Demystifying SCEC

On 10/03/2022

Demystifying SCEC – SCEC is an acronym for the Australian Government’s ‘Security Construction and Equipment Committee’ (www.scec.gov.au). Compliance with SCEC requirements is often sought in requests for quotes and tenders issued by the Australian Government, and suppliers to government who are required to comply with official security policy and standards. SCEC is a standing interdepartmental...

Protecting People and Property Manual (NSW Health)

On 02/02/2022

Protecting People and Property Manual The Protecting People and Property Manual explores NSW Health policy regarding the measures taken to assure personal and property security. This allows NSW Health Agencies to establish an effective security program that follows a structured, on-going risk management process, consultation, appropriate documentation, and record keeping and regular monitoring and evaluation....

A Meandering Recent History of The Insider Threat

On 14/01/2022

The Public Service and The Insider Threat The Insider Threat – further confirmation that the Chinese Communist Party (CCP) is actively engaged in subverting foreign political institutions was made public yesterday, while the unethical (at best) behaviour of some of those elected to the UK Parliament was also revealed [1] In issuing a warning to...

Australian Security Licensing – Automatic Mutual Recognition

On 03/02/2021

Background to Occupational Mobility for Security Licensees Occupational Mobility for Security Licencees in Australia: As part of the Australian Government’s plan to assist Australia’s economic recovery, the Commonwealth and State and Territory governments agreed in August 2020 to amend the Mutual Recognition Act 1992 to enable the introduction of automatic mutual recognition of occupational licences...

Demystifying the DISP (Defence Industry Security Program)

On 15/12/2020

Demystifying the DISP – The Defence Industry Security Program (DISP) was specifically developed for companies that work with the Australian Department of Defence. Not every entity that works for Defence requires to apply to be a member of the Program, but as a general rule, if project work is potentially sensitive then it will usually...

The IMO & the Upcoming Cybersecurity Deadline

On 12/12/2020

The International Maritime Organisation and Cybersecurity International Maritime Organisation Cybersecurity – the IMO is a dedicated agency of the United Nations charged with regulating aspects of safety, security and the prevention of atmospheric pollution caused by international shipping operations. The organisation met for the first time in 1959, and has developed regulations for the industry...

Security Frameworks

On 27/10/2020

The following is a reasonably comprehensive list of each major global security framework. Their presence here is not an endorsement, just a resource if you are looking for references. Links are provided but may become broken over time if source sites modify page addresses. Where this is the case the frameworks may be easily found...

Credit Card Fraud

On 14/10/2020

Opportunity Costs of Card Fraud and Corruption While credit card fraud rates have recently trended down, the issue continues to be a threat to businesses and the economy, and it is crucial that merchants continue to implement effective fraud controls. A recent report by AusPayNet highlighted that, in 2019, over $819b dollars was transacted via...

Industry Risk welcomes security veteran Mark Jarratt, CPP

On 10/06/2020

Industry Risk is pleased to welcome to the fold security industry veteran, SCEC Security Zone Consultant and long-time ASIS International Australia Region volunteer security leader Mark Jarratt CPP. Mark is the only SCEC Zone Consultant in Australia with a direct background in leading security for a Government Agency. NORTH SYDNEY, 10th June 2020 SCEC Security...

Security Clearances

On 06/07/2019

What Is Security Clearance & Vetting? With some exceptions, security clearances are issued by the Australian Security Government Vetting Agency (AGSVA), representing the Australian Government, to personnel whose duty involves accessing sensitive official information. Personnel working within, or for a Government agency that receives, processes, and sends such information, requires a security clearance (including in...

What’s in a Good Security Risk Assessment?

On 04/07/2019

If you’ve ever undertaken a security risk assessment (SRA) yourself, you may have wondered whether it was as comprehensive as it could be and if could it withstand serious scrutiny. Part of the notion of completing a diligent risk assessment is to first understand where the rest of the industry is at, so that we...

Risk Assessment Matrix

On 01/07/2019

What Is a Risk Assessment Matrix? A risk assessment matrix is the basis for measuring potential risks based on two intersecting factors: the likelihood (or probability) of a security risk-based event occurring, and the consequence (or impact) of its impact to an entity if it did. The matrix completes the risk assessment template and is...

Risk Management Frameworks

On 27/06/2019

Risk Management Frameworks – this is a generic (i.e. not security risk-specific) article and is included for its close links to security risk governance. Section 4 of ISO31000 opens with the simple statement that “The success of risk management will depend on the effectiveness of the management framework providing the foundations and arrangements that will...

Risk Assessment Templates

On 27/06/2019

What is a Risk Assessment Template? Risk assessment templates are tools that used to document the systematic analysis of types of security risks that exist within the scope/area of an assessment, the likelihood and consequence of those risks being realised, and the recommended control measures to reduce risk to acceptable levels. A risk assessment template...

The Health of NSW Hospital Security

On 20/03/2019

Commenced in mid-November 2018, NSW Health recently released an interim report prepared by ex-NSW Police Officer and Minister, Peter Anderson, titled “Improvements to security in hospitals”. Containing 48 recommendations, this report follows several major security initiatives within the sector in recent years, many of which were triggered by the 2016 shooting of a police officer...

Commonsense Prevails in Relation to Huawei and ZTE

On 23/08/2018

The sigh of relief from those who hold an interest in Australia’s security was almost audible as news hit the press this morning that Huawei and ZTE would be blocked from rolling out the national 5G network [1]. Both entities have been in the media extensively over reported links back to, and control exercised by,...

Security Risk and Governance Recommendations – The Top 10

On 15/08/2018

Security Risk and Governance – We’ve consulted with innumerable enterprises and Government entities over the years, and several common themes continue to arise in relation to both cybersecurity and protective security risk assessments (SRAs). Straight to it…here are the top 10 security risk and governance-related issues that we have found, and a synopsis of the...

The Universal Security Management System Standard

On 11/07/2018

We love security standards – they give us a baseline and enable us to consciously diverge from defined industry practice where it suits us. This morning we became aware of a security standard that looks like it will make for very interesting reading. It seems that the Netherlands are leading the way in enterprise security...

ANAO Protective Security Audits

On 27/05/2018

We recently noted what we thought to be a slight uptick in risk compliance activity by the Australian National Audit Office (ANAO), relating to security within Government entities. While on review this turned out to be minor, the content of ANAO’s website held our attention, especially in relation to protective security-related audits. So much so...

Industry Risk media launch

On 24/05/2018

We are very pleased with the recent public launch of our security risk and business resilience consulting and software services to the market via the region’s premier security media channels. As part of our continuing efforts to assist in increasing security risk and resilience capability and competencies across industries, this initiative will go a long...

Page 1 of 212