Enterprise Security Risk Management

 

 

Attendees Get a Jump-Start on GSXhttps://adminsm.asisonline.org/Pages/Attendees-Get-a-Jump-Start-on-GSX.aspxAttendees Get a Jump-Start on GSXGP0|#28ae3eb9-d865-484b-ac9f-3dfacb4ce997;L0|#028ae3eb9-d865-484b-ac9f-3dfacb4ce997|Strategic Security;GTSet|#8accba12-4830-47cd-9299-2b34a43444652018-09-25T04:00:00Z<p>​Some GSX attendees got a head start on education in Vegas by attending pre-conference sessions at the Las Vegas Convention Center.</p><p><strong>Consulting. </strong>At the pre-GSX education program, "Successful Security Consulting," a faculty of seasoned security consultants sketched out the ways security professionals can make a living with their own practice.</p><p>The seminar was divided into six sections, including the business basics of security consulting; the various practice areas consultants can work in; and avoiding common mistakes and pitfalls.  </p><p>Sometimes, diplomacy is required when a consultant is hired by a company that has a full-time security manager who is not comfortable with outside help. </p><p>"Many security managers will be threatened by bringing in an outsider," said Alan Brockbank, CPP, and president of B-Secure Consulting.</p><p><strong>ESRM.</strong> "ESRM defines the role you play, not the tasks you assign."</p><p>That's the message Tim Wenzel, CPP, special security projects manager at Facebook, told attendees during a session on Enterprise Security Risk Management (ESRM), where they discussed what ESRM implementation in an organization would look like. </p><p>"Financial, legal, and HR departments do risk management all the time—they're in the business of looking at what could go wrong and taking steps in making sure that doesn't happen," Wenzel said. "We need to take ourselves out of the tactical sphere and look at it the same way."</p><p>One challenge can be accepting that the security department does not inherently own the risks a company faces.</p><p>"Our role is to be subject matter experts and provide guidance to executives on the risk we've uncovered," explained ASIS Board Member Timothy McCreight, CPP. "They also have the option to not do anything. It's the business decision of the executive team to accept that risk."</p><p><strong>Gaming. </strong>October 1, 2018, will mark the one-year anniversary of the Las Vegas shooting, the deadliest mass shooting in U.S. history that was carried out by a gunman stationed in the Mandalay Bay hotel in Las Vegas.</p><p>This incident was a major topic of discussion for the pre-GSX session "Trending Issues in Gaming Security," sponsored by the ASIS Gaming and Wagering Protection Council. The session focused on issues and solutions to security challenges in casinos and other gaming environments.</p><p>Tommy Burns, CPP, president of Burns & Associates, explained that roughly 30 years ago, most Las Vegas properties moved away from arming their security personnel. But in the wake of last year's shooting, security departments are once again considering arming staff to respond to incidents. </p><p><strong>Policies. </strong>When updating policies and procedures, organizations should document the history of the changes, said Alan Zajic, CPP, principal and owner at AWZ Security Consultants and chair of the ASIS Gaming and Wagering Protection Council, in Sunday's "Policy Writing Workshop." This will help protect companies if a case goes to trial. </p><p>"Seventy percent of the cases I get involved in, the policies and procedures I receive are not the same as the policies and procedures there were on that date," said Zajic, who regularly serves as an expert witness.   </p><p>The workshop's goal was to present policy writing in an approachable manner. </p><p>"It doesn't have to be written at a legal level," said Darrell A. Clifton, CPP, executive director of security at Eldorado Resorts and a workshop instructor. "It can be written very simply."</p>

Enterprise Security Risk Management

 

 

https://adminsm.asisonline.org/Pages/Attendees-Get-a-Jump-Start-on-GSX.aspx2018-09-25T04:00:00ZAttendees Get a Jump-Start on GSX
https://adminsm.asisonline.org/Pages/ESRM-Update-New-Education,-Guidelines,-and-Maturity-Model.aspx2018-09-24T04:00:00ZESRM Update: New Education, Guidelines, and Maturity Model
https://adminsm.asisonline.org/Pages/A-Failure-to-Plan.aspx2018-09-01T04:00:00ZA Failure to Plan
https://adminsm.asisonline.org/Pages/Lessons-in-Violence-Prevention.aspx2018-09-01T04:00:00ZLessons in Violence Prevention
https://adminsm.asisonline.org/Pages/A-World-of-Risk.aspx2018-09-01T04:00:00ZA World of Risk
https://adminsm.asisonline.org/Pages/Book-Review-150-Things-You-Should-Know-About-Security.aspx2018-09-01T04:00:00ZBook Review: 150 Things You Should Know About Security
https://adminsm.asisonline.org/Pages/Book-Review-Floods.aspx2018-09-01T04:00:00ZBook Review: Floods
https://adminsm.asisonline.org/Pages/New-Survey-on-Active-Shooter-Preparation-Opens.aspx2018-08-13T04:00:00ZNew Survey on Active Shooter Preparation Opens
https://adminsm.asisonline.org/Pages/Editor's-Note---Failing-to-Plan.aspx2018-08-01T04:00:00ZEditor's Note: Failing to Plan
https://adminsm.asisonline.org/Pages/Critical-Risk-Management.aspx2018-08-01T04:00:00ZCritical Risk Management
https://adminsm.asisonline.org/Pages/How-to-Implement-ESRM.aspx2018-08-01T04:00:00ZHow to Implement ESRM
https://adminsm.asisonline.org/Pages/Five-Not-So-Easy-Pieces.aspx2018-08-01T04:00:00ZFive Not-So-Easy Pieces
https://adminsm.asisonline.org/Pages/Book-Review--Business-Continuity.aspx2018-08-01T04:00:00ZBook Review: Business Continuity
https://adminsm.asisonline.org/Pages/The-Future-CSO.aspx2018-07-01T04:00:00ZQ&A: The Future CSO
https://adminsm.asisonline.org/Pages/Bridging-Worlds.aspx2018-07-01T04:00:00ZBridging Worlds
https://adminsm.asisonline.org/Pages/Risk-Rising.aspx2018-05-01T04:00:00ZRisk Rising
https://adminsm.asisonline.org/Pages/On-a-Sea-of-Risk.aspx2018-04-01T04:00:00ZOn a Sea of Risk
https://adminsm.asisonline.org/Pages/Editor's-Note---Awareness.aspx2018-04-01T04:00:00ZEditor's Note: Awareness
https://adminsm.asisonline.org/Pages/book-review-managers-guide-to-esrm.aspx2018-03-10T05:00:00ZBook Review: The Manager's Guide to Enterprise Security Risk Management: Essentials of Risk-Based Security.
https://adminsm.asisonline.org/Pages/Editor's-Note---Incentive.aspx2018-02-01T05:00:00ZEditor's Note: Incentive

 You May Also Like...