Metaforce Integrated
Back to Blog

Managed Security Operations

Vendor risk audits for outsourced security operations

Mar 11, 2025 · 8 min read

Control points, KPI examples with evidence, and a 30-minute on-site audit script for guard vendors, SOC partners, and response contractors.

Vendor risk in security operations is rarely about bad intent; it’s usually about weak governance, unclear KPIs, and poor evidence of performance.

A good audit makes performance measurable and accountability explicit.

What to Audit First

Start with the controls that impact safety and loss the most. Don’t begin with paperwork if the floor reality is weak.

  • Recruitment, screening, and training records
  • Post orders and supervision schedule
  • Incident reporting quality and closure discipline
  • Access control and visitor workflows (if applicable)
  • Uniform, equipment, and fatigue management

KPI Design That Prevents Gaming

If KPIs are only counts, teams will optimise for counts. Balance leading indicators (patrol compliance) with lagging outcomes (loss events).

Define what good evidence looks like: logs, photos, timestamps, supervisor checks—not just claims.

Practical KPI Examples (With Evidence)

A KPI is only useful if you can verify it quickly during an audit. Define the data source, evidence, and sampling method.

  • Patrol compliance (%): completed checkpoints / scheduled checkpoints; evidence = time-stamped scan + supervisor spot-checks
  • Post adherence (%): observed adherence to post orders; evidence = supervisor rounds + random interviews + CCTV spot review (where allowed)
  • Incident closure discipline (%): incidents closed with root cause + corrective action; evidence = incident log with owner and closure notes
  • Response time (median): from call to arrival for priority incidents; evidence = radio logs / timestamps / incident system records

Corrective Action That Sticks

Action plans fail when owners and timelines are vague. Assign owners, deadlines, and verification steps.

Audit Walk Script (30 Minutes)

If you only have half an hour on-site, you can still learn a lot. Use a consistent script so results are comparable across locations and vendors.

  • Entry briefing: confirm post orders, roster, and supervisor contact for the shift
  • Spot check 3 posts: ask guards to describe their post orders and escalation triggers in their own words
  • Review the last 10 incidents: check categorisation, response notes, and closure quality
  • Verify equipment readiness: radios, batteries, torches, PPE, and any mandated tools

Checklist

  • Validate floor reality with spot checks and interviews.
  • Review training, screening, and supervision evidence.
  • Assess incident logging quality and closure rate.
  • Rebuild KPIs with clear evidence requirements.
  • Sample and verify KPI evidence (not just reports).
  • Set corrective actions with owners and verification.

Audits should be conducted in line with labour, privacy, and contract requirements.

Discuss this topicExplore services