This book describes the risk management methodology as a specific process, a theory, or a procedure for determining your assets, vulnerabilities, and threats and how security professionals can protect them. Risk Management for Security Professionals is a practical handbook for security managers who need to learn risk management skills. It goes beyond the physical security realm to encompass all risks to which a company may be exposed. Risk Management as presented in this book has several goals: Provides standardized common approach to risk management through a framework that effectively links security strategies and related costs to realistic threat assessment and risk levels Offers flexible yet structured framework that can be applied to the risk assessment and decision support process in support of your business or organization Increases awareness in terms of potential loss impacts, threats and vulnerabilities to organizational assets Ensures that various security recommendations are based on an integrated assessment of loss impacts, threats, vulnerabilities and resource constraints Risk management is essentially a process methodology that will provide a cost-benefit payback factor to senior management.

Key Features

Provides a stand-alone guide to the risk management process Helps security professionals learn the risk countermeasures and their pros and cons Addresses a systematic approach to logical decision-making about the allocation of scarce security resources


Security Professionals, Students of Security Courses

Table of Contents

*Risk Management: A Short History and its Importance *Key Terms and Definitions *Risk Management Process Overview *Asset Identification *Threat Identification and Assessment *Conducting the Site Specific Threat Assessment * Vulnerability Identification and Assessment * The Risk Assessment *The Risk Assessment * Cost-Benefit Analysis *Risk Management and Your Organization * Appendix A: Risk Management Case Study and Practical Exercises *Appendix B: Forms Used in the Risk Management Process * Appendix C: Are You Safeguarding the Crown Jewels - Determining Critical and Sensitive Information *Appendix D: Obtaining Asset Information - Conducting Interviews *Appendix E: Technology Collection Trends in the U.S. Defense Industry *Appendix F: The Foreign Threat to U.S. Business Travelers *Appendix G: Intelligence Organizations * Appendix H: The FBI National Security Awareness Program *Appendix I: Economic & Espionage News for the Risk Manager


No. of pages:
© 1999
eBook ISBN:
Print ISBN:

About the author

Carl Roper

Affiliations and Expertise

Security Consultant, Richmond, VA, USA