Security Threat & Risk Assessment
Threats, Vulnerabilities, Impacts, Likelihood, Consequences, Countermeasures, Matrices...
A complete quantitative and qualitative risk assessment and analysis approach in Dubai
The objectives of the Threat, Vulnerability and Risk assessments and analysis of projects and its surroundings from a Security standpoint is to answer the following questions.
-
What needs to be protected?
-
Who/What are the threats and vulnerabilities?
-
Country Risk Assessment situations
-
Regional Risk Assessment situations
-
Project Risk Assessment situations
-
What measures need to be incorporated to mitigate the threats, vulnerabilities and risks on the project to minimize exposure to losses or damages
-
Quantitative and Qualitative risk assessments with threshold points and risk scores
The outcome of SRA (Security Risk Assessment) is to provide stakeholder's consensual recommendations that maximize the protection of the property and its assets. To best determine the answers to the above questions, FRONTIERTECH shall perform detailed SRA involving their experiences, their own risk analysis data's and risk intelligence from 3rd parties in conjunction with major stakeholders of the project. SRA will be a collaborative process involving key stakeholders.
ISO 31000 (Physical Security) Framework
The SRA will be based on the ISO 31000 risk management standards, oriented towards the physical security framework.
The core areas of the quantitative risk assessment will be:
-
Country Risk Assessment
-
Regional & Project Risk Assessment
-
How the Country and Regional Risk levels impact the project
-
Threat Analysis
-
Capability/Severity Vs Intent/Frequency assessment
-
Vulnerability Scores
-
Risk Matrix
-
Likelihood Vs Consequences assessment
-
Risk classifications of severity/intensity
-
Likelihood ratings
-
Consequences / Impact / Severity ratings
-
Corrective actions priority table
-
Risk Register – Before treatments
-
Risk Register – Post treatments
-
Systems & Technologies incorporated based on the outcome of the threat & risk assessment.
Scope of Service
-
Conduct a Security Review of the project in the stated threat context.
-
Produce an overview of the Security Review findings (include threat, vulnerability, and risk assessment)
-
Solutions
-
Produce an outline Level 1 and Level 2 Operational requirements
-
Produce a Security Plan that provides acceptable and effective risk mitigation measures to and for the specific risks identified from the threat/risk assessment
-
Detailed recommendations for the Physical Security of the proposed site and grounds including
-
Diagrams/schematics detailing the specific locations of technical security measures (location, coverage, and range)
-
Detailed recommendations of any man guarding
-
The Level 1 protection details provide a statement of the overall security need and include the site to be considered, asset description, perceived threat, a consequence of compromise, perceived vulnerabilities, and success criteria.
-
Level 2 protection details address individual security measures such as fences & perimeters, CCTV, access control, bollards, and various other fully integrated security solution.
Key Tasks
-
CRA, RRA and PRA – highlighting key threats/risks posed to the project and business
-
Security Assessment and plan for the proposed site, paying attention to assets, client and workforce safety
-
Outline Level 1 and Level 2 Operational Requirements
Special Note
Blast Analysis, Guarding Requirements Analysis & SOP (Standard Operating Procedures) for Guarding team are not part of standard Security Risk Assessment.
Blast Study & Consultancy In Dubai
Buildings, Facilities and sites that are susceptible to blast attacks require special studies in terms of blast resistant building designs. Blast load calculations, building strength calculations including concrete and steel structure design to resist ballast load, materials response and characteristics, CFRP (Carbon Fiber Reinforced Polymer) design principle to resist the building against blast loads, the integrity management system procedures, collapse analysis etc., will help owners to take scientific and calculated calls on most economic ways to design blast resistant buildings.
Frontiertech can provide detailed blast study, blast result analysis & consultancy solutions.
Summary
The level of protection required and maintainable will be different for each project/organization. Depending on the contexts, the size and complexities of security protection measures will vary.
In summary, the threat and risk assessment process are not a means to an end. It is a continual process that once started should be reviewed regularly to ensure that the protection mechanisms currently in place still meet the required objectives. The assessment should adequately address the security requirements of the organization in terms of safety, protection and comfort.
The threat and risk assessment should be an integral part of the overall life cycle of the infrastructure. Organizations that do not perform a threat and risk analysis are leaving themselves open to situations that could disrupt, damage or destroy their ability to conduct business. Therefore, the importance of performing a threat and risk analysis must be realized by both the staff supporting the infrastructure and those that rely upon it for their business continuity.