11 tools for security practitioners

Low-cost, practical ways to bolster support for your security program

What is the most important element of your security program? Regular assessments and audits? A standards-based security management system? A regulatory compliance program? Communications? Security training and awareness? At security conferences where this question has been raised, attendees have given a wide variety of answers. However, at the end of the day, you are the most important element of your security program.

You make the key decisions and set the direction of the security program. You are the one who educates the managers above you and reports results and progress relating to security, but who gives attention to strengthening and supporting you?

For most security practitioners this is a case of self-leadership - you are the one who will have to regularly update the scope and perspective of your role, set your personal and program priorities, find the tools to help you and your team members, and adjust your workload so that you have time to consider the future track of things.

Tools That Can Support You

Many practitioners report that with training, travel and staff cut-backs, they have engaged in less of the educational and networking activities that used to support them. What’s more, they have a heavier work load and find it difficult to get time to think strategically and plan for increasing the security function capabilities. Important areas of self-support include:

• Decision-making and planning
• Communicating to senior management and other security stakeholders
• Increasing your influence in the organization
• Learning what other practitioners find effective
• Strengthening the handling and effectiveness of investigations
• Management tools that lighten your burden
• Security metrics that keep you on top of things and demonstrate the value of security to management

Now that broad economic conditions continue to impact most organizations negatively, it’s time to consider low-cost ways for you to increase the support you provide yourself in your practitioner role. Here are 11 practical tools for security practitioners:

Decision Support

1). Micro-Assessment Template: A micro-assessment is a narrowly focused short assessment that helps you develop the insight you need for decision-making and planning. When you need to make decisions or prioritize planning for management - but you don't really have enough information to do so - use a micro-assessment.

Presentation Expertise

2). THE PRESENTATION eBook: Management and stakeholder briefings are different from educational session presentations. They need to achieve a specific result in a very short time.

3). Projector-free Presentations eBook: Small audiences require the conference room-style presentation. This is about successfully engaging a small group of decision-makers.

Help with Increasing Influence

4). The 360° Leader book: Insights into influence challenges and what exactly influence is, along with advice on how to increase it at your own pace.

ASIS Annual Seminar Sessions Recordings and Free Webinar

5). 1,500 ASIS recorded sessions: Recorded sessions from the ASIS International annual seminars are available singly or in full-year sets at bargain pricing.

6). Free Webinar: Free ASIS recorded webinar on enhancing the performance of your security program.

Investigations and Response Framework

7). Corporate How-To-Respond book: Non-security personnel are usually the first people to learn of misconduct or criminal actions and need guidance so they don’t put the organization or any of its people at risk.

Security Program Strengthener

8). Free Webinar: Free ASIS recorded webinar on enhancing the performance of your security program.

Metrics Tools and Guidance

9). Security Metrics Guidebook: 375 real examples of security metrics in 13 categories.

10). Corporate Security Metrics Management book: Over 100 checklists, flowcharts and other illustrations provide examples of corporate security metrics.

11). Information Security Metrics book: Current information security measurement practices, as opposed to theoretical ideas.

This content continues onto the next page...