Organisations can face a diverse range of security threats. To prevent damage to the organisation, these need to be managed in an appropriate and proportionate manner.

Roles and responsibilities for managing these threats are often delegated to various departments or specialist services creating risk management silos within the organisation. This results in limited intelligence sharing and confusion over where ultimate responsibility rests, which can reduce organisational-wide security resilience.

Increasingly, organisations are implementing formal protective security management systems similar to those for other risk disciplines, employing the “Plan-Do-Check-Act” cyclical approach.

Quick Facts

Key points you need to know on this topic.


Detailed information on all matters in this topic.