Protective Security

 It is imperative that a clear protective security strategy is based on a strong governance framework which fits within the organisation’s overall enterprise risk management structures. We start with undertaking a thorough analysis to identify protective security legislative and regulatory requirements, ranging from government policies to provisions in other specific legislative instruments relevant to your organisation.

Our services in this area cover a range of activities, which include:

• Clarification of your organisation’s security objectives based on a holistic and specialised threat and risk analysis
• Identification of your organisation’s assets that require protection
• Development of a comprehensive protective security management framework, including roles and responsibilities and policy and procedural frameworks
• Assessing the effectiveness of your organisation’s security compliance management systems, from both design and operating effectiveness points of view
• Organisational security culture and maturity assessments
• Assessment of your organisation’s security monitoring and reporting systems, and
• Executive training and mentoring.

In our view, legal and regulatory compliance is just the beginning. World class organisations go beyond a basic conformance approach to understand their exposure to risk. This enables an intelligent risk management approach through protection, monitoring, and resilience measures. Therefore we have heavily invested in our capabilities around business continuity planning and disaster recovery services. Whether you already have a business continuity framework in place or want to build one, we have a comprehensive capability to assist you. Our associates are experts in undertaking business impact analyses, risk assessments, and plan development, including detailed implementation roadmaps, training, and exercises.

Our services include:

• Assessment of existing business continuity plans and disaster recovery arrangements
• Assisting with business cases for funding to uplift business continuity capability
• Development of artefacts, which include the business continuity plan and procedures, ICT disaster recovery plan and procedures, training modules (including e-learning), and other related tools and templates, and
• Conducting business continuity, emergency and crisis management, and disaster recovery exercises.