Taking the time to develop a coherent, holistic, risk based and proportionate security strategy, supported by effective governance structures, is essential in ensuring success. Too often when protective security is applied in an ad hoc, siloed and unstructured manner valuable resources are wasted with limited impact on security risk reduction.
The pages below provide advice in two key areas that help form the framework for the effective management of protective security:
The understanding and application of these two elements are key to both understanding and managing security risks within an organisation. Where organisations fail in delivering and sustaining proportionate protective security, it is often these two essential building blocks that are missing.