The common methodology

A simple qualitative security risk assessment model is commonly used for the assessment of security risks. This is based on variations of the following matrix (Source: HB 167:2006 – Security risk management). 

Although this model is in common use, it has several deficiencies that makes it susceptible to providing differing and incorrect results. For example, what one person calls a moderate consequence, another may call major. Further, the model will provide incorrect results for rare events with catastrophic consequences and for almost certain events with insignificant consequences. For example, this model will predict that the client has a significant risk of a terrorist attack no matter how unlikely it is.

The Australian / New Zealand Standard AS/NZ IEC 31010:2020 (Risk Management – Risk assessment techniques) states that the selection of a risk assessment technique should provide information of the type and form needed by stakeholders. Accordingly, Connley Walker has developed a risk assessment technique that is tailored for security assessments and provides meaningful information.

The Connley Walker proprietary Security Risk Assessment methodology and model is based on an analysis of the following parameters:


Connley Walker's methodology

The Connley Walker security risk model can be illustrated as follows:

Features of this risk model are:

Connley Walker was established in 1996 to provide independent consultancy services in the areas of security, technology and risk management. Connley Walker is an Australian owned and operated business. We are entirely independent which ensures our integrity and focus on providing comprehensive, cost effective and reliable solutions to mitgate security risks.

© Copyright Connley Walker Pty Ltd