Security Risk Management.

Practical Activiity

The following activities are designed to guide you to demonstrate competency.

A candidate must meet the performance criteria of this unit by assessing security risks and formulate the risk management options associated with two (2) of the following scenarios, on separate occasions:

1. Security of a mass gathering
2. Security of a crowded place
3. Asset security

Keep this in mind when developing the documents and evidence for the following activities, ensure that you clearly identify which of the two (2) scenarios you are using for these tasks.

This means that you pick two (2) of the scenarios from the list of three (3) provided above and for each question you consider the requirements for each of your two (2) chosen scenarios separately and provide the information requested. We advise that you clearly outline which scenario you are providing information for and answer each question for the scenario in a grouped submission.

Practical activity 3A

The following points can be compiled in a single report or answered separately.

*Clearly outline each section in your submission.

1. Access the legislation, regulations and Australian standard ISO 31000, interpret their key requirements, and ensure to follow and comply with these throughout the assessment of security risk management options. Outline the main points that you believe are relevant to your assessment of your client’s requirements.
2. Consult with the relevant persons to clarify the client security objectives and risk assessment, in terms of reference. Record the outcomes of this consultation and clarification.
3. Source and review relevant information, then identify, and assess the risks associated with the operating environment of the client. Provide a summary of the relevant information and the risks you have identified and assessed.
4. Analyse the type, nature, and cause of the identified security risks, and based on their severity and likelihood of occurrence, prioritise these risks. Record the analysis and the prioritised list.
5. Accurately document the risk assessment outcomes, and check these to ensure the currency and reliability of the data. Detail your findings.

Practical Activity 3B

The following points can be compiled in a single report or answered separately.

*Clearly outline each section in your submission.

1. Identify the security risk treatment options which are commensurate with the risk assessment and with the client requirements. Record these security risk treatment options.
2. Research the application of the identified treatment options in similar contexts to assess their effectiveness in mitigating risks to the client’s operating environment. Document the outcomes of this research and assessment.
3. Consistent with recognised industry practice and the guidelines provided by ISO 31000, establish and document criteria to assess the effectiveness of the treatment options.
4. Apply the identified criteria to select and prioritise recommended treatment options. Record the selected and prioritised options.

Practical activity 3C

The following points can be compiled in a single report or answered separately.

*Clearly outline each section in your submission.

1. Finalise and document the security risk assessment, detailing the recommended risk management options and the possible consequences of not implementing recommended treatments.
2. Check over the report to ensure the analysis and recommendations are clear, coherent, consistent with terms of reference, and are supported by verifiable information. Provide a copy of the completed and checked report.
3. Within the agreed timeframes, present the report to relevant persons and explain the identified security risks and treatment options to enhance their understanding and acceptance of the recommendations. Provide an audio or video recording of your presentation of your report and upload a copy of the recording for your assessor to review. If you are unable to provide a recording of your presentation, then you must provide full documentation to demonstrate to your assessor clear evidence of your presentation. This can include but not limited to, a meeting agenda, meeting minutes, a copy of your presentation, a summary/report of the outcome of the presentation, feedback from attendees.
4. Complete the risk assessment documentation and secure them, according to workplace and regulatory requirements, in a manner that facilitates future retrieval and maintains client confidentiality. Explain how you have done this.

For the above task you will require access to and the use of:

• Legislation, regulations and codes of practice that apply to assessing security risk management options in the jurisdiction of operation
• Client instructions and operating environment information, resources and information technologies required to achieve the performance evidence
• ISO 31000
• National Guidelines for the Protection of Places of Mass gathering from Terrorism
• Australia’s Strategy for Protecting Crowded Places from Terrorism
• National Guidelines for the Protection of Places of Mass gathering from Terrorism
• Active Armed Offender Guidelines for Crowded Places
• Improvised Explosive Device Guidelines for Crowded Places
• Chemical Weapon Guidelines for Crowded Places
• Hostile Vehicle Guidelines for Crowded Places