Security Risk Assessments (SRA)
Why Optimise? At Optimise we believe that an integrated approach to security ensures we capture all elements of your current security regime and we are best placed to ensure you have the correct tools and confidence to move your security strategy forward.
However, any new security strategy has a beginning. At Optimise we work with you, not only to identify where there may be a weakness in your security processes, but also to optimise your strengths.
Our Security Risk Assessment (SRA) process aims to identify the current security risk exposure across your whole range of assets, including those found to be mission critical by establishing the meeting point of threat likelihood, impact and vulnerability. Our SRA takes into account the following factors:
Asset Identification: Identify the assets that require protection, including people, property, information and reputation.
Threat analysis: By gaining an understanding of your business, its environment and outputs, we are better placed to characterise the most relevant threat sources.
Threat Likelihood: This is a subjective numerical assessment of how likely a security related event is expected to occur, taking into account historical events, crime statistics, asset location and target attractiveness.
Impact Assessment: The potential for direct or consequential loss, destruction or damage to your staff, assets or corporate reputation which could occur if any one of the threat scenarios materialises into an event.
Vulnerability Assessment: Advice on any perceived weakness in your security processes that could be exploited by a threat source.
Overall security Risk: The potential for loss, taking into account probabilities, impact and vulnerabilities.
Security Risk cannot be reduced to zero without stopping the process completely. Therefore our process enables us to illustrate where your overall risk exposure can be reduced to an acceptable level or As Low as Reasonably Practicable (ALARP) in the form of a risk register.
The final section of the SRA offers mitigation goals in the form of physical, technical and procedural concepts in order to reduce the impact on your assets should a threat scenario materialise into an event. Once the mitigation goals are agreed with you, we re-run the SRA process in order to illustrate how your overall risk exposure can be reduced.