The Security Executive Council has released Adding Business Value by Managing Security Risks, a “security in a box” resource intended to help small to medium-sized businesses add value to the company’s bottom line.
Adding Business Value by Managing Security Risks addresses the core components of a successful risk mitigation and security program, identified by the Council through many years of research. It includes actual program elements, documentation, examples, templates, outlines, presentations and other components that Security Executive Council community members, faculty and staff have used successfully in their own programs. The book is designed to save security practitioners research time and consulting money as they evaluate and develop risk management solutions.
“This book represents the collective knowledge of numerous security executives and combines the common elements of their successful security programs to form a baseline from which you can create your own program,” Security Executive Council Managing Director Bob Hayes told Security Magazine and Zalud’s Blog. It also gives practitioners and executives responsible for corporate security the tools they need to validate an existing program or identify missing program elements. The guide is a useful training tool for security staff and deputies as well. With these resources, the reader can more easily align the organization’s appetite for risk with the company growth strategy and budget.
The book is in three-ring binder format, making it easy for practitioners to add their own content, and the included CD contains the appendices. While Adding Business Value by Managing Security Risks is an extremely useful tool in its current form, there are even more chapters planned. The Council has published this resource as an initial “beta” version and expects to finalize a v.1 after incorporating industry feedback.