Security Risk Assessment & Management

[ Security-Risk-Management-Process ] [ Types of Security Risks Threats ] [ Security Assessment ] [ Information Acquisition ] [ Risk Discovery Process ] [ Security Risk Analysis Report ]

Always be on the lookout…

Security Risk Management Process

Our AR INTELL Security Risk Management Process aims to provide you with an in-depth set of security methods & threat intelligence insights. Hence we believe this will help you to clearly understand which security threats are important for your community, for you as an individual or your organization/company.

Security Risk Assessment, Threat Intelligence and Risk Management must work hand in hand.

To protect your physical & digital assets effectively, a set of security controls needs to be in place. These controls will function as deterring elements. They work in sync with detection systems, attack delay mechanisms. Other response methodologies are also to be considered.

Ask yourself how to respond to incidents.

We always start the process with an assessment of your best business practices, standard operating procedures (SOPs). We will verify your security policies, industry-standard compliance and other guidelines or regulations which should be in place at any organizational level.

Types of Security Risks & Threats:

  • physical security risks & threats
    • theft, robbery & burglary
    • vandalism
    • terrorism
    • sabotage
    • natural disasters
    • assault & physical violence
  • perimeter security risks
  • cyber secuity & digital security risks
  • computer security risks & network security threats
  • workplace security risks

Threat Intelligence is not a luxury.

Levels of Security Assessment & Process

Our security risk assessment process will look at many different areas in your organization and issues. This is done to make a preliminary security risk assessment report. These risk elements & risk areas are looked at during a specific process:

  • General context: strategic context, organizational context, risk management context
  • Threat Assessment – Vulnerability Assessment – Critical elements Assessment
    • conceptual threats
    • operational levels
    • physical levels
    • lighting
    • management levels
    • policy levels
    • training levels
    • security staff
    • electronic & digital systems
    • electrical systems
    • liability issues
    • legal issues
    • regulatory issues
    • structural design
    • perimeter & barrier security
    • analysis of security weaknesses and exploitation opportunities
  • Risk Identification (what, who, when, where, how, why)
  • Risk Assessment (likehood of something happening & the consequences or effects
    • recommendations
    • options
    • trade-offs
  • Risk Evaluation (what can we tolerate and accept)
  • Risk Mitigation (avoid risks, sharing the risk-load, exploitation scenarios, acceptance and reduction)
    • avoidance of risk
    • reduction of risk
    • spreading of risk
    • transfer of risk
    • acceptance of risk

Specific Information will be acquired by means of:

  • interviews
  • assessment of security posture
  • assessment of current security apparatus & infrastructure
  • history of security incidents
  • on site research
  • analysis of crime or incident scenes
  • documentation reviews
  • policy reviews
  • SOP reviews
  • risk simulations
  • resource optimization
  • compliance verification
  • surveillance systems check
  • disaster recovery training (what works to keep things at float and recover…)

Risk Discovery Process

The whole purpose of the security risk discovery process is to establish an effective and realistic risk management strategy that allows you to reduce or limit the threats. As it happens threats can be real, perceived or conceptual.

Consequently, we can prevent opportunities or risky situations to occur and thus reduce the negative effects of misconfigurations, lack of security, accidents, mishaps or disasters.

To conclude, by compiling a hands-on security assessment report, we will help you to identify the risks to your assets & people. Undoubtedly you can be making better security decisions.

Security Risk Analysis Report

We use 3 different methods which are reflected in our report.

  • Hybrid Methodology
  • Quantitative Methodology
  • Qualitative Methodology

Contentwise our reports contain an executive summary, list of security issues, and constructive suggestions which reflect upon:

  • your different levels of specific vulnerabilities
  • how you interact with your environment (inside / outside the organization)
  • applicable threats and their frequency of occuring
  • technical system connected
  • levels of data exposure
  • calculations of detailed Annual Loss Expectancy
  • Residual risks & treaths

Criminal Investigations

Corporate Crime

Corporate Investigations

Suspicion of criminal activity

Most official criminal investigations can only be conducted by a law enforcement agency or other relevant authorities.

But if the police do not have enough resources to investigate a potentially criminal act, then the help of a private investigator can be called in.

Private investigators will investigate the suspicion of criminal activity, when the rightful authorities have not filed charges or when the crime remained unsolved.

The questions to ask:

  • was a crime committed?
  • if so; who did, what, how, when, where and why.

Our criminal investigations include:

  • the search for evidence – gathering proof and documentation 
  • conducting interviews with witness, coroners, docters, police, bystanders (in relation to the crime)
  • conduction interrogations is done by the police
  • the evidence is collected and preserved
  • depending on the case other methods of investigation are applied
  • different forensic science investigative technique are used
  • provide support to lawyers to present the evidence in the criminal court of law

 The “indicators of suspicion” in investigations lead to suspects:

  • The motive to commit a crime (money, revenge)
  • The means to commit a crime (tools & capabilities)
  • The opportunity to commit a crime (presence at the crime scene during the time of the offence)

Types of Crimes that we can investigate:

The Process of a Criminal Investigation

  • gather evidence in a legal and professional way
  • crime scene investigation at the place of the crime
  • make or gather crime scene photos & crime scene videos
  • arrest record & criminal records search on the victims and perpetrators
  • assist in establishing an alibi for innocent people (wrongly accused)
  • fix the refute motive
  • assist in locating the real criminal (who might be on the run or hiding somewhere)

Corporate Criminal Investigations & Corporate Crimes

Our AR INTELL Corporate Crime Task Force consists of specialized corporate security professionals . We investigate mostly corporate crimes, torts (wrongful acts or an infringement of certain rights), and different types of contractual breaches.

Corporate crimes & Corporate Investigations mostly refer to:

  • employee fraud
  • job thievery – stealing on the job
  • financial fraud
  • theft of physical property
  • data theft
  • embezzlement of money
  • bribery
  • corruption
  • corporate offenses
  • money laundry
  • forgery of documents
  • commercial bribery
  • compliance investigations – non-compliance with industry standards
  • property destruction
  • breach of ethical code – unethical behavior
  • infringement of fiduciary & other financial duties.
  • accounting improprieties.
  • violation of company policies.
  • privacy rights issues.
  • reporting fraud.
  • internal security & other controls + safeguards
  • information access and information control strategies (CIA principle)
  • insider trading & insider deals
  • cartel forming
  • corporate manslaughter

Criminal Corporate Activity

When you suspect there are criminal corporate activities occurring in your organization or company, then you will need to apply forensic accounting skills, maybe learn how to use a polygraph test (lie detector) and understand the correct arrest & other administrative procedures. The use of digital forensics became also more and more important during the past decades.

Do check our Corporate Fraud Investigations page here.

AR INTELL provides practical and strategic advice to shareholders, corporate executives (at all levels, company officers, security officers, managers, employees or staff in for example financial institutions & multinational corporates.

Over the years we have deloped a keen insight in different industries, and offer an indepth local knowledge and insight into regulatory & legal frameworks, international compliance issues and law enforcement.

Counter Surveillance

Counter surveillance refers to measures undertaken by the public to prevent surveillance, including covert surveillance. 

Counter surveillance includes:

  • discovery of electronic methods that are used to monitor your movement or record your conversations and record video, send signals of movement etc…
  • technical surveillance counter-measures
  • detection of hidden or overt surveillance devices
  • detection covert listening devices
  • visual surveillance devices
  • countersurveillance software to detect spyware & malware etc..
  • detect of people accessing computing and mobile devices for various nefarious reasons
  • find indicator of data theft or theft of financial, personal or corporate data and other business secrets
  • deploy actions (countermeasures) to reduce the risk of surveillance
  • Countersurveillance tries prevent or reduce surveillance by the enemy or adversary or unknown entities

Technical surveillance counter-measures

Electronic bugs or spy devices emit electromagnetic radiation (called RF – radio waves on a certain frequency). To detect these bugs you can “sweep” for them with professional TSCM bug sweeping RF detection technology.

Software countermeasures and Cyber Security

As an individual, organization, or company you might have concerns over your privacy relating to premises, conversations, and places where you store your confidential data or conduct private & confidential conversations. How sure are you that your office or meeting places are not bugged with spy devices? Have you checked?

This is why in cybersecurity software countermeasures can prevent all sorts of cyber-intrusions, cyber espionage, data-exfiltration, snooping, and data theft of personally identifiable information (PID). We all use computer systems, we are all connected, hacking is a real threat. Corporate Espionage Operators target regularly proprietary assets, intellectual property, and other business secrets.

AR INTELL Counter Surveillance & Cyber Security Team 

We focus on securing:

  • your communications
  • your privacy
  • your confidential information
  • detection of Invasion of Privacy
  • Interceptions of Communications (who is doing that)
  • Detection of Electronic Eavesdropping

Our methods are hands-on. We use:

  • government-grade equipment
  • diverse cyber security specialists with different backgrounds and vast experience
  • in depth reporting & analysis of the gathered intelligence

AR INTELL provides Counter-Intelligence services to:

Our services include:

Executive Profiling – Staff Profiling – Employee Profiling

staff profiling

Profiling your staff or employees is important in order to know who exactly you are dealing with. It might help you along the way on what to expect from certain persons and how to deal with unforeseen situations. The history and background of a person does not determine their future, but it will tell you a great deal about their potential.

What is profiling?

There are a few different definitions; depending on the field of application. Profling of persons refers to :

  • recording and analyzing the person’s psychological and behavioural characteristics
  • assess or predict their capabilities in a certain environment
  • purpose is to identify clearly a particular person or subgroup of people.

Mostly profiling involves the extrapolation of information about a person (traits, observed characteristics, typical behavior).

Other types of profiling

  • Executive Profiling
  • Staff Profiling
  • Consumer Profiling
  • Racial Profiling (profiling based on race or ethnicity)
  • Criminal Profiling
  • Data Profiling (analysis of data-sets)
  • Psychological profiling
  • Victim profiling
  • Criminal profiling

Staff & Employee Profiling

Profiling can be used to set a standard for hiring new applicants. After all, you are looking for a suitable candidate to fit into a certain job profile. Will they perform the job functions that you request?

  • what will be the performance level?
  • how long will an employee remain with the company
  • are there any red flags in the work-history?
  • how to deal with difficult people
  • how to assess performance?
  • how to find top candidates?
  • is somebody a leader or a follower?
  • how to asses work performance?
  • when to promote and employee (in a fair way)
  • how to recognize talented people
  • how to profile in a discreet way?

Executive Profile Report

  • detailed report describing the specific attributes of executives.
  • the report explains in detail why a person is suited for a position
  • details on professioanl experience and education, degrees, certificates etc..
  • relevant business data (sales figures, KPI etc..)
  • professional achievements
  • personal accomplishments
  • external roles in non-profit organizations
  • media exposure
  • publications, articles, books written
  • business accomplishments such as: increased company revenues, decreased spending, operational efficiency increase, involvement in new product developments, training & scholarship programs, charitable contributions
  • future plans, views on the industry

Private Investigators & Risk Management Consultants

Our AR Intell team consist of: 

  • private investigators
  • risk management risk assessment experts
  • information analysts
  • executive security teams
  • corporate security operators