Security & Operational Risk Assessment Toolkit
Excel register with automatic scoring, live heatmap and dashboard · methodology guide · executive report template.
Editable toolkits, a practitioner-taught masterclass, and free starters — built from 22+ years running security, investigations and crisis response in the field. Structured around ISO 31000 and ISO 22301.
Score twice — inherent and residual. The movement is the argument for your budget. Every toolkit here is built on that method.
Each starter is the working manual version of a full toolkit: five pages, genuinely usable on its own, instant download. Take the one that matches your problem.
The 5-step method · scoring scales · a worked example you can copy.
The 6-step process · one-page incident report · interview checklist.
One-page BIA · MTPD, RTO and RPO explained · crisis-team roles.
Complete working systems — registers, scoring, plans and report templates — with worked examples throughout. Buy once, use across your organisation.
Excel register with automatic scoring, live heatmap and dashboard · methodology guide · executive report template.
The full risk toolkit, plus investigation, interview and incident report templates with a case tracker and evidence & chain-of-custody log.
Automated business impact analysis workbook · continuity strategies · crisis action log · ready-to-complete crisis management plan.
The risk assessment toolkit licensed for your whole team, including use on client engagements.
View licence
Security & Operational Risk Assessment Masterclass. The complete method behind the toolkit: plan, score and present a risk assessment leadership acts on — taught the way it is done in the field, not the way it is written in textbooks.
The full course and all worksheets.
The course plus the complete Risk Assessment Toolkit — the tool used in every exercise.
Everything in Complete, plus the Investigation and Continuity toolkits and Q&A feedback on one of your assessments.
Inherent and residual. The movement between the two numbers is the evidence your controls earn their cost — and the argument that wins budget.
Every risk is written so it can be scored, owned and fixed. “Theft risk” is a category; a risk statement names the weakness to close.
Nothing counts until a named person has signed for it. Registers die of vagueness; these are built to be answered for.
A security and risk leader with more than 22 years across corporate security, criminal investigations, fraud examination and crisis management — including service as a Senior Fraud & Security Investigator at the U.S. Embassy in Cairo, operations and strategic planning on a United Nations field mission, and leadership of destination-wide security and incident command at a major Red Sea destination.
Every template, checklist and lesson here is the working method from that career — written down, structured around ISO 31000 and ISO 22301 terminology, and stripped of theory that does not survive contact with a real operation.