What Is a Threat Assessment β€” and How Is One Conducted?

corporate security executive protection risk management security threat assessment Jul 14, 2026

What Is a Threat Assessment β€” and How Is One Conducted?

The phrase "threat assessment" appears frequently in security conversations. It is used to justify protection programs, inform physical security design, and satisfy regulatory requirements. It is also one of the most inconsistently applied concepts in the security industry β€” ranging from a rigorous analytical process to a generic risk matrix completed to satisfy a checklist.

Understanding what a genuine threat assessment involves, and what it is supposed to produce, is important for anyone commissioning one or relying on its findings.


What a Threat Assessment Is

A threat assessment is a structured analysis of the potential threats facing a specific individual, organisation, facility, or asset. Its purpose is to produce an accurate, evidence-based picture of who or what might cause harm, what their capability and intent looks like, and what conditions would enable or constrain them.

A threat assessment is not a risk assessment β€” though the two are related. A risk assessment combines threat with vulnerability and consequence to produce a risk rating. A threat assessment focuses specifically on the threat dimension: who are the actors, what are their motivations, what are they capable of, and what is the likelihood of action?

The output of a threat assessment is used to inform and calibrate everything else: the security posture, the physical security design, the protection program, and the resource allocation.


The Threat Components

A rigorous threat assessment analyses three components for each identified threat actor or threat category:

Capability. What is the threat actor capable of doing? Do they have the means to carry out an attack or harmful act? This considers physical capability, financial resources, technical sophistication, access to weapons or tools, and operational experience.

Intent. Does the threat actor want to cause harm? What is their motivation β€” grievance, ideology, financial gain, political objective? How clearly has that intent been expressed, and through what channels?

Opportunity. Does the threat actor have β€” or can they create β€” the opportunity to act? This considers the target's vulnerability, the threat actor's access, and the conditions that would enable or constrain action.

A threat actor with high capability and clear intent but no opportunity represents a different risk profile from one with lower capability but consistent opportunity. The assessment must consider all three.


Types of Threat Assessment

Individual threat assessment. Focused on threats to a specific person β€” an executive, a principal, a public figure, or anyone with a reason to be concerned about targeted harm. This type of assessment considers the individual's profile, their threat environment, any specific persons of concern, and the conditions that affect their personal risk.

Organisational threat assessment. Focused on threats to an organisation β€” its people, its assets, its operations, and its information. This considers the full range of threat actors relevant to the organisation: criminal, competitive, ideological, state-sponsored, and insider.

Facility threat assessment. Focused on a specific location β€” what threats are relevant to this building, site, or precinct, and what do those threats look like operationally?

Event threat assessment. Focused on a specific event β€” what threats exist for this gathering, this venue, this date, and these attendees?

Each type draws on the same analytical framework but applies it to a different target set.


The Assessment Process

A structured threat assessment follows a defined process:

1. Define the scope. What are we assessing? Who or what is the target? What is the geographic and temporal scope of the assessment?

2. Identify threat actors. Who might want to cause harm? This involves structured brainstorming across threat categories β€” criminal, competitive, ideological, state-sponsored, insider, domestic β€” to identify the actors most relevant to the specific target.

3. Assess capability and intent. For each identified threat actor or category, gather and analyse available information to assess capability, intent, and the conditions that affect both.

4. Assess opportunity. What access does each threat actor have or could they develop? What vulnerabilities exist that would enable them to act?

5. Rate the threat. Assign a threat rating to each actor or category β€” typically using a combination of likelihood and capability β€” to produce a prioritised threat picture.

6. Produce findings and recommendations. Present the threat picture clearly, with findings prioritised and specific recommendations for how the protection posture should respond to each identified threat.


What Makes a Threat Assessment Credible

A credible threat assessment is based on evidence β€” intelligence, observable behaviour, documented history β€” not assumption. It acknowledges uncertainty explicitly rather than papering over gaps with confident-sounding language. It is specific to the target, not generic. And it is actionable β€” the findings drive decisions about security posture, not just satisfy a compliance requirement.

A threat assessment produced by a provider with genuine intelligence and analytical experience looks different from one produced by a general security consultancy working from a template. The difference is in the quality of the analysis, the specificity of the findings, and the reliability of the recommendations.


Empire Protection Threat Assessment Capability

Empire Protection conducts individual, organisational, facility, and event threat assessments drawing on intelligence-trained analysts with military and law enforcement backgrounds.

Our assessments are evidence-based, specific to the client's circumstances, and designed to drive operational decisions β€” not satisfy a process requirement.

Contact Empire Protection


Empire Protection β€” Demand Excellence in everything we do. Sydney, Australia | empireprotection.global

The Right People, The Right Methods, The Right Results.
In everything we do,Β Empire ProtectionΒ Demands Excellence.