Security Policy and Procedure Development

We can develop security policies tailored to the exact risks you face—all within the framework of laws and regulations of each country you operate in.

Contact us
/en/services/security-risk-management/security-consulting/security-policy-procedure-development service

Do you have policies and procedures that cover risks like workplace violence, bomb threats, active shooters or natural disasters? How about executive protection or travel to high-risk areas? How do you know if current procedures will be sufficient or effective?

Given the complexity of most organizations, developing effective security programs can be an overwhelming job. As a world leader in physical, cyber and corporate security, we can help you create security policies and procedures that work together to close the gaps that might otherwise expose your organization to greater risks.

An effective security program must cover many scenarios and clearly define the duties and expectations for everyone in your organization—from the security department to management and employees as well as third parties like local emergency responders and business continuity partners. Taking a multidisciplinary approach, we can review your current security policies to ensure they cover your current risks and vulnerabilities.

Security Policy Development Best Practices and Customized Applications

If you find your current policies are insufficient or ineffective, we can develop security policies and services tailored to the exact risks you face—all within the framework of laws and regulations of each country in which you operate. Depending on your needs, we can assist with either comprehensive security programs or individual components, such as access control, pre-employment background checks, workplace violence prevention or executive protection.

Case Study – Security Policy and Procedure Development of an Oil Refinery Project

Kroll was engaged jointly by a refining company and an investment bank to assess the security measures at an oil refinery project in North Africa.

Considerable political upheaval and changes in the security institutions has occurred over the past ten years, impacting the project site and the effectiveness of the security program. Both clients required Kroll to conduct an initial assessment including a review of an expected maximum loss (EML) report. Kroll undertook a security threat and vulnerability review of the project which included a visit to the site, meetings with key participants and a review of available documentation and designs for the construction. We provided our findings and recommendations in our report, which also provided comment upon various scenarios contained in the EML report.

As a result of our initial work, we were further retained to assist and support the refinery company with services including reviewing and advising on security design documents for measures the company is constructing and designing, alongside reviewing and developing security policy and procedures to enable the company to have effective security at the project site. Kroll enabled the refinery project team to meet the security requirements of the investors.


Security Concepts

Jun 30, 2022

Video Library

Security Risk Management –
Hear Ongoing Global Security Insights From Our Security Risk Management Experts

Webcast Replay

Threat Management

Oct 12, 2020

Connect with us

Connect with us

Timothy V Horner
Timothy V. Horner
Senior Managing Director and Global Head of Security Risk Management
Security Risk Management
New York
Jeff Kernohan is an associate managing director
Jeff Kernohan
Associate Managing Director
Security Risk Management
New York
Nicholas Doyle
Nick Doyle
Managing Director and Regional Leader, EMEA and APAC
Security Risk Management

See all servicesStay Ahead with Kroll


Valuation of businesses, assets and alternative investments for financial reporting, tax and other purposes.

Compliance and Regulation

End-to-end governance, advisory and monitorship solutions to detect, mitigate and remediate security, legal, compliance and regulatory risk.

Corporate Finance and Restructuring

Comprehensive investment banking, corporate finance, restructuring and insolvency services to investors, asset managers, companies and lenders.

Cyber Risk

Incident response, digital forensics, breach notification, managed detection services, penetration testing, cyber assessments and advisory.

Environmental, Social and Governance

Advisory and technology solutions, including policies and procedures, screening and due diligence, disclosures and reporting and investigations, value creation, and monitoring.

Investigations and Disputes

World-wide expert services and tech-enabled advisory through all stages of diligence, forensic investigation, litigation and testimony.

Business Services

Expert provider of complex administrative solutions for capital events globally. Our services include claims and noticing administration, debt restructuring and liability management services, agency and trustee services and more.