Security & Risk Management Mnemonics: From OODA Loops to CPTED, Eyecharts or Education?

Brief summations of complex, related topics can be extremely helpful for professionals and lay people alike. However, abbreviated chatter in lieu of full sentences and disclosure can be polarising and exclusionary.

Security and risk management demonstrate these traits on a daily basis.

Some are helpful, some are not.

Some are dangerously outdated or inappropriate for the complexity of the issue/s at hand

Some mnemonics and abbreviated speech are incorrect repurposing of original (sometimes outdated concepts) ideas for contemporary times, others are just attempts at an author or cohort to be immortalised as an original, revolutionary solution and legacy for all time.

This brief article lines up a select few security, risk, management and project mnemonics

Is this a masterclass in abbreviated, complex security and risk management issues or a confusing eye chart?

The following summation are extracts from leadership, decision-making, intelligence, crime prevention and security risk management

OODA Loop

Great scientific assurances are routinely derived from the single opinion of someone in the past, universally applied as an absolute for all things now and into the future.

Singling out one common mnemonic, let's unpack some of the most obvious issues.

One man's opinion should not be enshrined or immortalised as a universal truth for all to follow, despite the seeming simple logic and convenience lacking any real evidence or research.

Simple enough, but way too simple for the real world, risk, organisational complexity or security risk management.

Making further correlations and reference to 'the ancient texts' does not solve the lack of supporting evidence, utility and scientific principles lacking in any one graphic or concept.

As is a common trait within security and risk management, great tribal divisions and alliances are formed around beliefs, teachings and popular commentary.

Going to great lengths to make a simple premise that once worked even more complex, layered or seemingly scientific should not be the default setting for security and risk management as a profession.

Catchphrases and pneumonic's can be helpful to appoint but forced relationships, 'one upmanship' , 'the next big thing' and tribal affiliation to one version or another is increasingly confusing and undermines the original intent… not to mention relevance and quality

I use shorthand notations and references to remind and recall all the time. However, I'm mindful to fact check and update these mnemonics and assumptions as regularly as possible.

Even if, I can't get KISS and PPPPPPP out of my head ??

Tony Ridley, MSc CSyP MSyl M.ISRM

Security, Risk & Management Sciences