| A framework for formalizing risk management thinking in today¿s complex business environment Security Risk Management Body of Knowledge details the security risk management process in a format that can easily be applied by executive managers and security risk management practitioners. Integrating knowledge, competencies, methodologies, and applications, it demonstrates how to document and incorporate best-practice concepts from a range of complementary disciplines. Developed to align with International Standards for Risk Management such as ISO 31000 it enables professionals to apply security risk management (SRM) principles to specific areas of practice. Guidelines are provided for: Access Management; Business Continuity and Resilience; Command, Control, and Communications; Consequence Management and Business Continuity Management; Counter-Terrorism; Crime Prevention through Environmental Design; Crisis Management; Environmental Security; Events and Mass Gatherings; Executive Protection; Explosives and Bomb Threats; Home-Based Work; Human Rights and Security; Implementing Security Risk Management; Intellectual Property Protection; Intelligence Approach to SRM; Investigations and Root Cause Analysis; Maritime Security and Piracy; Mass Transport Security; Organizational Structure; Pandemics; Personal Protective Practices; Psych-ology of Security; Red Teaming and Scenario Modeling; Resilience and Critical Infrastructure Protection; Asset-, Function-, Project-, and Enterprise-Based Security Risk Assessment; Security Specifications and Postures; Security Training; Supply Chain Security; Transnational Security; and Travel Security. Security Risk Management Body of Knowledge is supported by a series of training courses, DVD seminars, tools, and templates. This is an indispensable resource for risk and security professional, students, executive management, and line managers with security responsibilities. |
|
 A Valuable Manual on Security Risk Management |
| Review Date: August 31, 2009 |
| Reviewer: D. P. Wagner, Sydney, Australia |
Since 2001 attention has become understandably more focused on matters of security. Billions of dollars and millions of hours have been spent on devising responses to current and future threats. In this environment the discipline of security risk management (SRM) has received much more attention from business and government. However, to my knowledge the "Security Risk Management Body of Knowledge" is the first comprehensive attempt at summarizing the complex and varied elements that make up the discipline of SRM.
This book, which was originally published by the Risk Management Institution of Australasia and which draws on the contributions of almost 100 SRM specialists, provides a holistic overview of SRM, combining a broad survey of the major areas of SRM with a wealth of practical details and advice on how to use SRM tools.
It attempts to put some structure around the idea of "security risk management". For example, it postulates four strategic Knowledge Areas (Exposure, Risk, Resources, Quality) and four operational Competency Areas (Business Integration, Functional Design, Implementation, Assurance) that together contain important knowledge that any security team in any organization needs to have.
The "Security Risk Management Body of Knowledge" uses models (such as the "Swiss Cheese" and the "Bow Tie" models), checklists and templates to help practitioners develop analyses and action plans specifically related to the organizations whose security they are attempting to improve.
This book includes a comprehensive lexicon (50 pages of text and illustrations) of SRM terms and definitions. The book also incorporates a generous quantity of color diagrams which aid greatly in the understanding of complex SRM processes.
The "Security Risk Management Body of Knowledge" also contains a thoughtful discussion on the human factors in SRM and asks questions regarding the underlying root causes of security failures and regarding the roles of culture and organizational psychology in risk management. This approach broadens the whole concept of personnel security away from just employment screening and security vetting towards asking more difficult (but vital) questions such as why would well-intentioned, conscientious people deliberately put themselves at risk by doing "irrational" things such as sharing passwords or chocking a fire door open when they should know better.
In conclusion, this book can be highly recommended not only for security risk management professionals but also for all who work in any area of risk management and security. Its tools, templates and concepts are also helpful for people with responsibilities in fields such as safety, health, business continuity, intelligence, and fraud prevention.
Moreover, this book, with its logical layout, its case studies, its abundance of color diagrams, its lexicon and its bibliography, would be an ideal educational textbook in SRM for use in technical school and college courses and for use in consulting situations. |
Excellent contempory body of knowledge on SRM
|
| Review Date: September 12, 2009 |
| Reviewer: Joris Hutter, Netherlands |
| I like this body of knowledge of contempory insights on security risk management. This gives me great information, backgrounds and visuals to go with them. |
Informative, relevant and essential reading
|
| Review Date: October 14, 2009 |
| Reviewer: John S. Cowling, Dubai, UAE |
Simply put, essential reading for the security professional who wants intelligent and relevant information with explanations using up to date and structured methodologies that can be realistically implemented.
Readers don't have to security experts to read this, they just have to want to improve themselves and stay current with modern trends.
Worthy of reading several times over. |
Video Book Review for the most resourceful security manual I have read
|
| Review Date: April 23, 2010 |
| Reviewer: Tony J. Ridley, Singapore |
Watch Video Here: http://www.amazon.com/review/R2I1OELY3LHGFI Read this book and enjoy the benefits it holds. Unlike the vast majority of technical security manuals, this book is very easy to read and extremely helpful in communicating the key points in order to achieve success and get immediate results.
Great visuals, practical case examples, insightful teachings, natural flow and based on actual experience. |
Security Risk Management Body of Knowledge
|
| Review Date: September 3, 2009 |
| Reviewer: R. Long, |
A body of knowledge in this age is something which seems to expand at a frightening and sometimes unmanageable pace but a foundation needs to be put down somewhere, a place where people can launch off into that ever expanding interest. The Security Risk Management Body of Knowledge or SRMBOK does just this, it is a foundational text and reference library for professionals interested in security and risk management. For those who want to understand and develop their knowledge in security risk management, this is the place to start. The book is very well structured and provides excellent guides at the front to help navigate through the text, contingent on reading purpose. Like many text books SRMBOK is not for the faint hearted, its not the kind of test for a slow read on a sunny afternoon. SRMBOK is the kind of book to which you refer again and again, that sits beside the encyclopedia and other reference books.
SRMBOK is not, as it states, about "guns, gates and guards" or "ciphers, safety and society" but explores the dynamic concept of "providing resilience". The approach of the book is to help the reader map and navigate a way through the evolving and challenging landscape of security and risk.
SRMBOK explains the fundamentals of security and risk in clear language with excellent illustrations and graphics. The explanation of standards (eg. AZ/NZS4360:2004), legislative requirements and governance issues is articulated through plain (non-technical) language and complementary illustrations. A range of helpful tools such as the "swiss cheese", ALARP, Hierarchy of Control and "bow tie" matrix are set out and explained. Business integration, functional design and congruence with project management tools and methods are also explained. The section on auditing is practical as is the section on physical risks, and is followed by a comprehensive discussion of significant aspects of risk management, change management, ICT management, human resource management as they apply to security risk management. The book has a comprehensive lexicon and bibliography. |
|
No details are available for this product
No video reviews found for this product.
