The global environment has been marked by the emergence of an increasingly significant number of security threats. Whether these threats are as a result of political instability, violent crime, terrorist action or malicious acts, your organisation needs to understand their relevance and how to mitigate their impact by carrying out a standardised security risk assessment.
The Security Risk Management Body Of Knowledge (SRMBOK) states a security risk assessment as a structured means of determining the threats to, and vulnerabilities of an organisation, community or individual. Maxwell Lucas has developed a software security risk assessment tool, Hawk Sight, that has streamlined the security risk assessment process facilitating the translation of traditional security language into that of corporate risk management using the ISO 31000 Risk Standard.
Methodology Facilitating Cost Saving
Hawk Sight enables organisations and individuals to realise the opportunities with confidence, by focusing on what they want to achieve and how they intend to achieve it. Our unique solution adds value to the organisation by making the risk register a living and easily accessible tool that can be reviewed and updated simply, and at any time. By understanding the critical elements of a business, operation or project, relative to the security threat environment, specific recommendations can be made to ensure cost effective mitigation of security risk when and where it is needed. This innovative solution ensures all strategic decision making can be done in the full knowledge that accurate and timely security risk assessment has been carried out.
Clear and standardised risk assessment facilitates confident decision making that not only saves cost through timely selection of appropriate security solutions, but will also serve to enhance stakeholder confidence in the resilience of the organisation.
Hawk Sight Risk Assessment Methodology
Maxwell Lucas follows a five stage risk assessment methodology that is compliant with ISO 31000 Risk Management Standard and the associated Handbook 267 – Security Risk Management Standard.
PHASE 1 – Establish the Context
PHASE 2 – Identify the Risk
PHASE 3 & 4 – Analyse & Evaluate the Risk
PHASE 5 – Treat Risk