Security Reviews & Vulnerability Assessment — UK

We do not start at the property.
We start with the client.

The Fortis Security Review is not a property inspection. It is a complete security advisory. Every review begins with an intelligence-led assessment of the individual - their public profile, their threat environment, and the specific risks their circumstances generate. The physical survey follows from that analysis. That sequencing is what makes the difference.

What sets Fortis apart

Six reasons clients commission
a Fortis review.

  • 01
    We start with the client, not the property

    Every review begins with an intelligence-led risk profile of the principal. The physical assessment that follows is already contextualised - findings are graded against the specific risk picture of this person, at this location, at this moment.

  • 02
    Advice that follows the client, not a commercial preference

    Where a client requires operational security delivery alongside their review, Fortis Secure - our sister operation - provides that capability to the same standard. Where a client prefers a fully independent report for use with their existing providers, we deliver that instead. The recommendation follows the client's requirement, not a commercial interest in the outcome.

  • 03
    Insurance alignment as a core methodology

    Every finding is cross-referenced against the client's insurance policy conditions. Fortis specifically identifies where current arrangements create compliance gaps that could affect the validity of a claim at the point of loss. Most security reviews do not do this rigorously.

  • 04
    Intelligence-led, not checklist-driven

    Geographic crime data, OSINT, digital footprint analysis, and threat assessment are built into the methodology at every tier. The Fortis review reflects the actual threat picture, not a generic assessment of a property type.

  • 05
    A report that holds up to scrutiny

    Written to the standard expected by a Lloyd's underwriter, a Mayfair advisory firm, or a High Court judge. Clear, graded, actionable, and professionally expressed. Not a catalogue of observations - a complete security advisory.

  • 06
    Credibility that most firms cannot match

    Built on direct experience in UK policing, specialist close protection, and UK special forces. Fortis understands both the threat environment and the world the client operates in.

The four-layer methodology

Every review applies the same
structured four-layer model.

01

Client Risk Profile

OSINT-led intelligence assessment of the client: public exposure, digital footprint, litigation history, household composition, asset profile, and known threat indicators. Built before the site visit begins.

02

Geographic & Crime Intelligence

Formal analysis of the local crime environment: burglary data, organised crime group activity, regional threat patterns, and seasonal risk. Not impressionistic - evidenced against verifiable sources.

03

Physical & Technical Assessment

Comprehensive site survey: perimeter, access control, technology systems, personnel arrangements, TSCM vulnerability, high-value asset protection, and digital and cyber security.

04

Advisory Report

Professional report with findings graded by severity, cross-referenced to insurance policy conditions, and structured into a clear tiered action plan. Written to professional standard throughout.

Review tiers

Three levels of assessment, structured
around the client's requirement.

01

Fortis Sentinel Review

UHNWI principals, family offices, multi-property estates

The most comprehensive instruction Fortis conducts. Opens with a full intelligence-led client risk assessment before any site work begins. Covers all 20 security domains across four phases: intelligence, client interview, on-site assessment, and preliminary report.

  • 20 domains across 4 phases
  • Full commercial screening and OSINT
  • Adversarial threat matrix
  • Digital footprint analysis
  • TSCM and crisis management
  • Multiple property compliance
02

Fortis Estate Review

HNWI clients, private estate owners

A thorough review scaled to the HNWI private estate client. Full on-site assessment across physical, technology, assets, TSCM, and insurance compliance domains. Intelligence phase covers public exposure and geographic crime context.

  • 15 domains across 3 phases
  • Public records and social media audit
  • Focused threat matrix
  • Geographic crime context
  • Four-tier grading framework
  • Insurance compliance report
03

Fortis Residence Review

High-value residential properties

Entry-level review for high-value residential instructions. Pre-visit phase covers crime context, current arrangements, and asset capture. Full on-site assessment covering physical security, technology, high-value assets, digital security, and insurance compliance.

  • 10 domains across 2 phases
  • Geographic crime context
  • Basic client profile
  • Full on-site assessment
  • Professional graded report
  • Prioritised recommendations
Assessment domains

What every Fortis review covers,
at the appropriate depth for the tier.

  • Physical security

    Perimeter, access control, doors, windows, outbuildings, landscaping, and lighting. Assessed against the specific threat picture of the client, not a generic property standard.

  • Technology and systems

    CCTV, intruder detection grade and accreditation, access control systems, system integration, and resilience. Assessment covers whether the installed standard is appropriate to the risk.

  • High-value asset protection

    Safes (Eurograde compliance), art, jewellery, watches, vehicles, and collections. Specification checked against insurance policy requirements and current protection standards.

  • Insurance policy compliance

    Every finding cross-referenced against policy conditions: warranty basis, lock specification, alarm grade, safe specification. Fortis specifically identifies gaps that could affect a claim before they become a problem.

  • Digital and cyber security

    Smart home vulnerabilities, network architecture, IoT device security, and staff digital hygiene. Increasingly relevant as residential systems become interconnected.

  • Personnel and access management

    Staff and contractor vetting, access management protocols, and insider risk assessment. A significant and frequently underassessed dimension of residential security.

  • TSCM vulnerability

    Covert surveillance risk indicators, sensitive room identification, and communications security. Assessed within the review; full TSCM sweep available as a separate instruction.

Findings and recommendations

A four-tier grading framework
applied to every finding.

All findings in a Fortis review are graded on a consistent four-tier framework. This allows the client to understand the relative urgency of each finding and to prioritise action accordingly. Recommendations are structured into three tiers: immediate actions (0-30 days), short-term actions (30-90 days), and strategic actions (3-12 months).

On the report standard

The report is not a catalogue of problems. It is a document that supports decision-making. Every finding is referenced to the specific threat context that makes it relevant. Every recommendation is structured in practical and operational terms.

Grade Timeframe Meaning
Critical Immediate Immediate risk present. Insurance policy may be non-compliant. Action is required before the risk can be considered managed.
High 30 days Significant vulnerability requiring prompt action. Not immediately critical but material to the overall security position.
Medium 90 days Improvement recommended within 90 days. Current position is defensible but improvement is clearly warranted.
Low 6-12 months Best practice enhancement. Current position is defensible. Recommended for implementation as part of a planned programme.
Supporting services

Standalone services that sit
alongside the core review.

Retained Advisory

Ongoing advisory relationship: annual review, quarterly monitoring, ad hoc counsel, and incident response. The appropriate structure for clients whose risk profile warrants continuous oversight.

Insurance Compliance Review

Focused standalone review against specific policy conditions. A natural referral product for HNW brokers at renewal. Identifies compliance gaps before they affect a claim.

Pre-Purchase Assessment

Independent security assessment before a high-value property acquisition. Identifies remediation costs and requirements before exchange. Informs both the purchase decision and the negotiation.

Personnel and Guarding Audit

Independent audit of existing guarding contracts and personnel arrangements. Often the entry point when the presenting concern is cost, performance, or a recent security incident.

Personal Risk Profile

The risk starts before anyone
reaches the property.


The Fortis Personal Risk Profile is a structured intelligence assessment of an individual's personal security exposure. It does not assess a property. It assesses a person - their public profile, digital footprint, data exposure, and the specific risks their visibility, lifestyle, and assets generate.

It is the product a principal commissions when the question is not "is my house secure?" but "how exposed am I, and to what?" Entirely desktop-based. No site visit required. Can be commissioned independently or as the intelligence foundation that opens a Sentinel or Estate Review.


The adversarial use analysis

The Enhanced tier adds adversarial use analysis - a formal assessment of how the information identified could be used against the individual by a motivated actor. It answers not just "what is out there" but "what could someone do with it."

Nine assessment domains
  • Public profile and visibility

    Press coverage, company directorships, charity positions, public appointments, and the risk profile those create.

  • Digital footprint and data exposure

    Social media exposure, searchability, and personal data accessible through Land Registry, Companies House, electoral roll, and third-party data aggregators.

  • Credential and account security

    Evidence of compromised credentials, dark web exposure, and email and account security indicators.

  • Family and household exposure

    Vulnerabilities created by family members' digital presence, public visibility, and online activity.

  • Asset, professional, and lifestyle indicators

    What open sources reveal about property holdings, vehicles, valuables, lifestyle, business relationships, and litigation exposure.

Part of the Fortis group

Fortis Secure

Where a security review identifies the need for physical protection, security systems installation, or access control, our sister operation provides the operational capability to the same standard.

Visit Fortis Secure →

A private conversation,
at your convenience.

If you would like to discuss a security review, a personal risk profile, or any of the supporting services described on this page, we welcome a direct and confidential conversation. All enquiries are handled in confidence from the first contact. There is no obligation, and no requirement for prior relationship with Fortis.

Telephone 01323 692100
Email hello@fortissecurityconsult.com
Complete our enquiry form →