Security Reviews/Security WOF’s

One of the most common security issues we encounter is "misdiagnosis" of the real security risks. The result is that the organisation spends too much of its resource protecting itself against some risks, while leaving itself wide open on others.

An informed risk assessment provides a sound starting point from which to move management of security forward.

The objectives of a risk review are:-

• To identify the real security risks that the organisation is exposed to
• To assess the level of exposure the organisation faces, given its risks and current security arrangements
• To identify the security risks that staff perceive the organisation faces

The last objective is an important one, as it is important to address and manage staff perceptions as well as the actual risks.

For a security audit of wider scale and complexity, it is essential that information collection and risk analysis is conducted through a database application. Such tools include:

• Ensure consistency across different sites
• Provide a robust mechanism for storing the wealth of information collected
• Provide analysis and reporting capabilities not possible with manual methods
• Reduce analysis and reporting time

ICON Group uses a methodology based on the AS/NZS 4360:1999 Risk Management Standard. It is a proven risk assessment and management tool that has been used for major risk assessments in a number of organisations in New Zealand and abroad.

For further information on ICON Group's Consulting Services please email Gary Morrison on This e-mail address is being protected from spambots. You need JavaScript enabled to view it or phone him on (09) 415 1854 for more information