ASIS International, the association of security management professionals, released its Enterprise Security Risk Management (ESRM) Guideline, which takes a different approach to traditional security. The new guideline is the first strategic security management tool of its kind, elevating the security function by establishing a partnership between security professionals and business leaders to manage security risks.
The objective of ESRM is to identify, evaluate, and mitigate the likelihood and/or impact of security risks to the organisation with priority given to protective activities that help enable the organisation to advance its overall mission. ESRM positions the security professional as a trusted advisor to help guide asset owners through the process of making security risk management decisions.
