A five-phase enterprise security threat and risk assessment across 160+ monitored sites — including physical assessments of the Civic Centre and Kingswood Depot — delivered an enterprise risk register aligned to ISO 31000. THE CHALLENGE A major Western Sydney local government authority — situated in the rapidly developing precinct surrounding the new Western Sydney International Airport — needed to understand and manage its security risks at an enterprise level. With 160+ alarm-monitored sites and an extensive CCTV network, the council had never conducted a systematic, risk-based assessment of its security posture. The pace of regional growth, combined with increasing community demand and a complex multi-site operating environment, made a rigorous enterprise-level assessment both timely and urgent. OUR APPROACH Agilient deployed a structured five-phase methodology aligned to ISO 31000, encompassing context establishment, threat and vulnerability assessment, risk analysis and evaluation, treatment prioritisation, and stakeholder reporting. Physical security assessments were conducted at the Civic Centre and Kingswood Depot — the council's two highest-criticality facilities. Stakeholder workshops engaged both executive leadership and operational teams to ensure risk registers reflected real-world operating conditions. The proximity to Western Sydney International Airport was incorporated into the assessment as a relevant threat context. THE OUTCOME Delivered a…

A seven-facility security audit — covering CCTV, access control, incident response, and governance — delivered prioritised recommendations benchmarked against comparable Victorian councils. THE CHALLENGE A fast-growing metropolitan city council in Victoria needed a systematic, independent assessment of physical security across its growing portfolio of civic facilities. With no consistent security standard applied across sites — including its Civic Centre, Operations Centre, Community Care facility, Library and Learning Hub, Caroline Springs Library, Youth Centre, and Taylors Hill Community Centre — the council lacked the evidence base to prioritise investment or demonstrate due diligence to its community and insurers. OUR APPROACH Agilient conducted a full organisation-wide building security audit across all seven facilities, assessing CCTV systems, access control infrastructure, incident response capability, and security governance arrangements at each site. Working to ISO 31000 and HB 167, each facility was assessed on its individual risk profile, with findings consolidated into a single enterprise risk picture. Critically, Agilient benchmarked the council's security posture against comparable Victorian peer councils to contextualise findings and strengthen the business case for prioritised investment. THE OUTCOME Delivered a comprehensive security audit across all seven council facilities, producing a consolidated risk register with prioritised recommendations Benchmarked findings against peer Victorian…

A targeted duress management review across 7 ACT Government shopfronts — triggered by a spike in occupational violence during COVID lockdowns — delivered a risk-informed roadmap to protect frontline staff. THE CHALLENGE An ACT Government community services network experienced a sharp increase in occupational violence incidents during and after COVID-19 lockdowns, placing frontline staff at elevated risk across five service centres and two specialty shopfronts. Existing duress alarm placement, CCTV coverage, standard operating procedures, and security contractor arrangements had not kept pace with the changed threat environment. A structured review was needed to identify gaps and prioritise staff safety improvements before further incidents occurred. OUR APPROACH Agilient conducted a comprehensive Duress Management Review across all seven sites, examining CCTV coverage and camera positioning, duress alarm locations and response protocols, existing standard operating procedures, the performance of the incumbent security contractor, incident debrief processes, and coordination arrangements with ACT Police. Each site was assessed individually, with findings consolidated into an organisation-wide risk picture. The review applied a risk-informed methodology to ensure recommendations were proportionate and prioritised by consequence and likelihood. THE OUTCOME Delivered a risk-informed, prioritised roadmap for improving staff safety across all seven sites Identified specific gaps in duress alarm…

A multi-year retained security advisory relationship spanning PSPF agency security planning, personnel security review, and a post-COVID insider threat and work-from-home risk assessment. THE CHALLENGE A national statistical and data agency needed ongoing, expert-level security advisory support to remain compliant with successive iterations of the PSPF across a rapidly shifting threat landscape. From initial agency security planning in 2015 through a personnel security review in 2016 and a post-COVID insider threat assessment in 2022, the agency required a trusted partner who understood both its unique data custodianship obligations and the evolving PSPF requirements — including the shift to AGSVA Baseline clearance standards and new APS Commissioner guidelines on remote work. OUR APPROACH Agilient maintained a sustained, responsive advisory relationship with the agency across eight years. In 2015, we delivered a full Protective Security Risk Assessment (PSRA), an Agency Security Plan, and updated Site Security Plans — all aligned with PSPF. In 2016, we conducted a Personnel Security Review benchmarked against the revised PSPF PERSEC requirements. In 2022, we returned to assess insider threat and work-from-home risks introduced by COVID-19 operational changes, and to conduct a gap analysis against AGSVA Baseline clearance requirements, APS conditions of service, and APS Commissioner guidelines.…

The first-of-kind Enterprise Threat and Security Risk Assessment framework for a major Commonwealth agency — delivering executive-ready performance metrics, maturity modelling, and a roadmap for sustained PSPF alignment. THE CHALLENGE A major Commonwealth revenue authority needed to move beyond siloed security functions and build a coherent, enterprise-wide security posture. With obligations under the Protective Security Policy Framework (PSPF) and exposure to a broad threat environment, the agency lacked an integrated framework capable of measuring, reporting and improving security performance across the organisation. Ad hoc approaches to security risk assessment were failing to satisfy executive accountability requirements. OUR APPROACH Agilient delivered a comprehensive Enterprise Security Strategy and Threat Assessment Capability Framework, conducting structured stakeholder workshops with both executive leadership and operational security teams. Working to ISO 31000 and the PSPF, we developed a security maturity model with measurable performance metrics that could be reported to the executive level. We proposed a first-of-kind Enterprise Threat and Security Risk Assessment (ETSRA) as the logical next step, establishing a deep advisory partnership with the agency's security function over the engagement lifecycle. THE OUTCOME Delivered Australia's first integrated enterprise security strategy and capability framework for a Commonwealth revenue authority Produced a fully costed maturity model…