introduction to security n.
Skip this Video
Loading SlideShow in 5 Seconds..
Introduction to Security PowerPoint Presentation
Download Presentation
Introduction to Security

Loading in 2 Seconds...

play fullscreen
1 / 21

Introduction to Security - PowerPoint PPT Presentation

  • Uploaded on

Introduction to Security. Chapter 5 Risk Management: The Foundation of Private Security. Risk defined:. A known threat that has unpredictable effects in either timing or extent 2 types of Risk: Pure risk Dynamic Risk. 1. Pure Risk.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Introduction to Security' - menora

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
introduction to security

Introduction to Security

Chapter 5

Risk Management: The Foundation of Private Security

risk defined
Risk defined:
  • A known threat that has unpredictable effects in either timing or extent
  • 2 types of Risk:
    • Pure risk
    • Dynamic Risk
1 pure risk
1. Pure Risk
  • The potential for injury, damage or loss with no possible benefits.
  • Examples:
    • Crime
    • Terrorism
    • Natural Disasters
2 dynamic risk
2. Dynamic Risk
  • This has potential for both benefits and losses.
  • Examples:
    • Accepting checks to stimulate business
    • Hiring our own security personnel
risk management the big picture
Risk Management: The Big Picture
  • Anticipating Risk
  • Recognizing Risk
  • Analyzing Risk
  • Taking steps to reduce or prevent such risks
  • Evaluating the Results
risk management the big picture1
Risk Management: The Big Picture
  • Asset Worth
    • An important part of any risk management program is the worth of the asset being protected.
    • 3 Factors:
      • Overall value of the asset to the organization
      • Immediate financial impact of losing the asset
      • Indirect business impact of losing the asset.
risk assessment
Risk Assessment
  • Risk Assessment is the process of identifying and prioritizing risks to a business.
  • “A risk assessment serves as the foundation upon which an organization builds its physical security plan.” (Fredrick, 2006, p. 19)
sources of information on risk
Sources of Information on Risk
  • Local police crime statistics
  • UCR reports
  • Internal organization documents
  • Prior complaints
  • Prior civil claims against security
  • Industry-related information
  • Law enforcement intelligence
3 factors of risk analysis
3 Factors of Risk Analysis
  • Vulnerability – where and how could losses occur
  • Probability – analyzing those factors that favor loss
  • Criticality – deciding the consequences of a loss if it should occur
how to handle identified risks
How to handle identified risks:
  • Risk elimination
  • Risk reduction
  • Risk spreading
  • Risk transfer
  • Risk acceptance
1 risk elimination
1. Risk Elimination
  • The best alternative, if it is realistic.
  • For example, we can eliminate the risk of losses from credit card fraud if we don’t take credit cards. However, the loss of business would be more than the loss from credit card fraud.
2 risk reduction
2. Risk Reduction
  • We can not eliminate all pure risk, but we can reduce it.
  • We reduce it by establishing control and procedures.
  • Lighting, installing locks and alarm systems are all examples of methods of risk reduction.
2 risk reduction attack trees
2. Risk Reduction – attack trees
  • These give us a visual representation of our risk.
3 risk spreading
3. Risk Spreading
  • Related to risk reduction
  • This approach uses methods that reduce the potential loss by splitting up the risk into several areas.
4 risk transfer
4. Risk Transfer
  • We can transfer the risk by either raising prices or insurance.
  • Insurance has a couple of important principles:
    • Indemnity: states the insurer pays only the actual amount of the loss and no more
    • Subrogation: substitution of the insurer in place of the insured for the purposes of claiming indemnity from a third party for a loss covered by insurance
5 risk acceptance
5. Risk Acceptance
  • It is never cost effective, practical, or indeed possible, to provide 100% security, thus some risks we simply have to accept.
  • Some risks are simply the costs of doing business.
qualitative and quantitative risk assessment
Qualitative and Quantitative Risk Assessment
  • Quantitative – calculate the objective values for each component during risk assessment and cost benefit analysis.
  • Qualitative – identifies the most important risks quickly by assigning relative values to assets, risks, control and effects.
    • This balances cost and effectiveness.
conducting the security survey
Conducting the Security Survey
  • A survey instrument needs to be developed
  • A thorough, physical walk-through should be done
  • Walk-through should include talking to and observing personnel and observing the environment as a whole
reporting the results
Reporting the Results
  • Introduction
  • A discussion of the risk analysis
  • Strengths of the system
  • Weaknesses of the system
  • Recommendations for alternatives for managing the risks, including the estimated cost and savings, and who should be responsible for making the changes
implementing the recommendations
Implementing the Recommendations
  • It is important to note that most companies will not have the money to implement all the changes at once.
  • It is important to establish a schedule for implementation of the recommendations, in order to accommodate budget issues and ensure items do not get overlooked.
keys to success
Keys to Success
  • Executive sponsorship
  • Well defined list of stakeholders
  • Clear definition of roles and responsibilities
  • Atmosphere of open communication
  • Spirit of teamwork
  • Holistic view of organization
  • Authority throughout process