Threat, Risk, and Vulnerability Assessments (TRVA)

A staple in any security consultant's offerings. We will work with you on specific threats, or we can take a black or grey box approach (meaning little to no information is disclosed regarding the asset) to potentially identify additional threats. This assessment can be completed on physical and digital assets.

What does a TRVA entail? We will work with known threats provided by you or identify threat models based on your organization's operations. Next, we will assign a risk value for any threats identified. Risk is determined based on the probability the event will occur and the severity of the outcome if the event were to occur. Lastly, any vulnerabilities identified during the assessment will be disclosed and suggestions made to correct them. Taking it a step further, we can work directly with your security team or other stakeholders to address the vulnerabilities.

Paired with a penetration test, or red team exercise, this is an effective method to assess your organization's security posture and identify areas to improve.


Physical Security System Design

Let us help you build a system that meets your organization's needs while staying on budget.

For many organizations, security is a requirement. We can design a fully functional, compliant system that meets your budget requirements. If you're already working with a vendor, we can step in to ensure you're getting what you need and the most out of your investment.

We offer design consultation in the following areas:

• Access Controls
• Security Lighting
• Security Cameras (CCTV)
• Site Security Plans
• Intrusion Detection Systems
• Alert Systems
• Crime Prevention through Environmental Design (CPTED)
• Security Staff Operations

Training

We offer training in the following areas:

• Cyber Awareness - We teach your staff the best cybersecurity practices, threats to look out for, and trending threats to be aware of.

• Security Awareness - Teaching general staff to enhance security as a whole through behavior, awareness, and diligence. It only takes one threat to compromise your security system.

• Emergency First-Aid - Take your first-aid training to the next level with advanced life-saving skills. Review how to apply a tourniquet and chest seal properly. With the rise in gun violence, these skills are essential to add to your first-aid response plan.

• Violence Prevention and Response - Discussing topics such as the four types of workplace violence (criminal intent, customer/client, worker-on-worker, and personal relationship), workplace violence hazards specific to the employees' jobs, how employees can protect themselves in the event of a workplace violence incident, and more. Training can be specific to one or multiple topics of concern, or presented as a fully comprehensive training covering California Senate Bill 553.



Planning

Need help writing an emergency response plan or want a professional service to write it for you? We write detailed incident response plans for most occasions. We will also audit existing plans to ensure compliance and effectiveness.

Plans we create:

• Emergency Response Plans (Fire, Earthquake, Tornado, etc.)
• Active Shooter Response Plan
• Cyber Incident Response Plan
• Site Security Plan


Quality Assurance

Ensure your security program is operating as intended and fully effective. We offer help in a variety of ways to make sure you're getting what you pay for and to meet compliance and insurance standards.

Areas covered:

• Vendor Standards and Negotiations - Whether it's a new project or an audit of an existing system, we can guide you on your decision in vendor selection. We will ensure your system's specifications or performance match your vendor's contractual obligations.

• Training and Certifications - Building a security department or your existing department not meeting standards? We provide training to get your security team where it needs to be and offer guidance on required and recommended certifications.

• Site Inspections - Feel confident that your security team is performing, staff are following security SOPs, and vulnerabilities are addressed. Consider this option if you want a quick, budget-friendly idea of where your site's security posture stands or as a follow-up to training or TRVA.

• Compliance and Insurance - Need help meeting compliance or insurance requirements? We will work with and try to repurpose your existing assets, first, to try to meet these requirements. Additional recommendations and design will follow if necessary to meet these requirements.

• Penetration Testing (Red/Purple Teaming) - Whether it's physical or digital penetration testing, we can uncover vulnerabilities and work with your security team to remediate them before the criminals have a chance to. Looking to take it a step further and use the penetration test as a training exercise for your security team? Consider purple teaming as an option where we can guide your security team as the exercise takes place.

© 2024 by CG Security Consulting. All rights reserved.
HomeAboutServicesCase StudiesMediaPartnersBook a ConsultationContact