Home » Analogies » Appropriate Risk

Appropriate Risk

By in Analogies, Principles on .

What does it take to make a Ship secure?

  • It depends on the type of cargo it will be carrying and the areas it is going to be sailing in.
  • It depends on the level of risk that the owners, and the insurers, are willing to accept.

The armour used on a battleship may not be appropriate for a ship carrying grain in coastal waters. Rounding Cape Horn requires a higher free-board than going upstream on the Thames.

Understand what the ship is for what threats it faces. Then you can make it secure.

  • Part will be the design and the equipment fitted.
  • Part will be the teaching people how to use the equipment.
  • Part will be checking that all is being operated as planned.

So:

Ask of the IT department if the Security Controls being applied are appropriate to the risks the Business faces:

  • Or are they just armour plating the rowing boat because “Armour Plate is best practice”?
  • Are they just adding technology because they find it interesting? and are they actually training people to keep the business secure?
  • And how do they know it is all working as intended? and what did they intend to achieve?

Tags:

Leave a comment

Your email address will not be published. Required fields are marked *

Simon Barton