Protecting VIPs (Physical Security) Policy

This Rules/Policy document is provided to you and your organization as a starting point or maturity checkpoint for existing rules/policies. It is brought to you on behalf of Jim McConnell, Principal Owner, and Ask McConnell, LLC — A Converged Security Services Provider. The content is not meant to cover every circumstance, industry, law, regulation, contractual requirement, threat, environment, or risk, but it provides an easy, defendable, highly accountable starting point for any organization. Please consult with your legal counsel and insurance provider about added requirements. If you know of peers that you think would find value in these resources, please have them contact us. These will be updated on our website regularly. We are not legally protecting these documents; we just ask for credit, shout-outs, and referrals if you find them helpful. If you have recommended updates, we are all ears. And if you need Converged Security Consulting and Training, please reach out, we would be honored to serve you and your organization.

Jim McConnell  |  info@askmcconnell.com  |  askmcconnell.com

Protecting VIPs (Physical Security) Policy

Updated: 8 April 2025

Protecting human lives is the highest requirement of our entire organization, whether they are employees, customers, volunteers, visitors, or part of our supply chain while under some nexus to our organization. Many times things we do online will impact people’s lives physically, financially, and emotionally.

Critical Point: All humans are important and have the right to be protected from harm. However, some individuals — for various reasons — face more threats and therefore need to be protected differently than individuals with little or no threat targeting them. “VIP” is used here as a universal term for simplicity, but any level of threat can change rapidly — from none to imminent and back to none.

  • I will report security incidents, concerns, vulnerabilities, and threats to my supervisor or the organization’s Ethics Hotline as soon as possible and safe. If they are not available and I feel unsafe, I will contact law enforcement.
  • I will engage the organization’s safety and security leadership in all organizational activities that might involve a VIP.
  • I will not engage (face-to-face or online) with a known VIP at inappropriate times while under the organization’s security and safety responsibility.
  • I will not initiate or cause (physical or online) threats, exposure, or vulnerabilities to a VIP while under the organization’s security and safety responsibility.
  • If I am sponsoring or supporting a VIP:
    • I will not subvert the role or authority of any approved security or safety mechanism, process, or person charged with protecting the VIP during my sponsorship period.
    • I will engage the security and safety team if I detect, see, or sense any vulnerability or threat against the VIP — before, during, and after the sponsorship period.
    • I will provide a detailed schedule, logistics, and all changes to the security and safety teams as soon as information is formed — and continuously throughout the time the VIP is under my responsibility.
    • I will not rely on the security and safety team to provide administrative support such as furniture, food, or meet-and-greet approvals.
    • I will fund all security and safety needs unique to events involving the VIP.
  • If I am on the Security or Safety Team:
    • I will start advance work as soon as details of VIP movements are made available.
    • I will support the VIP’s security and safety team and define and document roles and responsibilities immediately upon receiving movement details.
    • I will maintain equipment, gear, and team training that supports standard VIP needs and adapt as legally allowed and as capacity permits.
    • I will notify the sponsoring point of contact and/or the VIP’s security team if a need cannot be met (insourced or outsourced) or a vulnerability or threat cannot be mitigated.
    • I will manage or support an after-action report (AAR) for each VIP visit and track and close identified gaps.
    • I will implement metrics to manage the security and safety aspects of protecting VIPs.
    • I will manage or support a State of VIP Protection Security Report and Presentation, under Executive Session, at least yearly — covering incidents, vulnerabilities, improvements, and metrics across all security domains.

Signature Note: I am a huge fan of wet signatures on these types of documents for accountability and investigation reasons. You can add the signature lines below to each rule/policy document, or have a collective wet signature with references in the Security Commitment Agreement document available on the One-Pager library page. Organizational preference.

________________________
Print Full Legal Name

________________________
(Blue Ink) Full Legal Signature
Style of signature must closely match Driver’s License

________________________
Date

🖶 To save or print this policy, use your browser’s Print function (Ctrl+P / Cmd+P) and select “Save as PDF” if needed.