The aim of this research paper is to analyse the individual and collective information
security risks which could arise from using a security strategy model (SSM); the objective of creating
the SSM was so as to protect a wireless local area network (WLAN). As such the focus of this paper
shall be on the individual operational components used to create the SSM and the information security
risks which stem from their being part of the SSM. In order to review the components of the SSM the
paper shall use the BS ISO/IEC 17799:2005 which is the British Standard, International Standard and
also the European Standard for using Information Communication Technology (ICT) correctly in
order to effectively mitigate against the exposure of an organizations data to unauthorized access. The
general idea of using the BS ISO/IEC 17799:2005 is so that the SSM is created based on best practice
within the ICT industry of protecting confidential data or at least that the possible risks that stem from
using the SSM are mitigated against; this is also known as risk based auditing. Against this backdrop
the paper shall review each component of the SSM and use the risks to create a ‘Threat’ model which
would then be used to create a ‘Trust model in order to strengthen the confidentiality of any data that
passes through the SSM
