Security Risk Management Body of Knowledge
eBook - ePub

Security Risk Management Body of Knowledge

Julian Talbot, Miles Jakeman

Partager le livre
  1. English
  2. ePUB (adapté aux mobiles)
  3. Disponible sur iOS et Android
eBook - ePub

Security Risk Management Body of Knowledge

Julian Talbot, Miles Jakeman

DĂ©tails du livre
Aperçu du livre
Table des matiĂšres
Citations

À propos de ce livre

A framework for formalizing risk management thinking in todayÂżs complex business environment

Security Risk Management Body of Knowledge details the security risk management process in a format that can easily be applied by executive managers and security risk management practitioners. Integrating knowledge, competencies, methodologies, and applications, it demonstrates how to document and incorporate best-practice concepts from a range of complementary disciplines.

Developed to align with International Standards for Risk Management such as ISO 31000 it enables professionals to apply security risk management (SRM) principles to specific areas of practice. Guidelines are provided for: Access Management; Business Continuity and Resilience; Command, Control, and Communications; Consequence Management and Business Continuity Management; Counter-Terrorism; Crime Prevention through Environmental Design; Crisis Management; Environmental Security; Events and Mass Gatherings; Executive Protection; Explosives and Bomb Threats; Home-Based Work; Human Rights and Security; Implementing Security Risk Management; Intellectual Property Protection; Intelligence Approach to SRM; Investigations and Root Cause Analysis; Maritime Security and Piracy; Mass Transport Security; Organizational Structure; Pandemics; Personal Protective Practices; Psych-ology of Security; Red Teaming and Scenario Modeling; Resilience and Critical Infrastructure Protection; Asset-, Function-, Project-, and Enterprise-Based Security Risk Assessment; Security Specifications and Postures; Security Training; Supply Chain Security; Transnational Security; and Travel Security.

Foire aux questions

Comment puis-je résilier mon abonnement ?
Il vous suffit de vous rendre dans la section compte dans paramĂštres et de cliquer sur « RĂ©silier l’abonnement ». C’est aussi simple que cela ! Une fois que vous aurez rĂ©siliĂ© votre abonnement, il restera actif pour le reste de la pĂ©riode pour laquelle vous avez payĂ©. DĂ©couvrez-en plus ici.
Puis-je / comment puis-je télécharger des livres ?
Pour le moment, tous nos livres en format ePub adaptĂ©s aux mobiles peuvent ĂȘtre tĂ©lĂ©chargĂ©s via l’application. La plupart de nos PDF sont Ă©galement disponibles en tĂ©lĂ©chargement et les autres seront tĂ©lĂ©chargeables trĂšs prochainement. DĂ©couvrez-en plus ici.
Quelle est la différence entre les formules tarifaires ?
Les deux abonnements vous donnent un accĂšs complet Ă  la bibliothĂšque et Ă  toutes les fonctionnalitĂ©s de Perlego. Les seules diffĂ©rences sont les tarifs ainsi que la pĂ©riode d’abonnement : avec l’abonnement annuel, vous Ă©conomiserez environ 30 % par rapport Ă  12 mois d’abonnement mensuel.
Qu’est-ce que Perlego ?
Nous sommes un service d’abonnement Ă  des ouvrages universitaires en ligne, oĂč vous pouvez accĂ©der Ă  toute une bibliothĂšque pour un prix infĂ©rieur Ă  celui d’un seul livre par mois. Avec plus d’un million de livres sur plus de 1 000 sujets, nous avons ce qu’il vous faut ! DĂ©couvrez-en plus ici.
Prenez-vous en charge la synthÚse vocale ?
Recherchez le symbole Écouter sur votre prochain livre pour voir si vous pouvez l’écouter. L’outil Écouter lit le texte Ă  haute voix pour vous, en surlignant le passage qui est en cours de lecture. Vous pouvez le mettre sur pause, l’accĂ©lĂ©rer ou le ralentir. DĂ©couvrez-en plus ici.
Est-ce que Security Risk Management Body of Knowledge est un PDF/ePUB en ligne ?
Oui, vous pouvez accĂ©der Ă  Security Risk Management Body of Knowledge par Julian Talbot, Miles Jakeman en format PDF et/ou ePUB ainsi qu’à d’autres livres populaires dans Business et Insurance. Nous disposons de plus d’un million d’ouvrages Ă  dĂ©couvrir dans notre catalogue.

Informations

Éditeur
Wiley
Année
2011
ISBN
9781118211267
Édition
1
Sous-sujet
Insurance

1
Introduction and Overview

1.1 WHY SRMBOK?

We live in a world of uncertainty; the world is changing at an ever accelerating pace. Life, society, economics, weather patterns, international relations, and risks are becoming more and more complex. The nature of work, travel, recreation, and communication is radically altering. We live in a world where, seemingly with each passing year, the past is less and less a guide to the future.
Security is involved in one way or another in virtually every decision we make and every activity we undertake. The contributions that Security Risk Management (SRM) make to society, personal safety, and national stability are easy to underestimate but hard to overlook. We have been concerned about safety, security, and protection since the dawn of our species and yet will still struggle to consistently define or reliably manage our security risks.
This is to a large extent understandable-although the fundamentals remain consistent, advances in security and related disciplines continue unabated. The global environment has never been more volatile, and societal expectations for security are increasing if anything.
The complexities of globalization, public expectation, regulatory requirements, transnational issues, multijurisdictional risks, crime, terrorism, advances in information technology, cyber attacks, and pandemics have created a security risk environment that has never been more challenging.
Despite the continuing development of security as a discipline, no single framework pulls together all the excellent but disparate work that practitioners and researchers are continually developing. Overall, there is little dispute that risk is a factor that must be considered by decision makers when deciding what, if anything, should be done about a risk that falls within their responsibility. Security is one such area where there has been less than total agreement as to what this means in practical terms.
The body of knowledge (BOK) surrounding Security Risk Management continues to evolve, but even the most dynamic of fields needs a point of common agreement, or at least agreed debate. It is unreasonable to expect SRMBOK to be all things to all people, but we the society, and the profession, need a place to collectively discuss and shape our thinking surrounding core concepts in SRM.
Much of the existing body of knowledge on risk management was developed for issues that do not possess the same degree of complexity, uncertainty, and ambiguity as those associated with modern security-related decision making. For example, managing financial or operational risk can be quantified more easily than some of the abstract concepts that security practitioners must manage. These areas offer us insights into the tools and techniques that have been pioneered in other disciplines. Areas such as safety management systems, financial formulas, project methodologies, engineering science, hazard identification, and human factors analysis, to name just a few, also have much to offer security practitioners.

1.1.1 Key Challenges

The abundance of valuable but disparate material from Security Risk Management and other disciplines presents a significant challenge for developing a common framework to assess and consider risk when making security and related policy decisions. In addition to risk assessment methodological questions, other questions plague organizational risk deliberations. Among them are the following:
  • Who is responsible for the risk assessment?
  • Who is responsible for managing risk?
  • How should alternative courses of action be developed, and how should they be evaluated?
  • How does one perform cost/benefit analysis on an abstract problem where potential consequences are astronomical but probability is unknown and may be close to zero?
  • How should terrorist and criminal adaptive responses to security measures be taken into account as potential security measures are being considered?
Security professionals everywhere are making some progress in answering these questions, and more significantly, the profession is developing a more mature understanding of the complexities involved. Increasingly, academic and practical research is also refining our understanding of the issues and giving us a basis for more risk-informed decision making.
Much of the past practices in security have revolved around the three Gs (guns, guards, gates), national security, intelligence and defense, firewalls, and cryptography. As important as these are, moving from a focus on threat mitigation to benefit realization is a growing imperative for many security professionals and for most organizations.

1.2 WHERE DO WE GO FROM HERE?

“The empires of the future are the empires of the mind.”
SIR WINSTON CHURCHILL
We are facing an increasingly complex and interdependent future in which information and intangible assets are likely to become increasingly valuable, and tangible assets are likely to diminish in value by comparison.
Risk-management activities in the 21st century are likely to continue to move away from the early focus on compliance and loss minimization toward opportunity realization. Although Security Risk Management will continue to require sound management of threats and minimization of losses, already we are starting to see threat mitigation as just part of standard management practice, rather than a standalone discipline.
The organizations and societies of today are seeking a greater understanding of the true nature of risks. This is not an altruistic or inherent desire for risk management per se, but it is an endeavor to better exploit opportunities and minimize harm.1 As illustrated in Figure 1.1, organizations typically start out as risk controllers with a focus on compliance and loss minimization. Over time, they realize that quality SRM adds value to operational performance, and if integrated across the enterprise, SRM can become a significant contributor to both organizationa...

Table des matiĂšres