A vulnerability analysis is a systematic review of security weaknesses in an organization’s physical and electronic security posture. Protective Resources conducts thorough assessments to identify potential threats and recommends appropriate countermeasures — delivered as an independent, objective work product with no products to sell and no installation contract to win.

Our Assessment Methodology

Every assessment begins by understanding what you are protecting and from whom. We combine document review, stakeholder interviews, site surveys (including after-hours and adversarial-perspective walk-throughs), and systems testing to build a complete picture of your security posture:

What You Receive

The result is a detailed written report with findings ranked by risk and prioritized, budget-conscious recommendations — distinguishing what must be fixed now from what can be planned into future budget cycles. Each recommendation is actionable: specific enough to hand to a designer or integrator, and documented well enough to support funding requests to leadership.

Regulatory and Industry Contexts

Our assessments support compliance-driven requirements including NERC CIP-014 evaluations for utilities, MTSA Facility Security Assessments for waterfront facilities, DEA diversion risk assessments, and bank security program reviews. Assessments are also frequently commissioned by counsel following an incident, where our expert witness experience ensures the work product withstands legal scrutiny.

Executive Protection — Independent Security Studies Under 26 U.S. Code § 132

When a corporation provides security to an executive — a residential security system, secure transportation, or personal protection — the cost of that security is ordinarily treated as taxable compensation to the executive. Under 26 U.S. Code § 132 and Treasury Regulation § 1.132-5(m), however, employer-provided security may qualify as a non-taxable working condition fringe benefit when a bona fide business-oriented security concern exists and the protection is provided under an overall security program.

For most organizations, maintaining 24-hour protection is impractical. The regulations provide an alternative: an independent security study performed by an independent security consultant. When the study is based on an objective assessment of the facts, recommends specific security measures, and the employer implements the applicable recommendations on a consistent basis, security provided in accordance with the study — including security at the executive’s residence — may satisfy the overall security program requirement.

Protective Resources performs independent security studies structured to support this classification:

Because we are fully independent — with no affiliation to any integrator, product manufacturer, or protective services provider — our studies meet the regulation’s independence expectation and provide your tax advisors with an objective, defensible foundation. Protective Resources does not provide tax or legal advice; the tax treatment of any security program should be determined by your tax counsel, with our study serving as the supporting security documentation.

Request a Vulnerability Assessment