22 April 2018

Security Risk Assessments

A thorough security risk assessment is the basis for appropriate and cost-effective security measures aboard ships and in companies.

Risk Intelligence has carried out numerous risk assessment and consultancy projects for vessels preparing their transit through the Gulf of Aden, for deployments to West Africa and the Middle East.

Most of these projects consisted of a Security Risk Assessment (SRA) and a Ship Security Survey (SSS) for shipping and offshore customers. The reports generated from these activities have resulted in specific and plausible risk mitigation and avoidance recommendations, including the improvement or adaptation of training, procedures, management and physical security measures.

Comprehensive security risk assessments for high-risk areas include a detailed survey of the vessel by two consultants to determine the ship’s vulnerabilities and gaps in its defensive posture.

Desktop studies involve the review of the anticipated threat and vessel/asset characteristics based on general arrangement plans, photos and knowledge of similar vessels or assets. Desktop studies are usually carried out for medium risk areas, if the vessel cannot be accessed in the time frame or within a budget, or in order to determine the risk exposure prior to a commitment, e.g. during a tender phase.

The security risk assessment process is based on an established industry risk assessment methodology based on the Australian/New Zealand AS/NZS 4360 Risk Management Standard. It maps a specific threat assessment - focused on the most likely threat scenarios, e.g. a hijacking near Somalia - against the vessel’s (or operation’s) vulnerabilities and weaknesses. The outcome is then presented qualitatively and semi-quantitatively in a matrix, which can be adapted to the owner’s, operator’s or customer’s risk acceptance criteria.

The recommendations provided on how to reduce the risks are developed for each assessment report and are focused on specific threats (and threat scenarios), assets and consequence criteria. Recommendations are given to a sufficient level of detail to enable the company or ship to implement specific training, procedures or exercises, and to procure accurately specified material – if necessary - with guidance on its installation for best risk mitigation effect.

Security Risk Assessment content

The Security Risk Assessment (SRA) consists of the overall process of security risk identification, security risk analysis, and security risk evaluation. Depending on the desired depth of the assessment, a SRA report by Risk Intelligence may include the following information and analysis:

Threat assessment

  • Description and assessment of political climate
  • Description of relevant maritime security incidents in the area
  • Evaluation of attacker modus operandi
  • Maritime security outlook

Vulnerability assessment

  • Desktop review of ship or asset
  • Ship security survey and report
  • Physical security vulnerabilities
  • Organisational vulnerabilities
  • Operational vulnerabilities
  • Evaluation of ship’s vulnerabilities

Security risk analysis

  • Semi-qualitative or based on the methodology provided by the customer

Security risk evaluation

  • Risk priorities
  • Risk evaluation against customer acceptance criteria


  • Company security strategy and measures
  • Ship security measures
  • Improvement points for the ship security plan



Security Risk Assessment reports can be configured to meet your specific requirements and budgetary considerations. This includes the possibility to commission individual sections of a report. We recommend that for transits through and deployments to high risk areas a ship security survey is always carried out by Risk Intelligence for the ship in question. This type of survey goes beyond ISPS requirements and is carried out with the specific threat scenarios identified by the threat assessment in mind. Our reports are compiled by experienced maritime and security experts and peer reviewed to ensure a high degree of quality and consistency.

Client benefits

Your benefits from a Risk Intelligence Security Risk Assessment may include:

  • A more confident and rigorous basis for decision making and planning to reduce the organisation’s exposure to security risks
  • Improved security risk management and reduction in loss and the cost of security risks, including commercial insurance premiums
  • More effective allocation and use of resources through a more focussed countermeasures approach
  • Improved compliance with relevant legislation – a security risk assessment may satisfy ISPS Code requirements for an SSA update
  • Better corporate governance and due diligence



Preparing Security Risk Assessments involves the communication and exchange of confidential information. Risk Intelligence ensures a high level of confidentiality and uses encrypted communication for internal communication with such documents. Risk Intelligence provides a Non-Disclosure Agreement as part of the agreement or can sign customer specific documents.


Security Risk Assessments have been carried out for transits or operations in the Middle East, North Africa, Horn of Africa, West Africa and Asia.

References and testimonials can be provided on request.

For more information

Please contact Director of Advisory Services Mr. Henrik Ehlers Kragh on telephone +45 70 26 62 30.