Security Risk Environment Scan
Risk assessment at its core should include the evaluation, measurement and prioritisation of likely relevant events or risks that may materially hinder or prevent your organisation from achieving its goals or purpose. It is imperative that an organisation identify what risks might impact them or their industry in order to develop ensuing mitigation strategies. Risk assessment is not a new concept, yet many organisations struggle to accurately identify which risks should be their primary focus.
How many organisations (or nations for that matter) had identified a pandemic as a priority risk for 2020?
The Wimbledon Tennis Tournament identified pandemics as a potential threat to the tournament and went as far as buying insurance to mitigate their risk exposure. The outcome? The 2020 tournament was cancelled yet Wimbledon will receive a £114 million payment. This stands in stark contrast to the dire financial hardships faced by numerous other sporting organisations worldwide. This preparation was in fact a response to the 2003 SARS outbreak.
In terms of ‘human’ impact (as opposed to financial impact), Taiwan who was significantly impacted by SARS also invested heavily in pandemic preparation and is now considered to have executed one of the most effective responses to the Covid-19 pandemic with only 9 deaths (Feb 2021)!
The security risk environment scan provides a proactive portrait of the most likely security risks an organisation is most likely to face over the next 5 years. The goal is to identify the events before they impact an organisation in order to create a mitigation plan and processes.