Enterprise Security Risk Management (ESRM) is generally thought of as a holistic management style that incorporates proven risk principles with physical security processes in order to successfully mitigate enterprise risk across the board.
While ESRM is still an emerging concept that lacks a firm and consistently agreed upon definition, there is a definite shift towards an integrated approach to security and risk management processes within the industry. This is especially evidenced through clear pivots by dominant industry organizations such as ASIS-the leading organization for security professionals worldwide-towards making ESRM a global strategic priority.
Ideally implemented, an ESRM approach would help organizations plan and prepare to reduce the likelihood or impact of events from occurring, while ensuring that appropriate response and recovery processes are in place, should an event occur. Because of its contested nature, it’s pivotal that various tools, conversations, safeguards and benchmarks be implemented and established before an organization can execute on a successful ESRM strategy. This includes incorporating feedback from both the risk and physical security teams to ensure the planning, preparing, responding and recovering processes are consistent with one another.
So what does a successful execution of this approach actually look like? Where do ERM and ESRM cross paths and how can you determine whether they’re aligned?
If you’re interested in learning more about this topic and furthering the conversation, we invite you to join us for a discussion on these topics and more at Int:rsect in Miami this May. Coined the quintessential ESRM conference of 2017, the event will be heavily themed towards the intersection of the risk, security and compliance industries.
Keynote addresses will be delivered by the first U.S. Secretary of Homeland Security, Gov. Tom Ridge and best-selling author and internationally-recognized speaker on ethical leadership and corporate governance, Cynthia Cooper. Additional speakers include industry pundits Brian Allen, author of The Manager’s Guide to Enterprise Security Risk Management, Mary Moffett, Vice President & Chief Compliance Officer at Swiss Re, Brian McIlravey, EVP of Command Center Applications at Resolver, Tim McCreight from the ASIS Commission on ESRM Global Strategic Priority, and dozens more.
Basing their discussions on empirical data, individual perspectives and apparent attitudes within the security, audit and risk communities respectively, speakers will address the following topics:
- Are we there yet? What do the next 2, 3, 5+ years look like for ESRM?
- ERM vs. ESRM alignment? What is ESRM, how is it different from ERM and why are dominant industry organizations, such as ASIS, specifically pivoting towards it?
- How do we get there? What tools are needed to implement ESRM and what are the potential pitfalls or drawbacks to its implementation? Are there lessons learned from organizations that have successfully implemented ERM that are relevant to ESRM as well?
- And much more.
View the full speaker lineup and agenda here.