Case Studies

The following case studies demonstrate the breadth of the security advisory work we undertake, the type of organisations we work with and the strength of our client relationships over many years. We are known for sensible, reliable, cost effective and appropriate advice that helps our clients evaluate the security threats they face and how to manage these in an appropriate way that meets stakeholder interests and cost pressures.

  • The Role of Independent Testing in Security Enhancement

    A governmental energy agency asked us to independently evaluate how an energy distribution operator was applying regulatory guidelines for the protection of critical energy infrastructure. The operator in question had engaged a security installation company to deliver an integrated system, without setting accurate design criteria for the required measures. Our performance testing highlighted a serious gap between the client’s original objectives and the level of capability actually provided by the multi-million dollar investment. We used quantitative data to evidence these issues and subsequently developed recommendations to resolve them. We brokered an agreement whereby the operator took on additional costs associated with design modifications, whilst the installer accepted responsibility for many of the technical shortcomings. Because of our work, the government agency reviewed its Critical Infrastructure Protection programme, applying a more accurate set of guiding principles to ensure that future installations meet requirements in a cost-effective manner.

  • Quality Assurance for A Major Security Enhancement Programme.

    Having provided design services for a major security enhancement programme, we were engaged to manage delivery and oversight of the project, ensuring that technical implementation met the required standards. We formed a joint project team with the client to bring together the necessary expertise and provide effective co-ordination, access and oversight. A QA framework, linked to contractual milestones, was then agreed to guarantee the accountability of the main security contractor. Our ongoing monitoring of the installation made sure contractors conducted work in accordance with international standards and best practice. This was supported by technical QA assessments at each key stage, beyond which the contractors could not progress without our go-ahead. This allowed us to quickly resolve any diversions from the original performance specification.

    During the independent Site Acceptance Testing phase, it became apparent that although the security systems had been installed to the required standard, they had not been correctly configured. This resulted in a reduction of the detection and verification capability. By demonstrating this to the contractor through objective testing reports, we made sure they accepted full responsibility and re-configured the system at no additional cost.

  • A high value Infrastructure Project for a Prestigious Bank Headquarters

    We were engaged by a large banking organisation to provide security management and technical expertise through the life cycle of a new headquarters building project. Our service provision was to link the key workflows of risk assessment, engineering design, project management, training and operational support together into a seamless integrated offering to the client.

    This included a detailed threat profile and process analysis of the proposed operations and services to be hosted in the new building. We used this to develop a systematic vulnerability assessment and business impact analysis which lead to a set of detailed Protection Objectives which then formed a measurable benchmark from which to develop a targeted security enhancement programme. The subsequent engineering design combined target hardening measures including perimeter protection, attack resistant structures, vault requirements, security glazing and doors for specific areas within the bank, with integrated electronic systems such as CCTV, lighting, access control, intruder detection, and security management systems.

    We also implemented a hostile vehicle mitigation strategy, hardened street furniture, landscaping and changes to road layouts in conjunction with the various consulting disciplines involved in a new build of this type and scale. The final integrated security systems design was embedded into a detailed performance specification that was integrated into the subsequent tender documentation. Our team then undertook the technical and commercial evaluation of the submitted bids to ensure that the most suitable security systems integrator was selected to carry out the installation. We were also engaged as part of the project management team to provide oversight and assurance that the technical implementation of the physical and electronic security systems met the required regulatory requirements and standards.

  • Security Strategy and Implementation of Security Measures for a Free Zone Economic Area

    The client approached us to design and implement a site wide security strategy that reflected the highest international standards and best practices. We conducted a security risk assessment and site survey to detail projection objectives. Upon completion, we advised the client and provided tender support and evaluation of bids for conducting the upgrade. By working closely with the client and their stakeholders, we developed the security policies and procedures to the highest standard. This included a clear definition of responsibility for personnel and ensuring that procedures complemented the electronic security systems. Our provision of implementation support as part of the service removed this resource burden from the client and provided value for money.

  • Design and Engineering of Security Systems for an Industrial Port company

    We were approached by the client to provide concept and detailed design of integrated security systems. Working closely with all stakeholders, protection objectives were established and overall concepts and budget estimates were discussed and approved. With the approval of stakeholders, we conducted a security risk assessment and assisted the client in the creation of their tender documentation. With our expertise, the client was assured that all relevant security threats had been assessed and mitigated, and that all technical and performance specifications developed for system integrators to bid for the installation were sound.

  • Development of Protection Objectives for a Refinery and Petroleum Industrial Company

    We conducted a stakeholder workshop to ensure that the concept design included the protection objectives of the client. After these were established, a threat assessment and site survey was conducted to provide the protection objectives with further detail and ensure that any necessary upgrades were identified for the client to be compliant with any regulatory requirements and standards. With all the information collected, we created a concept and detailed design for an integrated security system and develop security policy and incident response procedures. With the provision of consultancy advice throughout the project life cycle we provided assurance to the client that implementation met both the performance and cost expectations.

  • Building Security Competency and Knowledge-sharing in an Electricity Transmission Company

    We have embedded a security consultant and engineer in the client’s security section focusing on regular reviews and updates to their security related documentation. Our resource works with the client to develop security training requirements for all management, staff and department personnel. This training minimises the risk of security breaches and promotes a proactive stance for the organisation during security incidents.

    We have also provided concept and detailed security system design for multiple grid stations and provided tender process support using our proven method for tender evaluation which uses objective scoring. This has ensured the resilience around the client’s assets and operations and strengthened the client’s ability to respond to security incidents.

    We have also provided quality control and assurance to the client through the provision of project managers. This reduced the resource burden for the client, ensured compliance to performance specifications and improved adherence to organisational security standards.

  • Delivering an Integrated Package of Security Advice for a Multinational Industrial Company

    Our team has worked with this client over a several years delivering a range of security advice to support its operations and activities across different countries. This has ranged from undertaking detailed security audits and risk assessments of complex refinery operations making recommendations on alternative investment strategies to manage the security risk down to risk tolerance levels acceptable to the Board of Directors and government, given the Critical National Infrastructure classification of the operation.

    We have also undertaken due diligence reviews of activities in high risk countries using our PRISM® methodology as a benchmark. On one occasion, we organised and ran workshops with Senior Executives and local management to gain a shared understanding of how a fatality had occurred and we subsequently made recommendations about changes to the organisational structure.

    We have written country analysis prior to investment in a new high-risk environment reviewed by home country government regulator and a major pension fund investor. We also worked with the Group Security Director on a Security Strategy to sit alongside the Group’s Three Year Strategic Plan. Our team were also asked to undertake a review into possible fraud in the operations of one country. Our work with this client demonstrates the breadth and depth within our team and the strong client relationships we build.

  • Enhancing Resilience for a Gas Transportation Operator

    We worked with an Operator owned by several large organisations delivering gas from major offshore gas facilities to several European Countries. Our work with this client has spread over several years and has ranged from undertaking detailed risk assessments to input into concept design and specification documents to upgrade their security systems across two countries. We have written policies and procedures for the client to work alongside system changes and we have also designed and run emergency response exercises, which included multiple agencies, which were praised highly by all concerned as contributing directly to enhanced resilience. All our work has been deemed to meet value for money criteria.

  • Protection and Evacuation in a North African country for a Multinational Energy Company

    We were asked by this client to work with its local joint venture partner to review and where necessary create, an integrated set of security plans to cover all its assets in country and the movement of people and goods between those assets. This required the development and authorship of a Security Management Plan for the Country, the analysis to prepare a detailed Journey Management Plan involving travel through high-risk areas, the review of current evacuation Plans and advice on how these should be improved.

    This initiative had been prompted by a Head Office governance review to ensure that all its operations were compliant with home country regulations about security and safety. It was acknowledged that the quality of our work and the documents we produced were excellent and changed the profile and status of security risk management within the Joint Venture to one akin to that of HSE risk.