Security Risk Management
NPSA-aligned reviews that give you a clear, honest picture of your security risk — including Martyn's Law readiness for venues and public spaces. No padding, no upselling.
Learn more
Chartered Security Professional (CSyP)
Expert Security Consulting for Organisations That Cannot Afford to Get It Wrong
NPSA-aligned risk assessments, command & control training, and exercising — backed by 39 years of operational experience.
- Former Metropolitan Police Chief Superintendent
- One of fewer than 250 CSyPs worldwide
- NPSA-aligned assessments & Martyn's Law readiness
CSyP Certified
39+ Years' Experience
NPSA-Aligned
Former Met Police Chief Superintendent
What We Do
The Security Capability
The Security Capability
Your Organisation Needs.
Four disciplines. Every recommendation independent, NPSA-aligned and proportionate to your specific risk — not a one-size-fits-all package.
Command, Control & Coordination
Structured training for Gold, Silver and Bronze commanders that builds genuine decision-making capability — not just awareness — under realistic operational pressure.
Learn moreTesting & Exercising
Realistic exercises and structured debriefs that close the gap between what your plans say and what your teams can actually do — before a real incident makes that gap visible.
Learn moreRailway Industry
Sector-specific security and command expertise for train operating companies, Network Rail and the wider rail industry — built around the realities of rail operations, not generic templates.
Learn moreNot sure where to start? Describe your situation and we will tell you what approach makes sense.
Speak to Colin's Team
Why Colin Morgan Consulting
The Experience That
The Experience That
Most Consultants Cannot Match
Most security consultants have studied security. Colin Morgan has commanded it — at the largest public-order events in the UK, at world-famous venues, and at the highest levels of policing.
Credentials That Cannot Be Replicated
One of fewer than 250 Chartered Security Professionals (CSyP) globally. Colin also holds FSyI, CMgr FCMI and FICPEM — qualifications that require demonstrated competence at the highest level, not just a certificate.
Honest Advice — Not What You Want to Hear
Our reviews identify genuine risks and recommend proportionate solutions. We do not oversell the threat, pad recommendations, or engineer work that is not needed.
39 Years of Real Command Experience
Three decades in the Metropolitan Police — including as Chief Superintendent of Public Order and Major Events — means our advice is grounded in operational reality, not consultant theory.
Scaled to Your Organisation — Not a Template
Every recommendation is proportionate to your context, risk profile and resources. The same assessment framework applied to every client is not rigour — it is laziness.
Our Work
Outcomes That Demonstrate Capability
A selection of engagements where our advice made a measurable difference to security capability, command readiness and risk reduction.
Rail Industry
Command Training Now Referenced as Sector Best Practice
Designed and delivered a comprehensive Gold, Silver and Bronze command training programme for a major UK rail operator. The programme has since been adopted as the benchmark across the sector.
"Without doubt one of the hardest and best courses I have ever been on in 30 years in the railway."
Private Sector
Crisis Management Gaps Identified and Closed Before an Incident
Reviewed an organisation's crisis management framework, identified material gaps in their plans and command structure, and delivered actionable recommendations that measurably reduced their risk exposure.
"Their findings and recommendations will really assist us going forward in mitigating risk."
Events & Venues
NPSA-Aligned Security Review Delivered Without Disrupting Visitor Experience
Completed a full NPSA-aligned security assessment for a major public venue, identifying proportionate protective security improvements and a clear Martyn's Law readiness roadmap.
"Colin and his team's expertise is outstanding. They gave us the advice we needed."
Your organisation faces real security risk. The question is whether you know exactly where it is.
Get a Straight Assessment
How We Work
From First Call to Lasting Capability
No scope creep, no report-shelf-warming — a structured engagement that delivers genuine, measurable improvement at every stage.
01
Initial Consultation
We understand your organisation, risk environment, regulatory obligations and objectives before recommending any course of action. No assumptions.
02
Independent Assessment
A thorough, NPSA-aligned review of your current security posture, plans and capability — scrutinised by an experienced practitioner with nothing to sell.
03
Clear Recommendations
A prioritised report with actionable findings. No jargon, no padding — honest, proportionate advice that fits your organisation, not a standard template.
04
Implementation Support
We work alongside you to implement improvements and test your plans — building lasting capability, not a document that sits on a shelf.
01
Initial Consultation
We understand your organisation, risk environment, regulatory obligations and objectives before recommending any course of action. No assumptions.
02
Independent Assessment
A thorough, NPSA-aligned review of your current security posture, plans and capability — scrutinised by an experienced practitioner with nothing to sell.
03
Clear Recommendations
A prioritised report with actionable findings. No jargon, no padding — honest, proportionate advice that fits your organisation, not a standard template.
04
Implementation Support
We work alongside you to implement improvements and test your plans — building lasting capability, not a document that sits on a shelf.
Client Feedback
What Senior Leaders Say About Us
Rail operators, public sector bodies and private venues — in their own words.
"Without doubt one of the hardest and best courses I have ever been on in 30 years in the railway. Thoroughly enjoyable — presented by a team with a genuine wealth of experience."
"Colin and his team's expertise is outstanding. They gave us the advice we needed — clear, honest and proportionate."
"We engaged CMC to conduct a review of our crisis management response. Their findings will really assist us going forward in mitigating risk."
"Colin's knowledge of crisis management and command, control and coordination is second to none. He is the right person to enhance interoperability and partnership working."
Common Questions
Questions We Hear Before Every Engagement
Plain answers. If yours is not here, call us directly.
A security risk assessment is a structured, independent review of your current security arrangements, threat environment and risk profile. We assess physical security, procedural controls, personnel measures and — where relevant — counter-terrorism readiness including Martyn's Law obligations. The output is a clear, prioritised report with practical recommendations aligned to NPSA guidance.
Martyn's Law — the Terrorism (Protection of Premises) Act — places a legal duty on operators of public venues and events to implement protective security measures. It applies to premises with a capacity of 200 or more, with enhanced requirements above 800. We help organisations understand their specific obligations and build a compliant, proportionate security framework around them.
It depends on scope. A focused security review for a single venue typically takes two to four weeks from initial briefing to written report. A multi-site or complex assessment usually takes four to eight weeks. We agree timelines upfront and work around your operational schedule.
Yes. We work with single-venue operators preparing for Martyn's Law, major infrastructure operators and everything in between. The advice is always proportionate — the same rigour, scaled to your organisation's size, risk profile and resources.
The CSyP is the highest professional qualification in security management in the UK, held by fewer than 250 people globally. It requires demonstrated competence across a broad range of security disciplines and a strict code of professional conduct. Engaging a CSyP means your advice comes from a practitioner at the very top of the profession.
Yes. We deliver all training and facilitated exercises at a location of your choice — your offices, operational sites or training facilities. Delivering in your actual environment significantly improves the relevance and realism of every session.
Have a different question? Get in touch directly — we respond to all enquiries promptly.
Get In Touch
Your Organisation's Security Risk Does Not Wait for a Convenient Moment.
Whether you need a security review, command training or help navigating Martyn's Law — speak to Colin Morgan's team today. Direct conversation, no sales process, no jargon.