corporate security and the organisational frontline

HR Leadership 2003 National Conference1-2 December 2003

Corporate Security and the Organisational Frontline

Paul Murphy

Manager Infrastructure Security, GHD Pty Ltd

HR Leadership 2003 National Conference1-2 December 2003

Scope of Presentation

Understanding the Security Challenge: The New Threat

Environment

Issues for Corporate Security Programs

Implications for the enterprise HR strategy

Implementation

HR Leadership 2003 National Conference1-2 December 2003

Understanding the Security Challenge: The New Threat Environment

Focus on ‘New Threats’

September 11Anthrax & NBCR ThreatsBali BombingSuicide Bombings

HR Leadership 2003 National Conference1-2 December 2003

Understanding the Security Challenge: The Existing Threats

Crimes Against Business

Theft Fraud ExtortionProduct Counterfeiting

HR Leadership 2003 National Conference1-2 December 2003

Understanding the Security Challenge: The Existing Threats

Crimes Against Employees and Customers

Physical ViolenceTheftIntimidation / Stalking / Harassment

HR Leadership 2003 National Conference1-2 December 2003

Issues for Corporate Security Programs

Privacy

Profiling and Data Mining

Public and Staff Perceptions of Security and

how it should be managed

Legal Responsibilities

Cost

Risk Profile

HR Leadership 2003 National Conference1-2 December 2003

Implications for the enterprise HR strategy Security Management – needs to be a corporate approach

Similar approach to the Management of OHS&R and

environmental risks

Security Management Planning is the process an

organisation undertakes to ensure it is managing its

security issues, within the context of a business risk

management framework

Achievement and maintenance of the appropriate level of

security risk requires:

Security treatments, infrastructure, management

arrangements (the three legged stool)

HR Leadership 2003 National Conference1-2 December 2003

Implications for the enterprise HR strategy

HR Leadership 2003 National Conference1-2 December 2003

Implications for the enterprise HR strategySecurity Management Framework

Security Policy and Management

Security Management Planning

Security Risk Assessment

Business Continuity (Risk Recovery)

HR Leadership 2003 National Conference1-2 December 2003

Implications for the enterprise HR strategy

Security Administration

Security Management

Commitment and Sustainability

Security Committee

Security Risk Context

HR Leadership 2003 National Conference1-2 December 2003

Security Management Value Chain

STRATEGY

SECURITYPOLICY AND

MANAGEMENT

FUNCTION

SECURITYMANAGEMENT

PLANNING

RISK

SECURITYRISK

ASSESSMENT

SUSTAINABILITY

BUSINESSCONTINUITY

(RISK RECOVERY)

CONTINUOUSIMPROVEMENT

SECURITYRISK

MANAGEMENT

SECURITY MANAGEMENT

HR Leadership 2003 National Conference1-2 December 2003

Implications for the enterprise HR strategy

Security Administration

Security Management

Commitment and Sustainability

Security Committee

Security Risk Context

HR Leadership 2003 National Conference1-2 December 2003

Implications for the enterprise HR strategySecurity Risk Assessment

Criticality Assessment

Threat Identification

Vulnerability Assessment

Risk Assessment

Risk Reduction Program

Monitoring and Review

HR Leadership 2003 National Conference1-2 December 2003

Implications for the enterprise HR strategyBusiness Continuity (Risk Recovery)

Response Planning

Business Recovery

HR Leadership 2003 National Conference1-2 December 2003

Concluding Remarks

HR Leadership 2003 National Conference1-2 December 2003

Questions ?

www.ghd.com.au/services/infrastructuresecurity