|1.||Organize the project: project design and scope, funding estimates, schedules, and company support requirements (work routine disruptions and employee time requirements).|
|2.||Identify assets subject to loss; determine dollar value, the consequences of loss, and replacement cost.|
|3.||Identify the security controls now in place.|
|4.||Define the potential threat to each asset.|
|5.||Identify the lack of controls that would facilitate the potential threats to the assets.|
|6.||Combine the threat, assets subject to loss, and the lack of mitigating controls. Each triplicate constitutes a vulnerability.|
|7.||Identify the security controls that would reduce the losses to an acceptable level.|
|8.||Develop a plan to reduce the risk.|
|9.||Evaluate the risk reduction plan in terms of cost to benefits.|
|10.||Fund and manage the physical security project.|
Senior management reaction to this structured approach to company security is often initially negative until the cost/benefit analysis demonstrates improvement in the company's position.
Questia, a part of Gale, Cengage Learning. www.questia.com
Publication information: Book title: Global Corporate Intelligence:Opportunities, Technologies, and Threats in the 1990s. Contributors: George S. Roukis - Editor, Hugh Conway - Editor, Bruce H. Charnov - Editor. Publisher: Quorum Books. Place of publication: New York. Publication year: 1990. Page number: 174.
This material is protected by copyright and, with the exception of fair use, may not be further copied, distributed or transmitted in any form or by any means.