the five C's of security


One of my most interesting customers is a large multinational company that manufactures and markets consumer goods in nearly as many countries as we operate (220). An audit found some serious deficiencies with regards to their security posture and exposure to risk.

Having failed this audit some 12+ months ago they have come to the market to seek suppliers to transform and manage their security services.

Before we proposed anything we thought it was a good idea to meet with the team responsible for security and find out what was most important to them. Amongst ourselves we came up with a simple measure to gauge their appetite for change in security services: the five C’s of security. Have a go yourself - the question is “prioritise these components of security service”

  • compliance - cooperation or obedience: Compliance with the law is expected of all.
  • consolidation - to discard the unused or unwanted items of and organize the remaining.
  • centralisation - to bring or come under central control, esp. governmental control.
  • cost - the price paid to acquire, produce, accomplish, or maintain anything.
  • convenience - anything that saves or simplifies work, adds to one's ease or comfort, etc., as an appliance, utensil, or the like.

(definitions from

So, I’m guessing that the way that you prioritise the five C’s depends on your position in your organisation. i.e. if you are an end-user you may value convenience over consolidation, but your CFO may value cost over convenience.

How do you prioritise the five c's ?

Simon Jones

Credit: © Vladislav Kochelaevs -

Nicolas Jacquey
Simon Jones

I've been a consultant with Orange Business (and its predecessor Equant) for more than 15 years.  My specialties are Messaging, Active Directory, hosting, application traffic management and global networking.