Critical National Infrastructure Company

Critical National Infrastructure Company

The Director of Security was responsible for leading the Safe, Secure and Resilient strategy. A core part of this was developing a proactive risk culture across the organisation. It was recognised that ‘Personnel risk’ was a critical component of this. 

KRisk were contracted to work closely with Corporate Security & HR to ensure a robust personnel risk assessment process was put in place to improve awareness and controls across the business.

How did we do it?

  • KRisk conducted an enterprise wide assessment of the roles that existed across the business. 
  • Through risk workshops with the Heads of Departments, assessed the most critical roles and the controls. 
  • Once the roles had been assessed and evaluated thoroughly with any vulnerabilities identified with action plans the people conducting the roles were assessed using the Risk Discovery tool. 


There was a clear understanding of the critical roles, particularly those that could pose the biggest impact to Security. There were various improvements fed into the Security risk register. 

Each of the roles identified for full risk profiling, Individuals ethics and values were mapped to the organisations. Their risk competencies were evaluated and aligned to the roles they were in and the information was used to develop the teams involved.