Risk Management for Security Professionals

This book describes the risk management methodology as a specific process, a theory, or a procedure for determining your assets, vulnerabilities, and threats and how security professionals can protect them.

Risk Management for Security Professionals is a practical handbook for security managers who need to learn risk management skills. It goes beyond the physical security realm to encompass all risks to which a company may be exposed. Risk Management as presented in this book has several goals:

• Provides standardized common approach to risk management through a framework that effectively links security strategies and related costs to realistic threat assessment and risk levels
• Offers flexible yet structured framework that can be applied to the risk assessment and decision support process in support of your business or organization
• Increases awareness in terms of potential loss impacts, threats and vulnerabilities to organizational assets
• Ensures that various security recommendations are based on an integrated assessment of loss impacts, threats, vulnerabilities and resource constraints

Risk management is essentially a process methodology that will provide a cost-benefit payback factor to senior management.

• Provides a stand-alone guide to the risk management process
• Helps security professionals learn the risk countermeasures and their pros and cons
• Addresses a systematic approach to logical decision-making about the allocation of scarce security resources