This book describes the risk management methodology as a specific process, a theory, or a procedure for determining your assets, vulnerabilities, and threats and how security professionals can protect them.
Risk Management for Security Professionals is a practical handbook for security managers who need to learn risk management skills. It goes beyond the physical security realm to encompass all risks to which a company may be exposed. Risk Management as presented in this book has several goals:
- Provides standardized common approach to risk management through a framework that effectively links security strategies and related costs to realistic threat assessment and risk levels
- Offers flexible yet structured framework that can be applied to the risk assessment and decision support process in support of your business or organization
- Increases awareness in terms of potential loss impacts, threats and vulnerabilities to organizational assets
- Ensures that various security recommendations are based on an integrated assessment of loss impacts, threats, vulnerabilities and resource constraints
Risk management is essentially a process methodology that will provide a cost-benefit payback factor to senior management.
- Provides a stand-alone guide to the risk management process
- Helps security professionals learn the risk countermeasures and their pros and cons
- Addresses a systematic approach to logical decision-making about the allocation of scarce security resources