The Complete Guide to Business Risk Management

The Complete Guide to Business Risk Management

Author: Kit Sadgrove

Publisher: Routledge

Published: 2020-07-26

Total Pages: 774

ISBN-13: 1000152065

DOWNLOAD EBOOK

Risk management and contingency planning has really come to the fore since the first edition of this book was originally published. Computer failure, fire, fraud, robbery, accident, environmental damage, new regulations - business is constantly under threat. But how do you determine which are the most important dangers for your business? What can you do to lessen the chances of their happening - and minimize the impact if they do happen? In this comprehensive volume Kit Sadgrove shows how you can identify - and control - the relevant threats and ensure that your company will survive. He begins by asking 'What is risk?', 'How do we assess it?' and 'How can it be managed?' He goes on to examine in detail the key danger areas including finance, product quality, health and safety, security and the environment. With case studies, self-assessment exercises and checklists, each chapter looks systematically at what is involved and enables you to draw up action plans that could, for example, provide a defence in law or reduce your insurance premium. The new edition reflects the changes in the global environment, the new risks that have emerged and the effect of macroeconomic factors on business profitability and success. The author has also included a set of case studies to illustrate his ideas in practice.


Security Risk Management

Security Risk Management

Author: Evan Wheeler

Publisher: Elsevier

Published: 2011-04-20

Total Pages: 361

ISBN-13: 1597496162

DOWNLOAD EBOOK

Security Risk Management is the definitive guide for building or running an information security risk management program. This book teaches practical techniques that will be used on a daily basis, while also explaining the fundamentals so students understand the rationale behind these practices. It explains how to perform risk assessments for new IT projects, how to efficiently manage daily risk activities, and how to qualify the current risk level for presentation to executive level management. While other books focus entirely on risk analysis methods, this is the first comprehensive text for managing security risks. This book will help you to break free from the so-called best practices argument by articulating risk exposures in business terms. It includes case studies to provide hands-on experience using risk assessment tools to calculate the costs and benefits of any security investment. It explores each phase of the risk management lifecycle, focusing on policies and assessment processes that should be used to properly assess and mitigate risk. It also presents a roadmap for designing and implementing a security risk management program. This book will be a valuable resource for CISOs, security managers, IT managers, security consultants, IT auditors, security analysts, and students enrolled in information security/assurance college programs. - Named a 2011 Best Governance and ISMS Book by InfoSec Reviews - Includes case studies to provide hands-on experience using risk assessment tools to calculate the costs and benefits of any security investment - Explores each phase of the risk management lifecycle, focusing on policies and assessment processes that should be used to properly assess and mitigate risk - Presents a roadmap for designing and implementing a security risk management program


Risk Management for Project Driven Organizations

Risk Management for Project Driven Organizations

Author: Andy Jordan

Publisher: J. Ross Publishing

Published: 2013-05-13

Total Pages: 361

ISBN-13: 1604270853

DOWNLOAD EBOOK

Organizations invest a lot of time, money, and energy into developing and utilizing risk management practices as part of their project management disciplines. Yet, when you move beyond the project to the program, portfolio, PMO and even organizational level, that same level of risk command and control rarely exists. With this in mind, well-known subject matter expert and author Andy Jordan starts where most leave off. He explores risk management in detail at the portfolio, program, and PMO levels. Using an engaging and easy-to-read writing style, Mr. Jordan takes readers from concepts to a process model, and then to the application of that customizable model in the user’s unique environment, helping dramatically improve their risk command and control at the organizational level. He also provides a detailed discussion of some of the challenges involved in this process. Risk Management for Project Driven Organizations is designed to aid strategic C-level decision makers and those involved in the project, program, portfolio, and PMO levels of an organization. J. Ross Publishing offers an add-on for a nominal fee -- Downloadable tools and templates for easy customization and implementation.


Enterprise Risk Management

Enterprise Risk Management

Author: James Lam

Publisher: John Wiley & Sons

Published: 2014-01-06

Total Pages: 501

ISBN-13: 1118834437

DOWNLOAD EBOOK

A fully revised second edition focused on the best practices of enterprise risk management Since the first edition of Enterprise Risk Management: From Incentives to Controls was published a decade ago, much has changed in the worlds of business and finance. That's why James Lam has returned with a new edition of this essential guide. Written to reflect today's dynamic market conditions, the Second Edition of Enterprise Risk Management: From Incentives to Controls clearly puts this discipline in perspective. Engaging and informative, it skillfully examines both the art as well as the science of effective enterprise risk management practices. Along the way, it addresses the key concepts, processes, and tools underlying risk management, and lays out clear strategies to manage what is often a highly complex issue. Offers in-depth insights, practical advice, and real-world case studies that explore the various aspects of ERM Based on risk management expert James Lam's thirty years of experience in this field Discusses how a company should strive for balance between risk and return Failure to properly manage risk continues to plague corporations around the world. Don't let it hurt your organization. Pick up the Second Edition of Enterprise Risk Management: From Incentives to Controls and learn how to meet the enterprise-wide risk management challenge head on, and succeed.


Cybersecurity and Third-Party Risk

Cybersecurity and Third-Party Risk

Author: Gregory C. Rasner

Publisher: John Wiley & Sons

Published: 2021-06-11

Total Pages: 308

ISBN-13: 1119809568

DOWNLOAD EBOOK

Move beyond the checklist and fully protect yourself from third-party cybersecurity risk Over the last decade, there have been hundreds of big-name organizations in every sector that have experienced a public breach due to a vendor. While the media tends to focus on high-profile breaches like those that hit Target in 2013 and Equifax in 2017, 2020 has ushered in a huge wave of cybersecurity attacks, a near 800% increase in cyberattack activity as millions of workers shifted to working remotely in the wake of a global pandemic. The 2020 SolarWinds supply-chain attack illustrates that lasting impact of this dramatic increase in cyberattacks. Using a technique known as Advanced Persistent Threat (APT), a sophisticated hacker leveraged APT to steal information from multiple organizations from Microsoft to the Department of Homeland Security not by attacking targets directly, but by attacking a trusted partner or vendor. In addition to exposing third-party risk vulnerabilities for other hackers to exploit, the damage from this one attack alone will continue for years, and there are no signs that cyber breaches are slowing. Cybersecurity and Third-Party Risk delivers proven, active, and predictive risk reduction strategies and tactics designed to keep you and your organization safe. Cybersecurity and IT expert and author Gregory Rasner shows you how to transform third-party risk from an exercise in checklist completion to a proactive and effective process of risk mitigation. Understand the basics of third-party risk management Conduct due diligence on third parties connected to your network Keep your data and sensitive information current and reliable Incorporate third-party data requirements for offshoring, fourth-party hosting, and data security arrangements into your vendor contracts Learn valuable lessons from devasting breaches suffered by other companies like Home Depot, GM, and Equifax The time to talk cybersecurity with your data partners is now. Cybersecurity and Third-Party Risk is a must-read resource for business leaders and security professionals looking for a practical roadmap to avoiding the massive reputational and financial losses that come with third-party security breaches.


Risk Management Handbook for Health Care Organizations

Risk Management Handbook for Health Care Organizations

Author: American Society for Healthcare Risk Management (ASHRM)

Publisher: John Wiley & Sons

Published: 2009-03-27

Total Pages: 672

ISBN-13: 0470443715

DOWNLOAD EBOOK

Risk Management Handbook for Health Care Organizations, Student Edition This comprehensive textbook provides a complete introduction to risk management in health care. Risk Management Handbook, Student Edition, covers general risk management techniques; standards of health care risk management administration; federal, state and local laws; and methods for integrating patient safety and enterprise risk management into a comprehensive risk management program. The Student Edition is applicable to all health care settings including acute care hospital to hospice, and long term care. Written for students and those new to the topic, each chapter highlights key points and learning objectives, lists key terms, and offers questions for discussion. An instructor's supplement with cases and other material is also available. American Society for Healthcare Risk Management (ASHRM) is a personal membership group of the American Hospital Association with more than 5,000 members representing health care, insurance, law, and other related professions. ASHRM promotes effective and innovative risk management strategies and professional leadership through education, recognition, advocacy, publications, networking, and interactions with leading health care organizations and government agencies. ASHRM initiatives focus on developing and implementing safe and effective patient care practices, preserving financial resources, and maintaining safe working environments.


Identifying and Managing Project Risk

Identifying and Managing Project Risk

Author: Tom Kendrick

Publisher: AMACOM

Published: 2009-02-27

Total Pages: 370

ISBN-13: 0814413412

DOWNLOAD EBOOK

Winner of the Project Management Institute’s David I. Cleland Project Management Literature Award 2010 It’s no wonder that project managers spend so much time focusing their attention on risk identification. Important projects tend to be time constrained, pose huge technical challenges, and suffer from a lack of adequate resources. Identifying and Managing Project Risk, now updated and consistent with the very latest Project Management Body of Knowledge (PMBOK)® Guide, takes readers through every phase of a project, showing them how to consider the possible risks involved at every point in the process. Drawing on real-world situations and hundreds of examples, the book outlines proven methods, demonstrating key ideas for project risk planning and showing how to use high-level risk assessment tools. Analyzing aspects such as available resources, project scope, and scheduling, this new edition also explores the growing area of Enterprise Risk Management. Comprehensive and completely up-to-date, this book helps readers determine risk factors thoroughly and decisively...before a project gets derailed.


Critical Infrastructure Risk Assessment

Critical Infrastructure Risk Assessment

Author: Ernie Hayden, MIPM, CISSP, CEH, GICSP(Gold), PSP

Publisher: Rothstein Publishing

Published: 2020-08-25

Total Pages: 353

ISBN-13: 1944480722

DOWNLOAD EBOOK

ASIS Book of The Year Winner as selected by ASIS International, the world's largest community of security practitioners Critical Infrastructure Risk Assessment wins 2021 ASIS Security Book of the Year Award - SecurityInfoWatch ... and Threat Reduction Handbook by Ernie Hayden, PSP (Rothstein Publishing) was selected as its 2021 ASIS Security Industry Book of the Year. As a manager or engineer have you ever been assigned a task to perform a risk assessment of one of your facilities or plant systems? What if you are an insurance inspector or corporate auditor? Do you know how to prepare yourself for the inspection, decided what to look for, and how to write your report? This is a handbook for junior and senior personnel alike on what constitutes critical infrastructure and risk and offers guides to the risk assessor on preparation, performance, and documentation of a risk assessment of a complex facility. This is a definite “must read” for consultants, plant managers, corporate risk managers, junior and senior engineers, and university students before they jump into their first technical assignment.