Dimension scores are derived from public data and fields; weighted into the composite. Reference only.
CT STEP is an online risk management platform provided by GCG Retail and Commercial Limited, positioned to help organizations prepare for and demonstrate compliance with the UK’s Martyn’s Law requirements. It is closer to a counter-terrorism public safety and compliance management tool than a traditional cybersecurity product. The platform is built around four steps — “understand, assess, plan, activate” — helping users identify terrorism threats, assess site vulnerabilities, and create actionable public protection procedures.
In terms of protection scope, CT STEP focuses on preparedness for terrorist attack risks, site security assessment, emergency communication, invacuation, evacuation, and lockdown procedures. Its key feature is turning guidance from government and police sources into structured questions and action plans, making it suitable for business users without specialist counter-terrorism expertise. For multi-site organizations, the Organisation Dashboard can aggregate progress, lagging locations, and high-risk points across sites, enabling centralized oversight by headquarters. Plans support date stamps, updates, sharing, and the recording of key actions, roles, communications, and training activities, giving the platform some value for audit trails.
The main materials only describe it as an easy-to-use online risk management platform and provide a “Request a demo” option. They do not disclose subscription pricing, per-site billing, enterprise contracts, or trial policies. The deployment model appears to be an online platform, but there is no information on data hosting regions, access controls, SSO, APIs, log export, automated alerts, or third-party system integrations. Certifications such as ISO, SOC, or Cyber Essentials are also not disclosed.
Its strengths are a focused use case, clear workflow, strong alignment with Martyn’s Law, and support for centralized management across multiple sites. The fact that it is built by UK counter-terrorism experts and claims to be updated in line with government guidance also improves content credibility. The drawbacks are limited disclosure: commercial terms, technical security, and integration capabilities are not transparent. It also does not address cybersecurity issues such as network intrusion, endpoint protection, or vulnerability management. It is better suited to retailers, commercial property operators, event venues, or chain organizations operating in the UK that need counter-terrorism preparedness for public venues and compliance records.
The main materials do not provide information on access from mainland China, and payment methods are not disclosed. Since the product is clearly aimed at UK regulatory requirements, its direct applicability is limited for Chinese companies without UK sites. Alternatives may include local EHS/compliance management systems, security risk assessment platforms, or counter-terrorism and emergency planning services provided by professional security consultancies.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on ctstep.com official site.
ctstep.com is an United Kingdom Legal & Tax provider. TG4G tracks its product information, an overall rating of 6.0/10, and a China-accessibility score of Limited (proxy recommended). Click "Visit Official Site" to reach ctstep.com directly.