This book bridges the critical gap between Enterprise Security Risk Management (ESRM) theory and practical implementation.
While ESRM principles have gained widespread acceptance-particularly following ASIS International's endorsement-security professionals in real-world implementations consistently struggle with translating concepts into actionable strategies. This practical guide introduces a simple, operational framework centered around three core questions that help security leaders map ESRM directly to business outcomes and strategic decision-making. This book addresses the persistent "how-to" questions that practitioners face when attempting to implement ESRM in complex organizations. The book includes actionable field lessons, case examples, and practical tools that transform theory into measurable security impact. It addresses today's most urgent security challenges: organizational resilience amid a fast-changing global risk landscape, accelerating technology adoption (including AI), and an increasingly complex business and operational environment. As security programs face mounting pressure to demonstrate value, integrate with enterprise risk management, and build trust with non-security stakeholders, this accessible guide equips professionals to move beyond theoretical understanding and confidently lead ESRM implementation.
This book serves as an essential resource for security leaders ready to translate ESRM principles into measurable outcomes that align the security strategy with broader business objectives.
Sprache
Verlagsort
Verlagsgruppe
Zielgruppe
Für Beruf und Forschung
Professional Practice & Development and Professional Reference
Illustrationen
8 s/w Zeichnungen, 33 s/w Tabellen, 8 s/w Abbildungen
33 Tables, black and white; 8 Line drawings, black and white; 8 Illustrations, black and white
Maße
Höhe: 234 mm
Breite: 156 mm
ISBN-13
978-1-041-19361-6 (9781041193616)
Copyright in bibliographic data is held by Nielsen Book Services Limited or its licensors: all rights reserved.
Schweitzer Klassifikation
Rachelle Loyear is a seasoned security executive with 15 years of experience in corporate security and risk management. As Vice President of Integrated Security Solutions at Allied Universal, she works with clients across the globe in Enterprise Security Risk Management (ESRM) programs, focusing on aligning security strategies with organizational objectives. Her expertise encompasses both physical and cyber risk domains, ensuring comprehensive enterprise resilience.
Introduction: Simplifying Security in a Complex World Section 1: Changing the Way We Think About Security 1. The ESRM Difference 2. Thinking Like a Risk Manager Section 2: Turning Strategy into Action - The Three Essential Questions 3. What Am I Trying to Protect? - Understanding Critical Assets and Their Impact 4. What Does It Truly Need to Be Protected From? - Understanding Threat to Evaluate Risk 5. How Can We Most Effectively and Efficiently Protect It? - Choosing the Best Mitigations for Your Risk Profile Section 3: Sustaining ESRM - Improvement, Oversight, and Culture 6. Continual Improvement Strategies 7. Required for Success: Making the Shift to a Security-Driven Culture Section 4: What's Next for ESRM? 8. The Future of ESRM: Adapting to an Accelerating World
