The Business of Security is the Strategy of the Business

Tuesday, September 28 10:00 AM - 11:00 AM Eastern Time (US & Canada)

Location: Game Plans: What’s Next for Security Theater

Event Information

Title: The Business of Security is the Strategy of the Business


Quality risk, threat, and vulnerability assessments are a core function of any security program. Risk assessment is the identification, analysis, and evaluation of uncertainties to objectives and outcomes. It provides a comparison between the desired/undesired outcomes and expected rewards/losses of organizational objectives. The risk assessment analyzes whether the uncertainty is within acceptable boundaries and within the organization’s capacity to manage risk. The results of the risk assessment inform the responsible and accountable decision-makers of choices available to effectively manage risk to achieve the organization’s objectives. A quality risk assessment is an entry to Enterprise Security Risk Management (ESRM). You cannot develop solutions until you understand the problem. 

Type: All Access Education

Target Audience Experience Level: Mid-Career

Industry Application: Industry Agnostic

Globally Focused Session: Globally Applicable

Learning Objective #1: Learn how to apply the ANSI/ASIS/RIMS Risk Assessment Standard, the Enterprise Security Risk Management Guideline, and ISO 31000 Risk Management Standard to create a quality risk, threat, and vulnerability assessment that significantly contributes to meeting enterprise risk objectives.

Learning Objective #2: Understand the importance of organizational risk strategy and how a quality risk, threat, and vulnerability assessment establishes a baseline for mitigating risk and creating alignment between the security function and the success of the enterprise.

Learning Objective #3: Identify key performance indicators and metrics supported by analytics that measure the value in risk and demonstrate how the security department intersects and impacts all enterprise functions.