Security and Risk Management: SWOT analysis and other routine 'gut' checks

Any one organisation is likely to have an abundance of SWOT (strength, weakness, opportunities and threats) assessments for various business functions and activities, which makes it all the more conspicuous that security and risk management have a dearth of or total omission of commensurate, routine business ready reckoners such as a SWOT analysis.

In other words, if you use and employ SWOT analysis techniques in your business, do you have the same volume and routine for SWOT analysis of your security and risk management practices, beliefs and habits?

Moreover, do you accumulate these assessments to confirm before, after and over time trends, variances and the like?

A SWOT analysis of you understanding and application of 'security' is a great way to compare your thinking with others or the rest of your organisation/business.

That is, once you create a SWOT analysis for security and risk management let other look at it.

You will routinely discover a lack of alignment, agreement and even conflict.

Perhaps this is why it is so occasionally or rarely done?

While there are many other alternates and more evolved options available, an excellent verification and comparison of your security and risk management beliefs and practices can quickly and easily be evaluated and commented on by many others by preparing and sharing a SWOT analysis of your security and risk management understandings and systems.

The results may both inform and shock you.

Regardless, it remains a worthwhile exercise.

Tony Ridley, MSc CSyP MSyl M.ISRM

Security, Risk & Management Sciences