Shows how to write a risk and impact assessment report, and illustrates some of the science behind risk and continuity theories.

The most practical and sensible way to implement ERM-while avoiding all of the classic mistakes Emphasizing an enterprise risk management approach that utilizes actual business data to estimate the probability and impact of key risks in an organization, Practical Enterprise Risk Management: A Business Process Approach boils this topic down to make it accessible to both line managers and high level executives alike. The key lessons involve basing risk estimates and prevention techniques on known quantities rather than subjective estimates, which many popular ERM methodologies consist of. Shows readers how to look at real results and actual business processes to get to the root cause of key risks Explains how to manage risks based on an understanding of the problem rather than best guess estimates Emphasizes a focus on potential outcomes from existing processes, as well as a look at actual outcomes over time Throughout, practical examples are included from various healthcare, manufacturing, and retail industries that demonstrate key concepts, implementation guidance to get started, as well as tables of risk indicators and metrics, physical structure diagrams, and graphs.

As a security professional, have you found that you and others in your company do not always define “security” the same way? Perhaps security interests and business interests have become misaligned. Brian Allen and Rachelle Loyear offer a new approach: Enterprise Security Risk Management (ESRM). By viewing security through a risk management lens, ESRM can help make you and your security program successful. In their long-awaited book, based on years of practical experience and research, Brian Allen and Rachelle Loyear show you step-by-step how Enterprise Security Risk Management (ESRM) applies fundamental risk principles to manage all security risks. Whether the risks are informational, cyber, physical security, asset management, or business continuity, all are included in the holistic, all-encompassing ESRM approach which will move you from task-based to risk-based security. How is ESRM familiar? As a security professional, you may already practice some of the components of ESRM. Many of the concepts – such as risk identification, risk transfer and acceptance, crisis management, and incident response – will be well known to you. How is ESRM new? While many of the principles are familiar, the authors have identified few organizations that apply them in the comprehensive, holistic way that ESRM represents – and even fewer that communicate these principles effectively to key decision-makers. How is ESRM practical? ESRM offers you a straightforward, realistic, actionable approach to deal effectively with all the distinct types of security risks facing you as a security practitioner. ESRM is performed in a life cycle of risk management including: Asset assessment and prioritization. Risk assessment and prioritization. Risk treatment (mitigation). Continuous improvement. Throughout Enterprise Security Risk Management: Concepts and Applications, the authors give you the tools and materials that will help you advance you in the security field, no matter if you are a student, a newcomer, or a seasoned professional. Included are realistic case studies, questions to help you assess your own security program, thought-provoking discussion questions, useful figures and tables, and references for your further reading. By redefining how everyone thinks about the role of security in the enterprise, your security organization can focus on working in partnership with business leaders and other key stakeholders to identify and mitigate security risks. As you begin to use ESRM, following the instructions in this book, you will experience greater personal and professional satisfaction as a security professional – and you’ll become a recognized and trusted partner in the business-critical effort of protecting your enterprise and all its assets.

Enterprise Risk Management: Advances on its Foundation and Practice relates the fundamental enterprise risk management (ERM) concepts and current generic risk assessment and management principles that have been influential in redefining the risk field over the last decade. It defines ERM with a particular focus on understanding the nexus between risk, uncertainty, knowledge and performance. The book argues that there is critical need for ERM concepts, principles and methods to adapt to the latest and most influential risk management developments, as there are several issues with outdated ERM theories and practices; problems include the inability to effectively and systematically balance both opportunity and downside performance, or relying too much on narrow probability-based perspectives for risk assessment and decision-making. It expands traditional loss-based risk principles into new and innovative performance-risk frameworks, and presents fundamental risk principles that have recently been developed by the Society for Risk Analysis (SRA). All relevant statistical and risk concepts are clearly explained and interpreted using minimal mathematical notation. The focus of the book is centered around ideas and principles, more than technicalities. The book is primarily intended for risk professionals, researchers and graduate students in the fields of engineering and business, and should also be of interest to executive managers and policy makers with some background in quantitative methods such as statistics.

The ultimate guide to maximizing shareholder value through ERM The first book to introduce an emerging approach synthesizing ERM and value-based management, Corporate Value of Enterprise Risk Management clarifies ERM as a strategic business management approach that enhances strategic planning and other decision-making processes. A hot topic in the wake of a series of corporate scandals as well as the financial crisis Looks at ERM as a way to deliver on the promise of balancing risk and return A practical guide for corporate Chief Risk Officers (CROs) and other business professionals seeking to successfully implement ERM ERM is here to stay. Sharing his unique insights and experiences as a recognized global thought leader in this field, author Sim Segal offers world-class guidance on how your business can successfully implement ERM to protect and increase shareholder value.

Considers why many top executives do not link risk management to organisational effectiveness. Examines how risk relates to strategy-setting and identifies each risk management activity. Advises that risk is an integral part of day-to-day management rather than a periodic exercise.