The Challenge
Chester Hill Station serves a community with a complex socioeconomic profile and a significant volume of recorded security incidents. Core42 was brought in mid-stream to take over from another consultant’s concept-stage assessment and carry the security advisory through detailed design, inheriting an existing risk register and reconciling it with updated threat intelligence.
Our Approach
Core42 reviewed the inherited risk register against updated crime data and current threat intelligence, adding new risks where the original register lacked granularity and re-scoring existing risks against the updated evidence base. A quantitative risk assessment of top-end threat scenarios — using probabilistic methods and Value of Statistical Life analysis — established that these were not credible design basis threats, preventing the project from absorbing disproportionate protective design costs. CPTED analysis was embedded directly within the risk assessment and requirements documents rather than produced as a standalone report, ensuring designers received spatial guidance as part of their security requirements.
What We Delivered
A security risk assessment covering 23 risks with SFAIRP justification, and a security requirements report containing 119 individually tracked requirements — each mapped to a security zone, assigned to a responsible discipline, and tracked with named designer responses confirming compliance. The quantified threat assessment provided a defensible, documented rationale for proportionate protective design expenditure.
Why It Matters
This project demonstrates three transferable capabilities: mid-stream security advisory handover with analytical continuity, quantified proportionality that translates directly into cost avoidance, and requirements traceability that survives assurance scrutiny. Relevant to any transport, government, or public realm project where the question is not “is there a threat?” but “how much should we spend responding to it?”