You are previewing Security Risk Assessment.
O'Reilly logo
Security Risk Assessment

Book Description

Security Risk Assessment is the most up-to-date and comprehensive resource available on how to conduct a thorough security assessment for any organization.

A good security assessment is a fact-finding process that determines an organization’s state of security protection. It exposes vulnerabilities, determines the potential for losses, and devises a plan to address these security concerns. While most security professionals have heard of a security assessment, many do not know how to conduct one, how it’s used, or how to evaluate what they have found.

Security Risk Assessment offers security professionals step-by-step guidance for conducting a complete risk assessment. It provides a template draw from, giving security professionals the tools needed to conduct an assessment using the most current approaches, theories, and best practices.



  • Discusses practical and proven techniques for effectively conducting security assessments
  • Includes interview guides, checklists, and sample reports
  • Accessibly written for security professionals with different levels of experience conducting security assessments

Table of Contents

  1. Cover image
  2. Title page
  3. Table of Contents
  4. Copyright
  5. Acknowledgments
  6. About the Author
  7. Preface
  8. Chapter 1. Introduction to Security Risk Assessments
    1. What Is a Security Risk Assessment?
    2. Security Risk Assessment Intent
    3. Who Will Conduct the Assessment?
    4. How Often Do I Need to Complete an Assessment?
    5. How Long Will This Process Take?
  9. Chapter 2. Preassessment Planning
    1. Services Agreement
    2. Project Management
    3. Identify the Participants
    4. Project Schedule
    5. Budgeting Considerations
    6. Project Assumptions
    7. Deliverables
  10. Chapter 3. Project Management
    1. Security Management versus Security Consultant
    2. Internal Personnel
    3. Security Consultants
  11. Chapter 4. Defining the Project Scope
    1. The Project Scope
    2. Measurement Standards
    3. Locations Included
  12. Chapter 5. Information Gathering
    1. Internal Sources
    2. External Sources
    3. Staff Survey
    4. Project Interviews
  13. Chapter 6. Physical Security Assessment
    1. Kickoff Meeting
    2. Interviews
    3. Conducting the Assessment
    4. Building Exterior
    5. Building Interior
  14. Chapter 7. Security Department Operations
    1. Management Review
    2. Security Culture
    3. Management Span of Control
    4. Security Management Plan
    5. Statutory and Regulatory Requirements
    6. Security Staff Scheduling
    7. Security Patrol Operations
    8. Security Policies
    9. Security Recordkeeping
    10. Security Incident Report Follow-Up
  15. Chapter 8. Security Training
    1. Staff Security Awareness Training
    2. Security Officer Training
    3. Training Documentation
    4. Frequency of Training
    5. Professional Certifications
    6. Training Resources
    7. Summary
  16. Chapter 9. Workplace Violence Risks and Vulnerabilities
    1. Violence Indicators
    2. Suspect Profiling
    3. Workplace Violence Risk Assessment
    4. Documentation Review
    5. Threat Assessment Team
    6. Prevention Strategies
    7. Risk Foreseeability
    8. Summary
  17. Chapter 10. Financial Risk Assessment
    1. Financial Asset Management
    2. Cash Handling
    3. Paid Parking
    4. Lost and Found
    5. Transportation of Money
    6. Fiduciary Responsibility
  18. Chapter 11. Security Technology Assessment
    1. Locks and Keys
    2. Security Cameras
    3. Security Alarms
    4. Mass Notification Systems
    5. Security Officer Equipment
    6. Specialized Security Equipment
    7. Summary
  19. Chapter 12. Access Control
    1. Lock and Key Control
    2. Cipher Locks
    3. Electronic Card Access Control
    4. Door Hardware
    5. Visitor Management
    6. Crime Prevention through Environmental Design (CPTED)
    7. Geographic Considerations
    8. Biometrics
  20. Chapter 13. Legal Considerations and Prevention Strategies
    1. Litigation Avoidance
    2. Crime Prevention
    3. Loss Prevention Strategies
    4. Security Vulnerability Analysis
    5. Threat Identification
    6. Summary
  21. Chapter 14. Contracted Services
    1. Police Services and Contracted Staffing
    2. Electronic Security Contractors: Installs and Maintenance
    3. Background Investigation Firms
    4. Parking Management Firms
    5. Document Shredding Services
    6. Contract Security Services
    7. Summary
  22. Chapter 15. The Security Risk Assessment Report
    1. Report Writing
    2. Components of the Assessment Report
  23. Chapter 16. Conclusion
    1. Implementation Project Management
    2. Project Team
    3. Challenges
    4. Implementation Phase
    5. Tracking Change
    6. Measuring Outcomes
    7. Let’s Do It Again
  24. Index