Risk Assessments and Reviews

A critical component of IR’s success as a leading management services provider globally is our deep understanding of risk management methodology consistent with the international standard for Risk Management – Principles and Guidelines (ISO 31000:2009) and the Security Risk Management Handbook (HB 167:2006). We have developed enterprise-wide and security risk management frameworks for numerous clients and delivered hundreds of risk assessments on projects, facilities, organisations and events. These include energy infrastructure, airports, data centres, corporate head offices, shopping centres, stadia, transport hubs and healthcare facilities.

IR also conducts technical security audits and organisational reviews, often in conjunction with a security risk assessment, to rate the effectiveness of existing controls. Using our CAPGAP™ methodology, we recommend improvements to close the gap between ‘current state’ and an optimal a ‘future state’ to mitigate risks to acceptable levels. We review all policy, physical, technical and personnel security controls.

Our global experience assists clients in the overall management of organisational risk, and facilitates the creation of cost effective and fit-for-purpose treatments.

Our risk products include:
• Enterprise wide Risk Assessments
• Sovereign Risk Assessments
• All Hazards Risk Assessments
• Security Risk Assessments
• Vulnerability Assessments

We regularly complete assessments to comply with standards and guidelines including:
• TIA-942 – Telecommunications Infrastructure Standard for Data Centers
• Monetary Authority of Singapore (MAS) Technology Risk Management Guidelines (TRMG) 2013
• Australian Government Protective Security Policy Framework (PSFP)