|
|
|
|
|
|
Static security guards Mobile patrols Event security services Retail security guards Close protection Pre-employment Vetting Party & Function Security Security consulting Business risk assessment Security design & planning Services for Investors Safety & health at work Law enforcement investigations Home & family protection Professional training
|
BUSINESS RISK ASSESSMENT Risk Estimation Security risk is a function of the likelihood of attack, consequence of successful attack, and security system ineffectiveness. To estimate relative security risk, the qualitative estimates for likelihood of attack, system ineffectiveness, and consequence are logically combined. A simple method, based on expert judgment, for combining the three risk parameters to estimate security risk will be discussed. The security risk estimates are relative, not absolute, but they can be used to make risk management decisions. A relative risk level is valuable to: - Compare risk levels for a spectrum of malevolent threats - Compare risk levels for a spectrum of facilities, industries, or organizations - Compare the cost-effectiveness and other impacts of potential improvements Risk Reduction Strategies If the estimated baseline risk level for the threat spectrum is judged to be above the established threshold (too High), risk reduction strategies for the system may be considered. Risk reduction strategies focus on reducing the levels of the parameters of the security risk equation: likelihood of attack, system ineffectiveness, and consequence. In practice, risk reduction is made most successful by improving protection system effectiveness and mitigating consequences. Risk Reduction Upgrades – Security system planners must address how to reduce security risk. Absolut Security planners might consider adding features to increase physical or cyber-protection system effectiveness and/or to reduce or mitigate consequences. Sitespecific vulnerabilities identified in the system effectiveness analysis provide guidance for adding/modifying features. Consequence analysis and system effectiveness analysis should then be repeated for the upgraded system in order to estimate a risk level associated with the upgraded system. If the estimated risk for the upgraded system is below the threshold, the upgrade is completed. If the risk is still above the threshold, the upgrade process should be repeated until the risk level is judged to be below the threshold. Impact Analysis – Once the system upgrade has been determined, it is important to evaluate the impacts of the risk reduction on the mission of the facility and the cost. If system upgrades put a heavy burden on normal operation, a trade-off would have to be considered between risk and operations. Budget can be the driver in implementing security upgrades. A trade-off between risk and total cost may have to be considered. The assessed level of risk and the upgrade impact on cost, mission, and schedule are valuable information to security risk managers.
|
||
|
|
2007 - 2011 © absolutsecurity.rs |
|
|
