Close Protection Risk Assessment: Template & Process

Every close protection assignment begins — or should begin — with a risk assessment. Before the first operator is deployed, before routes are planned, and before protective formations are determined, the team needs a clear, structured understanding of what threats exist, where vulnerabilities lie, and what measures will reduce risk to an acceptable level. A thorough risk assessment is not bureaucratic box-ticking; it is the foundation upon which every subsequent operational decision rests.

Yet in practice, risk assessments in the CP industry vary enormously in quality. Some teams produce comprehensive, evidence-based documents that drive operational planning. Others rely on informal conversations, gut instinct, or generic templates that bear little relationship to the specific assignment. This article outlines what a robust CP risk assessment should cover, the process for conducting one, and how modern tools are transforming the way assessments are created and maintained.

What a CP Risk Assessment Covers

A close protection risk assessment examines three interconnected elements: threats, vulnerabilities, and the consequences of a security failure. Understanding all three is necessary to produce a meaningful assessment rather than a superficial checklist.

Threat assessment identifies who or what might cause harm to the principal. This includes:

• Direct threats: Specific, identifiable individuals or groups who have expressed intent or demonstrated capability to harm the principal. These may include disgruntled former employees, stalkers, activist groups, or criminal organisations.
• Indirect threats: Generalised risks associated with the principal's profile, industry, or location. A mining executive travelling to a region with active civil unrest faces indirect threats even if no specific threat has been made against them personally.
• Opportunistic threats: Criminal activity that is not targeted at the principal specifically but could affect them due to their presence in a particular location. Street crime, carjacking, and petty theft fall into this category.
• Environmental threats: Natural hazards, infrastructure failures, health risks, and other non-human factors that could compromise the principal's safety. In Australia, this might include bushfire risk during summer, extreme heat in remote locations, or flooding during the wet season in northern regions.

Vulnerability analysis examines the gaps in the principal's current security posture that could be exploited by identified threats. This includes weaknesses in physical security at residences and workplaces, predictable routines and travel patterns, inadequate personnel screening for household or office staff, gaps in the principal's digital security, and any medical conditions or mobility limitations that could affect evacuation procedures.

Consequence evaluation considers what would happen if a threat successfully exploited a vulnerability. Not all risks carry equal consequences. A minor privacy breach may be embarrassing but manageable; a physical attack on a family member could be catastrophic. Evaluating consequences helps the team prioritise where to allocate limited resources for maximum protective effect.

Step-by-Step Risk Assessment Process

A structured process ensures consistency and thoroughness. The following framework can be adapted to any CP assignment, from a single-day event protection task to a long-term residential programme.

Step 1: Gather intelligence. Before assessing risk, the team needs information. This includes client briefings about the principal's profile and concerns, open-source intelligence on relevant threat actors or environmental conditions, liaison with local law enforcement or security contacts, and review of any previous incidents involving the principal or similar profiles.

Step 2: Identify threats. Using the intelligence gathered, catalogue all plausible threats. Be specific rather than generic. "Criminal threat" is not helpful; "risk of armed robbery during ground transit in Johannesburg CBD between 1800 and 2200" gives the team something actionable to work with.

Step 3: Assess likelihood and impact. For each identified threat, evaluate two dimensions: how likely is it to materialise, and what would the impact be if it did? A simple matrix using ratings of low, medium, and high for each dimension provides a visual tool for prioritisation. Threats that are both high likelihood and high impact demand the most attention and resources.

Step 4: Identify existing controls. Before recommending new measures, document what protective controls are already in place. The principal may already have residential security, a secure vehicle, or an existing relationship with local law enforcement. Identifying existing controls prevents duplication and helps the team understand the current baseline.

Step 5: Recommend additional mitigations. For each high-priority risk, propose specific countermeasures that reduce either the likelihood of the threat materialising or the impact if it does. Recommendations should be practical, proportionate, and costed. Proposing a ten-person security detail for a low-profile domestic engagement is disproportionate and will erode client confidence in the team's judgement.

Step 6: Document and distribute. The completed assessment should be recorded in a standardised format and distributed to all team members who need it. It is a living document that should be updated whenever the threat environment changes, new intelligence is received, or the principal's itinerary is modified.

Adapting Assessments to Different Threat Environments

No two assignments present identical risk profiles. A CP team protecting a tech executive at a conference in Singapore faces fundamentally different challenges than one providing security for a humanitarian worker in a conflict zone. The risk assessment framework remains the same, but the inputs, weighting, and mitigations change dramatically.

Low-threat domestic environments — such as protecting a corporate executive during routine business activities in Australian capital cities — still warrant a formal assessment. The threats may be lower in severity, but reputational risks, stalking concerns, and opportunistic crime remain relevant. Assessments in these environments should focus on privacy protection, media management, and maintaining a low security profile that does not attract unwanted attention.

Elevated-threat environments — including international travel to regions with higher crime rates, political instability, or terrorism risk — require assessments that draw on specialist intelligence sources. The team may need to engage local security consultants, review government travel advisories from DFAT (the Australian Department of Foreign Affairs and Trade), and plan for scenarios including medical evacuation, safe haven relocation, and communication blackouts.

Dynamic threat environments — where the threat level can change rapidly, such as during large public events, protests, or in regions experiencing civil unrest — demand assessments that are treated as living documents, updated in real time as conditions evolve. The initial assessment provides the baseline, but the team must have mechanisms in place to receive, analyse, and act on new information throughout the operation.

Regardless of the environment, the assessment should always be reviewed by someone who was not involved in its creation. A fresh pair of eyes will often identify assumptions, blind spots, or gaps that the original assessor missed.

Digital Risk Assessment Tools vs Paper-Based Methods

Traditionally, CP risk assessments were produced as Word documents or handwritten reports, distributed via email or printed copies, and filed in folders that were rarely revisited. This approach has several weaknesses: documents become outdated quickly, distribution is unreliable, version control is poor, and there is no easy way to link assessments to the operational plans they are supposed to inform.

Digital risk assessment tools address these shortcomings by providing:

• Standardised templates that ensure every assessment covers the required elements and follows a consistent structure, regardless of which team member produces it.
• Real-time updates that allow assessments to be modified as new intelligence is received, with changes immediately visible to all authorised team members.
• Integration with operational planning so that risk assessments are directly linked to route plans, venue assessments, and task assignments rather than existing as standalone documents.
• Audit trails that record who created the assessment, who reviewed it, what changes were made, and when. This is valuable for post-incident review and for demonstrating professional due diligence.
• Searchable archives that allow teams to reference previous assessments for similar assignments, building institutional knowledge over time rather than starting from scratch for every operation.

The transition from paper-based to digital methods does not need to happen overnight. Many teams begin by digitising their existing templates and gradually adopting more sophisticated features as they become comfortable with the platform. The important thing is that the assessment process is consistent, thorough, and accessible to everyone who needs it.

EP-CP supports this transition by providing close protection teams with a digital environment where risk assessments sit alongside mission plans, team assignments, and operational documentation. By housing assessments within the same platform used to manage the operation itself, EP-CP ensures that risk information informs decision-making at every stage rather than gathering dust in a forgotten file.