Security Risk Analysis

Methodological approaches to identify and solve security-related problems



Competency Area

Security Risk Management


Breakdown straightforward security problems and identify risks

Apply basic risk identification techniques

Follow standard operating procedures (SOPs) to identify risks

Study situations and relate to past experience for identification of risks

Discuss situations with security teams to identify risks

Determine the cause-and- effect relationships between security problems and risks

Identify potential risks affecting client security using available organisational, industry and public information sources and assess against likelihood of occurrence

Assess potential risks based on accurate and current understanding of clients’ operating environments

Develop structured action plans which identifies key roles and responsibilities associated with implementation of security risk management plans

Develop contingencies for occurrence of identified risks, and incorporate into plans

Select risk control measures in line with organisational practices, and identify and clarify implications of risk control measures approved by clients

Check risk control measures are documented and supported by suitable agreed organisational guidelines

Assess threat vulnerabilities and risks

Assess and evaluate existing security provisions and ground operations within facilities

Identify and evaluate security threats within facilities and the probability of occurrence

Analyse vulnerabilities as well as operations and activities related to threat scenarios

Assess associated loss or impact on facilities should threats occur

Develop overall risk profiles of facilities

Develop measures, which cover manpower, infrastructure, use of technology and reporting systems, to mitigate risks and reduce identified vulnerabilities

Communicate with relevant stakeholders