigate countermeasures necessary to protect assets.

Security Risk Assessments

Our multidisciplinary approach looks at security from every angle to mitigate risks—from the physical environment to the human element to the role of technology.

Security Audits

We have the resources to uncover where weaknesses and security gaps exist throughout your organization. We help tackle issues that are driving noncompliance to establish an effective security program.

Security Training Services

Kroll has extensive experience providing security training calibrated to each client’s needs, whether they’re brief one-day introductory sessions, “refresher” programs or multi-day curriculums.

Security Policy Procedure Development

We can develop security policies tailored to the exact risks you face—all within the framework of laws and regulations of each country you operate in.

Securing Intellectual Property

We work closely with your staff to design a system of readily understood, integrated and adaptable activities that produce ongoing, consistent results.