Security Risk Management

2175 Words5 Pages

Introduction

The reader will become familiarised with the term risk and it definitions from specifically the ISO 31000 standard of risk management and also the definition of risk from the criminology crime triangle. Which one of these two definitions that are the most suitable for usage within the security industry will be discussed and evaluated. How and why consequence is important when assessing risk priorities and determining where to allocate resources will be examined and answered.

1. Definitions

Security risk management is “the culture, processes and structures that are directed towards maximizing benefits and minimizing disbenefits in security, consistent with achieving business objectives”. (Australia, 2006) And where security is defined as: “the preparedness, protection and preservation of people, property and information both tangible and intangible”(Australia, 2006). Although Brooks (2009) claims that security cannot easily be defined, this text will consider the above definitions from the Handbook of Security Risk Management from Australian and New Zealand standards as true. If this definition is true, what can prevent an organisation from achieving its objectives? One answer might be the effects of risks. How is risk defined?

1.1. Risk according to ISO

The ISO-standard of risk management ISO 31000:2009 defines risk as “effect of uncertainty on objectives” (Australia, 2009) the standard is very generic and this definition may need further explanation. The handbooks for the standard suggests that risk is “the chance of something happening that will have an impact on objectives… measured in terms of consequence and likelihood”. (Australia, 2004) And this definition might be considered to be more understandable. ...

... middle of paper ...

...2006. Sydney: Standards Australia/Standards New Zealand.

Australia, S. (2009). Risk management - Principles and guidelines AS/NZS ISO 31000:2009. 20 November 2009: Standards Australia/Standards New Zealand.

Brooks, D. J. (2009). What is security: Definition through knowledge categorization. Security journal(Journal Article).

Fennelly, L. J. (2004a). Effective Physical Security (3 ed.). Oxford: Butterworth-Heinemann.

Fennelly, L. J. (2004b). Handbook of loss prevention and crime prevention: Elsevier Butterworth Heinemann.

Garcia, M. L. (2000). Truth & consequences. Security Management, 44(6), 44.

Kovacich, G. L., & Halibozek, E. P. (2006). Security metrics management: Butterworth-Heinemann.

Walsh, T. J., & Healy, R. (2009). Protection of Assets Manual (Vol. 1). Alexandria: ASIS International.

Vellani, K. H. (2006). Strategic security management: Elsevier.

Open Document