Before you hire guards, hire someone to tell you what you actually need.
Our consulting practice helps private institutions understand their actual risks — not the ones their last vendor sold them — and build a security strategy that earns its budget.
Everything in the contract.
No surprise line items. No optional “essentials” upsold after signing. The list below is the standard.
- On-site vulnerability assessment using ASIS / ISO 31000 methodology
- Threat modelling per location and asset class — TVRA framework
- Vendor procurement support — RFI, RFP drafting, tender adjudication, scoring
- Security policy & SOP development — bank-grade or NGO field-ready
- Crisis management plan + 2 tabletop exercises per year
- Executive travel security briefings — pre-trip, in-country, post-trip
- Independent audit of incumbent providers — written from client perspective
- Board-ready report — non-technical summary + technical annex
Tangible deliverables.
Not promises. Documents, hardware, access, certificates — the artefacts you can hand to your auditor or hold in your hand.
- 01Threat & Vulnerability Risk Assessment (TVRA) — full methodology
- 02Asset register — every asset categorised by criticality and threat exposure
- 03Risk register — every identified risk scored, owned, and mitigated
- 04Executive summary — 2-page board-ready briefing
- 05Technical annex — detailed findings, photographs, diagrams
- 06Remediation roadmap — prioritised list, costed, sequenced over 6–24 months
- 07Vendor procurement support — RFI / RFP drafting, scoring matrix, adjudication
- 0860-minute board presentation by the lead consultant
5-step engagement, every time.
Same process for a single residence and a 50-branch bank. Repeatable, documented, contractually committed.
- 01
Scoping call
60-minute call with the executive sponsor. Defines scope, deliverables, timeline, fixed fee. Output: written engagement letter signed by both parties.
- 02
Site visits
Lead consultant + analyst on each site. Walks perimeter, interviews staff, photographs every finding. 1–2 days per site for typical engagements.
- 03
Draft report
Within 10 working days of site visits: full draft report with executive summary, technical findings, prioritised remediation. Shared with executive sponsor first.
- 04
Client review
60-minute review with the executive sponsor and (where applicable) head of security. Adjustments made for factual accuracy. Recommendations are not negotiated.
- 05
Final + presentation
Final report delivered. Lead consultant presents to the board on request. Roadmap reviewed at 90-day and 180-day check-ins (included).
The promises with numbers attached.
Every commitment below is in the engagement letter — measured, reported, and creditable to the client invoice if missed.
Plays nicely with your stack.
We don’t lock you into our portal. Your existing systems remain the source of truth.
- RFI / RFP drafting using client's procurement standards
- Vendor scoring matrix tailored to client weighting
- Tabletop exercise design (BSI 11200 / FEMA HSEEP frameworks)
- Crisis-management plan integration with existing BCP
Honest scope.
We tell you what we don’t do — so you can scope it with the right partner.
- Operational delivery of any service we recommend (see non-compete)
- Penetration testing of digital infrastructure (specialist cyber partner referral)
- Forensic investigations (forensic-accredited partner referral)
Pick a tier. We’ll tailor the rest.
All prices exclude VAT (18%). “Per post” = 24-hour coverage with 3 officers in 8-hour shifts.
Single-Site Assessment
Office, branch, residence, compound
Multi-Site Programme
Branch network or NGO country programme
Retainer
Boards / executives needing ongoing advisory
Yes — and it's one of our most-requested services. Our audits are written from the client's perspective, not the industry's. We have audited engagements where we identified that the incumbent vendor (a competitor) was actually delivering well and recommended the client retain them. Independence is the product.
A single-site assessment is fixed at UGX 12,000,000 (Kampala metro), UGX 15,000,000 outside Kampala. Multi-site engagements are scoped per project, fixed-fee, capped — no hourly billing surprises.
Yes. Our standard engagement letter prohibits us from quoting on the operational delivery for 12 months after submitting an audit report on a third party. If you want us to deliver after the audit, we re-engage on commercial terms after that period or via a separately-procured tender.
Engagements are led by named consultants — typically a partner with 15+ years in private security, supported by analysts. The first page of every proposal lists the team by name with bios; you'll know exactly who is on the ground at your site.
Stronger together.
Get a risk consulting quote in 24 hours.
Tell us about your premises. We'll come back with a written proposal — including officers, equipment, and pricing — within one working day.