Risks influence every aspect of ISEC’s business so it is prudent to ensure that we create a framework that addresses the process we apply to the identification, analysis, treatment and monitoring of risks associated with the operations of our business and to create a platform that is consistent with international best practice from which to provide advice to clients on how to identify and manage risks within their own businesses.
ISEC prescribes and is compliant to the International and Australian Standard for Risk Management ISO 3100:2011 Risk Management – Principles and Guidelines.
What is Risk?
Within the context of the ISEC Risk Management Framework, Risk is defined as an event that may have an impact on the achievement of the company’s objectives. Risks may arise from both internal and external forces.
Once risks are identified they are to be controlled against the company’s appetite at the time, this may be influenced on the category of risks e.g. safety related risks have a mandate to be eliminated where possible in the first instance whereas security related risks will in most instances will either be reduced and or controlled through appropriate mitigation strategies. ISEC’s risk appetite is the amount of risk on a broad scale that the company is willing to accept in the pursuit of service excellence and value and reflects: