Enterprise security risk management :: concepts and applications /
Showing you how ESRM applies fundamental risk principles to manage all security risks, this step-by-step book includes realistic case studies, questions to help you assess your own security program, thought-provoking discussion questions, and useful figures and tables. --
Gespeichert in:
| Hauptverfasser: | , |
|---|---|
| Weitere Verfasser: | |
| Format: | Elektronisch E-Book |
| Sprache: | English |
| Veröffentlicht: |
Brooksfield, Connecticut :
Rothstein Publishing,
2018.
|
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Zusammenfassung: | Showing you how ESRM applies fundamental risk principles to manage all security risks, this step-by-step book includes realistic case studies, questions to help you assess your own security program, thought-provoking discussion questions, and useful figures and tables. -- |
| Beschreibung: | 1 online resource (407 pages) : illustrations, tables. |
| Bibliographie: | Includes bibliographical references at the end of each chapters. |
| ISBN: | 1944480439 9781944480431 9781944480424 1944480420 |
Internformat
MARC
| LEADER | 00000cam a2200000 i 4500 | ||
|---|---|---|---|
| 001 | ZDB-4-EBA-on1020004828 | ||
| 003 | OCoLC | ||
| 005 | 20241004212047.0 | ||
| 006 | m d | ||
| 007 | cr ||||||||||| | ||
| 008 | 180102t20182018enka ob 000 0 eng d | ||
| 040 | |a IDEBK |b eng |e rda |c IDEBK |d OCLCF |d N$T |d COO |d UAB |d K6U |d D6H |d S9I |d UX1 |d OCLCO |d OCLCQ |d GBT |d OCLCO |d OCLCL |d OCLCQ |d DXU | ||
| 019 | |a 1175628579 | ||
| 020 | |a 1944480439 |q (electronic bk.) | ||
| 020 | |a 9781944480431 |q (electronic bk.) | ||
| 020 | |a 9781944480424 |q (electronic bk.) | ||
| 020 | |a 1944480420 |q (electronic bk.) | ||
| 020 | |z 1944480447 | ||
| 020 | |z 9781944480448 | ||
| 035 | |a (OCoLC)1020004828 |z (OCoLC)1175628579 | ||
| 037 | |a 1052433 |b MIL | ||
| 050 | 4 | |a HD61 | |
| 072 | 7 | |a BUS |x 082000 |2 bisacsh | |
| 072 | 7 | |a BUS |x 041000 |2 bisacsh | |
| 072 | 7 | |a BUS |x 042000 |2 bisacsh | |
| 072 | 7 | |a BUS |x 085000 |2 bisacsh | |
| 082 | 7 | |a 658.155 |2 23 | |
| 049 | |a MAIN | ||
| 100 | 1 | |a Allen, Brian J., |e author. | |
| 245 | 1 | 0 | |a Enterprise security risk management : |b concepts and applications / |c Brian J. Allen, Rachelle Loyear ; Kristen Noakes-Fry, editor. |
| 264 | 1 | |a Brooksfield, Connecticut : |b Rothstein Publishing, |c 2018. | |
| 264 | 4 | |c ß2018 | |
| 300 | |a 1 online resource (407 pages) : |b illustrations, tables. | ||
| 336 | |a text |b txt |2 rdacontent | ||
| 337 | |a computer |b c |2 rdamedia | ||
| 338 | |a online resource |b cr |2 rdacarrier | ||
| 520 | |a Showing you how ESRM applies fundamental risk principles to manage all security risks, this step-by-step book includes realistic case studies, questions to help you assess your own security program, thought-provoking discussion questions, and useful figures and tables. -- |c Edited summary from book. | ||
| 504 | |a Includes bibliographical references at the end of each chapters. | ||
| 505 | 0 | |a Cover -- Title page -- Copyright -- Dedication -- Acknowledgments -- Foreword -- Table of Contents -- Part 1: Why Enterprise Security Risk Management (ESRM)? -- 1: What is Enterprise Security Risk Management? -- 1.1 ESRM Defined -- 1.1.1 Enterprise -- 1.1.2 Security Risk -- 1.1.3 Risk Principles -- 1.2 ESRM Overview -- 1.2.1 ESRM Mission and Goals -- 1.2.2 ESRM Life Cycle -- A Quick Look -- 1.2.3 Your Role in ESRM -- 1.3 Why is ESRM Important? -- 1.3.1 Traditional Corporate Security Scenarios: Something is Missing -- 1.3.2 ESRM as a Driver for Consistency -- 1.4 What is ESRM Not? -- 1.4.1 How is ESRM Different from Enterprise Risk Management (ERM)? -- Questions for Discussion -- References -- Learn More About It -- 2: How Can ESRM Help You? -- 2.1 Security Function Professionals -- 2.1.1 The Student -- 2.1.1.1 How Can ESRM Help You? -- 2.1.2 The New Security Practitioner -- 2.1.2.1 How Can ESRM Help You? -- 2.1.3 The Security Manager or Executive -- 2.1.3.1 How Can ESRM Help You? -- 2.1.4 The Transitioning Public Sector Professional -- 2.1.4.1 How Can ESRM Help You? -- 2.2 Business Functional Professionals -- 2.2.1 The Business Function Manager -- 2.2.1.1 How Can ESRM Help You? -- 2.2.2 The Senior Executive -- 2.2.2.1 How Can ESRM Help Your Organization? -- 2.2.3 The Company Board of Directors -- 2.2.3.1 How Can ESRM Help Your Organization? -- Questions for Discussion -- References -- 3: How Can ESRM Help Your Security Program? -- 3.1 The Traditional View of Security and Why the Industry Must Chan -- 3.1.1 The Traditional View of Security -- 3.1.1.1 What Does Security Do? -- The Answer from the Security Practitioner -- 3.1.1.2 What Does Security Do? -- The Answer from the Board of Directors and Senior Executives -- 3.1.2 Why the Security Industry Needs to Define "Security" -- 3.1.3 The ESRM View of Security -- A Profession, not a Trade. | |
| 505 | 8 | |a 3.1.3.1. Managing Security Risks -- 3.1.4 ESRM-Based Security -- Moving from Task Management to Risk Management -- 3.1.4.1 Security Task Management -- 3.1.4.2 Security Risk Management -- 3.1.4.3 The ESRM Solution: A New Philosophy -- 3.1.5 Why Is the Traditional Approach to Security So Frustrating for So Many People? -- 3.1.5.1 The Missing Network Switch: A Story of Security Frustration -- 3.1.5.1.1 The Traditional Security Environment -- 3.1.5.1.2 The ESRM Security Environment -- 3.1.5.1.3 The ESRM Difference -- 3.2 The Evolving Global Risk Environment is Driving Industry to Risk Management Postures -- 3.2.1 Security and Risk Threats are Real -- 3.2.2 The Risk Conversation is Changing Rapidly -- 3.3 What Does "Security Success" Look Like? -- 3.3.1 Success is Not Just Measured by Numbers -- 3.3.2 In Security Success, Intangibles are Important -- 3.3.3 Your Answers Create Your Definition of "Success" -- 3.3.4 The Security Professional and the Business Leader: Using ESRM to Move Beyond Frustration to Success -- 3.3.5 The ESRM Philosophy of Security Success -- 3.3.5.1 Security Becomes Strategic -- 3.3.5.2 Security Becomes a Business Function -- Questions for Discussion -- References -- Learn More About It -- Part 2: The Fundamentals of ESRM -- 4: Preparing for an ESRM Program -- 4.1 Understand the Business and its Mission -- 4.1.1 Holistic Understanding of Risk -- 4.1.2 The Needs of Your Business -- 4.1.3 Sources of Information -- 4.1.3.1 Company Insiders -- 4.1.3.2 Company Published Communications -- 4.1.3.3 Outsiders and The Media -- 4.1.3.4 Observing Non-Verbal Communication -- The Underlying Culture -- 4.2 Understand the Business Environment -- 4.2.1 Examining the Environment the Business Operates In -- 4.3 Understand Your Stakeholders -- 4.3.1 What is a Stakeholder? -- 4.3.1.1 Finding Your Stakeholders: A Closer Look -- 4.3.2 Why Stakeholders Matter. | |
| 505 | 8 | |a 4.3.2.1 Risk Stakeholder Conflict -- Questions for Discussion -- References -- Learn More About It -- 5: The ESRM Cycle -- An Overview -- 5.1 What is ESRM? -- A Closer Look -- 5.1.1 Similarities to Industry Life Cycles -- 5.1.2 Application of the ESRM Model -- 5.2 The ESRM Life Cycle Model in Action -- 5.2.1 A Task Management Approach -- 5.2.2 An ESRM Approach -- 5.3 ESRM is Cyclical, But Not Always Sequential -- Questions for Discussion -- References -- 6: The ESRM Cycle -- Step 1: Identify and Prioritize Assets -- 6.1 Step 1 -- Identify and Prioritize Assets -- 6.2 What is an Asset? -- 6.2.1 How Do You Identify Business Assets? -- 6.2.1.1 Finding Tangible Assets -- 6.2.1.2 Finding Intangible Assets -- 6.2.2 Who Really "Owns" an Asset? -- 6.2.2.1 A Building -- 6.2.2.2 A Server -- 6.2.2.3 The Web of Assets and Asset Owners/Stakeholders -- 6.3 How Do You Assign Value to Assets? -- 6.3.1 Simple Tangible Asset Valuation (Two Methods) -- 6.3.2 Complex Tangible Asset Valuation -- 6.3.3 Intangible Asset Valuation (Three Methods) -- 6.3.4 Business Impact Analysis (BIA) -- 6.4 How Do You Prioritize Assets for Protection? -- 6.5 How Do You Deal with Conflicts in Asset Valuation and Prioritization? -- Questions for Discussion -- References -- Learn More About It -- 7: The ESRM Cycle -- Step 2: Identify and Prioritize Security Risks -- 7.1 Identify and Prioritize Security Risks -- 7.2 What is Risk? -- 7.2.1 The Risk Triangle -- 7.3 The Risk Assessment Process -- 7.3.1 ISO Standard and Good Practices -- 7.3.1.1 The ESRM Difference -- 7.4 Risk Identification -- Finding all the Risks -- 7.5 Prioritizing Risks for Mitigation -- 7.5.1 Presenting a Risk Matrix -- 7.5.1.1 Education vs. Fear -- 7.5.1.2 Building a Matrix -- 7.5.1.3 Building a Heat Map -- 7.5.1.4 Security Risk Decision-Making -- 7.5.2 Conflicts in Risk Prioritization -- 7.5.2.1 The Role of Security. | |
| 505 | 8 | |a 7.5.2.2 The Role of the Asset Owner -- Questions for Discussion -- References -- Learn More About It -- 8: The ESRM Cycle -- Step 3: Mitigate Prioritized Risks -- 8.1 Mitigate Prioritized Risks -- 8.2 Risk Management and Mitigation Responses in Existing Industry Standards -- 8.2.1 The ISO Risk Management Standard -- 8.2.2 The ESRM Difference -- 8.3 Risk Treatment Options -- 8.4 Risk Mitigation Decisions -- 8.4.1 Conflicts in Risk Mitigation Decisions -- Questions for Discussion -- Learn More About It -- 9: The ESRM Cycle -- Step 4: Improve and Advance -- 9.1 Improve and Advance -- 9.2 Incident Response -- 9.3 ESRM Investigations and Root Cause Analysis -- 9.3.1 Performing a Root Cause Analysis -- 9.4 Ongoing Security Risk Assessment -- 9.4.1 Sources of Risk Awareness -- 9.4.2 Reporting and Employee Vigilance -- Questions for Discussion -- References -- Learn More About It -- Part 3: Designing a Program That Works for Your Enterprise -- 10: Designing an ESRM Program to Fit Your Enterprise -- 10.1 Design Thinking -- A Conceptual Model for Your ESRM Program -- 10.2 The Phases of Design Thinking -- 10.2.1 Empathize Phase -- 10.2.2 Define Phase -- 10.2.3 Ideate Phase -- 10.2.4 Prototype Phase -- 10.2.5 Test Phase -- 10.3 ESRM Program Rollout in a Formal Design Thinking Model -- 10.3.1 Educate and Involve the Stakeholders (Empathy) -- 10.3.2 Iterate the Process (Your Definition and Prototypes) -- 10.3.3 Mature the Process (Testing and Feedback) -- 10.3.4 Expand the Process (Begin Again with a Larger Scope) -- Questions for Discussion -- References -- Learn More About It -- 11: Rolling Out Your ESRM Program -- 11.1 Rolling out ESRM in the Real World -- A Story -- 11.1.1 Step 1: Understanding the Current Environment and the Current Challenges (Empathy with Our Security Team) -- 11.1.1.1 A Deeper Dive (Even More Empathy). | |
| 505 | 8 | |a 11.1.2 Step 2: Communicating with the Business and Other Stakeholders (Empathy with Our Strategic Partners) -- 11.1.3 Step 3: Creating a Roadmap for the Program Rollout (Ideation and Brainstorming) -- 11.1.4 Step 4: Piloting the Program (Prototyping and Feedback) -- 11.1.5 Step 5: Implementation and Evolution Across the Enterprise -- 11.2 ESRM Program Rollout Checklist -- Questions for Discussion -- Learn More About It -- Part 4: Making ESRM Work for Your Organization -- 12: ESRM Essentials for Success -- 12.1 Transparency -- 12.1.1 Risk Transparency -- 12.1.2 Process Transparency -- 12.2 Independence -- 12.3 Authority -- 12.4 Scope -- 12.5 Parallels with Other Risk-Based Functions -- 12.5.1 What Are Audit, Legal, and Compliance? -- 12.5.2 What do Legal, Audit and Compliance Functions Need for Success? -- Questions for Discussion -- References -- Learn More About It -- 13: Security Governance -- 13.1 What is Corporate Governance? -- 13.1.1 Defining Corporate Governance -- 13.1.2 Why is Corporate Governance Important? -- 13.1.3 Common Themes in Corporate Governance -- 13.2 The Security Council: ESRM Governance -- 13.2.1 Who is the ESRM Security Council? -- 13.2.2 The Security Council's Role in ESRM -- 13.2.3 Setting Up a Security Council -- 13.2.3.1 Step 1: Define the Council Structure that Will Best Serve Enterprise Needs -- 13.2.3.2 Step 2: Define the Security Council Stakeholders -- 13.2.3.3 Step 3: Define the Mission, Objectives, and Goals of the Security Council and Document Them in a Council Charter -- 13.2.3.4 Step 4: Define Measurements/Project Key Performance Indicators (KPIs) for ESRM -- 13.2.3.5 Step 5: Develop a List of Potential Quick "Wins" for the ESRM Program -- 13.2.3.6 Step 6: Begin the Process of Meeting, Reviewing, and Directing the Program According to the Council Charter. | |
| 650 | 0 | |a Risk management. |0 http://id.loc.gov/authorities/subjects/sh85114200 | |
| 650 | 0 | |a Financial risk management. |0 http://id.loc.gov/authorities/subjects/sh2005007073 | |
| 650 | 2 | |a Risk Management |0 https://id.nlm.nih.gov/mesh/D012308 | |
| 650 | 6 | |a Gestion du risque. | |
| 650 | 6 | |a Finances |x Gestion du risque. | |
| 650 | 7 | |a risk management. |2 aat | |
| 650 | 7 | |a BUSINESS & ECONOMICS / Industrial Management |2 bisacsh | |
| 650 | 7 | |a BUSINESS & ECONOMICS / Management |2 bisacsh | |
| 650 | 7 | |a BUSINESS & ECONOMICS / Management Science |2 bisacsh | |
| 650 | 7 | |a BUSINESS & ECONOMICS / Organizational Behavior |2 bisacsh | |
| 650 | 7 | |a Financial risk management |2 fast | |
| 650 | 7 | |a Risk management |2 fast | |
| 700 | 1 | |a Loyear, Rachelle, |e author. | |
| 700 | 1 | |a Noakes-Fry, Kristen, |e editor. | |
| 758 | |i has work: |a Enterprise security risk management (Text) |1 https://id.oclc.org/worldcat/entity/E39PCGPMRgXjHpGWpjrjwgmHT3 |4 https://id.oclc.org/worldcat/ontology/hasWork | ||
| 776 | 0 | 8 | |i Print version: |a Allen, Brian J. |t Enterprise security risk management : concepts and applilcations. |d Brooksfield, Connecticut : Rothstein Publishing, c2018 |h 407 pages |z 9781944480448 |
| 856 | 4 | 0 | |l FWS01 |p ZDB-4-EBA |q FWS_PDA_EBA |u https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=1645658 |3 Volltext |
| 936 | |a BATCHLOAD | ||
| 938 | |a ProQuest MyiLibrary Digital eBook Collection |b IDEB |n cis39632954 | ||
| 938 | |a EBSCOhost |b EBSC |n 1645658 | ||
| 994 | |a 92 |b GEBAY | ||
| 912 | |a ZDB-4-EBA | ||
| 049 | |a DE-863 | ||
Datensatz im Suchindex
| DE-BY-FWS_katkey | ZDB-4-EBA-on1020004828 |
|---|---|
| _version_ | 1816882410874208256 |
| adam_text | |
| any_adam_object | |
| author | Allen, Brian J. Loyear, Rachelle |
| author2 | Noakes-Fry, Kristen |
| author2_role | edt |
| author2_variant | k n f knf |
| author_facet | Allen, Brian J. Loyear, Rachelle Noakes-Fry, Kristen |
| author_role | aut aut |
| author_sort | Allen, Brian J. |
| author_variant | b j a bj bja r l rl |
| building | Verbundindex |
| bvnumber | localFWS |
| callnumber-first | H - Social Science |
| callnumber-label | HD61 |
| callnumber-raw | HD61 |
| callnumber-search | HD61 |
| callnumber-sort | HD 261 |
| callnumber-subject | HD - Industries, Land Use, Labor |
| collection | ZDB-4-EBA |
| contents | Cover -- Title page -- Copyright -- Dedication -- Acknowledgments -- Foreword -- Table of Contents -- Part 1: Why Enterprise Security Risk Management (ESRM)? -- 1: What is Enterprise Security Risk Management? -- 1.1 ESRM Defined -- 1.1.1 Enterprise -- 1.1.2 Security Risk -- 1.1.3 Risk Principles -- 1.2 ESRM Overview -- 1.2.1 ESRM Mission and Goals -- 1.2.2 ESRM Life Cycle -- A Quick Look -- 1.2.3 Your Role in ESRM -- 1.3 Why is ESRM Important? -- 1.3.1 Traditional Corporate Security Scenarios: Something is Missing -- 1.3.2 ESRM as a Driver for Consistency -- 1.4 What is ESRM Not? -- 1.4.1 How is ESRM Different from Enterprise Risk Management (ERM)? -- Questions for Discussion -- References -- Learn More About It -- 2: How Can ESRM Help You? -- 2.1 Security Function Professionals -- 2.1.1 The Student -- 2.1.1.1 How Can ESRM Help You? -- 2.1.2 The New Security Practitioner -- 2.1.2.1 How Can ESRM Help You? -- 2.1.3 The Security Manager or Executive -- 2.1.3.1 How Can ESRM Help You? -- 2.1.4 The Transitioning Public Sector Professional -- 2.1.4.1 How Can ESRM Help You? -- 2.2 Business Functional Professionals -- 2.2.1 The Business Function Manager -- 2.2.1.1 How Can ESRM Help You? -- 2.2.2 The Senior Executive -- 2.2.2.1 How Can ESRM Help Your Organization? -- 2.2.3 The Company Board of Directors -- 2.2.3.1 How Can ESRM Help Your Organization? -- Questions for Discussion -- References -- 3: How Can ESRM Help Your Security Program? -- 3.1 The Traditional View of Security and Why the Industry Must Chan -- 3.1.1 The Traditional View of Security -- 3.1.1.1 What Does Security Do? -- The Answer from the Security Practitioner -- 3.1.1.2 What Does Security Do? -- The Answer from the Board of Directors and Senior Executives -- 3.1.2 Why the Security Industry Needs to Define "Security" -- 3.1.3 The ESRM View of Security -- A Profession, not a Trade. 3.1.3.1. Managing Security Risks -- 3.1.4 ESRM-Based Security -- Moving from Task Management to Risk Management -- 3.1.4.1 Security Task Management -- 3.1.4.2 Security Risk Management -- 3.1.4.3 The ESRM Solution: A New Philosophy -- 3.1.5 Why Is the Traditional Approach to Security So Frustrating for So Many People? -- 3.1.5.1 The Missing Network Switch: A Story of Security Frustration -- 3.1.5.1.1 The Traditional Security Environment -- 3.1.5.1.2 The ESRM Security Environment -- 3.1.5.1.3 The ESRM Difference -- 3.2 The Evolving Global Risk Environment is Driving Industry to Risk Management Postures -- 3.2.1 Security and Risk Threats are Real -- 3.2.2 The Risk Conversation is Changing Rapidly -- 3.3 What Does "Security Success" Look Like? -- 3.3.1 Success is Not Just Measured by Numbers -- 3.3.2 In Security Success, Intangibles are Important -- 3.3.3 Your Answers Create Your Definition of "Success" -- 3.3.4 The Security Professional and the Business Leader: Using ESRM to Move Beyond Frustration to Success -- 3.3.5 The ESRM Philosophy of Security Success -- 3.3.5.1 Security Becomes Strategic -- 3.3.5.2 Security Becomes a Business Function -- Questions for Discussion -- References -- Learn More About It -- Part 2: The Fundamentals of ESRM -- 4: Preparing for an ESRM Program -- 4.1 Understand the Business and its Mission -- 4.1.1 Holistic Understanding of Risk -- 4.1.2 The Needs of Your Business -- 4.1.3 Sources of Information -- 4.1.3.1 Company Insiders -- 4.1.3.2 Company Published Communications -- 4.1.3.3 Outsiders and The Media -- 4.1.3.4 Observing Non-Verbal Communication -- The Underlying Culture -- 4.2 Understand the Business Environment -- 4.2.1 Examining the Environment the Business Operates In -- 4.3 Understand Your Stakeholders -- 4.3.1 What is a Stakeholder? -- 4.3.1.1 Finding Your Stakeholders: A Closer Look -- 4.3.2 Why Stakeholders Matter. 4.3.2.1 Risk Stakeholder Conflict -- Questions for Discussion -- References -- Learn More About It -- 5: The ESRM Cycle -- An Overview -- 5.1 What is ESRM? -- A Closer Look -- 5.1.1 Similarities to Industry Life Cycles -- 5.1.2 Application of the ESRM Model -- 5.2 The ESRM Life Cycle Model in Action -- 5.2.1 A Task Management Approach -- 5.2.2 An ESRM Approach -- 5.3 ESRM is Cyclical, But Not Always Sequential -- Questions for Discussion -- References -- 6: The ESRM Cycle -- Step 1: Identify and Prioritize Assets -- 6.1 Step 1 -- Identify and Prioritize Assets -- 6.2 What is an Asset? -- 6.2.1 How Do You Identify Business Assets? -- 6.2.1.1 Finding Tangible Assets -- 6.2.1.2 Finding Intangible Assets -- 6.2.2 Who Really "Owns" an Asset? -- 6.2.2.1 A Building -- 6.2.2.2 A Server -- 6.2.2.3 The Web of Assets and Asset Owners/Stakeholders -- 6.3 How Do You Assign Value to Assets? -- 6.3.1 Simple Tangible Asset Valuation (Two Methods) -- 6.3.2 Complex Tangible Asset Valuation -- 6.3.3 Intangible Asset Valuation (Three Methods) -- 6.3.4 Business Impact Analysis (BIA) -- 6.4 How Do You Prioritize Assets for Protection? -- 6.5 How Do You Deal with Conflicts in Asset Valuation and Prioritization? -- Questions for Discussion -- References -- Learn More About It -- 7: The ESRM Cycle -- Step 2: Identify and Prioritize Security Risks -- 7.1 Identify and Prioritize Security Risks -- 7.2 What is Risk? -- 7.2.1 The Risk Triangle -- 7.3 The Risk Assessment Process -- 7.3.1 ISO Standard and Good Practices -- 7.3.1.1 The ESRM Difference -- 7.4 Risk Identification -- Finding all the Risks -- 7.5 Prioritizing Risks for Mitigation -- 7.5.1 Presenting a Risk Matrix -- 7.5.1.1 Education vs. Fear -- 7.5.1.2 Building a Matrix -- 7.5.1.3 Building a Heat Map -- 7.5.1.4 Security Risk Decision-Making -- 7.5.2 Conflicts in Risk Prioritization -- 7.5.2.1 The Role of Security. 7.5.2.2 The Role of the Asset Owner -- Questions for Discussion -- References -- Learn More About It -- 8: The ESRM Cycle -- Step 3: Mitigate Prioritized Risks -- 8.1 Mitigate Prioritized Risks -- 8.2 Risk Management and Mitigation Responses in Existing Industry Standards -- 8.2.1 The ISO Risk Management Standard -- 8.2.2 The ESRM Difference -- 8.3 Risk Treatment Options -- 8.4 Risk Mitigation Decisions -- 8.4.1 Conflicts in Risk Mitigation Decisions -- Questions for Discussion -- Learn More About It -- 9: The ESRM Cycle -- Step 4: Improve and Advance -- 9.1 Improve and Advance -- 9.2 Incident Response -- 9.3 ESRM Investigations and Root Cause Analysis -- 9.3.1 Performing a Root Cause Analysis -- 9.4 Ongoing Security Risk Assessment -- 9.4.1 Sources of Risk Awareness -- 9.4.2 Reporting and Employee Vigilance -- Questions for Discussion -- References -- Learn More About It -- Part 3: Designing a Program That Works for Your Enterprise -- 10: Designing an ESRM Program to Fit Your Enterprise -- 10.1 Design Thinking -- A Conceptual Model for Your ESRM Program -- 10.2 The Phases of Design Thinking -- 10.2.1 Empathize Phase -- 10.2.2 Define Phase -- 10.2.3 Ideate Phase -- 10.2.4 Prototype Phase -- 10.2.5 Test Phase -- 10.3 ESRM Program Rollout in a Formal Design Thinking Model -- 10.3.1 Educate and Involve the Stakeholders (Empathy) -- 10.3.2 Iterate the Process (Your Definition and Prototypes) -- 10.3.3 Mature the Process (Testing and Feedback) -- 10.3.4 Expand the Process (Begin Again with a Larger Scope) -- Questions for Discussion -- References -- Learn More About It -- 11: Rolling Out Your ESRM Program -- 11.1 Rolling out ESRM in the Real World -- A Story -- 11.1.1 Step 1: Understanding the Current Environment and the Current Challenges (Empathy with Our Security Team) -- 11.1.1.1 A Deeper Dive (Even More Empathy). 11.1.2 Step 2: Communicating with the Business and Other Stakeholders (Empathy with Our Strategic Partners) -- 11.1.3 Step 3: Creating a Roadmap for the Program Rollout (Ideation and Brainstorming) -- 11.1.4 Step 4: Piloting the Program (Prototyping and Feedback) -- 11.1.5 Step 5: Implementation and Evolution Across the Enterprise -- 11.2 ESRM Program Rollout Checklist -- Questions for Discussion -- Learn More About It -- Part 4: Making ESRM Work for Your Organization -- 12: ESRM Essentials for Success -- 12.1 Transparency -- 12.1.1 Risk Transparency -- 12.1.2 Process Transparency -- 12.2 Independence -- 12.3 Authority -- 12.4 Scope -- 12.5 Parallels with Other Risk-Based Functions -- 12.5.1 What Are Audit, Legal, and Compliance? -- 12.5.2 What do Legal, Audit and Compliance Functions Need for Success? -- Questions for Discussion -- References -- Learn More About It -- 13: Security Governance -- 13.1 What is Corporate Governance? -- 13.1.1 Defining Corporate Governance -- 13.1.2 Why is Corporate Governance Important? -- 13.1.3 Common Themes in Corporate Governance -- 13.2 The Security Council: ESRM Governance -- 13.2.1 Who is the ESRM Security Council? -- 13.2.2 The Security Council's Role in ESRM -- 13.2.3 Setting Up a Security Council -- 13.2.3.1 Step 1: Define the Council Structure that Will Best Serve Enterprise Needs -- 13.2.3.2 Step 2: Define the Security Council Stakeholders -- 13.2.3.3 Step 3: Define the Mission, Objectives, and Goals of the Security Council and Document Them in a Council Charter -- 13.2.3.4 Step 4: Define Measurements/Project Key Performance Indicators (KPIs) for ESRM -- 13.2.3.5 Step 5: Develop a List of Potential Quick "Wins" for the ESRM Program -- 13.2.3.6 Step 6: Begin the Process of Meeting, Reviewing, and Directing the Program According to the Council Charter. |
| ctrlnum | (OCoLC)1020004828 |
| dewey-full | 658.155 |
| dewey-hundreds | 600 - Technology (Applied sciences) |
| dewey-ones | 658 - General management |
| dewey-raw | 658.155 |
| dewey-search | 658.155 |
| dewey-sort | 3658.155 |
| dewey-tens | 650 - Management and auxiliary services |
| discipline | Wirtschaftswissenschaften |
| format | Electronic eBook |
| fullrecord | <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>12623cam a2200733 i 4500</leader><controlfield tag="001">ZDB-4-EBA-on1020004828</controlfield><controlfield tag="003">OCoLC</controlfield><controlfield tag="005">20241004212047.0</controlfield><controlfield tag="006">m d </controlfield><controlfield tag="007">cr |||||||||||</controlfield><controlfield tag="008">180102t20182018enka ob 000 0 eng d</controlfield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">IDEBK</subfield><subfield code="b">eng</subfield><subfield code="e">rda</subfield><subfield code="c">IDEBK</subfield><subfield code="d">OCLCF</subfield><subfield code="d">N$T</subfield><subfield code="d">COO</subfield><subfield code="d">UAB</subfield><subfield code="d">K6U</subfield><subfield code="d">D6H</subfield><subfield code="d">S9I</subfield><subfield code="d">UX1</subfield><subfield code="d">OCLCO</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">GBT</subfield><subfield code="d">OCLCO</subfield><subfield code="d">OCLCL</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">DXU</subfield></datafield><datafield tag="019" ind1=" " ind2=" "><subfield code="a">1175628579</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">1944480439</subfield><subfield code="q">(electronic bk.)</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781944480431</subfield><subfield code="q">(electronic bk.)</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781944480424</subfield><subfield code="q">(electronic bk.)</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">1944480420</subfield><subfield code="q">(electronic bk.)</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="z">1944480447</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="z">9781944480448</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)1020004828</subfield><subfield code="z">(OCoLC)1175628579</subfield></datafield><datafield tag="037" ind1=" " ind2=" "><subfield code="a">1052433</subfield><subfield code="b">MIL</subfield></datafield><datafield tag="050" ind1=" " ind2="4"><subfield code="a">HD61</subfield></datafield><datafield tag="072" ind1=" " ind2="7"><subfield code="a">BUS</subfield><subfield code="x">082000</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="072" ind1=" " ind2="7"><subfield code="a">BUS</subfield><subfield code="x">041000</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="072" ind1=" " ind2="7"><subfield code="a">BUS</subfield><subfield code="x">042000</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="072" ind1=" " ind2="7"><subfield code="a">BUS</subfield><subfield code="x">085000</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="082" ind1="7" ind2=" "><subfield code="a">658.155</subfield><subfield code="2">23</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">MAIN</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Allen, Brian J.,</subfield><subfield code="e">author.</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Enterprise security risk management :</subfield><subfield code="b">concepts and applications /</subfield><subfield code="c">Brian J. Allen, Rachelle Loyear ; Kristen Noakes-Fry, editor.</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Brooksfield, Connecticut :</subfield><subfield code="b">Rothstein Publishing,</subfield><subfield code="c">2018.</subfield></datafield><datafield tag="264" ind1=" " ind2="4"><subfield code="c">ß2018</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">1 online resource (407 pages) :</subfield><subfield code="b">illustrations, tables.</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">computer</subfield><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">online resource</subfield><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">Showing you how ESRM applies fundamental risk principles to manage all security risks, this step-by-step book includes realistic case studies, questions to help you assess your own security program, thought-provoking discussion questions, and useful figures and tables. --</subfield><subfield code="c">Edited summary from book.</subfield></datafield><datafield tag="504" ind1=" " ind2=" "><subfield code="a">Includes bibliographical references at the end of each chapters.</subfield></datafield><datafield tag="505" ind1="0" ind2=" "><subfield code="a">Cover -- Title page -- Copyright -- Dedication -- Acknowledgments -- Foreword -- Table of Contents -- Part 1: Why Enterprise Security Risk Management (ESRM)? -- 1: What is Enterprise Security Risk Management? -- 1.1 ESRM Defined -- 1.1.1 Enterprise -- 1.1.2 Security Risk -- 1.1.3 Risk Principles -- 1.2 ESRM Overview -- 1.2.1 ESRM Mission and Goals -- 1.2.2 ESRM Life Cycle -- A Quick Look -- 1.2.3 Your Role in ESRM -- 1.3 Why is ESRM Important? -- 1.3.1 Traditional Corporate Security Scenarios: Something is Missing -- 1.3.2 ESRM as a Driver for Consistency -- 1.4 What is ESRM Not? -- 1.4.1 How is ESRM Different from Enterprise Risk Management (ERM)? -- Questions for Discussion -- References -- Learn More About It -- 2: How Can ESRM Help You? -- 2.1 Security Function Professionals -- 2.1.1 The Student -- 2.1.1.1 How Can ESRM Help You? -- 2.1.2 The New Security Practitioner -- 2.1.2.1 How Can ESRM Help You? -- 2.1.3 The Security Manager or Executive -- 2.1.3.1 How Can ESRM Help You? -- 2.1.4 The Transitioning Public Sector Professional -- 2.1.4.1 How Can ESRM Help You? -- 2.2 Business Functional Professionals -- 2.2.1 The Business Function Manager -- 2.2.1.1 How Can ESRM Help You? -- 2.2.2 The Senior Executive -- 2.2.2.1 How Can ESRM Help Your Organization? -- 2.2.3 The Company Board of Directors -- 2.2.3.1 How Can ESRM Help Your Organization? -- Questions for Discussion -- References -- 3: How Can ESRM Help Your Security Program? -- 3.1 The Traditional View of Security and Why the Industry Must Chan -- 3.1.1 The Traditional View of Security -- 3.1.1.1 What Does Security Do? -- The Answer from the Security Practitioner -- 3.1.1.2 What Does Security Do? -- The Answer from the Board of Directors and Senior Executives -- 3.1.2 Why the Security Industry Needs to Define "Security" -- 3.1.3 The ESRM View of Security -- A Profession, not a Trade.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">3.1.3.1. Managing Security Risks -- 3.1.4 ESRM-Based Security -- Moving from Task Management to Risk Management -- 3.1.4.1 Security Task Management -- 3.1.4.2 Security Risk Management -- 3.1.4.3 The ESRM Solution: A New Philosophy -- 3.1.5 Why Is the Traditional Approach to Security So Frustrating for So Many People? -- 3.1.5.1 The Missing Network Switch: A Story of Security Frustration -- 3.1.5.1.1 The Traditional Security Environment -- 3.1.5.1.2 The ESRM Security Environment -- 3.1.5.1.3 The ESRM Difference -- 3.2 The Evolving Global Risk Environment is Driving Industry to Risk Management Postures -- 3.2.1 Security and Risk Threats are Real -- 3.2.2 The Risk Conversation is Changing Rapidly -- 3.3 What Does "Security Success" Look Like? -- 3.3.1 Success is Not Just Measured by Numbers -- 3.3.2 In Security Success, Intangibles are Important -- 3.3.3 Your Answers Create Your Definition of "Success" -- 3.3.4 The Security Professional and the Business Leader: Using ESRM to Move Beyond Frustration to Success -- 3.3.5 The ESRM Philosophy of Security Success -- 3.3.5.1 Security Becomes Strategic -- 3.3.5.2 Security Becomes a Business Function -- Questions for Discussion -- References -- Learn More About It -- Part 2: The Fundamentals of ESRM -- 4: Preparing for an ESRM Program -- 4.1 Understand the Business and its Mission -- 4.1.1 Holistic Understanding of Risk -- 4.1.2 The Needs of Your Business -- 4.1.3 Sources of Information -- 4.1.3.1 Company Insiders -- 4.1.3.2 Company Published Communications -- 4.1.3.3 Outsiders and The Media -- 4.1.3.4 Observing Non-Verbal Communication -- The Underlying Culture -- 4.2 Understand the Business Environment -- 4.2.1 Examining the Environment the Business Operates In -- 4.3 Understand Your Stakeholders -- 4.3.1 What is a Stakeholder? -- 4.3.1.1 Finding Your Stakeholders: A Closer Look -- 4.3.2 Why Stakeholders Matter.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">4.3.2.1 Risk Stakeholder Conflict -- Questions for Discussion -- References -- Learn More About It -- 5: The ESRM Cycle -- An Overview -- 5.1 What is ESRM? -- A Closer Look -- 5.1.1 Similarities to Industry Life Cycles -- 5.1.2 Application of the ESRM Model -- 5.2 The ESRM Life Cycle Model in Action -- 5.2.1 A Task Management Approach -- 5.2.2 An ESRM Approach -- 5.3 ESRM is Cyclical, But Not Always Sequential -- Questions for Discussion -- References -- 6: The ESRM Cycle -- Step 1: Identify and Prioritize Assets -- 6.1 Step 1 -- Identify and Prioritize Assets -- 6.2 What is an Asset? -- 6.2.1 How Do You Identify Business Assets? -- 6.2.1.1 Finding Tangible Assets -- 6.2.1.2 Finding Intangible Assets -- 6.2.2 Who Really "Owns" an Asset? -- 6.2.2.1 A Building -- 6.2.2.2 A Server -- 6.2.2.3 The Web of Assets and Asset Owners/Stakeholders -- 6.3 How Do You Assign Value to Assets? -- 6.3.1 Simple Tangible Asset Valuation (Two Methods) -- 6.3.2 Complex Tangible Asset Valuation -- 6.3.3 Intangible Asset Valuation (Three Methods) -- 6.3.4 Business Impact Analysis (BIA) -- 6.4 How Do You Prioritize Assets for Protection? -- 6.5 How Do You Deal with Conflicts in Asset Valuation and Prioritization? -- Questions for Discussion -- References -- Learn More About It -- 7: The ESRM Cycle -- Step 2: Identify and Prioritize Security Risks -- 7.1 Identify and Prioritize Security Risks -- 7.2 What is Risk? -- 7.2.1 The Risk Triangle -- 7.3 The Risk Assessment Process -- 7.3.1 ISO Standard and Good Practices -- 7.3.1.1 The ESRM Difference -- 7.4 Risk Identification -- Finding all the Risks -- 7.5 Prioritizing Risks for Mitigation -- 7.5.1 Presenting a Risk Matrix -- 7.5.1.1 Education vs. Fear -- 7.5.1.2 Building a Matrix -- 7.5.1.3 Building a Heat Map -- 7.5.1.4 Security Risk Decision-Making -- 7.5.2 Conflicts in Risk Prioritization -- 7.5.2.1 The Role of Security.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">7.5.2.2 The Role of the Asset Owner -- Questions for Discussion -- References -- Learn More About It -- 8: The ESRM Cycle -- Step 3: Mitigate Prioritized Risks -- 8.1 Mitigate Prioritized Risks -- 8.2 Risk Management and Mitigation Responses in Existing Industry Standards -- 8.2.1 The ISO Risk Management Standard -- 8.2.2 The ESRM Difference -- 8.3 Risk Treatment Options -- 8.4 Risk Mitigation Decisions -- 8.4.1 Conflicts in Risk Mitigation Decisions -- Questions for Discussion -- Learn More About It -- 9: The ESRM Cycle -- Step 4: Improve and Advance -- 9.1 Improve and Advance -- 9.2 Incident Response -- 9.3 ESRM Investigations and Root Cause Analysis -- 9.3.1 Performing a Root Cause Analysis -- 9.4 Ongoing Security Risk Assessment -- 9.4.1 Sources of Risk Awareness -- 9.4.2 Reporting and Employee Vigilance -- Questions for Discussion -- References -- Learn More About It -- Part 3: Designing a Program That Works for Your Enterprise -- 10: Designing an ESRM Program to Fit Your Enterprise -- 10.1 Design Thinking -- A Conceptual Model for Your ESRM Program -- 10.2 The Phases of Design Thinking -- 10.2.1 Empathize Phase -- 10.2.2 Define Phase -- 10.2.3 Ideate Phase -- 10.2.4 Prototype Phase -- 10.2.5 Test Phase -- 10.3 ESRM Program Rollout in a Formal Design Thinking Model -- 10.3.1 Educate and Involve the Stakeholders (Empathy) -- 10.3.2 Iterate the Process (Your Definition and Prototypes) -- 10.3.3 Mature the Process (Testing and Feedback) -- 10.3.4 Expand the Process (Begin Again with a Larger Scope) -- Questions for Discussion -- References -- Learn More About It -- 11: Rolling Out Your ESRM Program -- 11.1 Rolling out ESRM in the Real World -- A Story -- 11.1.1 Step 1: Understanding the Current Environment and the Current Challenges (Empathy with Our Security Team) -- 11.1.1.1 A Deeper Dive (Even More Empathy).</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">11.1.2 Step 2: Communicating with the Business and Other Stakeholders (Empathy with Our Strategic Partners) -- 11.1.3 Step 3: Creating a Roadmap for the Program Rollout (Ideation and Brainstorming) -- 11.1.4 Step 4: Piloting the Program (Prototyping and Feedback) -- 11.1.5 Step 5: Implementation and Evolution Across the Enterprise -- 11.2 ESRM Program Rollout Checklist -- Questions for Discussion -- Learn More About It -- Part 4: Making ESRM Work for Your Organization -- 12: ESRM Essentials for Success -- 12.1 Transparency -- 12.1.1 Risk Transparency -- 12.1.2 Process Transparency -- 12.2 Independence -- 12.3 Authority -- 12.4 Scope -- 12.5 Parallels with Other Risk-Based Functions -- 12.5.1 What Are Audit, Legal, and Compliance? -- 12.5.2 What do Legal, Audit and Compliance Functions Need for Success? -- Questions for Discussion -- References -- Learn More About It -- 13: Security Governance -- 13.1 What is Corporate Governance? -- 13.1.1 Defining Corporate Governance -- 13.1.2 Why is Corporate Governance Important? -- 13.1.3 Common Themes in Corporate Governance -- 13.2 The Security Council: ESRM Governance -- 13.2.1 Who is the ESRM Security Council? -- 13.2.2 The Security Council's Role in ESRM -- 13.2.3 Setting Up a Security Council -- 13.2.3.1 Step 1: Define the Council Structure that Will Best Serve Enterprise Needs -- 13.2.3.2 Step 2: Define the Security Council Stakeholders -- 13.2.3.3 Step 3: Define the Mission, Objectives, and Goals of the Security Council and Document Them in a Council Charter -- 13.2.3.4 Step 4: Define Measurements/Project Key Performance Indicators (KPIs) for ESRM -- 13.2.3.5 Step 5: Develop a List of Potential Quick "Wins" for the ESRM Program -- 13.2.3.6 Step 6: Begin the Process of Meeting, Reviewing, and Directing the Program According to the Council Charter.</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Risk management.</subfield><subfield code="0">http://id.loc.gov/authorities/subjects/sh85114200</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Financial risk management.</subfield><subfield code="0">http://id.loc.gov/authorities/subjects/sh2005007073</subfield></datafield><datafield tag="650" ind1=" " ind2="2"><subfield code="a">Risk Management</subfield><subfield code="0">https://id.nlm.nih.gov/mesh/D012308</subfield></datafield><datafield tag="650" ind1=" " ind2="6"><subfield code="a">Gestion du risque.</subfield></datafield><datafield tag="650" ind1=" " ind2="6"><subfield code="a">Finances</subfield><subfield code="x">Gestion du risque.</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">risk management.</subfield><subfield code="2">aat</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">BUSINESS & ECONOMICS / Industrial Management</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">BUSINESS & ECONOMICS / Management</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">BUSINESS & ECONOMICS / Management Science</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">BUSINESS & ECONOMICS / Organizational Behavior</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Financial risk management</subfield><subfield code="2">fast</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Risk management</subfield><subfield code="2">fast</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Loyear, Rachelle,</subfield><subfield code="e">author.</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Noakes-Fry, Kristen,</subfield><subfield code="e">editor.</subfield></datafield><datafield tag="758" ind1=" " ind2=" "><subfield code="i">has work:</subfield><subfield code="a">Enterprise security risk management (Text)</subfield><subfield code="1">https://id.oclc.org/worldcat/entity/E39PCGPMRgXjHpGWpjrjwgmHT3</subfield><subfield code="4">https://id.oclc.org/worldcat/ontology/hasWork</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Print version:</subfield><subfield code="a">Allen, Brian J.</subfield><subfield code="t">Enterprise security risk management : concepts and applilcations.</subfield><subfield code="d">Brooksfield, Connecticut : Rothstein Publishing, c2018</subfield><subfield code="h">407 pages</subfield><subfield code="z">9781944480448</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="l">FWS01</subfield><subfield code="p">ZDB-4-EBA</subfield><subfield code="q">FWS_PDA_EBA</subfield><subfield code="u">https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=1645658</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="936" ind1=" " ind2=" "><subfield code="a">BATCHLOAD</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">ProQuest MyiLibrary Digital eBook Collection</subfield><subfield code="b">IDEB</subfield><subfield code="n">cis39632954</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">EBSCOhost</subfield><subfield code="b">EBSC</subfield><subfield code="n">1645658</subfield></datafield><datafield tag="994" ind1=" " ind2=" "><subfield code="a">92</subfield><subfield code="b">GEBAY</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-4-EBA</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-863</subfield></datafield></record></collection> |
| id | ZDB-4-EBA-on1020004828 |
| illustrated | Illustrated |
| indexdate | 2024-11-27T13:28:11Z |
| institution | BVB |
| isbn | 1944480439 9781944480431 9781944480424 1944480420 |
| language | English |
| oclc_num | 1020004828 |
| open_access_boolean | |
| owner | MAIN DE-863 DE-BY-FWS |
| owner_facet | MAIN DE-863 DE-BY-FWS |
| physical | 1 online resource (407 pages) : illustrations, tables. |
| psigel | ZDB-4-EBA |
| publishDate | 2018 |
| publishDateSearch | 2018 |
| publishDateSort | 2018 |
| publisher | Rothstein Publishing, |
| record_format | marc |
| spelling | Allen, Brian J., author. Enterprise security risk management : concepts and applications / Brian J. Allen, Rachelle Loyear ; Kristen Noakes-Fry, editor. Brooksfield, Connecticut : Rothstein Publishing, 2018. ß2018 1 online resource (407 pages) : illustrations, tables. text txt rdacontent computer c rdamedia online resource cr rdacarrier Showing you how ESRM applies fundamental risk principles to manage all security risks, this step-by-step book includes realistic case studies, questions to help you assess your own security program, thought-provoking discussion questions, and useful figures and tables. -- Edited summary from book. Includes bibliographical references at the end of each chapters. Cover -- Title page -- Copyright -- Dedication -- Acknowledgments -- Foreword -- Table of Contents -- Part 1: Why Enterprise Security Risk Management (ESRM)? -- 1: What is Enterprise Security Risk Management? -- 1.1 ESRM Defined -- 1.1.1 Enterprise -- 1.1.2 Security Risk -- 1.1.3 Risk Principles -- 1.2 ESRM Overview -- 1.2.1 ESRM Mission and Goals -- 1.2.2 ESRM Life Cycle -- A Quick Look -- 1.2.3 Your Role in ESRM -- 1.3 Why is ESRM Important? -- 1.3.1 Traditional Corporate Security Scenarios: Something is Missing -- 1.3.2 ESRM as a Driver for Consistency -- 1.4 What is ESRM Not? -- 1.4.1 How is ESRM Different from Enterprise Risk Management (ERM)? -- Questions for Discussion -- References -- Learn More About It -- 2: How Can ESRM Help You? -- 2.1 Security Function Professionals -- 2.1.1 The Student -- 2.1.1.1 How Can ESRM Help You? -- 2.1.2 The New Security Practitioner -- 2.1.2.1 How Can ESRM Help You? -- 2.1.3 The Security Manager or Executive -- 2.1.3.1 How Can ESRM Help You? -- 2.1.4 The Transitioning Public Sector Professional -- 2.1.4.1 How Can ESRM Help You? -- 2.2 Business Functional Professionals -- 2.2.1 The Business Function Manager -- 2.2.1.1 How Can ESRM Help You? -- 2.2.2 The Senior Executive -- 2.2.2.1 How Can ESRM Help Your Organization? -- 2.2.3 The Company Board of Directors -- 2.2.3.1 How Can ESRM Help Your Organization? -- Questions for Discussion -- References -- 3: How Can ESRM Help Your Security Program? -- 3.1 The Traditional View of Security and Why the Industry Must Chan -- 3.1.1 The Traditional View of Security -- 3.1.1.1 What Does Security Do? -- The Answer from the Security Practitioner -- 3.1.1.2 What Does Security Do? -- The Answer from the Board of Directors and Senior Executives -- 3.1.2 Why the Security Industry Needs to Define "Security" -- 3.1.3 The ESRM View of Security -- A Profession, not a Trade. 3.1.3.1. Managing Security Risks -- 3.1.4 ESRM-Based Security -- Moving from Task Management to Risk Management -- 3.1.4.1 Security Task Management -- 3.1.4.2 Security Risk Management -- 3.1.4.3 The ESRM Solution: A New Philosophy -- 3.1.5 Why Is the Traditional Approach to Security So Frustrating for So Many People? -- 3.1.5.1 The Missing Network Switch: A Story of Security Frustration -- 3.1.5.1.1 The Traditional Security Environment -- 3.1.5.1.2 The ESRM Security Environment -- 3.1.5.1.3 The ESRM Difference -- 3.2 The Evolving Global Risk Environment is Driving Industry to Risk Management Postures -- 3.2.1 Security and Risk Threats are Real -- 3.2.2 The Risk Conversation is Changing Rapidly -- 3.3 What Does "Security Success" Look Like? -- 3.3.1 Success is Not Just Measured by Numbers -- 3.3.2 In Security Success, Intangibles are Important -- 3.3.3 Your Answers Create Your Definition of "Success" -- 3.3.4 The Security Professional and the Business Leader: Using ESRM to Move Beyond Frustration to Success -- 3.3.5 The ESRM Philosophy of Security Success -- 3.3.5.1 Security Becomes Strategic -- 3.3.5.2 Security Becomes a Business Function -- Questions for Discussion -- References -- Learn More About It -- Part 2: The Fundamentals of ESRM -- 4: Preparing for an ESRM Program -- 4.1 Understand the Business and its Mission -- 4.1.1 Holistic Understanding of Risk -- 4.1.2 The Needs of Your Business -- 4.1.3 Sources of Information -- 4.1.3.1 Company Insiders -- 4.1.3.2 Company Published Communications -- 4.1.3.3 Outsiders and The Media -- 4.1.3.4 Observing Non-Verbal Communication -- The Underlying Culture -- 4.2 Understand the Business Environment -- 4.2.1 Examining the Environment the Business Operates In -- 4.3 Understand Your Stakeholders -- 4.3.1 What is a Stakeholder? -- 4.3.1.1 Finding Your Stakeholders: A Closer Look -- 4.3.2 Why Stakeholders Matter. 4.3.2.1 Risk Stakeholder Conflict -- Questions for Discussion -- References -- Learn More About It -- 5: The ESRM Cycle -- An Overview -- 5.1 What is ESRM? -- A Closer Look -- 5.1.1 Similarities to Industry Life Cycles -- 5.1.2 Application of the ESRM Model -- 5.2 The ESRM Life Cycle Model in Action -- 5.2.1 A Task Management Approach -- 5.2.2 An ESRM Approach -- 5.3 ESRM is Cyclical, But Not Always Sequential -- Questions for Discussion -- References -- 6: The ESRM Cycle -- Step 1: Identify and Prioritize Assets -- 6.1 Step 1 -- Identify and Prioritize Assets -- 6.2 What is an Asset? -- 6.2.1 How Do You Identify Business Assets? -- 6.2.1.1 Finding Tangible Assets -- 6.2.1.2 Finding Intangible Assets -- 6.2.2 Who Really "Owns" an Asset? -- 6.2.2.1 A Building -- 6.2.2.2 A Server -- 6.2.2.3 The Web of Assets and Asset Owners/Stakeholders -- 6.3 How Do You Assign Value to Assets? -- 6.3.1 Simple Tangible Asset Valuation (Two Methods) -- 6.3.2 Complex Tangible Asset Valuation -- 6.3.3 Intangible Asset Valuation (Three Methods) -- 6.3.4 Business Impact Analysis (BIA) -- 6.4 How Do You Prioritize Assets for Protection? -- 6.5 How Do You Deal with Conflicts in Asset Valuation and Prioritization? -- Questions for Discussion -- References -- Learn More About It -- 7: The ESRM Cycle -- Step 2: Identify and Prioritize Security Risks -- 7.1 Identify and Prioritize Security Risks -- 7.2 What is Risk? -- 7.2.1 The Risk Triangle -- 7.3 The Risk Assessment Process -- 7.3.1 ISO Standard and Good Practices -- 7.3.1.1 The ESRM Difference -- 7.4 Risk Identification -- Finding all the Risks -- 7.5 Prioritizing Risks for Mitigation -- 7.5.1 Presenting a Risk Matrix -- 7.5.1.1 Education vs. Fear -- 7.5.1.2 Building a Matrix -- 7.5.1.3 Building a Heat Map -- 7.5.1.4 Security Risk Decision-Making -- 7.5.2 Conflicts in Risk Prioritization -- 7.5.2.1 The Role of Security. 7.5.2.2 The Role of the Asset Owner -- Questions for Discussion -- References -- Learn More About It -- 8: The ESRM Cycle -- Step 3: Mitigate Prioritized Risks -- 8.1 Mitigate Prioritized Risks -- 8.2 Risk Management and Mitigation Responses in Existing Industry Standards -- 8.2.1 The ISO Risk Management Standard -- 8.2.2 The ESRM Difference -- 8.3 Risk Treatment Options -- 8.4 Risk Mitigation Decisions -- 8.4.1 Conflicts in Risk Mitigation Decisions -- Questions for Discussion -- Learn More About It -- 9: The ESRM Cycle -- Step 4: Improve and Advance -- 9.1 Improve and Advance -- 9.2 Incident Response -- 9.3 ESRM Investigations and Root Cause Analysis -- 9.3.1 Performing a Root Cause Analysis -- 9.4 Ongoing Security Risk Assessment -- 9.4.1 Sources of Risk Awareness -- 9.4.2 Reporting and Employee Vigilance -- Questions for Discussion -- References -- Learn More About It -- Part 3: Designing a Program That Works for Your Enterprise -- 10: Designing an ESRM Program to Fit Your Enterprise -- 10.1 Design Thinking -- A Conceptual Model for Your ESRM Program -- 10.2 The Phases of Design Thinking -- 10.2.1 Empathize Phase -- 10.2.2 Define Phase -- 10.2.3 Ideate Phase -- 10.2.4 Prototype Phase -- 10.2.5 Test Phase -- 10.3 ESRM Program Rollout in a Formal Design Thinking Model -- 10.3.1 Educate and Involve the Stakeholders (Empathy) -- 10.3.2 Iterate the Process (Your Definition and Prototypes) -- 10.3.3 Mature the Process (Testing and Feedback) -- 10.3.4 Expand the Process (Begin Again with a Larger Scope) -- Questions for Discussion -- References -- Learn More About It -- 11: Rolling Out Your ESRM Program -- 11.1 Rolling out ESRM in the Real World -- A Story -- 11.1.1 Step 1: Understanding the Current Environment and the Current Challenges (Empathy with Our Security Team) -- 11.1.1.1 A Deeper Dive (Even More Empathy). 11.1.2 Step 2: Communicating with the Business and Other Stakeholders (Empathy with Our Strategic Partners) -- 11.1.3 Step 3: Creating a Roadmap for the Program Rollout (Ideation and Brainstorming) -- 11.1.4 Step 4: Piloting the Program (Prototyping and Feedback) -- 11.1.5 Step 5: Implementation and Evolution Across the Enterprise -- 11.2 ESRM Program Rollout Checklist -- Questions for Discussion -- Learn More About It -- Part 4: Making ESRM Work for Your Organization -- 12: ESRM Essentials for Success -- 12.1 Transparency -- 12.1.1 Risk Transparency -- 12.1.2 Process Transparency -- 12.2 Independence -- 12.3 Authority -- 12.4 Scope -- 12.5 Parallels with Other Risk-Based Functions -- 12.5.1 What Are Audit, Legal, and Compliance? -- 12.5.2 What do Legal, Audit and Compliance Functions Need for Success? -- Questions for Discussion -- References -- Learn More About It -- 13: Security Governance -- 13.1 What is Corporate Governance? -- 13.1.1 Defining Corporate Governance -- 13.1.2 Why is Corporate Governance Important? -- 13.1.3 Common Themes in Corporate Governance -- 13.2 The Security Council: ESRM Governance -- 13.2.1 Who is the ESRM Security Council? -- 13.2.2 The Security Council's Role in ESRM -- 13.2.3 Setting Up a Security Council -- 13.2.3.1 Step 1: Define the Council Structure that Will Best Serve Enterprise Needs -- 13.2.3.2 Step 2: Define the Security Council Stakeholders -- 13.2.3.3 Step 3: Define the Mission, Objectives, and Goals of the Security Council and Document Them in a Council Charter -- 13.2.3.4 Step 4: Define Measurements/Project Key Performance Indicators (KPIs) for ESRM -- 13.2.3.5 Step 5: Develop a List of Potential Quick "Wins" for the ESRM Program -- 13.2.3.6 Step 6: Begin the Process of Meeting, Reviewing, and Directing the Program According to the Council Charter. Risk management. http://id.loc.gov/authorities/subjects/sh85114200 Financial risk management. http://id.loc.gov/authorities/subjects/sh2005007073 Risk Management https://id.nlm.nih.gov/mesh/D012308 Gestion du risque. Finances Gestion du risque. risk management. aat BUSINESS & ECONOMICS / Industrial Management bisacsh BUSINESS & ECONOMICS / Management bisacsh BUSINESS & ECONOMICS / Management Science bisacsh BUSINESS & ECONOMICS / Organizational Behavior bisacsh Financial risk management fast Risk management fast Loyear, Rachelle, author. Noakes-Fry, Kristen, editor. has work: Enterprise security risk management (Text) https://id.oclc.org/worldcat/entity/E39PCGPMRgXjHpGWpjrjwgmHT3 https://id.oclc.org/worldcat/ontology/hasWork Print version: Allen, Brian J. Enterprise security risk management : concepts and applilcations. Brooksfield, Connecticut : Rothstein Publishing, c2018 407 pages 9781944480448 FWS01 ZDB-4-EBA FWS_PDA_EBA https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=1645658 Volltext |
| spellingShingle | Allen, Brian J. Loyear, Rachelle Enterprise security risk management : concepts and applications / Cover -- Title page -- Copyright -- Dedication -- Acknowledgments -- Foreword -- Table of Contents -- Part 1: Why Enterprise Security Risk Management (ESRM)? -- 1: What is Enterprise Security Risk Management? -- 1.1 ESRM Defined -- 1.1.1 Enterprise -- 1.1.2 Security Risk -- 1.1.3 Risk Principles -- 1.2 ESRM Overview -- 1.2.1 ESRM Mission and Goals -- 1.2.2 ESRM Life Cycle -- A Quick Look -- 1.2.3 Your Role in ESRM -- 1.3 Why is ESRM Important? -- 1.3.1 Traditional Corporate Security Scenarios: Something is Missing -- 1.3.2 ESRM as a Driver for Consistency -- 1.4 What is ESRM Not? -- 1.4.1 How is ESRM Different from Enterprise Risk Management (ERM)? -- Questions for Discussion -- References -- Learn More About It -- 2: How Can ESRM Help You? -- 2.1 Security Function Professionals -- 2.1.1 The Student -- 2.1.1.1 How Can ESRM Help You? -- 2.1.2 The New Security Practitioner -- 2.1.2.1 How Can ESRM Help You? -- 2.1.3 The Security Manager or Executive -- 2.1.3.1 How Can ESRM Help You? -- 2.1.4 The Transitioning Public Sector Professional -- 2.1.4.1 How Can ESRM Help You? -- 2.2 Business Functional Professionals -- 2.2.1 The Business Function Manager -- 2.2.1.1 How Can ESRM Help You? -- 2.2.2 The Senior Executive -- 2.2.2.1 How Can ESRM Help Your Organization? -- 2.2.3 The Company Board of Directors -- 2.2.3.1 How Can ESRM Help Your Organization? -- Questions for Discussion -- References -- 3: How Can ESRM Help Your Security Program? -- 3.1 The Traditional View of Security and Why the Industry Must Chan -- 3.1.1 The Traditional View of Security -- 3.1.1.1 What Does Security Do? -- The Answer from the Security Practitioner -- 3.1.1.2 What Does Security Do? -- The Answer from the Board of Directors and Senior Executives -- 3.1.2 Why the Security Industry Needs to Define "Security" -- 3.1.3 The ESRM View of Security -- A Profession, not a Trade. 3.1.3.1. Managing Security Risks -- 3.1.4 ESRM-Based Security -- Moving from Task Management to Risk Management -- 3.1.4.1 Security Task Management -- 3.1.4.2 Security Risk Management -- 3.1.4.3 The ESRM Solution: A New Philosophy -- 3.1.5 Why Is the Traditional Approach to Security So Frustrating for So Many People? -- 3.1.5.1 The Missing Network Switch: A Story of Security Frustration -- 3.1.5.1.1 The Traditional Security Environment -- 3.1.5.1.2 The ESRM Security Environment -- 3.1.5.1.3 The ESRM Difference -- 3.2 The Evolving Global Risk Environment is Driving Industry to Risk Management Postures -- 3.2.1 Security and Risk Threats are Real -- 3.2.2 The Risk Conversation is Changing Rapidly -- 3.3 What Does "Security Success" Look Like? -- 3.3.1 Success is Not Just Measured by Numbers -- 3.3.2 In Security Success, Intangibles are Important -- 3.3.3 Your Answers Create Your Definition of "Success" -- 3.3.4 The Security Professional and the Business Leader: Using ESRM to Move Beyond Frustration to Success -- 3.3.5 The ESRM Philosophy of Security Success -- 3.3.5.1 Security Becomes Strategic -- 3.3.5.2 Security Becomes a Business Function -- Questions for Discussion -- References -- Learn More About It -- Part 2: The Fundamentals of ESRM -- 4: Preparing for an ESRM Program -- 4.1 Understand the Business and its Mission -- 4.1.1 Holistic Understanding of Risk -- 4.1.2 The Needs of Your Business -- 4.1.3 Sources of Information -- 4.1.3.1 Company Insiders -- 4.1.3.2 Company Published Communications -- 4.1.3.3 Outsiders and The Media -- 4.1.3.4 Observing Non-Verbal Communication -- The Underlying Culture -- 4.2 Understand the Business Environment -- 4.2.1 Examining the Environment the Business Operates In -- 4.3 Understand Your Stakeholders -- 4.3.1 What is a Stakeholder? -- 4.3.1.1 Finding Your Stakeholders: A Closer Look -- 4.3.2 Why Stakeholders Matter. 4.3.2.1 Risk Stakeholder Conflict -- Questions for Discussion -- References -- Learn More About It -- 5: The ESRM Cycle -- An Overview -- 5.1 What is ESRM? -- A Closer Look -- 5.1.1 Similarities to Industry Life Cycles -- 5.1.2 Application of the ESRM Model -- 5.2 The ESRM Life Cycle Model in Action -- 5.2.1 A Task Management Approach -- 5.2.2 An ESRM Approach -- 5.3 ESRM is Cyclical, But Not Always Sequential -- Questions for Discussion -- References -- 6: The ESRM Cycle -- Step 1: Identify and Prioritize Assets -- 6.1 Step 1 -- Identify and Prioritize Assets -- 6.2 What is an Asset? -- 6.2.1 How Do You Identify Business Assets? -- 6.2.1.1 Finding Tangible Assets -- 6.2.1.2 Finding Intangible Assets -- 6.2.2 Who Really "Owns" an Asset? -- 6.2.2.1 A Building -- 6.2.2.2 A Server -- 6.2.2.3 The Web of Assets and Asset Owners/Stakeholders -- 6.3 How Do You Assign Value to Assets? -- 6.3.1 Simple Tangible Asset Valuation (Two Methods) -- 6.3.2 Complex Tangible Asset Valuation -- 6.3.3 Intangible Asset Valuation (Three Methods) -- 6.3.4 Business Impact Analysis (BIA) -- 6.4 How Do You Prioritize Assets for Protection? -- 6.5 How Do You Deal with Conflicts in Asset Valuation and Prioritization? -- Questions for Discussion -- References -- Learn More About It -- 7: The ESRM Cycle -- Step 2: Identify and Prioritize Security Risks -- 7.1 Identify and Prioritize Security Risks -- 7.2 What is Risk? -- 7.2.1 The Risk Triangle -- 7.3 The Risk Assessment Process -- 7.3.1 ISO Standard and Good Practices -- 7.3.1.1 The ESRM Difference -- 7.4 Risk Identification -- Finding all the Risks -- 7.5 Prioritizing Risks for Mitigation -- 7.5.1 Presenting a Risk Matrix -- 7.5.1.1 Education vs. Fear -- 7.5.1.2 Building a Matrix -- 7.5.1.3 Building a Heat Map -- 7.5.1.4 Security Risk Decision-Making -- 7.5.2 Conflicts in Risk Prioritization -- 7.5.2.1 The Role of Security. 7.5.2.2 The Role of the Asset Owner -- Questions for Discussion -- References -- Learn More About It -- 8: The ESRM Cycle -- Step 3: Mitigate Prioritized Risks -- 8.1 Mitigate Prioritized Risks -- 8.2 Risk Management and Mitigation Responses in Existing Industry Standards -- 8.2.1 The ISO Risk Management Standard -- 8.2.2 The ESRM Difference -- 8.3 Risk Treatment Options -- 8.4 Risk Mitigation Decisions -- 8.4.1 Conflicts in Risk Mitigation Decisions -- Questions for Discussion -- Learn More About It -- 9: The ESRM Cycle -- Step 4: Improve and Advance -- 9.1 Improve and Advance -- 9.2 Incident Response -- 9.3 ESRM Investigations and Root Cause Analysis -- 9.3.1 Performing a Root Cause Analysis -- 9.4 Ongoing Security Risk Assessment -- 9.4.1 Sources of Risk Awareness -- 9.4.2 Reporting and Employee Vigilance -- Questions for Discussion -- References -- Learn More About It -- Part 3: Designing a Program That Works for Your Enterprise -- 10: Designing an ESRM Program to Fit Your Enterprise -- 10.1 Design Thinking -- A Conceptual Model for Your ESRM Program -- 10.2 The Phases of Design Thinking -- 10.2.1 Empathize Phase -- 10.2.2 Define Phase -- 10.2.3 Ideate Phase -- 10.2.4 Prototype Phase -- 10.2.5 Test Phase -- 10.3 ESRM Program Rollout in a Formal Design Thinking Model -- 10.3.1 Educate and Involve the Stakeholders (Empathy) -- 10.3.2 Iterate the Process (Your Definition and Prototypes) -- 10.3.3 Mature the Process (Testing and Feedback) -- 10.3.4 Expand the Process (Begin Again with a Larger Scope) -- Questions for Discussion -- References -- Learn More About It -- 11: Rolling Out Your ESRM Program -- 11.1 Rolling out ESRM in the Real World -- A Story -- 11.1.1 Step 1: Understanding the Current Environment and the Current Challenges (Empathy with Our Security Team) -- 11.1.1.1 A Deeper Dive (Even More Empathy). 11.1.2 Step 2: Communicating with the Business and Other Stakeholders (Empathy with Our Strategic Partners) -- 11.1.3 Step 3: Creating a Roadmap for the Program Rollout (Ideation and Brainstorming) -- 11.1.4 Step 4: Piloting the Program (Prototyping and Feedback) -- 11.1.5 Step 5: Implementation and Evolution Across the Enterprise -- 11.2 ESRM Program Rollout Checklist -- Questions for Discussion -- Learn More About It -- Part 4: Making ESRM Work for Your Organization -- 12: ESRM Essentials for Success -- 12.1 Transparency -- 12.1.1 Risk Transparency -- 12.1.2 Process Transparency -- 12.2 Independence -- 12.3 Authority -- 12.4 Scope -- 12.5 Parallels with Other Risk-Based Functions -- 12.5.1 What Are Audit, Legal, and Compliance? -- 12.5.2 What do Legal, Audit and Compliance Functions Need for Success? -- Questions for Discussion -- References -- Learn More About It -- 13: Security Governance -- 13.1 What is Corporate Governance? -- 13.1.1 Defining Corporate Governance -- 13.1.2 Why is Corporate Governance Important? -- 13.1.3 Common Themes in Corporate Governance -- 13.2 The Security Council: ESRM Governance -- 13.2.1 Who is the ESRM Security Council? -- 13.2.2 The Security Council's Role in ESRM -- 13.2.3 Setting Up a Security Council -- 13.2.3.1 Step 1: Define the Council Structure that Will Best Serve Enterprise Needs -- 13.2.3.2 Step 2: Define the Security Council Stakeholders -- 13.2.3.3 Step 3: Define the Mission, Objectives, and Goals of the Security Council and Document Them in a Council Charter -- 13.2.3.4 Step 4: Define Measurements/Project Key Performance Indicators (KPIs) for ESRM -- 13.2.3.5 Step 5: Develop a List of Potential Quick "Wins" for the ESRM Program -- 13.2.3.6 Step 6: Begin the Process of Meeting, Reviewing, and Directing the Program According to the Council Charter. Risk management. http://id.loc.gov/authorities/subjects/sh85114200 Financial risk management. http://id.loc.gov/authorities/subjects/sh2005007073 Risk Management https://id.nlm.nih.gov/mesh/D012308 Gestion du risque. Finances Gestion du risque. risk management. aat BUSINESS & ECONOMICS / Industrial Management bisacsh BUSINESS & ECONOMICS / Management bisacsh BUSINESS & ECONOMICS / Management Science bisacsh BUSINESS & ECONOMICS / Organizational Behavior bisacsh Financial risk management fast Risk management fast |
| subject_GND | http://id.loc.gov/authorities/subjects/sh85114200 http://id.loc.gov/authorities/subjects/sh2005007073 https://id.nlm.nih.gov/mesh/D012308 |
| title | Enterprise security risk management : concepts and applications / |
| title_auth | Enterprise security risk management : concepts and applications / |
| title_exact_search | Enterprise security risk management : concepts and applications / |
| title_full | Enterprise security risk management : concepts and applications / Brian J. Allen, Rachelle Loyear ; Kristen Noakes-Fry, editor. |
| title_fullStr | Enterprise security risk management : concepts and applications / Brian J. Allen, Rachelle Loyear ; Kristen Noakes-Fry, editor. |
| title_full_unstemmed | Enterprise security risk management : concepts and applications / Brian J. Allen, Rachelle Loyear ; Kristen Noakes-Fry, editor. |
| title_short | Enterprise security risk management : |
| title_sort | enterprise security risk management concepts and applications |
| title_sub | concepts and applications / |
| topic | Risk management. http://id.loc.gov/authorities/subjects/sh85114200 Financial risk management. http://id.loc.gov/authorities/subjects/sh2005007073 Risk Management https://id.nlm.nih.gov/mesh/D012308 Gestion du risque. Finances Gestion du risque. risk management. aat BUSINESS & ECONOMICS / Industrial Management bisacsh BUSINESS & ECONOMICS / Management bisacsh BUSINESS & ECONOMICS / Management Science bisacsh BUSINESS & ECONOMICS / Organizational Behavior bisacsh Financial risk management fast Risk management fast |
| topic_facet | Risk management. Financial risk management. Risk Management Gestion du risque. Finances Gestion du risque. risk management. BUSINESS & ECONOMICS / Industrial Management BUSINESS & ECONOMICS / Management BUSINESS & ECONOMICS / Management Science BUSINESS & ECONOMICS / Organizational Behavior Financial risk management Risk management |
| url | https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=1645658 |
| work_keys_str_mv | AT allenbrianj enterprisesecurityriskmanagementconceptsandapplications AT loyearrachelle enterprisesecurityriskmanagementconceptsandapplications AT noakesfrykristen enterprisesecurityriskmanagementconceptsandapplications |