Risk Management (SRM)
Security Risk Management process and the main concepts involved in risk management and how risk management is applied to security in an organization.
Risk Management (SRM)
Overview This article introduces Security Risk Management process and the main concepts involved in risk management and how risk management is applied to security in an organization. The terms risk and risk management have been commonly used to apply to other components of risk management, including business continuity, emergency preparedness,...
April 9, 2024
Geographical Scope and Timeframe
Intro Risk management in the security context deals with threats in the environment. Therefore, it is important to determine a specific area in the environment in which these threats occur. It is also necessary to establish clear geographical locations to set the context in which project, activity, and vulnerability assessments...
April 10, 2024
Situational Analysis
Overview Familiarity and knowledge of the general security situation are of prime importance when applying the SRM process. The SRM assessment must be based on facts, and the facts must be relative to the environment in which the organization, project, or activity is taking place. Using the steps and tools...
April 11, 2024
Project Assessment
Introduction The Conceptual Overview of the SRM process highlights that SRM is a way to support project delivery for the organization by reducing risks to an acceptable level. To facilitate organizational goals, it is necessary to understand those goals and the projects it intends to implement. This is an ongoing...
April 11, 2024
General Threat Assessment
Introduction The Threat Assessment is the process by which one identifies and assesses those actors and actions in the geographical area that may potentially cause harm to the organization. Using the threat-related points generated during the Project Assessment, it is necessary, in conjunction with the Security Department/Contractor, to list events...
April 11, 2024
Specific Threat Assessment
Introduction In the Specific Threat Assessment stage of the SRM process, we identify the specific threats to the organization for the SRM Area and provide a structured assessment of these threats in a similar way as the General Threat Assessment. Unlike the General Threat Assessment, which looks at the overall...
April 11, 2024
Risk Analysis
Security Risk Assessment Overview Various aspects of the threat assessment will influence your judgment about both the likelihood and impact of a certain threat. To illustrate, we can use an example of armed crime. If the threat assessment identifies a threat from large, well-armed criminal groups working in a city...
April 11, 2024
Security Risk Management Measures
Security Risk Management Measures Introduction As noted in step 5 (Risk Analysis), risk management is the process whereby an organization attempts to lower risk by implementing measures to reduce likelihood and/or impact by reducing vulnerabilities. SRM Measures are selected after specific threats are identified, and only after existing mitigation or...
April 15, 2024
SRM Implementation
SRM Implementation Overview The implementation phase of the SRM is of paramount importance as it carries in itself the credibility of the process. The project planning phase and the implementation phase are two very different things; consideration needs to be given to how the SRM will be implemented throughout the...
April 15, 2024
Acceptable Risk
Introduction Risk management has three important principles that relate to how Security Management Systems deals with questions of acceptable risk: Do not accept unnecessary risk. There is no benefit in accepting any unnecessary risk if it does not help the organization achieve its objectives. Accept risk only when benefits outweigh...
April 15, 2024
Review and Monitoring
Introduction Why Carry out Monitoring and Evaluation? The simple answer is that only through monitoring and evaluation can we ensure that the risk has been reduced and the organization can deliver its objectives within acceptable levels of risk. Only with effective monitoring of implementation and evaluation of the results do...
April 15, 2024