Although it is not possible to eliminate all potential threats to business, it is possible to have pre-established measures which will provide protection to the organization’s most valuable assets, as well as having contingency plans on how to respond to an incident so that a company my resume its business as quickly as possible.
Security planning identifies all possible actions and processes required to deter terrorism, espionage, or other acts designed to impair a business, and the best practice methods to combat these types of threats.
Planning is usually broken down into three primary area of focus:
- Continuity: Ensuring that if a business is attacked, it can cope and return to normalcy quickly. This is of particular importance to businesses that are required to be responsive (i.e. daily traders, etc.)
- Legal issues: In the event of a workplace accident, the company must prove that it had existing policies and procedures to ensure the safety of its employees and visitors. In the event of any court proceedings, the company may be required to demonstrate the existence of these plans before the accident occurred.
- Reputation: In the event of an attack on sensitive data, the company may have its reputation or valuation jeopardized. Many such leaks and the subsequent loss of reputation can be avoided by proper security planning