• A Strategy & Planning
  • Executive Summary
  • A1: Rationale for a Security Management Plan
  • A2: Stakeholder Analysis
  • A3: Securing the Enterprise
  • Annex A3(i) – Risk Appetite and Security Risk Awareness Templates
  • Annex A3(ii) – Risk Management Assessment Questionnaires
  • A4: Planning
  • B Risk Assessment
  • Executive Summary
  • B1: Asset Characterisation
  • B2: Threat Characterisation
  • B3: Consequence Assessment
  • B4: Vulnerability Assessment
  • B5: Threat Likelihood Assessment
  • B6: Risk Assessment
  • B7: Protection Objectives
  • Annex 1 – Additional Open-Source Information
  • C Design
  • Executive Summary
  • C1: Risk-based Performance Requirements
  • C2: Performance-based Security Systems Requirements
  • C3: Physical Security
  • C4: Process Control and IT Security
  • C5: Procedural Security
  • Annex 1 – Guidelines for CBRN devices
  • Annex 2 – Sample Checklists
  • C6: Personnel Security
  • D Implementation & Review
  • Executive Summary
  • D1: Systems Implementation
  • D2: Testing and Exercising
  • D3: Ongoing Monitoring
  • Bibliography, Glossary and Acronyms