Know the Risk.
Own the Response.

Risk Management · Security · Continuity

You can't reduce risk you haven't measured.

Grey Group helps houses of worship, nonprofits, NGOs, and private clients understand where they're exposed, prioritize what matters, and follow through.

Request a Readiness AssessmentSee How It Works

Threat-Informed

We assess real-world risks & operating constraints

Clear Priorities

Actionable roadmap with owners and timelines

Vendor-Agnostic

Unbiased standards and acceptance criteria

Closure Support

Implementation oversight + readiness check-ins
The Firm

Operational discipline, applied to civilian risk.

Grey Group is a veteran-led consulting firm built on two decades of operational risk management experience. That background shows up in how the work gets done: structured assessments, scored findings, prioritized plans, and disciplined follow-through — not a report that sits on a shelf.

Assessment-driven

Every recommendation traces to a documented finding. Nothing is proposed that the assessment didn't surface.

Vendor-agnostic

No equipment sales, no kickbacks, no preferred-vendor lists. Recommendations are written so any qualified vendor can bid them.

Full-cycle

The engagement doesn't end at the report. Planning, implementation oversight, and annual readiness support carry the work through.

Who We Serve

Right-sized for the organizations that need it most.

Houses of Worship

Site security assessments, NSGP grant application preparation, and post-award implementation support for congregations of every size.

Explore →

Nonprofits & Small Business

Structured risk assessments and continuity planning scaled for lean teams and limited budgets — without the enterprise price tag.

Explore →

NGOs

Domestic and international threat, vulnerability, and risk assessments scaled to your operating environment.

Explore →

Private Clients

Discreet risk and exposure assessments for individuals and family offices, coordinated through your attorney.

Explore →
How It Works

One model. Every engagement.

01 / ASSESS

A structured, on-site evaluation of your security posture — documented, scored, and tied to specific locations and conditions.

02 / PLAN

Findings become a prioritized roadmap: what to address in 14 days, 30–90 days, and beyond — with owners and timelines.

03 / IMPLEMENT

Vendor solicitation, procurement guidance, and implementation oversight so the plan becomes installed, working capability.

04 / MAINTAIN

Follow-up assessments, grant cycle monitoring, and readiness check-ins keep the posture current as conditions change.

Core Services

Where most engagements start.

Threat, Vulnerability & Risk Assessment

A full TVRA across physical security, operations, and emergency preparedness — delivered as a findings report and scored risk register.

Learn more →

Grant Support

Assessment-backed grant application preparation aligned to the federal scoring criteria, plus post-award support.

Learn more →

Continuity & Contingency Planning

Plans your team can actually execute — covering the disruptions most likely to interrupt your operations and mission.

Learn more →

Implementation Oversight

Vendor solicitation, bid review, and installation oversight that turn an approved plan into installed, working capability.

Learn more →
What You Walk Away With

Decisions, not just documents.

Grey Group has supported faith-based organizations, nonprofits, and NGOs across the United States and internationally — many with no formal security posture before the engagement. Every client leaves with the same thing: a clear picture of their risk and a plan their team can execute.

  • A professional findings report your board and leadership can act on
  • A scored risk register that prioritizes issues by likelihood and impact
  • A roadmap sequenced by urgency — 14 days, 30–90 days, 90+ days
  • Vendor-neutral requirements any qualified contractor can bid
  • A defined path for implementation support and annual readiness
FAQs

Common questions

What's actually included in an assessment?

A structured physical security evaluation across seven domains — perimeter and access control, doors and structural security, lighting, camera and detection systems, security operations, emergency preparedness, and cybersecurity basics. You receive a professional findings report and a scored risk register with prioritized mitigations. No filler, no 400-page binder.

Do we need an assessment before applying for a security grant?

In most cases, yes. Security grant programs typically require a current vulnerability assessment as part of the application, and the quality of that assessment directly affects how competitive the application is. Grey Group's assessment is built so its findings translate cleanly into a grant package.

How long does an engagement take?

A standard site security assessment runs about three weeks from walkthrough to delivered report and risk register. Grant preparation and larger TVRAs are scoped individually based on facility size and complexity.

Do you sell or install security equipment?

No. Grey Group is vendor-agnostic by design. Recommendations are written in neutral, competitively procurable terms so you can solicit bids from any qualified vendor — and so the advice you receive is never shaped by a sales commission.

Start the conversation.

Tell us briefly about your organization and what's prompting the conversation. We'll come back with a clear recommendation on where to start.

Request a Readiness Assessment
20–30 minute intro callNo pressure. No pitch.Response within one business day