Raaijmakers Risk Management carries out a security scan based on proven security & risk management methods, namely The Hague Method® or the seven-phases risk management model. Naturally Raaijmakers Risk Management can also perform a security scan based on a method that is mandatory in your branch. A security scan starts with determining the scope of the investigation, determining the preconditions and running time and, if needed, appointing a project team and the determination of the desired security level or risk attitude. The following step is the performance of a risk assessment and a determination of the existing organisational, structural and electronic security measures. Organisational measures consist of, for example, the security policy, the organisation of security (who has which tasks and responsibilities on strategic, tactical and operational level) and all procedures, rules and regulations. Structural measures consist of, for example, locking and closing systems, glazing and fencing. Electronic measures consist of, for example, a burglar detection system, a video registration system, an access control system and a fire detection system. Subsequently Raaijmakers Risk Management performs a risk analysis, in which the assessed risks and the determination of existing measures is weighed against the desired security level or risk attitude of your organisation. Of course Raaijmakers Risk Management takes the applicable laws and regulations in consideration. Based upon the risk analysis Raaijmakers Risk Management writes an advisory and checks together with the customer and / or the project team whether the advised measures are functional in your organisation and whether they will be effective. After this Raaijmakers Risk Management will write an implementation plan, in which naturally priorities will be determined. In the implementation plan ‘owners’ of the different measures will be determined, making sure that after implementation the measures will have a permanent character. Raaijmakers Risk Management assists the implementation of the measures and will amend where necessary. After implementation an evaluation of the measures is carried out. Do the measures meet the expectations and are they effective. Where necessary the measures will be adjusted. Eventually Raaijmakers Risk Management will determine together with the customer and or the project team in which way the measures will be inspected or audited. The security scan is finalised by delivering a security-plan or a risk management plan, in which all measures are described.
Naturally it is possible to perform a shortened version of a security scan, the so called security quick scan. During a quick scan Raaijmakers Risk Management carries out the first phases of a security scan, including the writing of an advisory report. After this the customer will take the necessary steps in his organisation. During these steps it will remain possible to hire the expertise of Raaijmakers Risk Management.
The above described performance of a security scan is a limited description of the different phases to make it possible to write it on one page. For a detailed approach of a security scan in your organisation Raaijmakers Risk Management will gladly make a proposal after an intake interview.
|