How to Deliver the Quickest Vulnerability Assessments in the Industry
You’re wasting a lot of time on your risk analysis and vulnerability assessments, and that means you’re missing out on greater profits. You’re having a hard time quickly and accurately performing vulnerability assessments of a premises—and the longer it takes to complete a vulnerability assessment, the less time you have for additional clients.
As competition with other security consultants heats up, you need to find a better way to deliver efficient risk assessments to your clients.
An efficient risk analysis doesn’t just save time, it also helps you win more customers. Want to deliver the quickest assessments in the industry? Here are key tips to help you boost your efficiency and stand out from the competition.
Do Some Recon Ahead of Time
Many security consultants go to a site knowing nothing about the premises or the client’s pre-existing issues. Ignorance may be bliss, but finding out too late about the mess that’s waiting for you means your project just became a costly time-sink.
But if you do some quick recon work before your site visit, you’ll know what to look for before you even set foot on the premises—and you can boost the efficiency of your vulnerability assessment.
Send an interview questionnaire to your point-of-contact before you go onsite and have them return it to you at least one day before your inspection. Ask for information about issues they’re dealing with so you’ll know what to look for and what follow-up questions to ask during your visit.
Find out what’s critical to the company before you begin: What are the key assets, services, and single points of failure that need to be protected? What are they most worried about? What compliance issues do they keep dealing with? Also get a history of the premises since your last visit. Find out what crimes, incidents, and losses have occurred—and what corrective actions were taken.
Fewer site visits mean you’re spending more time on value-added work and less time fixing issues that got missed the first time around.
Plan Your Attack
You can waste a lot of time on-site, simply because you’re not being tactical with your security inspection. Have a plan of attack before you arrive to cut down on costly inefficiency during the risk assessment. Start with these best practices:
- Have compliance and regulation questions prepared before going on site. Know what questions you need for each sector, and organize them in the order you’ll go in during the inspection.
- Start from the outside and work your way inside to assets. Think of the rings of security—perimeter, parking lot/grounds, exterior walls and doors, interior public areas, etc. It should be increasingly difficult to get to an asset, due to the security countermeasures of each successive ring.
- Plan a day and night inspection to see the differences in lighting etc. Also plan an inspection during working hours and non-working hours. It’s best to do a full and comprehensive inspection at once, rather than having to keep coming back to check variables you missed the first time around.
You’d be surprised how much time and effort you’re wasting simply trying to describe the locations of various problems. How do you explain the locations of an issue you found on three different places along a 300-foot chainlink fence, or somewhere near the middle of a large warehouse floor?
Rely on geolocation coordinates to give the exact location of hard-to-describe reference points. Or, better yet, use floor plans to document where all of the vulnerabilities are. Visual references are not only quick to document, they’re also easy for your client to understand and act on.
Scrap the Paper
Most security consultants are still using paper notepads and checklists to take notes during their onsite inspections. But taking notes by hand is a huge waste of time—both during the inspection and afterwards, when you’re writing your report.
Today’s technology lets you cut several hours out of each job. Here’s a sample of what you can do if you ditch paper methods and use digital tools on a tablet or laptop:
- Embed photos automatically in the report, with no cropping or formatting
- Auto-generate your reporting—just edit your reports versus creating new ones
- Easily document every vulnerability—the right software makes it easy to capture every point of risk or vulnerability
- Eliminate transposing notes—no more duplicating your efforts
Imagine the competitive advantage technology can provide over the majority of consultants who are still relying on inefficient paper methods. By using tools like Circadian Risk’s vulnerability assessment software, you can deliver more value to more clients in less time.
Fast—and Complete—Vulnerability Assessments
You don’t have to cut corners to crank out more vulnerability assessments—you just need to cut the wasted time and effort from your process. Follow these tips and you’ll be delivering the most complete and the quickest vulnerability assessments in the industry—and the highest quality risk analysis.
Get more content to help you beat the competition—delivered right to your inbox. Subscribe to the Circadian Risk blog.