Conducting a security vulnerability assessment

Because of various tragic events over the past two years, camps are taking a closer look at their overall security. While there are several ways to review program security, it is good to start with assessing a program’s vulnerabilities. The National Fire Prevention Association (NFPA) has developed a systematic assessment process that you might find helpful.

According to NFPA 730, Guide for Premises Security, a security vulnerability assessment should include, but not be limited to, the following steps:

Step 1:

Formation of a team – Form a team of personnel from pertinent organizational areas and other stakeholders.

Step 2:

Organization/facility characterization – Characterize the organization and the facilities to be protected.

Step 3:

Threat assessment – Classify threats using an assessment process that includes but is not limited to the following:
  • A classification of critical assets
  • Identification of potential targets
  • Consequence analysis (i.e. effect of loss, including any potential off-site consequence)
  • Definition of potential threats (i.e. identify potential adversaries and what is known about them)

Step 4:

Threat vulnerability analysis – Conduct a threat vulnerability analysis identifying actual and potential threat scenarios and estimate a relative security risk level.
Have a safety or risk management question, concern,
or idea for our next newsletter?

Step 5:

Specific security countermeasures – Define countermeasures using information from the previous four steps, including characterization, threat, and vulnerability analysis.

Step 6:

Risk reduction – Reassess the relative security risk levels developed in Step 4, taking into account countermeasures defined in Step 5, and implement additional security risk reduction measures (security countermeasures) where appropriate.

Step 7:

Documentation and tracking – Document findings and recommendations and track the implementation of accepted recommendations.

You can obtain a copy of this guide through the NFPA (

The information provided in this article is intended for general informational purposes only and should not be considered as all encompassing, or suitable for all situations, conditions, and environments. Please contact us at or your attorney if you have any questions. The article may not be linked to, copied, reproduced, republished, posted, or distributed in any way by non-policyholders of Markel®, without permission.