How To Write A Corporate Executive Protection Strategy


October 14, 2015 - By Christian West & Brian Jantzen

Tags: , ,

So you want to write a corporate executive protection strategy, and you’re looking for a template. Good luck. Because unlike many other aspects of corporate life, EP often seems to be implemented without a strategy.

There just aren’t many corporate executive protection strategy documents lying around either in corporate headquarters or in executive protection companies. Blueprints that cover the strategy essentials are not available online. Why? We believe this is due to two simple but interrelated factors:

  1. Most people who know a lot about corporate strategy don’t know much about executive protection.
  2. Most people who know a lot about executive protection don’t know much about corporate strategy.

A corporate EP strategy template is a good start

But just because there aren’t many examples to build on doesn’t mean that a strategic approach to corporate EP isn’t important. Just ask any business manager, military officer or coach: A simple strategy is better than none, and a little planning goes a long way in winning both the battle and the war.

In this blog we’d like to share a process that we go through while planning EP programs for our corporate clients. Let us be the first to admit it: This template is far from rocket science, and a lot of our MBA friends will certainly be able to come up with more cutting-edge corporate strategy templates.

But we’re convinced that asking and answering the right questions in an orderly sequence will help everyone involved – both on the corporate and on the EP side of the table – to create a planning process and document that will make a huge difference.

Here is our skeleton template for corporate EP strategy. We’ll leave it up to you to put some meat on the bones, and to answer the questions in a way that aligns best practices in both the corporate and EP worlds.

1) INTRODUCTION/SUMMARY 

(Feel free to write this after the rest of the plan is written. And be aware that many people won’t read much more than this.)

  • Statement of purpose: In broad terms, what are your reasons for creating a corporate EP strategy? Why will the world, or at least your corporation, be a better place once you have written a water-tight strategy?
  • Background
    • How do corporate values, history and business objectives relate to the EP strategy?
    • Are there any events, developments or other reasons that make the plan necessary now? Don’t forget to consider
      • Personal risks
      • Business risks
      • Board mandate
      • Duty of Care, corporate liability issues
    • Objectives: What are you trying to achieve? Try to be as specific and measureable as possible.
      • What are the goals and expected outcomes/results of the EP program?
      • What would be the key benefits of achieving those goals – for the corporation and for the principal?
      • Can you boil the program down to some simple guiding principles that are easy for everyone to understand and remember?
      • Key Success Factors: What elements of the program are critical in order for it to be successful? “If we get these parts right, we are on our way to a great program.” What are the parts?
      • Key Performance Indicators: Top line, what do you need to measure in order to know whether your EP program is on track? Consider “hard” factors like budget and schedules – as well as “soft” factors like principal satisfaction.
    • Governance
      • Who makes decisions about corporate EP?
      • Based on what criteria?

2) SITUATION ANALYSIS

(This is similar to the well-known SWOT analyses so familiar to the corporate world. In the EP industry, we call this an RTVA. The purpose of the SWOT and the RTVA exercises is similar: Know where you stand before you start planning how to move ahead!)

  • Risk, Threat and Vulnerability Assessment (RTVA)
    • External factors not in our control
      • Are there direct threats and security risks to the corporation or principal?
      • Are there indirect threatsg. security risks not directly targeting the company or its principal(s) but present in regions where the company operates?
      • What would be the impact, or loss, should these threats be realized?
      • How vulnerable are we to these threats should they be realized?
    • Internal factors in our control
      • What is the status/evaluation of our current EP and security programs?
      • How do we evaluate security vulnerabilities?
    • Evaluation of current and past EP efforts: What lessons have we learned?
    • What parts of the corporate ecosystem are relevant to the EP effort?
    • What are the principal’s personal preferences regarding EP and his or her lifestyle?
    • Gap analysis: Where we are now compared to our goals?

3) EP PROGRAM DESIGN

  • WHO is to be protected?
    • List of principal(s)/corporate position(s) (e.g., CEO, COO, etc.) that are to be protected by the EP program.
    • Are any other persons related to the principals, e.g., family, also to be protected?
    • Are all persons to be provided the same level of protection? Why or why not?
  • WHEN are the principals to be protected?
    • 24/7/365?
    • Only while travelling for the company? To all destinations or only some?
    • In other circumstances?
  • WHERE are the principals to be protected? To all destinations or only some?
    • At home
    • At work
    • While commuting home/work
    • While traveling
      • Abroad – high, medium and low-risk territories?
      • Domestically
      • Business
      • Personal
    • At corporate or other events
    • At other family member activities
  • WHAT kinds and levels of protection are necessary?
    • Alarm monitoring, access control and trained security agents for controlling access to the principal’s workplace and residence
    • Close personal protection provided by trained EP agents at home, at work, while commuting or traveling
    • Security drivers trained in EP and defensive/evasive driving
    • Automobile(s) specially equipped for security
    • Intelligence analysts that monitor, investigate and report on people of interest, inappropriate communications and threats, and also provide risk analysis and travel risk assessments for the employee’s scheduled trips and events.
    • Surveillance and anti-surveillance protection that identifies and deters potential attackers prior to any attack.
    • Flights on charter aircraft for business and personal reasons

4) EP TEAMS AND ORGANIZATION

  • Draw the organigram that describes the EP organization and its lines to other parts of the corporate organization
  • What are the key job descriptions and qualifications?
  • How does the EP team interface with the rest of the corporate organization?
    • Stakeholder analysis: Who else in the organization does the EP team need to work with? Why is this important?
    • What are the communication procedures between the EP organization and other corporate departments?
  • Training
    • Who should be trained, certified for what and to which level?
    • What are our training program and procedures?
  • Career planning
    • How do we help EP agents and managers continue to develop their capabilities and career – so they stay with us rather than move on?
    • Alignment with corporate HR strategies and procedures?
  • Program scoping
    • How do we scale up or down as needs change? Which costs should be considered as fixed, or variable?

5) PROCUREMENT STRATEGY

  • For technology
    • Which tech do we need?
    • How do we buy it?
    • Alignment with corporate procurement strategies?
  • For human resources
    • Make/buy: Do we insource, outsource or embed key EP positions?
      • The EP manager
      • EP agents
      • Residential agents
      • Intel analysts
    • How do we search, shortlist and evaluate the EP companies we want to work with?
    • Are our contract management & policies in order?

6) PROGRAM DELIVERY AND MAINTENANCE 

  • What are the Standard Operating Procedures (SOPs) for all key processes?
  • How do we assess security risks on an ongoing basis? How often do we update RTVAs? Do we do it ourselves, or ask for third-party assistance?
  • How do we continually improve the skills of our staff?
    • Security exercises and drills: frequency, scope, post-drill evaluation, data collection…
  • How do we inspect and assess the quality of our own security measures?
    • Internal evaluation
    • External audits
    • Red teaming

7) REPORTING AND KPI MEASUREMENT

Which KPIs do we follow and measure program success against? Consider both the “hard” criteria such as the wellbeing of the principal, budget adherence, etc., but also “soft” criteria such as the principal’s satisfaction and team motivation.

  • Which reports do we create on a regular basis? What do they contain? Who writes them? Who reads them?
  • Which ad hoc reports will be necessary, when?

8) BUDGET

  • What are program set-up costs?
  • What are ongoing program costs?
    • Fixed
    • Variable
  • Who has budget responsibility?
  • What are procedures for financial reporting?
  • What do we do about budget/actual deviations?

9) IMPLEMENTATION PLAN

  • What are the critical path milestones for developing and implementing the EP program?
  • Who has responsibility for moving the program forward?
  • Who approves what, when?

10) APPENDICES AND ADDITIONAL NOTES 

  • Is there extra information relevant to the strategy?
  • Do we need a glossary of terms?
  • References & resources
  • Special circumstances

So there you have it, a tried and tested way to structure a corporate EP strategy. We firmly believe that time spent on developing a corporate EP strategy is well spent, and that even if you don’t fill in all of the blanks, covering the main points will serve your program well.

Christian West

Founder and CEO

Christian has been active in the executive protection industry since the late 1980s, when he worked for Danish musicians who relocated to Hollywood. Upon returning to Denmark, he founded his own EP company, which he quickly grew into Scandinavia’s largest, before it was acquired by Securitas.

Christian founded AS Solution in 2003, and again in 2009 followed his international clients to the US, where he is now based. An active member of ASIS and a leader in the corporate executive protection industry, Christian has personally planned and led high-profile engagements in over 76 countries for a wide variety of corporate and high net worth individual clients, including the international roadshow for the biggest IPO in history.

Brian Jantzen

Executive Vice President

After leaving the US Marine Corps as a captain in the early 1990s, Brian has pioneered corporate executive protection services internationally for Fortune 500 companies, high net worth families and NGOs.

Brian has provided protection at the highest levels of corporate and philanthropic environments in over 35 countries. With his demonstrated ability to align security operations with both the client’s organizational goals and personal preferences, Brian uses his strong relationship building, collaboration and project and vendor management expertise to create security solutions that deliver program efficiencies and customer satisfaction. Brian graduated from the University of Washington with a BA in Sociology and is the subject matter expert chair for the ASIS Executive Protection Council.