VETERAN-LED.
NATIONALLY RECONIZED.
FEDERALLY CREDENTAILED
Knowledge base
PROM™ security & governance intelligence
20 disciplines organized across the four phases of the PROM™ framework - drawn from 40 years of operational experience in federal law enforcement, emergency management, and corporate security leadership.
PROM™ Knowledge Base - One-line definitions · All topics
P - Protection
Threat assessment - The intelligence-driven process of identifying, evaluating, and prioritizing what threatens your organization before it becomes an incident.
Vulnerability analysis - The structured examination of where your people, processes, facilities, and technology are exposed to the threats you face.
Behavioral indicators - The observable actions, communications, and patterns that research has consistently identified as precursors to targeted violence and workplace threats.
Security culture training - The sustained effort to make security awareness, personal accountability, and protective behavior part of how every member of your organization thinks and operates every day.
Access control review - The evaluation of how effectively your credentialing systems, entry procedures, and physical access controls are actually functioning - not how they are designed to function.
R - Resilience
EOP development - The creation of the Emergency Operations Plan that establishes clear authority, assigns named responsibilities, and defines how your organization responds across all hazard scenarios.
Active shooter protocols - The pre-planned, trained, and exercised response procedures that define individual actions, communication pathways, and law enforcement interface in an active threat event.
ICS structure - The application of the Incident Command System to establish unified command, clear span of control, and coordinated decision-making during incidents of any scale.
HSEEP exercises - The national exercise doctrine that ensures your tabletop, functional, and full-scale exercises are purposefully designed, rigorously evaluated, and followed by documented corrective action.
EOC operations - The activation and management of the Emergency Operations Center as the strategic and operational hub for policy decisions, resource coordination, and situational awareness during an incident.
O - Operations
COOP development - The planning discipline that identifies your mission-essential functions and ensures they continue operating through any disruption through pre-designated succession, delegated authority, and alternate facilities.
BCP planning - The Business Continuity Plan that protects critical business processes, revenue, and stakeholder confidence through disruption - built on a Business Impact Analysis that quantifies what each process is worth.
Succession planning - The pre-designation of who is authorized to assume the authorities, responsibilities, and decision-making capacity of key positions when primary leaders are unavailable.
Alternate operations - The pre-planned capability to perform mission-essential functions from geographically separated locations when your primary facility is unavailable, inaccessible, or unsafe.
Resource redundancy - The deliberate maintenance of backup systems, alternate suppliers, cross-trained personnel, and reserve capabilities that keep operations running when primary resources fail.
M - Mastery
After-action review (AAR) - The structured post-incident and post-exercise process that evaluates organizational performance, identifies specific strengths and gaps, and produces the documented findings that drive corrective action.
Corrective action plans - The governance instrument that assigns every AAR finding to a named owner with a specific action, defined timeline, required resources, and a verification method - closing the gap between learning and improvement.
Risk reduction strategies - The deliberate application of avoidance, mitigation, transfer, and acceptance approaches to reduce the probability and impact of identified threats across the organizational risk landscape.
Program hardening - The continuous strengthening of security and resilience programs across policy, training, technology, relationships, and culture in response to operational learning and threat evolution.
Lessons learned integration - The discipline of capturing, validating, disseminating, and embedding the insights from incidents and exercises into the plans, training, and governance systems that shape future organizational performance.