Rothstein Associates Inc.

RISK MANAGEMENT FOR SECURITY PROFESSIONALS
by Carl A. Roper

“This book goes beyond the physical security realm to encompass all risks to
which a
company may be exposed. It is invaluable to security professionals working within
organizations or independently. Mr. Roper provides a systematic approach to
acquiring and
analyzing the information necessary to support decision-makers in the protection
of assets
and the allocation of security resources. Risk management is a process
methodology which
provides a cost-benefit payback factor to all companies.
• Provides a standalone guide to the risk management process
• Helps security professionals learn risk countermeasures and their pros/cons
• Provides valuable assessments and recommendations for managers who are
responsible
for accepting risks and planning and funding security programs
• Illustrates situational solutions for government and civilian environments, whether
classified
or unclassified
• Numerous forms and practical and analytical assessment sheets are adaptable
for use and
integration with existing risk assessment tools

= = = = = = = =
=

REVIEW
From Security Management Magazine, March, 2001:

“What could the senior management of the Titanic's shipping line have possibly
learned from
a caveman? The effective use of risk management principles, according to author
Carl
Roper. These principles are also critical knowledge for security professionals.
Roper bases
his book on an award-winning training program developed by the Risk Management
Training
Working Group of the U.S. Security Policy Board. He explains the process by
which security
professionals can determine what must be protected and to what extent. He also
discusses
how security managers can identify threats and vulnerabilities and help determine
appropriate countermeasures and their respective costs and benefits.

“The layout and content of the text make the book an excellent resource for the
security
professional. The author provides a singular document to teach and benchmark a
security
risk management program.

“The brief history of risk management presented in the text, in which Roper invokes
Og the
caveman and the Titanic, sets the stage for the rest of the book with clarity and
focus. The
bulk of the material walks the reader through the risk management process and
shows how
to
apply risk management data to a specific organization. The rest of the book
consists of nine
appendices in which Roper offers case studies and practical exercises. These help
the
reader identify critical and sensitive information. They also discuss the foreign
threat to U.S.
business travelers and otherwise augment his text.

“Many wonderful illustrations in the book allow the reader to visually follow the
process laid
out
by the author. Forms and guidelines for use of the process are also provided.

“Editing and proofreading of the text by the editors and publishers do Roper a
disservice.
Typographical errors early on condition the reader to be on the lookout for other
errors.
Overall, however, this text is a must-read for security practitioners providing
services in large
conglomerates and multinational environments. The case studies and practical
exercises
stand out as particularly valuable.”
- Reviewer: C. Ray Graves is the president of GRACorp Security
Management
Consulting, Richmond, Virginia. He is a member of ASIS.

= = = = = = = =
=

CONTENTS

Introduction
1 Risk Management: A Short History and Its Importance
2 Key Terms and Definitions
3 Risk Management Process Overview
4 Asset Identification
5 Threat Identification and Assessment
6 Conducting Site-Specific Threat Assessments
7 Vulnerability Identification and Assessment
8 The Risk Assessment
9 Cost-Benefit Analysis
10 Risk Management and Your Organization
Appendix A Risk Management Case Study and Practical Exercises
Appendix B Forms Used in the Risk Management Process
Appendix C Are You Safeguarding the Crown Jewels? Determining Critical and
Sensitive
Information
Appendix D Obtaining Asset Information: Conducting Interviews
Appendix E Technology Collection Trends in the U.S. Defense Industry
Appendix F The Foreign Threat to U.S. Business Travelers Appendix G
Intelligence
Organizations
Appendix H The FBI National Security Awareness Program
Appendix I Economic and Espionage News for the Risk Manager
Index

= = = = = = = =
=

ABOUT THE AUTHOR

“CARL A. ROPER, a former lead instructor with the Department of Defense
Security Institute,
is now working as a security consultant and trainer in the areas of risk
management, physical
security, and security education. His past experience includes jobs with the
Assistant Chief
of
Staff for Intelligence, Department of the Army; Office of the Chief of Staff, U.S.
Army; and with
the Defense Communications Agency. He recently retired from the U.S. Army
(reserve)
where he was a counterintelligence technician. He was last attached to the
Directorate of
Security, 24th Infantry Division, Fort Stewart, GA, in support of Desert
Shield/Desert Storm.”

= = = = = = = =
=
1999, 354 pages. Order #DR392.
= = = = = = = =
=

4 Arapaho Rd.

Brookfield, CT 06804-3104

1-888-ROTHSTEin

Telephone: 203.740.7444; 888.768.4783

Fax: 203.740.7401

All bookstore enquiries should be sent to Rothstein Associates at the above address.

Looking for Practical Knowledge?