- Assess areas at risk - Proactive/reactive management - Cost-effective ways of improving security - Look at systems and procedures - Threat of terrorist attack – staff vetting, perimeter and vehicle security.