EVENT SECURITY PLAN

[EVENT NAME - ENGAGEMENT REF]

The EVENT SECURITY PLAN is the operational planning and physical security template for temporary venue events. This is a template-driven, repeatable report skeleton. All engagement-specific, venue-specific, or principal-specific values must be recorded as bracketed placeholders (e.g. [EVENT], [YYYY-MM-DD]). Do not assert fictional findings or invent data.


Document Control

FieldValue
Report Reference[REF-YYYY-###]
Date of Report[YYYY-MM-DD]
Reporting Period / As-Of Date[YYYY-MM-DD]
Classification / Handling[internal / CONFIDENTIAL - CLIENT EYES ONLY]
Client[CLIENT NAME]
Requesting Party[REQUESTER NAME / ID]
Prepared By[ANALYST NAME / ID]
Reviewed By[REVIEWER NAME / ID]
Approving Officer[APPROVER NAME / ID]
Version[0.1.0]
Distribution[NAMED RECIPIENTS]

Handling: [internal / CONFIDENTIAL]. Disseminate only to authorized recipients. May contain personal data on principals or security staff: store and transmit per data-processing agreement.

Nature of this product: This is a physical security reporting template. It does not deliver legal advice or guarantee prevention of incidents.

Sourcing & verification: Findings derive from physical inspection, local reconnaissance, and open-source intelligence current as of the report date and are graded per Annex A.

Subject / Engagement Snapshot

FieldValue
Target Event[ ]
Venue Location[ ]
Date of Event[ ]
Overall Security Grade[Low / Moderate / Elevated / High / Critical]

Table of Contents

  1. BLUF
  2. Executive Summary
  3. Key Judgments
  4. Priority Intelligence Requirements (PIRs)
  5. Physical & Tactical Findings
  6. Verified Findings
  7. Red Flags
  8. Analysis of Competing Hypotheses (ACH)
  9. Key Assumptions Check
  10. Gaps and RFIs
  11. Recommendations
  12. Annex A: Sources & Methodology
  13. Annex B: Grading Matrices

(Page numbers populate on export to PDF.)


1. BLUF

2-3 sentences. Lead with the overall suitability/safety assessment and the single most critical finding, followed by the recommended security posture. State it so a decision-maker can act on this section alone.

[BLUF]

2. Executive Summary

Triggering requirement and engagement context: what event, route, or area is being covered, the scope of physical advance or transit analysis, and a narrative of key findings across the security dimensions, written to the ICD 203 floor.

[EXECUTIVE SUMMARY]

3. Key Judgments

Key assessments on safety, vulnerability, and threat exposure. Each judgment must separate likelihood (calibrated estimative vocabulary per ICD 203) and confidence (evidence base).

JudgmentLikelihoodConfidenceChange Indicator
[e.g. Unauthorized entry to secure VIP zone][almost no chance / remote / very unlikely / unlikely / roughly even chance / likely / very likely / almost certain][HIGH / MODERATE / LOW][e.g. Failure of credential screening process]

4. Priority Intelligence Requirements (PIRs)

The collection-management spine. Tailor to the specific report type. Matrix must have exactly 4 columns: PIR, Answer, Confidence, Key Gap.

PIRAnswer (summary)ConfidenceKey Gap
PIR-1: Are all ingress/egress corridors secured against forced access?[ ][H/M/L][ ]
PIR-2: Is local emergency liaison established and verified?[ ][H/M/L][ ]
PIR-3: Are backup communications nets fully operational?[ ][H/M/L][ ]

5. Physical & Tactical Findings

This is the core content section. Detailing specific findings. Replace generic items with localized methodology.

5.1 Event Risk Tiering Method

Instructional tradecraft: Calibrate security assets and footprint based on the measured risk tier. Risk tiering is defined below:

  • Tier 1: Attendance < 100 people; private/unpublicized; fully controlled venue; Low threat baseline.
  • Tier 2: Attendance 100-500 people; low-publicity; partially controlled venue; Moderate threat baseline.
  • Tier 3: Attendance 500-2,000 people; publicized; shared/public venue; Elevated threat baseline.
  • Tier 4: Attendance > 2,000 people; high-publicity/media presence; open public venue; High/Critical threat baseline.
  • Calculated Event Tier: [Tier 1 / Tier 2 / Tier 3 / Tier 4].

5.2 Planning Timeline

Instructional tradecraft: Gated milestones from T-30 days to T+24 hours.

  • T-30d: Initiate initial liaison, request site survey [EP-002], and define risk tier.
  • T-14d: Conduct advance site visit, establish command structures, draft security plan.
  • T-7d: Lock guest list, finalize credentialing design, sync local police liaison.
  • T-72h: Set up command post, perform comms checks, brief contract security.
  • T-24h: Complete venue sweep, establish perimeters, run rehearsal drills.
  • T-0: Execute operational plan.
  • T+24h: Generate After-Action Report (AAR).

5.3 Venue Coordination

Instructional tradecraft: Outline venue coordination, site survey reference, liaison registries, and command relations.

OrganizationContact RoleName PlaceholderComms Channel
Venue Management[LIAISON ROLE][NAME][CHANNEL / PHONE]
Local Police[LIAISON ROLE][NAME][CHANNEL / PHONE]
Contract Security[LIAISON ROLE][NAME][CHANNEL / PHONE]
  • Integration model: Contract security integrates as [UNIFORMED OUTER PERIMETER / BAG SCREENERS] and reports to the Detail Leader.

5.4 Access Control and Credentialing

Instructional tradecraft: Define credential zones and screening postures.

  • Access Zone Layout: [DIAGRAM PLACEHOLDER / ZONE DEFINITIONS].
  • Credential Matrix:
Access ZoneCredential Color / TypeAuthorized RolesScreening Posture
Zone A (VIP)[CREDENTIAL][ROLES][Magnetometer / Wanding / Bag Check]
Zone B (Staff)[CREDENTIAL][ROLES][Wanding / Bag Check]
Zone C (General)[CREDENTIAL][ROLES][Bag Check / None]
  • Screening Posture Rule: Tier 3 and 4 events mandate magnetometer screening at all principal zones. Tier 1 and 2 events utilize wanding or bag checks.

5.5 Guest List Handling

Instructional tradecraft: Enforce data security and Person of Interest screening.

  • Classification: [CONFIDENTIAL / restricted].
  • POI screening flow: [POI LIST REGISTRY / SEARCH PROTOCOL].
  • Instructional tradecraft: Screen the guest and vendor list against the current POI register before the event; escalate any match to the Detail Leader.

5.6 Arrival and Departure Choreography

Instructional tradecraft: Coordinate vehicle arrivals, holding rooms, and embus/debus procedures.

  • Motorcade integration: Reference EP-015-executive-transport-service.
  • Holding room standard: [SAFE INNER HOLDING ZONE / BALLISTIC PROTECTION].
  • Embus/debus drill: [IMMEDIATE VEHICLE TRANSIT STEPS].

5.7 Press and Public Interface

Instructional tradecraft: Detail press areas, standoff distances, and public interactions.

  • Press enclosure: [LOCATION / STANDOFF DISTANCE].
  • Crowd line: [PHYSICAL BARRIER TYPE].

5.8 Incident Response Integration

Instructional tradecraft: Coordinate with Emergency Action Plans and medical services.

  • EAP reference: Reference [EP-012] Emergency Action Plan.
  • Medical point criteria: Evacuation routes must have unblocked ambulance access corridors. Evacuation decision authority resides with the [Detail Leader].

5.9 Command Post (CP)

Instructional tradecraft: Define CP structure and comms nets.

  • CP Manning: [Detail Leader / Operations Coordinator].
  • Comms channels: Reference [EP-011] Communications Plan (PACE).
  • Decision Log: [LOG TEMPLATE / INCIDENT RECORDING].

5.10 Contingency Annexes

Instructional tradecraft: Action matrices for unexpected disruptions.

  • Annex C1: Protest / Disruption:
    • Trigger: Crowd assembling at outer gates or shouting inside.
    • Immediate action: Move principal to Zone A holding room; seal interior doors.
    • Decision authority: Detail Leader.
  • Annex C2: Medical Emergency:
    • Trigger: Principal or core staff injury/illness.
    • Immediate action: Secure the patient, dispatch on-site medic, prepare transport.
    • Decision authority: Detail Leader.
  • Annex C3: Adverse Weather:
    • Trigger: Wind speed exceeding [N] knots or local flash flooding.
    • Immediate action: Suspend outdoor movement, redirect to indoor venue.
    • Decision authority: Detail Leader.
  • Annex C4: VIP No-Show:
    • Trigger: Principal delay exceeding 60 minutes past scheduled arrival.
    • Immediate action: Notify CP, hold outer gates, await updated ETA.
    • Decision authority: Operations Manager.
  • Annex C5: Threat Call / Alarm:
    • Trigger: Local alarm activation or direct telephonic threat.
    • Immediate action: Evacuate principal via primary alternate route to motorcade.
    • Decision authority: Detail Leader.
  • Annex C6: UAS Overflight:
    • Trigger: UAS observed loitering over or repeatedly approaching the venue, outdoor assembly areas, or arrival point.
    • Immediate action: CP notes DTG/description/behavior, spotter maintains visual track, move principal and exposed activities indoors or under cover, notify [VENUE SECURITY / LOCAL LAW ENFORCEMENT] per liaison annex.
    • Constraint: Detection, tracking, and reporting only. No jamming, interception, or kinetic response by the detail; counter-UAS action is reserved to state authorities in nearly all jurisdictions.
    • Follow-up: File an EP-027 field contact report the same day; correlate with prior sightings via protective intelligence.
    • Decision authority: Detail Leader.

5.11 UAS Exposure Assessment

Instructional tradecraft: Assess venue UAS exposure during the advance, passively and lawfully.

  • Airspace context: [CONTROLLED AIRSPACE / TEMPORARY RESTRICTIONS / LOCAL UAS RULES per region package legal annex].
  • Venue posture: [VENUE UAS POLICY / ORGANIZER COUNTER-UAS PROVIDER IF ANY / COORDINATION POC].
  • Exposed areas: [OUTDOOR STAGES / ARRIVAL POINTS / ROOFLINES / SIGHTLINE NOTES].
  • Detection tasking: [SPOTTER POST ASSIGNMENT / REPORTING NET per EP-011].

6. Verified Findings

A register of verified findings. Status must be chosen from the allowed vocabulary. Confidence and Materiality must be stated.

#FindingStatusConfidenceMateriality
1[e.g. Venue secondary egress door is functional][Verified / Unverified / Contradicted][H/M/L][L/M/H]

7. Red Flags

Red Flags or notable risk indicators observed. Severity must map to the defined terms: Critical (disqualifying), High (requires EDD/conditions), Medium, Low.

#Red FlagSeverityBasisDisposition
1[e.g. Local police liaison unconfirmed][Crit / High / Med / Low][Liaison attempts failed][Open / Mitigated]

8. Analysis of Competing Hypotheses (ACH)

ACH on the central threat or vulnerability judgment. Document evidence for and against each hypothesis.

HypothesisConsistent EvidenceInconsistent EvidenceAssessment
[Hypothesis, e.g. Access breach occurs via service door][Evidence][Evidence][Assessment]

9. Key Assumptions Check

Key assumptions that, if wrong, would flip the recommendation. List the assumption, its basis, and the impact if false.

  • [Key Assumption, e.g. Local emergency service response remains under 10 minutes] (risk if false: [risk])

10. Gaps and RFIs

Collection gaps and Request for Information (RFIs). Identify missing information and the impact on the assessment.

  • [Gap / RFI, e.g. Local utility access key layout is missing] (impact: [impact], priority: [H/M/L])

11. Recommendations

Translate the assessment into concrete recommendations for the stakeholder groups (e.g. TL, Detail Leader, drivers).

  • [Recommendation] (owner: [owner])

Annex A: Sources & Methodology

Collection methods and scope. Source register must be graded with the Admiralty two-axis code. Describe where the methods are doctrine-derived.

A.1 Methodology

The Event Security Plan is compiled using the venue site survey, coordination meetings with client event managers and local police, and historical incident logs. It consumes the ART-protective-intel-assessment (to analyze local threat baselines).

A.2 Source Register

Source / TypeAdmiralty GradeDate VerifiedRelevance
[Source Description][A-F/1-6][YYYY-MM-DD][Description]

Annex B: Grading Matrices

NATO Admiralty source reliability (A-F): A Completely reliable · B Usually reliable · C Fairly reliable · D Not usually reliable · E Unreliable · F Reliability cannot be judged.

NATO Admiralty information credibility (1-6): 1 Confirmed by other sources · 2 Probably true · 3 Possibly true · 4 Doubtful · 5 Improbable · 6 Truth cannot be judged.

Risk scoring key: Likelihood (1-5) × Impact (1-5) = 1-25; 1-5 Low · 6-10 Moderate · 11-15 Elevated · 16-20 High · 21-25 Critical.

END OF REPORT

Model wiring

Generated from cell frontmatter at publish time.