Introduction

One of the most crucial aspects of security risk management is the Threat, Risk, and Vulnerability Assessment (TRVA). Security decisions are far too frequently made without a thorough understanding of the danger and weaknesses that affect a company and its assets. The purpose of this course is to give participants a deeper understanding of the most recent security planning and assessment principles and techniques. Threats and risks will be discussed in the course, along with how they affect security operations and evaluation. It will define and evaluate vulnerability and show how risk mitigation depends on the interdependence of risk, threat, and vulnerability; physical, technological, and human elements of security, the course will provide tools and methodologies for understanding critical Threat, Risk, and Vulnerability aspects, allowing delegates to take an effective approach to security

Objectives

• Robust understanding of Threat, Risk, and Vulnerability methodologies

• knowledge of hazard and risk identification, assessment, and evaluation in context, including various threats, risks, and treatment choices

• Understanding of Asset identification, protection, and criticality

• Ability to understand Risk Management Process when liaising with stakeholders

• Understanding scenario planning; classifying threats, attack types, likelihood, and effects esteem for integrated security systems

• Insight into innovative security practices

Target Audience 

• Security managers and

• practitioners

• Physical protection

• professionals

• Security consultants

• Aviation security

• Critical infrastructure security

• Hotel security

• Public installations

• Event Security

• Building managers

• Individuals who are looking to develop their security skills and professional knowledge.

Outlines

Day 1

Introduction

• gather relevant information from different sources sufficient to identify and evaluate clients’ assets

• assemble and account for all pertinent data to support the asset evaluation.

• use logical and systematic analysis of information to evaluate clients’ assets

• determine the potential impact on your clients through the loss of identified assets

• Consider important standards that can have an impact on the assets of your client's security.

• prioritizes the value of identified assets by criteria agreed with your clients

• evaluate relevant information according to its usefulness

• maintain the security and confidentiality of information relevant to your client’s assets

• Information about assets: nature, value, cost of replacement, the potential impact on the client

• sources of information: internal to the client, external to the client, publicly available, confidential,

• official or restricted

• assets: people, property, premises, information, reputation, brand,

• Financial, commercial, public relations, operational, and business interruption effects

• critical requirements: commercial, contractual, regulatory, insurance

Day 2

Identify and evaluate threats to clients’ assets

• gather relevant information from different sources sufficient to identify and evaluate threats to clients’

• assets

• collates and takes account of all relevant information to support the evaluation of threats, including the

• sources of threats

• logically and methodically analyze data to determine the threats to the assets of the customer.

• categorizes threats and possible methods of attack on assets and potential security measures

• evaluate relevant information to determine its usefulness

• maintain the security and confidentiality of information relevant to threats to your client's assets

• information about threats: sources, possibility, and probability of attack, the capability of the source

• sources of information: internal to the client, external to the client, publicly available, confidential,

• official or restricted

• sources of threats: external to the client, internal to the client

• threats: commercial, financial, criminal, natural disaster or hazard, political, actual, potential,

•  accidental, deliberate

Day 3

Determine the risks to the protection of the client's assets

• take account of sufficient valid information to determine the risk to clients’ assets

• determine the level of risk to clients’ assets, based on systematic analysis and evaluation of threats

• and vulnerabilities

• inform clients promptly of situations where there are imminent risks to assets

• produce reports that contain accurate and complete details of risk and security measure options,

• where applicable

• record information in a suitable and retrievable format

• maintain the security and confidentiality of information relevant to risks to clients’ assets

• information about: assets, threats, vulnerabilities, and other relevant factors

• risk to assets: very high, high, medium, low

• assets: people, property, premises, information, reputation, brand

Day 4

Identify and evaluate vulnerabilities in clients’ current security arrangements

• gather relevant information from different sources sufficient to identify and evaluate vulnerabilities in

• clients’ security arrangements

• collate and take account of all relevant information to support the evaluation of vulnerabilities

• use logical and systematic analysis of information to identify and evaluate vulnerabilities in clients’

• security arrangements

• evaluate relevant information according to its usefulness

• identify actual and potential vulnerabilities in clients’ security arrangements

• maintain the security and confidentiality of information relevant to the vulnerabilities in your clients’

• security arrangements

• Vulnerabilities include unauthorized access, theft (of data or property), damage, interference with operations (by internal or external parties), and kidnapping or harm to employees or contractors.

• security arrangements: permanent, temporary, staff security awareness

Day 5

Practical Group Training Exercises

• assign a topic for investigation, resulting in the trainees' needing to report their results to the others. Both the trainer and the participant offer helpful criticism to the trainee members after each presentation.

• Total class participation cumulating with a presentation and instructional debrief on each subject before moving on to the next objective