Session Information
30-Aug, 14:45 - 15:30
A risk-based approach to managing critical infrastructure and major events
ISO31000, the international standard for risk management, may not be a perfect tool but it provides a universal methodology for ensuring security planning has a rational and defensible basis.
Its application should ensure credible risks are being appropriately managed rather than having people plan for ‘worst case scenarios’. Operational solutions should not attempt to erase any and all risk – that is delusional, profligate and can cause severe resource stresses.
It is necessary to mitigate any risk ratings that are assessed at High or above down to Medium or, preferably, down to Low – not to try and reduce all risks to Very Low.
Neil will talk to some case studies involving complex risk issues that have impacted security for international major events and critical infrastructure projects. Some successes and some failures
