rejigg

Selling a Physical Security Services Business

In physical security, buyers want to know the schedule holds, the phones get answered, and the licenses stay valid after close. A clean P&L helps, but the deal often turns on what happens on a bad Tuesday: a no-show guard, a down door at 5 a.m., or a site that suddenly needs new badges.

Get a Free ValuationSchedule a CallRead the Guide

What buyers ask and how to be ready

Each topic below comes from real buyer-seller conversations. Here's what they ask, what they're really evaluating, and how to prepare.

Financial Readiness

Can you show clean financials that explain where profit actually comes from: labor, hardware, or service plans?

Buyers are checking whether earnings come from repeatable service and labor, or from hardware pass-through and timing noise. They want numbers that match how security work bills and collects, including open jobs, billing milestones, and AR reality. If gross margin drivers are unclear, buyers usually protect themselves with a lower price, escrow, or holdback.

How to prepare

  • Split revenue and gross profit into labor, hardware/materials, and recurring/service plans. Tie it to tax returns and financials.
  • Build an add-backs schedule with receipts and statements for each item.
  • Prepare lender-style reports: 3 years of P&L/BS, trailing 12 months, AR/AP aging, and a working-capital snapshot.
  • Load a secure data room with financials plus job pipeline, contracts, claims, and payroll/timekeeping reports.

Great Answer

We report margin by labor, hardware, and recurring agreements. Over the last 12 months, we did $X revenue and $Y SDE/EBITDA; hardware is Z% of revenue but only about A% of gross profit, and labor plus service drive the rest. AR aging and WIP (Work in Progress) are current, and we can show the billing gates that affect collections. The data room includes reconciled statements and a documented add-backs schedule.

Okay

We can share financial statements and explain that labor and service drive profit, but we have not fully split margins by line or finalized add-backs support.

Gives Pause

Revenue is revenue. We do not separate hardware and labor, and the books do not match the pipeline.

How Rejigg helps: Rejigg’s data room and QuickBooks integration help you present lender-ready financials alongside AR, contracts, and pipeline proof buyers underwrite against. Learn more in the guide

Licenses & Compliance

Which licenses or registrations are tied to specific people, and what’s the plan if they leave?

Buyers are confirming the company can legally staff posts, pull permits, and enter restricted sites on day one after closing. They also look for delays tied to renewals, background checks, fingerprinting, qualifying-agent rules, and site-specific clearances. A written continuity plan lowers the risk of a forced pause in operations or an escrow requirement.

How to prepare

  • List every company and individual license/registration with jurisdiction and renewal date.
  • Write the transfer and notice steps, separated into pre-close and post-close actions.
  • Identify who holds each critical credential and document retention and backup coverage.
  • Upload license copies, renewal receipts, and compliance SOPs to the data room.

Great Answer

We have a license matrix by state and service line that shows what is company-held and what is tied to individuals, plus renewals and transfer steps. Our qualifying role is held by John Smith, and they are under a stay agreement through transition. We also have a backup path if they exit. For regulated sites, we can show our badging and vetting workflow so access does not get interrupted after close.

Okay

We know which licenses we have and who holds them, but we still need to map transfer timing and document a backup plan.

Gives Pause

Licensing varies by state. We will sort it out later, and the qualifier is critical but not planned for.

How Rejigg helps: Rejigg keeps license, insurance, and site-access records organized in a permissioned data room so buyers can verify continuity without messy email threads. Learn more in the guide

Coverage Continuity

Can you cover nights, weekends, and “the door must work by 7 a.m.” calls? Who actually fills tomorrow’s shifts?

Buyers want proof that staffing and emergency response work without the owner doing heroics. They look for real scheduling and dispatch controls: rotation, escalation, backfill capacity, and supervisor checks. If posts go uncovered or urgent outages sit, customers often switch providers fast.

How to prepare

  • Document on-call rules, escalation paths, and response targets by customer type.
  • Provide fill-rate, call-out/no-show handling, and supervisor/site-check examples.
  • Name the scheduling and dispatch owners. Cross-train a backup who can run it.
  • Share one real urgent-call timeline from intake to invoice with timestamps.

Great Answer

We run a documented on-call rotation with escalation, and after-hours calls are priced and tracked. Our fill rate over the last 12 months is 95%, and we can show how we backfill across accounts when call-outs happen. Dispatch is owned by John Smith, our Operations Manager, with a trained backup, not me. Here is a recent 5 a.m. “door down” event with timestamps, resolution notes, and invoicing.

Okay

We cover after-hours and usually handle call-outs, but the process still depends on a couple of key people and is not fully documented.

Gives Pause

We figure it out when it happens. There is no rotation, and backfills are last minute.

How Rejigg helps: Rejigg helps you share schedules, SOPs, and real response examples early so serious buyers can underwrite continuity without discounting for uncertainty. Learn more in the guide

Contracts Transferability

What kind of contracts do you really have, and can they be assigned?

Buyers are validating that revenue can transfer and that key customers will not be able to terminate or rebid immediately. They focus on change-of-control and assignment clauses, named-person requirements, special insurance, prime-contractor dependencies, and strict site rules. A clear list of consent-required accounts helps protect price and reduces last-minute deal surprises.

How to prepare

  • Build a contract register with term, termination, assignment/change-of-control language, and decision-maker contacts.
  • Flag high-risk agreements: government, healthcare, education, property manager portfolios, prime subs, restricted sites.
  • Plan client notice and consent timing around licensing and the closing date.
  • Upload executed agreements, amendments, and insurance requirements to the data room.

Great Answer

We reviewed the signed agreements and flagged which accounts need written consent versus simple notice. The top 10 accounts that matter for consent are in government facilities, healthcare institutions, and financial services, and we have the decision-makers and typical approval timelines documented. For prime-contractor work, we documented the dependency and performance history. Account stability does not hinge on my personal relationship alone.

Okay

We have the contracts and know most key terms, but we have not fully categorized assignment and change-of-control requirements.

Gives Pause

Our contracts are standard, and clients will be fine. We do not track assignment language.

How Rejigg helps: Rejigg keeps contracts organized and permissioned so buyers can review assignability without you broadcasting sensitive customer terms. Learn more in the guide

Job Profitability

Can you show job-level results, not just company-wide margins? How often do fixed-price installs blow up, and why?

Buyers want to see that installs are scoped correctly and labor is controlled, especially on retrofits, where surprises can crush margin. They look for early detection of overruns, disciplined change orders, and consistent project closeout. Without job-level proof, most buyers assume the blended margin is fragile.

How to prepare

  • Pull 6–10 completed jobs with estimate vs. actual hours, change orders billed, and closeout notes.
  • Document the quoting workflow: site walk, scope template, labor-hour guardrails, approvals.
  • Summarize fixed-price overruns from the last 12 months with causes and what changed.
  • Standardize change-order language and billing triggers.

Great Answer

We can review a set of recent jobs end to end, including a clean install, a difficult retrofit, and a service-heavy customer. Each file shows estimated versus actual labor hours, change orders billed, and what we absorbed and why. We track fixed-price overruns, and the main drivers have been equipment delays, unexpected site conditions, and client-requested changes. We updated our scoping and approval steps to reduce repeats.

Okay

We know which jobs run long and can share examples, but estimate-versus-actual tracking is not consistent on every job.

Gives Pause

Margins average out across projects. We do not track hours tightly, and change orders are hard to get approved.

How Rejigg helps: Rejigg helps you organize job files, closeouts, and change orders so buyers see control at the job level instead of guessing from blended margins. Learn more in the guide

Payroll & Timekeeping

How do you capture hours, approve exceptions, and prevent buddy punching? How do you control overtime?

In guarding and patrol models, payroll control largely determines profit. Buyers look for wage and hour exposure, break and training time compliance, travel time handling, and whether time edits are controlled. Strong timekeeping reduces legal risk and makes cash flow easier to finance. Weak controls often lead to escrows, special indemnities, and slower diligence.

How to prepare

  • Document time capture, approvals, exception handling, and audit cadence with supervisor verification.
  • Break out overtime drivers by account and show how contracts handle overtime cost.
  • Compile wage-claim history, correction process, and compliance training records.
  • Provide payroll register samples, time edit logs, and site or supervisor sign-offs.

Great Answer

Hours are captured through biometric time clocks, exceptions require supervisor approval, and all edits are logged and reviewed weekly. We reduce buddy punching with access control systems, and we manage overtime by account with clear rules, including when it is billable versus absorbed. We have had limited wage issues in the last 3 years, and we can show our documented correction process.

Okay

We use a timekeeping system and review timesheets, but overtime control and audit trails need work on higher-churn posts.

Gives Pause

Guards text in their hours, and we fix it in payroll. We do not track edits.

How Rejigg helps: Rejigg makes it easier to share timekeeping policies and supporting reports securely, which can reduce the buyer’s push for punitive holdbacks. Learn more in the guide

Warranty & Callbacks

How much of your “service revenue” is really callback and warranty? What’s your callback problem, and what do you do about it?

Buyers are looking for hidden margin loss from free truck rolls that consume technician capacity. They also want to know what drives callbacks: workmanship, manufacturer defects, network issues, or user training. Each cause has a different fix and a different implication for future margin. A clear policy and tracking usually reads as operational maturity.

How to prepare

  • Categorize the last 60–90 days of return visits by cause.
  • Write a warranty and callback policy with billable rules and exception approvals.
  • Add a commissioning and closeout QC checklist to reduce repeat issues.
  • Track callback rate by job type and technician.

Great Answer

We separate billable service from warranty and callback work, and we can show the last 30 days categorized by cause. Our policy states what is covered, what is billable, and who can approve exceptions. We track repeat issues by job type and technician. After adding a quality control inspection step, callbacks dropped from 15 to 5 per month.

Okay

We know callbacks hurt capacity, and we have informal rules, but we do not consistently categorize causes or measure trends.

Gives Pause

We do not track callbacks. It is just part of taking care of customers.

How Rejigg helps: Rejigg helps you show callback tracking and policy up front so buyers can separate real service revenue from cleanup work. Learn more in the guide

Vendor Dependencies

Are you authorized with key manufacturers, and is that authorization transferable? What happens if they change the rules?

Buyers want to know they will keep pricing, support, warranties, and software access after the sale. They also check whether dealer status and certifications are tied to one technician or to the owner’s rep relationship. Platform concentration can work when customers standardize on a system, but buyers will price in the risk of rule changes, lead-time spikes, or access loss.

How to prepare

  • List top platforms by revenue and margin impact, including status, requirements, and renewals.
  • Document who holds certifications and set a redundancy plan.
  • Explain rebate and project registration programs and their margin impact.
  • Inventory portal logins and software licenses, including transfer steps.

Great Answer

Our top vendors are ADT, Securitas, and G4S. We documented dealer status, annual requirements, and the technician certifications that keep it active. Portal and software access sit under company-controlled emails, and we confirmed transfer steps where needed. We focus on a few platforms because customers ask for them, and we mitigate vendor changes with secondary sourcing, approved substitutions, and redundant training.

Okay

We have the right vendor relationships and certifications, but transfer steps and single-point dependencies still need to be documented.

Gives Pause

We buy from whoever has stock. Authorizations are informal and tied to my relationships.

How Rejigg helps: Rejigg helps you document manufacturer status, certifications, and software access cleanly so buyers can diligence vendor continuity quickly. Learn more in the guide

Owner Dependence

Who owns the customer relationship when something goes wrong? What would a new owner trip over in the first 90 days?

Buyers are testing whether escalations, scheduling decisions, and exceptions live with the team or with the owner. They also want the real list of operational tripwires: portals tied to personal emails, key tech or supervisor risk, permit delays, renewals, and site rules that only one person remembers. Heavy owner dependence usually leads to longer transitions, earnouts, or a lower price.

How to prepare

  • Map escalation paths and name the non-owner decision-makers by function.
  • Write a 90-day risk list with owners, due dates, and mitigations.
  • Document customer reporting cadence: incident reports, DARs, closeout packages.
  • Shift escalations away from the owner before going to market.

Great Answer

Escalations go to the Security Operations Manager first, with clear thresholds for when I step in, and key clients like Acme Corporation already follow that structure. We maintain a 90-day risk list covering key staff coverage, access control system ownership, contract renewals, security permits, and customer expectations, with mitigations in progress. I can support a defined transition, but day-to-day scheduling and client calming do not depend on me.

Okay

I still handle most escalations, but we are training a manager to take more of those calls, and we have identified the main 90-day risks.

Gives Pause

Clients call me, and I handle it. A new owner can learn the details after the sale.

How Rejigg helps: Rejigg’s Owner’s Guide and structured workspace help you document handoffs and reduce owner dependence in a way buyers can verify. Learn more in the guide

Growth Engine

What happens to sales after closing: where do leads come from, and who closes them?

Buyers want a sales engine that survives the owner, especially for quoting and design work. In physical security, lead flow often comes from the installed base, property managers, electricians, IT providers, door companies, and GC relationships. A trackable funnel and standardized estimating typically supports a higher multiple. If sales stays owner-only, buyers often bake in a longer transition and slower growth.

How to prepare

  • List top lead sources with last-12-month volume and conversion by job type.
  • Document estimating templates, pricing guardrails, and proposal standards.
  • Map the sales process by stage and name who owns each step.
  • Track referral partners and assign relationship ownership beyond the owner.

Great Answer

Leads come from various sources, about 40% from installed-base service calls, 30% from property managers and referrals, and 30% from partner channels. We track close rates by job type. Estimating uses templates and labor-hour guardrails so quotes do not depend on me. Sarah Johnson, our Senior Project Manager, runs most site walks and closes work under $15,000, with an escalation path for complex projects.

Okay

We know our lead sources and have a pipeline, but estimating and closing still run through me too often.

Gives Pause

Work is word of mouth. I quote and close everything, and we do not have a repeatable process.

How Rejigg helps: Rejigg puts you in front of vetted buyers who understand security sales cycles, and its tools help you manage outreach, NDAs, and scheduling in one place. Learn more in the guide

Ready to Take the Next Step?

Whether you're just exploring or ready to list, we can help.

Get a Free Valuation

See what your physical security services business could be worth based on real transaction data.

Try the Calculator

Talk to an Expert

Schedule a free consultation. We'll answer your questions and help you plan your exit.

Schedule a Call

Read the Full Guide

Our 6-step owner's guide covers everything from deciding to sell through post-sale transition.

Start the Guide

Questions Physical Security Services Owners Ask Us

Most physical security services businesses sell on a multiple of cash flow. Owner-operator shops are often priced off SDE, while larger teams are priced off EBITDA. Integrators with strong job costing and real recurring revenue from monitoring or service agreements usually trade higher than project-only installers. Guard-heavy companies can trade well, but the multiple depends heavily on contract terms, client retention risk, and payroll compliance. Hardware-heavy revenue often gets discounted if markup is thin or volatile. Use Rejigg’s free valuation calculator to estimate a range based on your numbers and recent transaction multiples.

Yes. Many Physical Security Services deals can be financed with an SBA 7(a) loan, but lenders dig into cash flow quality and operational risk. For guarding, they focus on timekeeping controls, wage compliance, claims history, and how easily contracts can terminate or be reassigned. For integrators, they look for job-level margin proof, WIP and backlog conversion, and whether the business depends on one estimator or one license holder. Rejigg’s SBA loan calculator helps you model payments and sanity-check what the cash flow can support.

Many sales close in 3–9 months once you are truly ready to go to market. Physical Security Services deals can take longer when licensing transfers, guard card renewals, site access approvals, or customer consents sit on the critical path. Integration deals also slow down when buyers need to verify WIP, backlog, and exposure to long hardware lead times. The fastest path is a diligence-ready package: financials, contract register, license matrix, and proof of dispatch and timekeeping. Rejigg’s preparation guide lays out what to assemble first.

No. A broker can help, but many owners sell without one, especially when the business has clean records and a clear story. Brokers often charge 5–10% and mainly manage buyer access, NDAs, and diligence coordination. Rejigg gives you direct access to pre-vetted buyers, digital NDAs before anyone sees sensitive details, a built-in data room, and an offer dashboard to compare terms. You control pricing and process without paying a commission. Start by listing on Rejigg and follow the Owner’s Guide to stay organized.

Buyers value profit, not the amount of equipment you push through the top line. If a big slice of revenue is hardware with low markup, returns risk, and backorders, it can inflate revenue while adding little value. Most buyers will ask you to split labor and hardware gross profit, explain rebates and project registration economics, and show how you handle returns and warranty replacements. A clean breakdown usually improves price because it removes doubt about what the margin really is. Rejigg’s data room structure helps you share the breakdown and supporting vendor docs under an NDA.

Working capital is the short-term money the business needs to operate: current assets like AR and sometimes inventory or WIP, minus current liabilities like AP and accrued expenses. In integration, long lead times can tie up cash in equipment and partially completed jobs. In guarding, payroll often hits before client payments clear, so timing matters. Buyers usually set a working-capital target so they are not funding past-due bills or an AR hole at close. Rejigg’s negotiation guide explains how targets are set and negotiated.

Earnouts pay part of the price later if the business hits post-close targets. In Physical Security Services, they show up when revenue depends on a few big accounts, contract re-competes, or the owner’s estimating and sales work. Guarding earnouts often track retained billable hours or gross profit by contract. Integration earnouts may track booked margin, project completion, or service agreement retention. The main risk is control, since the buyer runs staffing, pricing, and spending after close. Rejigg’s deal tools help you compare offers with and without earnouts so you can judge risk, not just headline price.

Buyers typically ask for 3 years of financials plus trailing 12 months, tax returns, AR and AP aging, customer and contract lists, insurance and claims history, and a license and registration package for both the company and individuals. Guard businesses usually need timekeeping and payroll controls, post orders, and sample incident reports. Integrators usually need WIP and backlog support, job files, change orders, and vendor authorization details. A secure data room keeps the process moving and limits oversharing. Rejigg includes a built-in data room and a due diligence checklist aligned with real buyer requests.

Most buyers ask for a non-compete and a non-solicit to protect the contracts and the workforce they just bought. In Physical Security Services, this matters because customers can rebid quickly, and guards and techs can move as a group if they are recruited. Terms vary by state, and enforceability often depends on scope, duration, and whether the restriction is reasonable for the role and geography. It is worth having your attorney review state-specific limits early, since these terms can affect your post-sale plans. Rejigg’s deal negotiation guide helps you benchmark what is common.

Guarding businesses often trade on contract quality and operational controls, so buyers spend a lot of time on timekeeping, claims, and termination rights. Many buyers prefer an asset purchase to limit liability exposure, although structure depends on tax and legal context. Integrators tend to be diligenced around WIP, backlog, vendor authorizations, and the technical bench, and working-capital adjustments can matter when inventory and open jobs are large. In both models, a transition period is common to stabilize customer contacts and key staff. Rejigg’s offer dashboard makes it easier to compare structure and risk, not just price.

Buyers look at concentration through the lens of how fast the revenue could disappear. In guarding, a single campus or property manager can represent a lot of billable hours, and an easy termination clause can raise risk. In integration, concentration can come from a facilities relationship or a platform standard that drives repeat work. Concentration can be acceptable when contracts are sticky and performance history is strong, but buyers will ask for terms, reporting cadence, decision-maker stability, and retention evidence. Rejigg’s buyer vetting and NDAs help you share sensitive customer details more safely.

Buyers will usually split inventory into usable stock and dead shelf. Common problem areas include obsolete camera models, discontinued access control boards, equipment bought for delayed projects, and non-returnable special orders. A strong seller package includes an inventory list with cost, age, and what is reserved for specific open jobs. Deal treatment varies. Some buyers pay for usable inventory on top of enterprise value, while others fold certain inventory into the working-capital target. Keeping this organized reduces last-minute renegotiations when someone finally opens the shelf and counts what is there.

The biggest price hits usually come from continuity and liability risk. Examples include licenses or qualifying roles tied to one person with no backup, key contracts that cannot be assigned or can terminate on short notice, weak timekeeping controls in guard operations, and thin install margins caused by repeated fixed-bid overruns. Buyers also discount businesses with heavy callback volume, unclear claims history, or site requirements that live only in someone’s head. Most buyers can work with issues when they are documented and contained. Rejigg’s Owner’s Guide helps you surface and fix the common problems before diligence.

Most buyers want the same guards and techs showing up, the same supervisors handling issues, and the same dispatch rhythm. That usually means a communication plan, confirmation of pay rates and schedules, and a clean handoff of credentials like guard cards, badges, and site access. Retention bonuses are common for key supervisors, dispatchers, and senior techs, since losing them can destabilize coverage. This varies by market and by union or site requirements. Rejigg’s transition planning guide covers what to communicate and when.

Buyers typically request insurance loss runs, a summary of major incidents, and your investigation and client notification process. They often review use-of-force complaints, vehicle accidents for patrol work, and termination reasons on major accounts. They want to see consistent documentation: incident report templates, escalation rules, corrective actions, and training boundaries. Incidents happen in guarding, so the question is whether your system catches and contains them. Keep claims documents and incident SOPs in a secure data room, and share them only after an NDA and serious buyer qualification.

Confidentiality matters in Physical Security Services because clients may rebid, and guards or techs may leave if they expect schedule changes. Most sellers use staged disclosure: high-level information first, then customer names and contracts only after an NDA and clear buyer intent. Internally, limit knowledge to the smallest group until you have a path to close and a plan for supervisor and client communications. Rejigg supports this with pre-vetted buyers, digital NDAs before access, and permission controls in the data room so each buyer sees only what you approve.

Taxes vary based on entity type and deal structure, including an asset sale versus a stock sale, and whether you are a C-corp, an S-corp, or an LLC. The allocation between equipment, inventory, and goodwill can change your tax outcome, and depreciation recapture on vehicles, tools, and equipment can be material for integrators. Guard businesses often have less equipment and more value in contracts and goodwill, which shifts the allocation discussion. Your CPA should model scenarios early, since the highest purchase price can still produce lower after-tax proceeds. Rejigg’s negotiation guide helps you spot term changes that affect net proceeds.

A 30–90-day active transition is common, and it can run longer when the owner is the primary estimator, the main escalation point, or the license holder that keeps work legal. Guarding buyers may want continuity through a billing cycle or two to steady client contacts and supervisor routines. Integrator buyers may want help with key projects, vendor portals, and technical handoffs. Define the transition in writing, including hours per week, responsibilities, and decision rights, so it does not become open-ended support. Rejigg’s transitioning guide provides a practical framework.