Enterprise & Corporate
One location with a deficient plan is a $25,000 fine.
Ten locations is a different conversation.
SB 553 compliance scales with your footprint. Each site needs its own written plan, its own hazard assessment, its own training documentation. Your HR team was not hired to build this. Cynserus handles multi-site compliance end to end — custom plans, live training, incident infrastructure, and annual maintenance — reviewed personally by a Fortune 500 security executive.
A single plan does not cover multiple locations.
A common mistake among multi-site employers is maintaining one WVPP for the entire organization. Cal/OSHA expects a plan that reflects each worksite's physical layout, staffing model, operating hours, and hazard profile. A corporate headquarters and a distribution warehouse face different risks. An inspector at one site will evaluate whether the plan describes that site — not your company in general.
The same applies to training records, incident logs, and reporting mechanisms. Each location must be able to produce its own documentation independently. If Site B cannot produce records because they live on a shared drive at Site A, that is a gap.
Common Questions
These are the questions we hear from companies your size.
Our procurement team is requesting this from vendors.
Enterprise customers and institutional partners now include SB 553 compliance in vendor due diligence. Having a documented, site-specific plan removes friction from the sales cycle and demonstrates operational maturity.
Our board wants to know our exposure.
Directors and officers carry personal liability for workplace safety failures. A documented compliance program — with training records, incident logs, and annual reviews — is the evidence that the organization took reasonable steps. The absence of documentation is the exposure.
We already have something in the employee handbook.
A handbook policy is not a WVPP. Cal/OSHA requires a standalone written plan with site-specific hazard identification, named administrators, defined reporting procedures, and documented employee training. A paragraph in Section 12 of an employee handbook does not satisfy the statute.
We have locations in multiple states. Does this still apply?
If any of your employees work at a physical site in California, those sites need compliant plans. Your Texas headquarters does not. But the three California offices, the Bay Area warehouse, and the LA satellite office each do.
What changes in 2026?
Cal/OSHA is finalizing a permanent workplace violence prevention standard that will replace the current interim rules. The permanent standard is expected to add requirements around workplace violence restraining orders, expanded recordkeeping, and more specific training content. Cynserus monitors the regulatory timeline and updates your plans when the standard takes effect.
Can we see what the plan looks like before we commit?
Yes. We scope every engagement before any commitment. You will see the structure, the intake questions, and a sample deliverable before signing.
The Engagement
End-to-end compliance infrastructure. Not a document.
Custom WVPP for each site
Each location receives its own written plan reflecting its physical layout, staffing, shift patterns, industry-specific hazards, and existing security measures. Plans follow Cal/OSHA's model structure section by section.
Live training
Interactive employee training delivered by a former police detective and Fortune 500 security executive. Covers SB 553 requirements, site-specific hazards, reporting procedures, and de-escalation. Documented with attendance records for Cal/OSHA.
Threat and vulnerability assessment
A full security program review covering physical security, access control, visitor management, insider threat indicators, and emergency response gaps. Delivered as a written report with prioritized recommendations.
Incident reporting infrastructure
A functional reporting system your employees can use — not a sentence in the plan describing one. Includes an anonymous reporting portal, QR codes for each site, and a structured incident log that captures all eight fields Cal/OSHA requires.
Ongoing compliance management
WVPP updates when conditions change, annual training refresh, regulatory monitoring through the 2026 permanent standard, and ongoing access to the incident portal. Your compliance does not expire when the PDF is delivered.
Founder review on every engagement
Every enterprise plan is reviewed personally by the founder — a former police detective who managed global security operations for publicly traded companies with over 70,000 employees.
In practice
What a Cal/OSHA citation actually looks like for a multi-location employer
A Southern California distribution company with four locations and 200 employees experiences a violent confrontation between two warehouse workers at its Inland Empire facility. HR is notified. No formal incident report is completed. The company's existing employee handbook references a workplace violence policy, but there is no site-specific written plan and no documented employee training.
Without a compliant plan
Cal/OSHA investigates and finds no site-specific written plan for the Inland Empire location, no documented incident log entry, and no training records for warehouse staff. The handbook reference is insufficient — California law requires a standalone written plan with site-specific hazard identification. The employer receives citations across multiple elements. Fine: up to $25,000 per violation, multiplied across each deficient location.
With Cynserus
Each of the four locations has its own compliant written plan addressing site-specific hazards. The incident is logged immediately via the Cynserus portal with all required fields. Annual training is documented for all warehouse staff across every site. Cal/OSHA finds complete, location-specific compliance documentation — no citation.
Enterprise Package
Custom-Scoped Engagements
Every enterprise engagement is scoped to your organization's footprint, locations, and risk profile. We confirm scope and deliverables before any commitment.
- Custom WVPP for each location
- Live training session with your team
- Threat and vulnerability assessment
- Executive risk profile
- Ongoing compliance management
- Priority founder review
Every enterprise engagement is reviewed personally by the founder. Someone who has managed global security operations for publicly traded companies with over 70,000 employees.
Enterprise FAQ
Most single-site engagements are completed within two weeks. Multi-site engagements depend on the number of locations and complexity, but we provide a timeline during scoping. The intake process for each site takes approximately 30 minutes.
Yes. We can coordinate directly with your general counsel or outside employment attorneys. The WVPP is an operational compliance document, not a legal brief, but we structure it so your legal team can review it efficiently.
We review existing plans against the full statutory requirements and identify specific gaps. If the plan is salvageable, we remediate it. If it needs to be rebuilt, we credit the review toward the new engagement.
Yes. We recommend separate sessions. Managers need additional content on recognizing warning signs, handling reports, and documenting incidents. Frontline employees need to know how to report and what to do during an active incident.
It covers WVPP updates when your operations change, an annual training session, ongoing access to the incident reporting portal, and monitoring of the 2026 permanent standard. You are not locked into a multi-year contract.