• Home
  • Role Based Security Risk Assessment

Role Based Security Risk Assessment

Last Updated 20 October 2020
Role-based-Security_1_0

Role Based Security Risk Assessment

Understanding what security risks your organisation faces is essential for developing appropriate and proportionate security mitigation measures within the insider threat programme. A role based risk assessment, conducted by the Insider Threat Working Group, should:

  • Identify the critical assets in your organisation;
  • Identify the threat (based on intent and capability);
  • Assess the likelihood of that threat happening in your organisation;
  • Assess the impact to your business if the threat occurred;
  • Review the adequacy of existing countermeasures;
  • Propose new proportionate measures where required to reduce insider risks.

It is only the above activity that can effectively inform and shape the subsequent steps.

Existing Products

HoMER - Holistic Management of Employee Risk

Insider Risk Assessment guidance (CPNI)

Video - 'Risky Business

Supply Chain Security Collection

Personnel Security and Contractors

Common Cyber Attacks - reducing the impact (NCSC)

10 Steps to Cyber Security: Risk Management Regime (NCSC)

10 Steps to Cyber Security: Home and Mobile Working (NCSC)

Risk Management Guidance Collection (NCSC)

Protective Security Risk Management

Asset Identification Guide

 

Did you find this page useful? YesNo
Thank you for your feedback. If you have any further suggestions on how this information can be made even more useful to improve your experience, feel free to share details below.
Thank you for your feedback. Sorry to hear that you haven't found this information useful. Please help us improve your experience and share how we can make this information more useful for you.