Threat and Vulnerability Assessment
In any company, threat and vulnerability assessments are vital to ensure optimal longevity for the establishment in question. In companies that work towards providing equipment or services for the military, this is particularly important. The military provides homeland safety and security. When a company is associated with the military, threats such as terrorism and intelligence theft should, for example, be assessed carefully in order to ensure that sufficient mitigating measures are in place to curb such vulnerabilities and threats. The Acme Corporation, creating high-tech night vision equipment for military use, is therefore assessed for specific vulnerabilities and threats that could potentially harm its operations; this is followed by countermeasures the company can implement to mitigating these threats.
Acme Corporation conducts its operations in a three-storey building, surrounded at the outer perimeter by an electric fence. The gates to the entrance are locked at night via an electronic lock. This is opened by remote control when the establishment opens for business. Two night guards patrol the gate and the perimeter during the night. During the day, there are also guards that regulate access to and from the site. In the building itself, a public alarm system connects the building directly with the closest 911 call center. Generally, it appears that the corporation has taken significant measures to ensure the security of the equipment. External threats are therefore relatively low.
Internally, a threat could be posed by spy-type infiltrators or even by personnel who might be working with malicious forces outside the corporation. Because the corporation employs a relatively large body of staff, which could make it challenging to monitor all actions within the company. This threat is therefore somewhat higher than the external threat.
When assessing the specific risk level, the manager should consider the elements of vulnerability, probability, and criticality. At its highest, a vulnerability of 3 means that there is a high level of access to the building. Since access to the site is significantly restricted, the probability of external threat not highly likely. However, the fact that only two guards are stationed at the access gate, leaving the rest of the surrounding perimeter somewhat vulnerable, could provide more access to the site than is desirable. The building itself is, however protected by alarm systems, which contributes to a lower level of vulnerability. The vulnerability level is therefore set at "moderate," which amounts to 2.
Probability refers to the likelihood that a negative event may occur. While external access and night access to the building is significantly restricted, internal threat as a result of grieved or greedy personnel members, or as a result of spy infiltration is somewhat likely. The probability level is therefore set at "high," which is 3.
It follows that the level of criticality is also set at "highly critical;" while no loss of life is likely, costly loss of information or intelligence is likely as a result of the potential internal threat. The criticality level is therefore 4.
The overall risk level is calculated at 24. To lower this risk level, some basic precautions and countermeasures can be implemented.
You’re 83% through this paper. Sign up to read the full paper.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.