logo1

CONNLEY WALKER'S CLIENT PORTAL

Schedule Demo

Methodology

The common methodology

A simple qualitative security risk assessment model is commonly used for the assessment of security risks. This is based on variations of the following matrix (Source: HB 167:2006 – Security risk management). 

Although this model is in common use, it has several deficiencies that makes it susceptible to providing differing and incorrect results. For example, what one person calls a moderate consequence, another may call major. Further, the model will provide incorrect results for rare events with catastrophic consequences and for almost certain events with insignificant consequences. For example, this model will predict that the client has a significant risk of a terrorist attack no matter how unlikely it is.

The Australian / New Zealand Standard AS/NZ IEC 31010:2020 (Risk Management – Risk assessment techniques) states that the selection of a risk assessment technique should provide information of the type and form needed by stakeholders. Accordingly, Connley Walker has developed a risk assessment technique that is tailored for security assessments and provides meaningful information.

The Connley Walker proprietary Security Risk Assessment methodology and model is based on an analysis of the following parameters:

  • Identification of security threats.
  • Determination of expected number of threat attempts per annum.
  • Identification of potential security measures to mitigate each threat.
  • Determination of the effectiveness of each security measure against each threat.
  • Identification of the various consequences of each realised threat.
  • Determination of the likelihood of each consequence against each threat.
  • Analysis to determine risk priorities.

Methodology

Connley Walker's methodology

The Connley Walker security risk model can be illustrated as follows:

Features of this risk model are:

  • Different risk assessors will provide identical results as it is a quantitative, not qualitative model.
  • As new security measures are inputted to the model, revised risk ratings can be seen.
  • The model can be adjusted as circumstances change.
  • The expected number of incidents per annum is predicted.
  • Quantitative risk scores are provided for each security threat.

Connley Walker was established in 1996 to provide independent consultancy services in the areas of security, technology and risk management. Connley Walker is an Australian owned and operated business. We are entirely independent which ensures our integrity and focus on providing comprehensive, cost effective and reliable solutions to mitgate security risks.

Linkedin

Features

Industries

About Us

Our Platform

Get Started

© Copyright Connley Walker Pty Ltd