What Will You Learn?
- Concepts of uncertainty in security risk management. Terms and definitions. Roles of a project leader in relation to uncertainty.
Course Content
UNIT 1. Managing Security Uncertainty
Concepts of uncertainty in security risk management. Terms and definitions. Roles of a project leader in relation to uncertainty.
-
Uncertainty as a central feature of effective management
-
Targets, expectations, and commitments
-
Qualitative versus quantitative security risk analysis
UNIT 2. Strategic knowledge areas
-
The Four pillars of Security Risk Management
-
The quadruple constraints of Security Risk Management
-
Assessing Exposure
-
Assessing Threat
-
Vulnerability Assessment
-
Criticality Assessment
-
External Environments
-
Frequency of activities
-
Security Risk Management
-
Methodologies
-
Risk Management processes and Risk Appetite
-
Swiss Cheese Model
-
Risk Bow-Tie
-
Security Barriers
-
Types of Resources, Allocation and Prioritization
-
Hierarchy of Controls
-
Internal and External players
UNIT 3. Operational Competency areas
Business Integration & Implementation Management
-
Business cases for Security
-
General Management Practice
-
Understanding and leading the Security Risk
-
Management Processes
-
Organizational Requirements
-
Sustainability and Maintenance
-
Safety Management
-
Quality and Financial Management systems
-
Functional Design of Security Treatments
-
Organizational structure and culture
-
Quality Management Systems
-
Project and Change Management in SRM
UNIT 4. Qualitative Analysis
Understanding the issues and their subjective relationships using simple methods and more comprehensive graphical methods.
-
Simple risk analysis using the matrices
-
Structuring the issues for a more complete analysis
-
Specific and general responses
-
Identifying issue ownership
-
Technology readiness assessment
-
Case Study – Qualitative risk analysis
UNIT 5. Quantitative Analysis
What to do when the level of risk is not yet clear. Calculating methods to quantify uncertainty in a world of subjectivity, and work with the impacts of multiple risks in combination.
UNIT 5. Quantitative Analysis
What to do when the level of risk is not yet clear. Calculating methods to quantify uncertainty in a world of subjectivity, and work with the impacts of multiple risks in combination.
-
Assessing the usefulness of quantification
-
Quantification methods
-
Merging subjective and objective data
-
Evaluating overall implications of issues in combination
-
Dependency among issues
-
Portraying the effect through useful graphics that help to diagnose the implications
-
Sensitivity tests and financial portrayals
-
Case Study – Quantitative risk analysis
UNIT 6. Security Governance
-
What is security governance
-
Duty of care
-
Resilience
-
Building resilience
-
Security culture
-
Governance frameworks
-
Incidence management and reporting
UNIT 7. Activity Areas
-
Introduction
-
Intelligence
-
Recovery and continuity
-
Protective security
-
Recovering and continuity management
-
Regulation and policies
-
The intelligence cycles
-
Emergency response Management and SRM
-
Training and implementation
-
Governance and accountability
-
Operations and application
-
Sustainability and Resilience