How to Evaluate an Executive Protection Provider: A Procurement Checklist for Security Directors
By Kenneth Wilson · Wilson Global Protection Group
The Problem With Most EP Procurement Decisions
Most organizations select an executive protection provider the same way they select a vendor: price comparison and a referral from someone who may or may not have had a good experience. Neither input tells you whether the provider can actually protect your principal. Price reflects what a provider charges. A referral reflects what someone else needed. Neither maps to your threat environment.
This checklist is for security directors, Chiefs of Staff, and operations leads who are doing this right — who want to evaluate capability before making a commitment.
7 Criteria That Actually Matter
1. Credentials
Certification in this industry is not decoration. CPS (Certified Protection Specialist), PPS (Personal Protection Specialist), and CPO (Certified Protection Officer) designations represent structured training programs with demonstrated competency requirements. An uncertified provider may have field experience. They don’t have documented methodology, standardized training baselines, or accountability to a credentialing body. Ask which certifications their lead agents hold — not the company. Credentials belong to individuals, not brochures.
2. Methodology
The question isn’t whether a provider deploys agents. It’s how. Do they run advance work before the principal arrives at any venue, or do they post agents at the door and react? Do they operate from written protocols, or improvise based on agent judgment? A mature EP operation runs written advance documentation, pre-deployment briefings, and defined response protocols for common scenarios. If a provider can’t explain their advance work process in specific terms, they don’t have one.
3. Threat Assessment Capability
Protection without a threat picture is supervision. Before any EP provider discusses deployment structure, they need to understand who poses a risk, what attack vectors are plausible, and what the principal’s actual exposure looks like. If the first conversation skips threat mapping and jumps straight to “how many agents do you need,” that’s a signal. A security risk assessment is the foundation. What follows it is the protection architecture.
4. Principal-Side Discretion
Not every principal wants visible security. Some can’t have it — the profile disrupts their working environment, signals status in ways that create problems, or conflicts with the professional context. Discretion isn’t an afterthought; it requires a deliberate operating posture designed to maintain coverage at distance, with communication protocols that function without proximity. Ask specifically whether the provider has operated in low-profile configurations. How they answer tells you whether they’ve actually done it or are describing a concept.
5. International Operational Depth
Domestic agencies frequently claim international capability. Few have it the way the claim implies. What matters is whether the provider has vetted in-country partners in the specific regions where your principal operates — not a referral network, but established relationships with ground teams whose capabilities have been personally confirmed. International deployments also require current knowledge of local law, jurisdictional rules on protective equipment, and hospital capability assessments. Ask directly: which countries have you operated in recently, and who are your in-country partners?
6. Communications Architecture
Radio protocols, dead zone mapping, and backup communications are operational infrastructure. A provider who defaults to commercial cell phones as the primary comms system has not thought through failure scenarios. What happens when signal drops in a parking structure, a conference venue, or a foreign city with unreliable coverage? A mature provider explains their comms architecture — primary, secondary, and contingency — before the question is ever asked.
7. After-Action and Reporting
What happens at the end of an engagement matters. Does the provider debrief the team and document findings? Do they flag threats observed in the field, route anomalies, or personnel issues that surfaced during the detail? After-action reporting is how good programs improve over time and how you maintain oversight of what your provider is actually doing. A provider with no debrief process has no institutional memory. If something goes wrong the next time, they’re starting from scratch.
What to Ask in the First Call — and What Red Flags Sound Like
Ask the provider to walk you through how they would structure a threat assessment for a principal in your industry and geography. Listen for specificity — named workstreams, a clear sequence, a defined output document. Vague answers (“we look at all the relevant factors”) mean there is no structured process.
Ask how they handle a scenario where a principal pushes back on coverage. A provider who treats this as a client management problem rather than an operational design problem hasn’t solved it. The answer should be about operating posture, not persuasion.
Red flags are specific: no mention of advance work, no certifications held by named agents, a pitch that leads with pricing flexibility, a claim of global capability without the ability to name in-country partners. These are not edge cases. They come up regularly.
If you’re evaluating EP providers and want to understand how our approach maps to these criteria — from close protection services to executive protection in New York — a scoping consultation is the right starting point. We’ll walk through how we’d assess your specific situation, what the threat picture looks like, and whether a full engagement is warranted.
Next Step
Ready to Talk?
Every engagement begins with a structured scoping call. $500. 60 minutes. A working assessment of your principal’s threat picture — whether or not a full detail follows.
Book the $500 Scoping Call$500. 60 minutes. Written summary. Direct practitioner access.