Business
Fact-checked

At WiseGEEK, we're committed to delivering accurate, trustworthy information. Our expert-authored content is rigorously fact-checked and sourced from credible authorities. Discover how we uphold the highest standards in providing you with reliable knowledge.

Learn more...

What is Security Risk Management?

Jessica Ellis
Jessica Ellis
Jessica Ellis
Jessica Ellis

Security risk management refers to programs and processes set up to protect security against potential threats. Managing security risks may be part of an overall plan to protect against threats to a business's livelihood that includes employee training, quality assurance, and safety programs. Security risk management usually involves the analysis of security risks, the creation and implementation of security measures, and an ongoing review process that can expose holes in the system or allow for new security measures to be integrated.

Risk analysis is an important part of any security risk management plan. Analysis may include not only an understanding of the vulnerabilities of the business, but also what the potential impact of security breaches may be. For instance, in a small gift store, hiring a 24 hour armed guard to protect against shoplifting may be impractical if the salary of the guard exceeds the likely loss of income due to shoplifting. Similarly, a posted sign asking people not to steal is probably not enough of a deterrent or safety measure to protect a high-risk location such as a bank from robbery attempts.

Stores may take extra security measures to more easily spot shoplifters as a form of risk management.
Stores may take extra security measures to more easily spot shoplifters as a form of risk management.

Security risk management may be handled internally, by a group of trained employees, or may be passed on to third party risk analysis and solution companies. Some people prefer to hire an internal security team since they will have valuable insight into the internal workings of the company and may feel more loyal to the business. On the other hand, outside security teams may have more advanced training and be better equipped to understand the technology and methodology of security risk management.

The goal of most security risk management teams is to provide adequate protection from risk without costing the business more money than exposure to risk might. This may not simply be a matter of business profits versus security concerns, however, as it is important to consider what a high-profile robbery or break in could do to company reputation and future profitability. Security risk management may also be more important to a business that has suffered a security breach, as no visible changes to security systems may inspire copycat thieves or fraudsters to try to repeat the breach.

Though measures such as camera systems, guards, response teams, employee background checks, and staff training for security problems are important to the risk management of physical businesses, the world of digital commerce requires an entirely different system. In information technology or IT security risk management, analysis and response is far less concerned with physical break ins or thefts, and more worried about the use of viruses and the potential for hacking and identity theft. For IT security at the highest level, businesses frequently rely on outside contractors or create a security team made up of IT professionals.

Jessica Ellis
Jessica Ellis

With a B.A. in theater from UCLA and a graduate degree in screenwriting from the American Film Institute, Jessica is passionate about drama and film. She has many other interests, and enjoys learning and writing about a wide range of topics in her role as a WiseGEEK writer.

Learn more...
Jessica Ellis
Jessica Ellis

With a B.A. in theater from UCLA and a graduate degree in screenwriting from the American Film Institute, Jessica is passionate about drama and film. She has many other interests, and enjoys learning and writing about a wide range of topics in her role as a WiseGEEK writer.

Learn more...

Discuss this Article

Post your comments
Login:
Forgot password?
Register:
    • Stores may take extra security measures to more easily spot shoplifters as a form of risk management.
      By: Gina Sanders
      Stores may take extra security measures to more easily spot shoplifters as a form of risk management.