, PLEASE USE THIS DOCUMENT AS A GUIDE TO ANSWER YOUR ASSIGNMENT
QUESTION 1
1. Draft the Unisa Security Risk Management Model and give reasons for the addition of steps 9
and 10 respectively.
The Unisa Security Risk Management Model
The Unisa Security Risk Management Model is based primarily on the work of Rogers, who
developed a structured approach to security risk management that is widely used at the University of
South Africa (Unisa). Rogers’ model includes several key steps.
Step 1 involves identifying the factors that cause crime, which is essential for understanding
where vulnerabilities might exist.
Step 2 covers the development of a security policy and securing a mandate from management,
providing the authority needed for implementing security measures.
Step 3 is the orientation phase, where an initial meeting with the client and a site inspection are
conducted to identify assets and assess risks.
Step 4, the risk analysis exercise, involves calculating the probability and potential impact of
identified risks.
Step 5 is a security survey, focusing on inspecting existing security measures and identifying
weaknesses.
Step 6 is the development of security risk control measures aimed at addressing the risks
identified.
Step 7 evaluates the return on investment by analyzing the cost-effectiveness of the proposed
measures.
Step 8 requires compiling a security risk management report that documents all findings and
recommendations.
Step 9 involves the implementation and evaluation of security measures, ensuring that the
proposed solutions are put into practice and that their effectiveness is measured over time.
Addition of Step 9: Implementation and Evaluation of Security Measures
Step 9, the implementation and evaluation of security measures, is critical because developing
security recommendations alone is not sufficient; they must be actively applied and tested for
effectiveness. Without implementation, the security risk management process would remain
theoretical and have no real impact on crime prevention or risk reduction. Furthermore, evaluation
ensures that implemented measures are not only operational but are achieving the intended outcomes.
It allows for adjustments and improvements where needed, making the security system dynamic
rather than static.
Addition of Step 10: Maintenance and Upgrade
The addition of Step 10, maintenance and upgrade, was introduced by Olckers in response to the
practical realities observed in residential and business security environments. Olckers recognized
that many security systems, once installed, tend to be neglected, leading to system failures or
vulnerabilities as threats evolve. Step 10 stresses the importance of ongoing maintenance, regular
inspections, and timely upgrades of security systems. This ensures that security measures remain
effective over time and adapt to new risks or changes in the environment. Without this step,
organizations might experience a false sense of security, only realizing deficiencies after an incident
has occurred. Therefore, maintenance and upgrading are crucial for sustaining long-term operational
effectiveness and ensuring that security investments continue to deliver value.
QUESTION 1
1. Draft the Unisa Security Risk Management Model and give reasons for the addition of steps 9
and 10 respectively.
The Unisa Security Risk Management Model
The Unisa Security Risk Management Model is based primarily on the work of Rogers, who
developed a structured approach to security risk management that is widely used at the University of
South Africa (Unisa). Rogers’ model includes several key steps.
Step 1 involves identifying the factors that cause crime, which is essential for understanding
where vulnerabilities might exist.
Step 2 covers the development of a security policy and securing a mandate from management,
providing the authority needed for implementing security measures.
Step 3 is the orientation phase, where an initial meeting with the client and a site inspection are
conducted to identify assets and assess risks.
Step 4, the risk analysis exercise, involves calculating the probability and potential impact of
identified risks.
Step 5 is a security survey, focusing on inspecting existing security measures and identifying
weaknesses.
Step 6 is the development of security risk control measures aimed at addressing the risks
identified.
Step 7 evaluates the return on investment by analyzing the cost-effectiveness of the proposed
measures.
Step 8 requires compiling a security risk management report that documents all findings and
recommendations.
Step 9 involves the implementation and evaluation of security measures, ensuring that the
proposed solutions are put into practice and that their effectiveness is measured over time.
Addition of Step 9: Implementation and Evaluation of Security Measures
Step 9, the implementation and evaluation of security measures, is critical because developing
security recommendations alone is not sufficient; they must be actively applied and tested for
effectiveness. Without implementation, the security risk management process would remain
theoretical and have no real impact on crime prevention or risk reduction. Furthermore, evaluation
ensures that implemented measures are not only operational but are achieving the intended outcomes.
It allows for adjustments and improvements where needed, making the security system dynamic
rather than static.
Addition of Step 10: Maintenance and Upgrade
The addition of Step 10, maintenance and upgrade, was introduced by Olckers in response to the
practical realities observed in residential and business security environments. Olckers recognized
that many security systems, once installed, tend to be neglected, leading to system failures or
vulnerabilities as threats evolve. Step 10 stresses the importance of ongoing maintenance, regular
inspections, and timely upgrades of security systems. This ensures that security measures remain
effective over time and adapt to new risks or changes in the environment. Without this step,
organizations might experience a false sense of security, only realizing deficiencies after an incident
has occurred. Therefore, maintenance and upgrading are crucial for sustaining long-term operational
effectiveness and ensuring that security investments continue to deliver value.
