Neptune P2P Group have been providing Risk Advisory services worldwide since 2009. We find that the underlying factors that underpin risk are often misunderstood, even by the many ‘experts’ who work in the security industry. Our experienced security risk management team fully understand the importance of carefully evaluating each component of a Security Risk Assessment (SRA) including ports and terminals, oil and gas installations and elsewhere.
The nomenclature used in the Security Risk Assessment journey may be unfamiliar. Below is a short definition of what we mean:
- Stakeholders. The persons and/or organisations that may affect or may be affected by a decision, activity or event relating to the specific Security Risk Assessment.
- Asset. An item or process that is of value to the company. This could be its people, infrastructure, equipment, information, process/supply chain or its reputation.
- Threat. Anything that will directly prevent or hinder the safety, objective, or operation of an asset.
- Hazard. Anything that will indirectly prevent or hinder the safety, objective, or operation of an asset.
- Vulnerability. A weakness that can be exploited by a threat or hazard.
- Risk. The chance of something happening (generated from threats, hazards and vulnerabilities) is measured in terms of likelihood (of an event happening) and impact (what will the consequences be if the event happens).
- Risk Management. Also known as risk mitigation. Risk management assesses the risk and provides options to the client to mitigate that risk. The option that is chosen will depend on the risk appetite of the client. Risk management can be categorised as follows:
- Tolerate. The risk is deemed acceptable.
- Treat. The risk is deemed not acceptable, and measures are taken to reduce the risk.
- Transfer. The risk is deemed not acceptable, and measures are taken to reduce the impact (such as insurance) or to elevate to a more senior risk holder.
- Terminate. The risk is deemed not acceptable and efforts to mitigate it do not lower the risk sufficiently, therefore the activity or process is stopped.
- Risk Management Plan A management plan to mitigate the risk. It would normally cover an entire location, activity or event and details the risk mitigation measures that are to be implemented and followed. This may include amendments to company policy and procedures and also include training and practice drills.
Our Risk Advisory services and subsequent Security Risk Assessment journey is client stakeholder centric - no one understands their company, its critical assets, policies and procedures, and the environment it operates in better than the company itself. As such, we work in tandem with the stakeholders to ensure that our assessment and subsequent risk mitigation are appropriate and will work for the company. The Risk Advisory journey consists of, but is not limited to, confirming the critical assets, identifying threats, hazards, vulnerabilities, and subsequent risks to those assets, providing risk management options to the client, creating a risk management plan, and if required, providing training and drills as part of that risk management plan.
Neptune P2P Group is an international private security company offering security risk management, maritime security, protective services, intelligence, and training. We have been protecting organisations operating in high-risk environments, on land and at sea, worldwide since 2009. From maritime security for vessel protection to security risk management consultancy, planning and training, we are here for you 24/7.