Influencing Enterprise Risk Mitigation

In Influencing Enterprise Risk Mitigation, author Francis J. D’Addario draws on his many years of impressive security experience to describe business risk prevention and mitigation strategies. D’Addario, former security manager at Starbucks, Hardee’s, and Jerrico, shares stories of risk mitigation successes and failures—including natural disasters, a triple murder, and multimillion dollar fraud schemes—to help explain the need for an all-hazard risk mitigation approach.

In this book, the author discusses the psychology of security, the geography of risk, and baseline identity authentication and access control measures. He also talks through the steps for making security a priority for the business, estimating return on investment for security services, and leveraging data to learn from the mistakes and successes of those who came before us. The ability to quantify the benefits of risk mitigation will influence business investment in prevention and response preparedness.

Influencing Enterprise Risk Mitigation teaches us that both hazards and mitigation opportunities in the enterprise start at the individual and community level, and that recovery from a catastrophe hinges on individual and community resiliency.

Influencing Enterprise Risk Mitigation is a part of Elsevier’s Security Executive Council Risk Management Portfolio, a collection of real world solutions and "how-to" guidelines that equip executives, practitioners, and educators with proven information for successful security and risk management programs.

• The author intertwines many years of personal experience with research and statistics to create actionable risk mitigation recommendations
• Covers a broad spectrum of threats—from family and community hazards to global disasters
• Uses real-world examples to illustrate the return on security investment and influence business management decisions

Mid- to upper-level security managers; security and risk management practitioners; first responders, law enforcement and protection professionals, or anyone who may be charged with the safety of people during an incident, crisis, or disaster.

Dedication

Acknowledgments

Foreword

Interdependent Communities Require Protection

Introduction

What’s Past is Prologue

Chapter 1. The Psychology of Security

1.1 Begin at Home

1.2 People are the Tipping Point

1.3 Brand Reputation

1.4 Safety and Security Sustainability

1.5 We are Survivors

Chapter 2. The Geography of Risk

2.1 Assessing Priorities and the Strategic Game Plan

2.2 All-Hazards Mitigation

2.3 Just-In-Time Preparedness

2.4 Mapping Strategy to Stakeholder Requirements

Chapter 3. Who’s Who in the Zoo?

3.1 Insider and Outsider Risks

3.2 Layered and Integrated Security Solutions

3.3 Inspect Who You Expect

Chapter 4. Prioritizing Risk Mitigation

4.1 Prioritizing Prevention

4.2 Piloting New Security

4.3 Integration

4.4 Galvanizing Resources

4.5 Documenting Pilot Results

Chapter 5. Estimating Return on Security Investment

5.1 Charting a Course for Prevention and Mitigation Investment

5.2 Communicating the Big Picture

5.3 Charter Summary: The Elevator Speech

5.4 Costs, Losses, and Benefits Determine Return on Investment

5.5 Measure Twice, Cut Once, and Report

5.6 Exception Detection Enables the Core Business

5.7 Estimating Net Return on Investment

Chapter 6. Leveraging Data to Lead with Good Practices

6.1 Surveys and Benchmarks

6.2 Case Study: Using Benchmarks to Support a Security Proposal

6.3 Leadership Courage and Collaboration

6.4 Identifying Good Practices

6.5 A Converged Approach

Chapter 7. Governance for Sustainability

Chapter 8. Resilience

8.1 Responsibility Ensures Resilience

8.2 Resilience Requires Preparedness

8.3 Learning Our Way

8.4 The Value Opportunity

8.5 Evolving Individual and Organizational Behavior

Epilogue

How Do We Make Sure this Never Happens Again, Globally?

About the Author

About Elsevier’s Security Executive Council Risk Management Portfolio

References

Index