Skip to main content Scroll Top

Risk Management Consulting – Assessment and strategy

Services October 24, 2018

Security in any system should be proportionate with its risks. However, the process to determine which security controls are appropriate and cost-effective is quite often a complex and sometimes a subjective matter. One of the prime functions of the Polar security risk analysis is to approach this process in a more objective view.

There are a number of distinct approaches to the risk analysis which we follow. However, these essentially break down into two types: quantitative and qualitative.

Quantitative Risk Analysis

This approach employs two fundamental elements; the probability of an event occurring and the likely loss should it occur.

Quantitative Risk Analysis

This approach makes use of a single figure produced from these elements. This is called the ‘Annual Loss Expectancy (ALE)’ or the ‘Estimated Annual Cost (EAC)’. This is calculated for an event by simply multiplying the potential loss by the probability. It is thus theoretically possible to rank events in order of risk (ALE) and to make decisions based upon this.

The challenge with this type of risk analysis is usually associated with the unreliability and inaccuracy of the data. Probability can rarely be precise and can, in some cases, promote complacency. In addition, controls and countermeasures often tackle a number of potential events and the events themselves are frequently interrelated. Qualitative Risk Analysis is by far the most widely used approach to risk analysis. Probability data is not required and only estimated potential loss is used.

The Polar Afpro Security qualitative risk analysis methodologies make use of a number of interrelated elements:

Threats

These are things that can go wrong or that can ‘attack’ the security system. Examples might include fire or security. Threats are ever present for every system.

Vulnerabilities

These make a system more prone to attack by a threat or make an attack more likely to have some success or impact. For example, for fire, a vulnerability would be the presence of inflammable materials etc.

Assets – Controls

Polar Afpro Security uses 4 types of countermeasures for vulnerabilities:

  1. Deterrent controls reduce the likelihood of a deliberate attack
  2. Preventative controls protect vulnerabilities and make an attack unsuccessful or reduce its impact
  3. Corrective controls reduce the effect of an attack d) Detective controls discover attacks and trigger preventative or corrective controls.

Related Posts

Security related training

With Polar Afpro Security and its employees’ wealth of international experience and with the emphasis placed on Africa, we offer training in the full range of corporate and industrial defence security. These comprehensive training modules include: Close (executive) protection Crisis…

Access & Entrance Control – Barriers, card readers, time keeping, parking management

Anti-Ram Raid Gates Anti-Ram Raid Gates are constructed from galvanized steel box sections and pillars. The robust integrity of the construction and its anchoring allows for great resistance from a ram raid both externally and internally. These gates are particularly…

Dockyard Drone Footage
04 Feb 2019