https://andrewsheves.com/tags/esrm/Recent content in ESRM on Andrew ShevesHugoen-usSat, 30 Jun 2018 00:00:00 +0000https://andrewsheves.com/2018/06/30/risk-management-and-the-security-manager-a-quick-note/Sat, 30 Jun 2018 00:00:00 +0000https://andrewsheves.com/2018/06/30/risk-management-and-the-security-manager-a-quick-note/<p><em>This post originally appeared on Quora in answer to the question “How does risk management fit in security risk management profession?” <a href="https://www.quora.com/How-does-risk-management-fit-in-security-risk-management-profession/answer/Andrew-Sheves-2">Link</a></em></p> <hr> <h2 id="how-does-risk-management-fit-in-security-risk-management-profession">How does risk management fit in security risk management profession?</h2> <p>Ideally, a security manager will use a risk management foundation for their security management system.  This will help integrate security risks into the organization’s understanding of its overall risk environment.  This focus also ensures that the security program is focussed on protecting the organization’s objectives which aligns with the ISO definition of risk:</p>