Security Risk Management

Our Approach

Our security risk and crisis management consulting methodology is founded on international best practice standards.

How do we help?

We start by gaining a detailed understanding of your organisation, its structure, critical assets, culture and approach to risk.

Our analysts and expert local teams provide a clear picture of the prevalent threats from insiders, outsiders or a combination of both. This intelligence-led approach ensures you gain a comprehensive and accurate understanding of any adversaries you need to protect against.

The next step is to identify and quantify vulnerabilities. We look in detail at the effectiveness of the security system protecting your assets, examining for any weaknesses that an adversary could exploit. This may involve reviewing a physical site, digital security systems, travel processes or an individual’s routine.

What would be the impact of a loss event occurring? Having determined the potential for something to go wrong, we analyse what the consequences would be to your business objectives if it did. From this review, you can identify risk.

You can then decide which risks are outside of your risk tolerance and therefore need to be addressed. This aligns to any wider enterprise risk management process and enables clear reporting to senior management.

The next stage is the development of an actionable plan that specifies additional controls that need to be implemented, who is responsible for them, what the deadlines are and what resources are required.

As your organisation and its operating environment evolve, we can work alongside you to ensure that your security risk management process remains current, fit for purpose and financially sound.

Case Study

An organisation with global operation and recognisable brand ,working in a wide range of countries and cultures including complex environments. Several of the organisation’s sites are in environments where limitations on security measures are necessary. The organisation’s corporate, regional and site-level management are not cohesive int heir approach to security, despite a common awareness of some threats they face.

Our approach

  • Following our methodology, we start by scoping the organisation’s structure, approach to risk and global operations
  • We identify and put into context the organisation’s key assets: people, property, information and reputation
  • Our analysts and expert local teams then develop a granular understanding of their operating environments through a detailed threat and vulnerability assessments
  • Based on their findings and subsequent Consequence Review and Risk Assessment, we identify the organisation’s available risk treatment options and their priority


  • A robust security risk register embedded within the organisation’s wider enterprise risk management framework
  • A greater understanding and context of the organisation’s operating environments, key assets and security risks
  • Recommendations of appropriate spend to provide an evidence return on investment (ROI) of risk treatment options
  • A plan that demonstrates how security adds value by placing it within a financial context

Where do we help?

Security Risk Mangement

– Risk Assessments

– Site Surveys

Information and Intelligence


Policy and Documentation

– Security Risk Management Policies

– Security management Plans

– Site and Security Staff SOPs

Travel Risk Management

– Travel Risk Management Review

– Tracking

– Ground Services


– Personal Security Awareness Training

– Hostile Environment Awareness Training

– Security Management Training

– Incident Management Training / Simulated Incidents

– eLearning

Embedded Advisors

– Strategic Level

– Regional Management Level

– Site / Ground Level

Due Diligence


Expert Witness

Industries and Regions

Collectively the NYA team has worked for virtually every industry sector and in all regions of the world where security problems are prevalent.

NYA’s multinational and multilingual analyst team comprises geopolitical specialists, former military personnel and emergency services operators.

The team utilises a range of open and closed-source information feeds, including an extensive global network of in-country intelligence sources, to provide the most timely and accurate assessment of global land-based and maritime security risks.

We support your business – with the largest specialist team of security & crisis management, crisis response and maritime security consultants in the industry.

Industries Regions