Site surveys, vulnerability assessments, and executive advisory briefs — authored by senior officers with law-enforcement and military backgrounds, modeled on the ASIS PSP framework, and delivered as documents you can hand to your board, your counsel, or your carrier. The pre-contract assessment is always free. The engagement stands on its own.
Four situations drive almost every advisory engagement we take on. If you are inside any of them, a written assessment will earn back its cost — usually many times over — before it sits a month on your shelf.
Every proposal is accompanied by a complimentary walk and short-form written assessment. You see the plan before the price — and keep the document either way.
Root-cause review, timeline reconstruction, and a remediation memo suitable for your insurance carrier, outside counsel, and executive team. Written to survive litigation review.
Carrier-formatted assessment addressing underwriting criteria that most often drive rate — controlled access, monitored egress, documented post orders, verified response times.
Target-side diligence covering license verification, W-2/1099 exposure, open claims, insurance adequacy, and client concentration. Executive memo plus slide deck for counsel.
Six sequential stages, each with a named deliverable. We walk the same stages on a free pre-contract assessment as on a six-figure standalone engagement — the difference is depth, not discipline.
Two-hour video or on-site call with your executive sponsor. We confirm the site list, the compliance overlays in play, the incidents and concerns driving the engagement, and the report audience — board, carrier, counsel, or operations.
Senior officer walks every covered perimeter, entry, critical asset area, and egress — daytime and after-hours — photographing and annotating. Interviews with your security lead, facilities, and a sample of line staff.
Structured adversarial threat modeling — three to five most probable attack paths for the three to five most probable adversary paths. We separate what's credible from what's marketing; the exercise is grounded in your actual incident data where available.
Every finding mapped against the ASIS PSP domain set plus any compliance overlay in scope — HIPAA Safeguards, SOX ITGC, CJIS Security Policy, or PCI-DSS. Each gap is scored for likelihood, impact, and remediation effort.
Prioritized thirty / sixty / ninety-day plan plus a twelve-month program roadmap. Each action item is named with owner, estimated cost, expected impact, and verification method — so your operations team can execute without us.
Final deliverables: signed PDF report averaging 22 pages, a ten-slide executive deck, and a ninety-minute briefing with your sponsor and any stakeholders they invite. Follow-up questions answered in writing for thirty days at no additional cost.
Two engagement shapes. The pre-contract assessment rides alongside any officer-services proposal and costs nothing. The standalone engagement is priced on scope and carries no expectation that you buy services afterward.
| Engagement | Timeline | Deliverable | Typical fee |
|---|---|---|---|
| Pre-contract | 3–5 business days | 10–12 pg written assessment Signed · PDF | $0 included |
| Single-site | 2–3 weeks | 22 pg report + deck + briefing PSP-aligned | $6,500 – $14,000 |
| Multi-site | 3–6 weeks | Site reports + consolidated brief Program-level roadmap | $18,000 – $60,000 |
| Post-incident | 5–10 business days | Root-cause memo + remediation Counsel-ready | $8,500 – $22,000 |
| M&A diligence | 7–14 business days | Diligence memo + slide deck Confidential · NDA | $12,000 – $45,000 |
| Insurance-renewal | 2–3 weeks | Carrier-formatted report Underwriting-ready | $6,500 – $18,000 |
Healthcare-facing environments. BAA on file, PHI-adjacent findings segregated, encrypted channel for sensitive sections.
Financial-services and public-company data rooms. Physical-access controls mapped to ITGC testing objectives.
Law-enforcement contractors and county-IT spaces handling criminal-justice information — CSP domain alignment.
Merchant environments with card-data adjacency — physical-security controls mapped to PCI 9.0 requirements.
If your question isn't answered here, the senior officer who would author your assessment will take the call directly — not a sales rep, not a gatekeeper. Dispatch will route you.
Yes. When you request a proposal for armed, unarmed, patrol, or alarm-response services, a senior officer walks the property, reviews your existing posture, and delivers a written assessment at no cost and no obligation. The deliverable is shorter than a paid engagement — typically ten to twelve pages — but it is a real, signed document you can keep whether or not you contract with us.
Roughly four out of ten clients who receive the free assessment do not sign a services contract afterward. They keep the document anyway, and we consider the time well spent.
Pre-contract assessments run three to five business days from the site walk to the delivered PDF. Standalone paid engagements run two to four weeks depending on scope, site count, and any compliance overlays. Multi-site program assessments can run three to six weeks.
Post-incident reviews and M&A due diligence can be expedited — to seven and ten business days respectively — when closing timelines or carrier deadlines require it. Expedite fees are disclosed in the scoping memo, not invented at the invoice.
Every Shield of Steel advisory document is authored by a senior officer with either prior law-enforcement command experience or field-grade military service, and reviewed by our COO before delivery. The author's name, credentials, and signature appear on the cover.
Reports are never subcontracted, never ghost-written, and never assembled from templated language. Each site gets its own narrative. Our leadership team carries 100+ years of combined leadership experience — so you can expect the experience of the person reading your report is the experience of the person who wrote it.
In most cases, yes. Our report template is modeled on the ASIS PSP framework and aligns with the underwriting criteria used by major commercial carriers — including Chubb, Travelers, The Hartford, and Liberty Mutual. We have submitted reports that directly supported premium reductions on general liability and property renewals.
If your carrier has a specific format or a specific set of underwriting questions, send them during intake and we'll structure the report to answer them in order. Our median GL/property premium reduction across 2024–2025 renewals has been eleven percent.
Yes, and it's one of our most requested standalone engagements. Most buyers come to us late — the LOI is signed, closing is six weeks out, and nobody on the deal team can tell a Class-B license from a payroll service. We cover license and credential verification, W-2 versus 1099 workforce exposure, open claims and litigation, insurance adequacy, client concentration, and post-close integration risk.
The deliverable is a confidential memo plus an executive slide deck you can share with counsel, lenders, and reps-and-warranties underwriters. All engagements run under NDA; we will not act on both sides of a transaction, ever.
Both, and we will tell you honestly which one is more appropriate. Roughly two-thirds of our advisory clients already have a program — an incumbent vendor, a mix of tech and officers, some written policies — and need a gap analysis plus a prioritized remediation roadmap. The other third are standing up a program new, usually after a growth event or an incident, and need the full stack designed from the ground up.
We do not require you to change vendors as a condition of the work, and we will not recommend a vendor change unless the evidence clearly supports one.
Our healthcare assessments are delivered under a signed BAA with PHI-adjacent findings redacted from the main report and maintained separately under encrypted-channel transfer. The author on healthcare engagements has completed HIPAA Privacy & Security training, and we work directly with your compliance officer to scope the walk so we never enter areas or view records we shouldn't.
We have delivered HIPAA-aligned assessments for hospital systems, outpatient clinics, behavioral-health campuses, and one academic medical center across TN and MS. Every finding maps cleanly to the Security Rule physical-safeguard requirements.
No. The free pre-contract assessment accompanies a proposal, so if you decide not to contract, you still keep the document — and many clients do exactly that. Paid standalone engagements carry zero purchase obligation by design.
About forty percent of our standalone clients implement the roadmap with a different vendor or their internal team, and we are glad to see them do it. A report that sits on a shelf is worth less than one that changes something; the vendor that changes it isn't always us.
ASIS International's Physical Security Professional framework is the most widely recognized body of knowledge in corporate physical security — covering threat and vulnerability assessment, program application, and solutions integration. Underwriters, auditors, and security-minded boards recognize the structure, so findings land faster.
We use it because it is common ground. Your carrier understands it. Your counsel understands it. Your next security vendor will understand it. It keeps our reports portable.
Tell us the address and the reason. A senior officer — the one who would author the report — will be on site within five business days. Pre-contract assessments are free; standalone engagements are scope-priced and delivered on the timeline we commit to.
