The definition of security risk management is very interesting indeed. It says that Security Risk Management is “the culture, processes and structures that are directed towards maximizing benefits and minimizing adverse effects associated with the intentional and 
unwarranted actions of others against organizational assets”. It clearly implies that security risks to any organization are both real and imaginary. But all organizations keep themselves in a state of readiness to protect against any unwarranted actions of others which might cause harm to it.
As with any risk management plan to face a risk, security risk management also begins with identifying the risks. Where they can come from, what can be their severity etc.? After this comes the process of analyzing each threat on its own. Process of assessing the probability of occurrence of each threat to the organization then starts. The security risk management team then decides on methods to react to each security risk, and also to prevent such threats from arising in the first place. Security risk management has been revolutionized with the advent of internet and modern means of telecommunication and it has in fact become very complex with all the modern gadgets being used for threat perception, analysis and probable reaction to these threats. It is just like a nation that remains in a perpetual state of readiness when it comes to its defenses.
Whether it is organizing a function at home or running a small or large business, security risks are inevitable. Can you imagine your city with all the security, police, security systems, CCTV, stop lights, passwords, codes and doors without locks? No? Then how can you think of any business without any security risk management plan?
Security risk management is all about allocating resources at the right places and right times to prevent any untoward action against the business.
Comments on this entry are closed.