Enterprise Security Risk Management
A vulnerability assessment is a sub-process of the overall Enterprise Security Risk Management (ESRM) program. ESRM is an organizational strategy that addresses the full scope of security-risk-reduction while embracing the House of Worship's mission, core values, worship and operational environment, and the interests of shareholders, contributors, partners etc. ESRM has 4 basic steps to its continuous cycle:
The vulnerability assessment is the first step towards UNDERSTANDING THE SITUATION. During the assessment you'll "Identify and Prioritize Assets". You'll also understand the House of Worship's mission, core values, worship and operational environment.
The second step of ESRM is "Identify and Prioritize Risks". SurveyEssentials has a special template to help complete this. The template is called the "House of Worship Probability/Impact tempalte". When the template is completed, it produces a chart that reflects a “snapshot” of each potential Risk/Loss Event you've identified. The height of the bubble represents the probability . The higher the bubble, the more probable the event will occur. The size of the bubble represents the impact of the event which also considers its frequency, if it occurs. The Larger the bubbles the greater the impact if the event occurs.
Before you consider completing the Probability/Impact Chart, it is essential to conduct a comprehensive security survey / vulnerability assessment:
Determine where your valuable / critical assets are
Brainstorm to identify different events that could create loss (loss events). (historical information should be gathered and reviewed)
The rate of occurrence / recurrence of those events
The impact or consequence on the House of Worship, if the loss events occurred
The third step of ESRM is to "Mitigate the Prioritize Risks" - or basically implementing corrective action. Consider options available to diminish the probability of the loss events from occurring and pick the best, most cost effective option(s) to implement.
The fourth step of ESRM is "Continuous Improvement" of the security program. Which means to be constantly assessing the overall mission of the Place of Worship and seek to understand and upgrade and refine processes, policies, procedures while monitoring the environment and the possible risks that negatively impact the mission.
These four steps are implemented through a flexible, proactive approach, to manage and mitigate risk in parallel with the organizational culture and tolerance to risk. You never reach a final goal or level of success other than continuous improvement.
The Probability Impact Chart is available by special request for those who have already installed and are using the full version of the House of Worship Vulnerability App. If you've already ordered the full version send a request for the Probability Impact Chart by completing the form below. We'll contact you to follow up.