Risk Management for Security Professionals


  • Carl Roper, Security Consultant, Richmond, VA, USA

This book describes the risk management methodology as a specific process, a theory, or a procedure for determining your assets, vulnerabilities, and threats and how security professionals can protect them. Risk Management for Security Professionals is a practical handbook for security managers who need to learn risk management skills. It goes beyond the physical security realm to encompass all risks to which a company may be exposed. Risk Management as presented in this book has several goals:Provides standardized common approach to risk management through a framework that effectively links security strategies and related costs to realistic threat assessment and risk levelsOffers flexible yet structured framework that can be applied to the risk assessment and decision support process in support of your business or organizationIncreases awareness in terms of potential loss impacts, threats and vulnerabilities to organizational assetsEnsures that various security recommendations are based on an integrated assessment of loss impacts, threats, vulnerabilities and resource constraintsRisk management is essentially a process methodology that will provide a cost-benefit payback factor to senior management.
View full description


Security Professionals, Students of Security Courses


Book information

  • Published: May 1999
  • ISBN: 978-0-7506-7113-2

Table of Contents

*Risk Management: A Short History and its Importance *Key Terms and Definitions *Risk Management Process Overview *Asset Identification *Threat Identification and Assessment *Conducting the Site Specific Threat Assessment * Vulnerability Identification and Assessment * The Risk Assessment *The Risk Assessment * Cost-Benefit Analysis *Risk Management and Your Organization * Appendix A: Risk Management Case Study and Practical Exercises *Appendix B: Forms Used in the Risk Management Process * Appendix C: Are You Safeguarding the Crown Jewels - Determining Critical and Sensitive Information *Appendix D: Obtaining Asset Information - Conducting Interviews *Appendix E: Technology Collection Trends in the U.S. Defense Industry *Appendix F: The Foreign Threat to U.S. Business Travelers *Appendix G: Intelligence Organizations * Appendix H: The FBI National Security Awareness Program *Appendix I: Economic & Espionage News for the Risk Manager