EVENT SECURITY PLAN
[EVENT NAME - ENGAGEMENT REF]
The EVENT SECURITY PLAN is the operational planning and physical security template for temporary venue events. This is a template-driven, repeatable report skeleton. All engagement-specific, venue-specific, or principal-specific values must be recorded as bracketed placeholders (e.g. [EVENT], [YYYY-MM-DD]). Do not assert fictional findings or invent data.
Document Control
| Field | Value |
|---|---|
| Report Reference | [REF-YYYY-###] |
| Date of Report | [YYYY-MM-DD] |
| Reporting Period / As-Of Date | [YYYY-MM-DD] |
| Classification / Handling | [internal / CONFIDENTIAL - CLIENT EYES ONLY] |
| Client | [CLIENT NAME] |
| Requesting Party | [REQUESTER NAME / ID] |
| Prepared By | [ANALYST NAME / ID] |
| Reviewed By | [REVIEWER NAME / ID] |
| Approving Officer | [APPROVER NAME / ID] |
| Version | [0.1.0] |
| Distribution | [NAMED RECIPIENTS] |
Handling & Legal Caveat
Handling: [internal / CONFIDENTIAL]. Disseminate only to authorized recipients. May contain personal data on principals or security staff: store and transmit per data-processing agreement.
Nature of this product: This is a physical security reporting template. It does not deliver legal advice or guarantee prevention of incidents.
Sourcing & verification: Findings derive from physical inspection, local reconnaissance, and open-source intelligence current as of the report date and are graded per Annex A.
Subject / Engagement Snapshot
| Field | Value |
|---|---|
| Target Event | [ ] |
| Venue Location | [ ] |
| Date of Event | [ ] |
| Overall Security Grade | [Low / Moderate / Elevated / High / Critical] |
Table of Contents
- BLUF
- Executive Summary
- Key Judgments
- Priority Intelligence Requirements (PIRs)
- Physical & Tactical Findings
- Verified Findings
- Red Flags
- Analysis of Competing Hypotheses (ACH)
- Key Assumptions Check
- Gaps and RFIs
- Recommendations
- Annex A: Sources & Methodology
- Annex B: Grading Matrices
(Page numbers populate on export to PDF.)
1. BLUF
2-3 sentences. Lead with the overall suitability/safety assessment and the single most critical finding, followed by the recommended security posture. State it so a decision-maker can act on this section alone.
[BLUF]
2. Executive Summary
Triggering requirement and engagement context: what event, route, or area is being covered, the scope of physical advance or transit analysis, and a narrative of key findings across the security dimensions, written to the ICD 203 floor.
[EXECUTIVE SUMMARY]
3. Key Judgments
Key assessments on safety, vulnerability, and threat exposure. Each judgment must separate likelihood (calibrated estimative vocabulary per ICD 203) and confidence (evidence base).
| Judgment | Likelihood | Confidence | Change Indicator |
|---|---|---|---|
| [e.g. Unauthorized entry to secure VIP zone] | [almost no chance / remote / very unlikely / unlikely / roughly even chance / likely / very likely / almost certain] | [HIGH / MODERATE / LOW] | [e.g. Failure of credential screening process] |
4. Priority Intelligence Requirements (PIRs)
The collection-management spine. Tailor to the specific report type. Matrix must have exactly 4 columns: PIR, Answer, Confidence, Key Gap.
| PIR | Answer (summary) | Confidence | Key Gap |
|---|---|---|---|
| PIR-1: Are all ingress/egress corridors secured against forced access? | [ ] | [H/M/L] | [ ] |
| PIR-2: Is local emergency liaison established and verified? | [ ] | [H/M/L] | [ ] |
| PIR-3: Are backup communications nets fully operational? | [ ] | [H/M/L] | [ ] |
5. Physical & Tactical Findings
This is the core content section. Detailing specific findings. Replace generic items with localized methodology.
5.1 Event Risk Tiering Method
Instructional tradecraft: Calibrate security assets and footprint based on the measured risk tier. Risk tiering is defined below:
- Tier 1: Attendance < 100 people; private/unpublicized; fully controlled venue; Low threat baseline.
- Tier 2: Attendance 100-500 people; low-publicity; partially controlled venue; Moderate threat baseline.
- Tier 3: Attendance 500-2,000 people; publicized; shared/public venue; Elevated threat baseline.
- Tier 4: Attendance > 2,000 people; high-publicity/media presence; open public venue; High/Critical threat baseline.
- Calculated Event Tier: [Tier 1 / Tier 2 / Tier 3 / Tier 4].
5.2 Planning Timeline
Instructional tradecraft: Gated milestones from T-30 days to T+24 hours.
- T-30d: Initiate initial liaison, request site survey [EP-002], and define risk tier.
- T-14d: Conduct advance site visit, establish command structures, draft security plan.
- T-7d: Lock guest list, finalize credentialing design, sync local police liaison.
- T-72h: Set up command post, perform comms checks, brief contract security.
- T-24h: Complete venue sweep, establish perimeters, run rehearsal drills.
- T-0: Execute operational plan.
- T+24h: Generate After-Action Report (AAR).
5.3 Venue Coordination
Instructional tradecraft: Outline venue coordination, site survey reference, liaison registries, and command relations.
- Site survey input: Reference EP-002-advance-survey-report.
- Venue Liaison Registry:
| Organization | Contact Role | Name Placeholder | Comms Channel |
|---|---|---|---|
| Venue Management | [LIAISON ROLE] | [NAME] | [CHANNEL / PHONE] |
| Local Police | [LIAISON ROLE] | [NAME] | [CHANNEL / PHONE] |
| Contract Security | [LIAISON ROLE] | [NAME] | [CHANNEL / PHONE] |
- Integration model: Contract security integrates as [UNIFORMED OUTER PERIMETER / BAG SCREENERS] and reports to the Detail Leader.
5.4 Access Control and Credentialing
Instructional tradecraft: Define credential zones and screening postures.
- Access Zone Layout: [DIAGRAM PLACEHOLDER / ZONE DEFINITIONS].
- Credential Matrix:
| Access Zone | Credential Color / Type | Authorized Roles | Screening Posture |
|---|---|---|---|
| Zone A (VIP) | [CREDENTIAL] | [ROLES] | [Magnetometer / Wanding / Bag Check] |
| Zone B (Staff) | [CREDENTIAL] | [ROLES] | [Wanding / Bag Check] |
| Zone C (General) | [CREDENTIAL] | [ROLES] | [Bag Check / None] |
- Screening Posture Rule: Tier 3 and 4 events mandate magnetometer screening at all principal zones. Tier 1 and 2 events utilize wanding or bag checks.
5.5 Guest List Handling
Instructional tradecraft: Enforce data security and Person of Interest screening.
- Classification: [CONFIDENTIAL / restricted].
- POI screening flow: [POI LIST REGISTRY / SEARCH PROTOCOL].
- Instructional tradecraft: Screen the guest and vendor list against the current POI register before the event; escalate any match to the Detail Leader.
5.6 Arrival and Departure Choreography
Instructional tradecraft: Coordinate vehicle arrivals, holding rooms, and embus/debus procedures.
- Motorcade integration: Reference EP-015-executive-transport-service.
- Holding room standard: [SAFE INNER HOLDING ZONE / BALLISTIC PROTECTION].
- Embus/debus drill: [IMMEDIATE VEHICLE TRANSIT STEPS].
5.7 Press and Public Interface
Instructional tradecraft: Detail press areas, standoff distances, and public interactions.
- Press enclosure: [LOCATION / STANDOFF DISTANCE].
- Crowd line: [PHYSICAL BARRIER TYPE].
5.8 Incident Response Integration
Instructional tradecraft: Coordinate with Emergency Action Plans and medical services.
- EAP reference: Reference [EP-012] Emergency Action Plan.
- Medical point criteria: Evacuation routes must have unblocked ambulance access corridors. Evacuation decision authority resides with the [Detail Leader].
5.9 Command Post (CP)
Instructional tradecraft: Define CP structure and comms nets.
- CP Manning: [Detail Leader / Operations Coordinator].
- Comms channels: Reference [EP-011] Communications Plan (PACE).
- Decision Log: [LOG TEMPLATE / INCIDENT RECORDING].
5.10 Contingency Annexes
Instructional tradecraft: Action matrices for unexpected disruptions.
- Annex C1: Protest / Disruption:
- Trigger: Crowd assembling at outer gates or shouting inside.
- Immediate action: Move principal to Zone A holding room; seal interior doors.
- Decision authority: Detail Leader.
- Annex C2: Medical Emergency:
- Trigger: Principal or core staff injury/illness.
- Immediate action: Secure the patient, dispatch on-site medic, prepare transport.
- Decision authority: Detail Leader.
- Annex C3: Adverse Weather:
- Trigger: Wind speed exceeding [N] knots or local flash flooding.
- Immediate action: Suspend outdoor movement, redirect to indoor venue.
- Decision authority: Detail Leader.
- Annex C4: VIP No-Show:
- Trigger: Principal delay exceeding 60 minutes past scheduled arrival.
- Immediate action: Notify CP, hold outer gates, await updated ETA.
- Decision authority: Operations Manager.
- Annex C5: Threat Call / Alarm:
- Trigger: Local alarm activation or direct telephonic threat.
- Immediate action: Evacuate principal via primary alternate route to motorcade.
- Decision authority: Detail Leader.
- Annex C6: UAS Overflight:
- Trigger: UAS observed loitering over or repeatedly approaching the venue, outdoor assembly areas, or arrival point.
- Immediate action: CP notes DTG/description/behavior, spotter maintains visual track, move principal and exposed activities indoors or under cover, notify [VENUE SECURITY / LOCAL LAW ENFORCEMENT] per liaison annex.
- Constraint: Detection, tracking, and reporting only. No jamming, interception, or kinetic response by the detail; counter-UAS action is reserved to state authorities in nearly all jurisdictions.
- Follow-up: File an EP-027 field contact report the same day; correlate with prior sightings via protective intelligence.
- Decision authority: Detail Leader.
5.11 UAS Exposure Assessment
Instructional tradecraft: Assess venue UAS exposure during the advance, passively and lawfully.
- Airspace context: [CONTROLLED AIRSPACE / TEMPORARY RESTRICTIONS / LOCAL UAS RULES per region package legal annex].
- Venue posture: [VENUE UAS POLICY / ORGANIZER COUNTER-UAS PROVIDER IF ANY / COORDINATION POC].
- Exposed areas: [OUTDOOR STAGES / ARRIVAL POINTS / ROOFLINES / SIGHTLINE NOTES].
- Detection tasking: [SPOTTER POST ASSIGNMENT / REPORTING NET per EP-011].
6. Verified Findings
A register of verified findings. Status must be chosen from the allowed vocabulary. Confidence and Materiality must be stated.
| # | Finding | Status | Confidence | Materiality |
|---|---|---|---|---|
| 1 | [e.g. Venue secondary egress door is functional] | [Verified / Unverified / Contradicted] | [H/M/L] | [L/M/H] |
7. Red Flags
Red Flags or notable risk indicators observed. Severity must map to the defined terms: Critical (disqualifying), High (requires EDD/conditions), Medium, Low.
| # | Red Flag | Severity | Basis | Disposition |
|---|---|---|---|---|
| 1 | [e.g. Local police liaison unconfirmed] | [Crit / High / Med / Low] | [Liaison attempts failed] | [Open / Mitigated] |
8. Analysis of Competing Hypotheses (ACH)
ACH on the central threat or vulnerability judgment. Document evidence for and against each hypothesis.
| Hypothesis | Consistent Evidence | Inconsistent Evidence | Assessment |
|---|---|---|---|
| [Hypothesis, e.g. Access breach occurs via service door] | [Evidence] | [Evidence] | [Assessment] |
9. Key Assumptions Check
Key assumptions that, if wrong, would flip the recommendation. List the assumption, its basis, and the impact if false.
- [Key Assumption, e.g. Local emergency service response remains under 10 minutes] (risk if false: [risk])
10. Gaps and RFIs
Collection gaps and Request for Information (RFIs). Identify missing information and the impact on the assessment.
- [Gap / RFI, e.g. Local utility access key layout is missing] (impact: [impact], priority: [H/M/L])
11. Recommendations
Translate the assessment into concrete recommendations for the stakeholder groups (e.g. TL, Detail Leader, drivers).
- [Recommendation] (owner: [owner])
Annex A: Sources & Methodology
Collection methods and scope. Source register must be graded with the Admiralty two-axis code. Describe where the methods are doctrine-derived.
A.1 Methodology
The Event Security Plan is compiled using the venue site survey, coordination meetings with client event managers and local police, and historical incident logs. It consumes the ART-protective-intel-assessment (to analyze local threat baselines).
A.2 Source Register
| Source / Type | Admiralty Grade | Date Verified | Relevance |
|---|---|---|---|
| [Source Description] | [A-F/1-6] | [YYYY-MM-DD] | [Description] |
Annex B: Grading Matrices
NATO Admiralty source reliability (A-F): A Completely reliable · B Usually reliable · C Fairly reliable · D Not usually reliable · E Unreliable · F Reliability cannot be judged.
NATO Admiralty information credibility (1-6): 1 Confirmed by other sources · 2 Probably true · 3 Possibly true · 4 Doubtful · 5 Improbable · 6 Truth cannot be judged.
Risk scoring key: Likelihood (1-5) × Impact (1-5) = 1-25; 1-5 Low · 6-10 Moderate · 11-15 Elevated · 16-20 High · 21-25 Critical.
END OF REPORT
Model wiring
Generated from cell frontmatter at publish time.