Risk Management Frameworks

On 27/06/2019

Risk Management Frameworks – this is a generic (i.e. not security risk-specific) article and is included for its close links to security risk governance. Section 4 of ISO31000 opens with the simple statement that “The success of risk management will depend on the effectiveness of the management framework providing the foundations and arrangements that will...

Risk Assessment Templates

On 27/06/2019

What is a Risk Assessment Template? Risk assessment templates are tools that used to document the systematic analysis of types of security risks that exist within the scope/area of an assessment, the likelihood and consequence of those risks being realised, and the recommended control measures to reduce risk to acceptable levels. A risk assessment template...

The Health of NSW Hospital Security

On 20/03/2019

Commenced in mid-November 2018, NSW Health recently released an interim report prepared by ex-NSW Police Officer and Minister, Peter Anderson, titled “Improvements to security in hospitals”. Containing 48 recommendations, this report follows several major security initiatives within the sector in recent years, many of which were triggered by the 2016 shooting of a police officer...

Commonsense Prevails in Relation to Huawei and ZTE

On 23/08/2018

The sigh of relief from those who hold an interest in Australia’s security was almost audible as news hit the press this morning that Huawei and ZTE would be blocked from rolling out the national 5G network [1]. Both entities have been in the media extensively over reported links back to, and control exercised by,...

Security Risk and Governance Recommendations – The Top 10

On 15/08/2018

Security Risk and Governance – We’ve consulted with innumerable enterprises and Government entities over the years, and several common themes continue to arise in relation to both cybersecurity and protective security risk assessments (SRAs). Straight to it…here are the top 10 security risk and governance-related issues that we have found, and a synopsis of the...

The Universal Security Management System Standard

On 11/07/2018

We love security standards – they give us a baseline and enable us to consciously diverge from defined industry practice where it suits us. This morning we became aware of a security standard that looks like it will make for very interesting reading. It seems that the Netherlands are leading the way in enterprise security...

ANAO Protective Security Audits

On 27/05/2018

We recently noted what we thought to be a slight uptick in risk compliance activity by the Australian National Audit Office (ANAO), relating to security within Government entities. While on review this turned out to be minor, the content of ANAO’s website held our attention, especially in relation to protective security-related audits. So much so...

Industry Risk media launch

On 24/05/2018

We are very pleased with the recent public launch of our security risk and business resilience consulting and software services to the market via the region’s premier security media channels. As part of our continuing efforts to assist in increasing security risk and resilience capability and competencies across industries, this initiative will go a long...

PSPF and Security Risk Management

On 08/05/2018

When the PSPF was launched in 2010, it was a significant reform that sought to adopt a more risk-based approach to protective security than did its predecessor (the Protective Security Manual). It achieved its immediate aims and Government practitioners, and those who supported them, started talking (and doing) more about security risk management. Notwithstanding this,...

Musings on security risk assessments

On 06/05/2018

Taking into consideration 400-odd Government Departments, Agencies and Commissions, and that there were (conservatively) upwards of 4,000 companies employing more than 200 people in early 2017 [1], plus security consultants, then there is a fair base of security risk practitioners, focused on security risk assessment, across Australian sectors. It is admittedly a conservatively educated guess,...

Corporate Security Governance

On 05/05/2018

If you’re an Australian corporate security manager you would be amply aware of the absence of a recommended corporate security framework in the standards sense. There are a few helpful management or governance systems that can be adopted, and indeed the Commonwealth Government has long led the charge in the form of the Protective Security...

Toronto Van Attack

On 24/04/2018

For any one who's watched video of the confrontation stage of the very recent Toronto van attack, you might ask why the first Police Officer on-scene didn't discharge his weapon when confronted with the suspected driver? The person claimed that he had a gun in his pocket, repeatedly reached and quick-drew an object as if to shoot at the...

Much more to do in support of locking down

On 09/12/2014

Business contingency planning for a truly ‘effective’ lockdown security regime is a complex and challenging issue, especially within Australian workplaces, where building design has historically not been predicated upon security concerns. Perhaps because of this, and despite the heightened threat of terrorism within the community, many organisations have done little in preparation for a serious...

Best practice security risk software

On 08/12/2014

Industry Risk recently launched its signature security risk management platform for live beta testing. A web-based/SaaS (software as a service) platform, SECTARA enables security managers and consultants to perform and then manage / export (to MS Word) advanced security risk assessments of any description. The security software system is hosted within an Australian Amazon Web Services...

Page 2 of 212