Risk Analysis and Security Countermeasure Selection / Edition 1

Risk Analysis and Security Countermeasure Selection / Edition 1

by Thomas L. Norman, CPP/PSP/CSC
     
 

When properly conducted, risk analysis enlightens, informs, and illuminates, helping management organize their thinking into properly prioritized, cost-effective action. Poor analysis, on the other hand, usually results in vague programs with no clear direction and no metrics for measurement. Although there is plenty of information on risk analysis, it is rare to

See more details below

Overview

When properly conducted, risk analysis enlightens, informs, and illuminates, helping management organize their thinking into properly prioritized, cost-effective action. Poor analysis, on the other hand, usually results in vague programs with no clear direction and no metrics for measurement. Although there is plenty of information on risk analysis, it is rare to find a book that explains this highly complex subject with such startling clarity. Very few, if any, focus on the art of critical thinking and how to best apply it to the task of risk analysis.

The first comprehensive resource to explain how to evaluate the appropriateness of countermeasures, from a cost-effectiveness perspective, Risk Analysis and Security Countermeasure Selection details the entire risk analysis process in language that is easy to understand. It guides readers from basic principles to complex processes in a step-by-step fashion, evaluating DHS–approved risk assessment methods, including CARVER, API/NPRA, RAMCAP, and various Sandia methodologies.

Using numerous case illustrations, the text clearly explains the five core principles of the risk analysis lifecycle—determining assets, threats, vulnerabilities, risks, and countermeasures. It also supplies readers with a completely adaptable graphic risk analysis tool that is simple to use, can be applied in public or private industries, and works with all DHS–approved methods. This reader-friendly guide provides the tools and insight needed to effectively analyze risks and secure facilities in a broad range of industries, including DHS designated critical infrastructure in the chemical, transportation, energy, telecommunications, and public health sectors.

Read More

Product Details

ISBN-13:
9781420078701
Publisher:
Taylor & Francis
Publication date:
12/21/2009
Edition description:
New Edition
Pages:
422
Product dimensions:
6.90(w) x 10.10(h) x 1.00(d)

Table of Contents

SECTION I: RISK ANALYSIS

Risk Analysis—The Basis for Appropriate and Economical Countermeasures
Critical Thinking
Qualitative versus Quantitative Analysis
Theory, Practice, and Tools
Organization

Risk Analysis Basics and the Department of Homeland Security–Approved Risk Analysis Methods
Risk Analysis for Facilities and Structures
Many Interested Stakeholders and Agendas
Commercially Available Software Tools
Risk Analysis Basics
Risk Assessment Steps
Which Methodology to Use?

Risk Analysis Skills and Tools
Skill #1: Gathering Data
Skill #2: Research and Evidence Gathering
Skill #3: Critical Thinking in the Risk Analysis Process
Skill #4: Quantitative Analysis
Skill #5: Qualitative Analysis
Skill #6: Countermeasures Selection
Skill #7: Report Writing

Critical Thinking and the Risk Analysis Process
Overview of Critical Thinking
The Importance of Critical Thinking
Analysis Requires Critical Thinking
The Eight Elements that make up the Thinking Process
The Concepts, Goals, Principles, and Elements of Critical Thinking
Pseudo-Critical Thinking
Intellectual Traits
The Importance of Integrating Critical Thinking into Everyday Thinking
Applying Critical Thinking to Risk Analysis
More about Critical Thinking
The Root of Problems

Asset Characterization and Identification
Theory
Practice
Tools

Criticality and Consequence Analysis
Twofold Approach
Criticality
Consequence Analysis
Building your Own Criticality/Consequences Matrix
Criticality/Consequence Matrix Instructions

Threat Analysis
Theory
Practice
Tools

Assessing Vulnerability
Review of Vulnerability Assessment Model
Define Scenarios and Evaluate Specific Consequences
Evaluate Vulnerability

Estimating Probability
Resources for Likelihood
Criminal versus Terrorism Likelihood Resources
Criminal Incident Likelihood Estimates

The Risk Analysis Process
Diagram Analysis
Asset Target Value Matrices
Probability Summary Matrix
Vulnerability Components

Prioritizing Risk
Prioritization Criteria
Natural Prioritization (Prioritizing By Formula)
Prioritization of Risk
Communicating Priorities Effectively
Best Practices Ranking Risk Results

SECTION II: POLICY DEVELOPMENT BEFORE COUNTERMEASURES

Security Policy Introduction
The Hierarchy of Security Program Development
What are Policies, Standards, Guidelines, and Procedures?

Security Policy and Countermeasure Goals
Theory
The Role of Policies in the Security Program
The Role of Countermeasures in the Security Program
Why Should Policies Precede Countermeasures?
Security Policy Goals
Security Countermeasure Goals
Policy Support for Countermeasures
Key Policies

Developing Effective Security Policies
P
rocess for Developing and Introducing Security Policies
Policy Requirements
Basic Security Policies
Security Policy Implementation Guidelines
Regulatory-Driven Policies
Nonregulatory-Driven Policies

SECTION III: COUNTERMEASURE SELECTION

Countermeasure Goals and Strategies
Countermeasure Objectives, Goals, and Strategies
Access Control
Deterrence
Detection
Assessment
Response (Including Delay)
Evidence Gathering
Comply with the Business Culture of the Organization
Minimize Impediments to Normal Business Operations
Safe and Secure Environment
Design Programs to Mitigate possible Harm from Hazards and Threat Actors

Types of Countermeasures
Baseline Security Program
Specific Countermeasures
Countermeasures Selection Basics
No-Tech Elements

Countermeasure Selection and Budgeting Tools
The Challenge
Countermeasure Effectiveness
Functions of Countermeasures
Countermeasure Effectiveness Metrics
Helping Decision Makers Reach Consensus on Countermeasure Alternatives
Helping Decision Makers Reach Consensus on Countermeasure
Alternatives

Security Effectiveness Metrics
Theory
Sandia Model
A Useful Commercial Model
What kind of Information Do We Need to Evaluate to Determine Security Program Effectiveness?
What Kind of Metrics Can Help Us Analyze Security Program Effectiveness?

Cost-Effectiveness Metrics
What Are the Limitations of Cost-Effectiveness Metrics?
What Metrics Can Be Used to Determine Cost-Effectiveness?
Communicating Priorities Effectively
Basis of Argument
Complete Cost-Effectiveness Matrix
Complete Cost-Effectiveness Matrix Elements

Writing Effective Reports
The Comprehensive Risk Analysis Report
Countermeasures
Report Supplements

Each chapter begins with an "Introduction" and ends with a "Summary"

Read More

Customer Reviews

Average Review:

Write a Review

and post it to your social network

     

Most Helpful Customer Reviews

See all customer reviews >