Gryphon helps organisations understand their obligations under the Terrorism (Protection of Premises) Act 2025, work through each requirement at their own pace, and maintain an evidencing record that reflects genuine preparedness.
Structured, plain-English, and built so that responsible persons can put the work down at the end of the day knowing the record is in good order.
The Act covers a wide range of premises with a public-facing use, with proportionality applied throughout.
Mixed-tier portfolios under one account.
Venues where attendance and layouts shift.
Standard tier with large, open-access crowds.
Complex sites with high footfall and turnover.
Fewer than 200 expected
No statutory obligations. Good practice is still worthwhile.
200 to 799 expected
Notify the SIA. Procedures in place for evacuation, invacuation, lockdown, and communication.
800 or more expected
All standard tier duties, plus public protection measures, a documented record submitted to the SIA, and a designated senior individual.
The threshold is based on who you reasonably expect to be present. Gryphon's scope assessment walks you through it.
Most organisations in scope are not security specialists. They are being asked to translate statutory guidance into something workable — and then keep it that way.
Statutory text written for regulators, not for the people who actually run buildings.
Reasonable expectation, not maximum capacity. Easy to land on the wrong starting point.
The SIA considers why you decided something, not only what you decided.
Layouts change, events change. A static document goes stale fast.
Enhanced tier requires resubmission to the SIA within 30 days of a material change.
Procedures documented in someone's head aren't procedures at all.
Gryphon gives organisations the structure to work through each obligation in the right order — and the prompts to keep it current as things change.
Every field explains what the law expects and what a thoughtful answer looks like.
The Act broken into ordered steps, so nothing is missed and nothing is rushed.
Decisions, intent, and timeframes recorded — not just ticks in boxes.
Change detection, deadline tracking, periodic review prompts. Maintained, not filed away.
A guided process from first question to ongoing record.
Answer guided questions about your premises. Gryphon determines your tier and explains what applies.
Section by section, with context. Record what is in place, what is planned, and when.
Material changes flagged. Submission deadlines tracked. Reviews prompted. No last-minute scramble.
The point isn't to look prepared. It's to genuinely be prepared — with a record that reflects the work done.
Decisions, reasoning, and arrangements captured in one place — defensible if asked.
Not a one-off document. A maintained record that moves with your organisation.
Build the record over months, calmly, instead of producing it in haste before an inspection.
For facilities managers and operations leads — no security-specialist background assumed.
Where something isn't yet in place, record what your organisation intends to do, and when.
30-day resubmission windows and review cycles surfaced before they become a problem.
Gryphon gives you a clear, structured record of your compliance activity — built around the obligations that matter under Martyn's Law.
A documented record showing your organisation engaged seriously with its security responsibilities — exactly what the SIA expects.
Gryphon complements professional security advice. Use it alongside your consultants — it's the record-keeping layer they don't provide.
Your organisation owns the record. Gryphon supports the responsible person — structuring the process so nothing falls through the cracks.
The calmer route to compliance is also the more defensible one.