The document discusses the importance of conducting thorough site surveys and risk management assessments. It outlines a 6-step process for assessing assets, threats, vulnerabilities, risks, countermeasures, and making risk management decisions. The process involves identifying critical assets, potential threats, existing vulnerabilities, likelihood and impact of risks, cost-effective countermeasures, and selecting strategies to reduce risks to acceptable levels. Conducting a comprehensive risk assessment is essential to developing effective security plans to protect clients and personnel.
Site Surveys Provide Methodology for Asset Risk Assessment
1. Site Surveys It provides a logical and consistent methodology of quantifying and qualifying assets, vulnerabilities, impact and the associated risks Why? Tony Ridley Security Consultant [email_address]
27. Centre of Gravity Decisive Points Decisive Points Conditions of service Wages Pricing Procedures Policy Client Complaints Vocabulary Equipment Competitor Actions Image Equipment and Materials Facilities Information Activities and Operations People Centre of Gravity
28. Centre of Gravity Decisive Points Decisive Points Conditions of service Wages Procedures Policy Client Complaints Vocabulary Competitor Actions Adversary Equipment and Materials Facilities Centre of Gravity
29. Asset/Event Impact Assessment Chart Equipment Facilities Information Activities People Impact Level Consequence of Event Potential Undesirable Events Critical Assets
30.
31.
32. Asset/Event Impact Assessment Chart High 2 Theft/ Damage to communications equipment Theft/Damage to transport fleet Equipment Medium 5 Destruction of buildings Damage/Destruction of Power supply Facilities High 3 Theft/Compromise of Classified Information Commercial Espionage Information Medium 4 Disruption to Project/Operations Disruption to Communications Activities Critical 1 Death Assault Accident/Injury/Medical Emergency People Impact Level Consequence of Event Potential Undesirable Events Critical Assets
33. Impact Level Decision Matrix Low No No No No No Medium No/Yes No/Yes No/Yes No/Yes No/Yes High Yes/No Yes/No Yes/No Yes/No Yes/No Critical Yes Yes Yes Yes Yes Overall Impact Level 5 Destruction of buildings 4 Disruption to Production 3 Theft or compromise of information 2 Damage or theft of transportation 1 Injury or loss of life
48. Threat Level Decision Matrix Low No Yes or No No Medium Yes or No No Yes High No Yes Yes Critical Yes Yes Yes Threat Level History Capability Intent
58. Vulnerabilities-Existing Countermeasures Low Chain of command Critical Medium Continuous reviews High Vehicle checks Low Medium Security Awareness training Medium Low High Physical Guard force Medium Low Medium Alarms Low Door and locks Critical High Low Direct communication Low High Medium Low Specific training Low Critical High Corrective Policies Low Critical Protective Barriers Community Demonstration Information Theft Physical Attack Terrorist Bomb Existing Countermeasures
59. Vulnerability Level Decision Matrix High No Yes No Critical No No No Medium Yes Yes Yes (Multiple) Low Yes Yes Yes (Single) Vulnerability Level Multiple layers of countermeasures Difficult to exploit? Vulnerable through one weakness?
63. Overall Risk Assessment Destruction of property Fire Theft of goods Loss of equipment Medium Disruption to project / production YES / NO Low Medium Low Medium Low Medium High High Assault Accident / Injury / Medical Emergency Risk Acceptable? Overall Risk Vulnerability Rating Threat Rating Impact Rating Potential Undesirable Events
69. Cost of Countermeasures Least Expensive Most Expensive COST Manpower Written Procedures Hardware $
70.
71. Countermeasures Options Package USD$50,000 High to Medium Overall Risk / Total Cost USD$5,000 High to Medium Community Engagement Sponsorship Community Projects Law Enforcement Liaison Community Unrest USD$15,000 High to Low Policies development Procedure implementation Training Liability Vehicle / Residence protection Armed assault USD$30,000 Critical to Medium Physical barriers Stand off areas Approach Inhibitors Bombing Cost Risk Level Reduced From/To Countermeasures Undesirable Events
72.
73. Shields’ Site Review Process Client’s Request for assistance / offer of services Operations Warning Order given Review Conducted Site Review Team dispatched Initial appraisal conducted Task de-brief and preliminary findings Report Construction Report submitted to Marketing and Management for review Operations feedback and confirm final draft Present findings Client Review Final Plan implemented
77. Site Surveys It provides a logical and consistent methodology of quantifying and qualifying assets, vulnerabilities, impact and the associated risks Why? Tony Ridley Security Consultant [email_address]