ASIS releases new Enterprise Security Risk Management (ESRM) guideline

Sept. 6, 2019
It’s time to disrupt the old security model, we can no longer just ‘do’ security
ASIS has released its Enterprise Security Risk Management (ESRM) Guideline.
ASIS has released its Enterprise Security Risk Management (ESRM) Guideline.
ASIS has released its Enterprise Security Risk Management (ESRM) Guideline.
ASIS has released its Enterprise Security Risk Management (ESRM) Guideline.
ASIS has released its Enterprise Security Risk Management (ESRM) Guideline.
ASIS has released its Enterprise Security Risk Management (ESRM) Guideline.

Alexandria, VA, USA (September 6, 2019)—ASIS International, the world’s largest association of security management professionals, released its Enterprise Security Risk Management (ESRM) Guideline, which takes a different approach to traditional security. The new guideline is the first strategic security management tool of its kind, elevating the security function by establishing a partnership between security professionals and business leaders to manage security risks.

The objective of ESRM is to identify, evaluate, and mitigate the likelihood and/or impact of security risks to the organization with priority given to protective activities that help enable the organization to advance its overall mission. ESRM positions the security professional as a trusted advisor to help guide asset owners through the process of making security risk management decisions.

“We’re very proud to provide this foundational tool to ASIS members—and the security industry at-large—to help guide them through adoption of ESRM within their organizations” said David R. Feeney, CPP, PMP, Chairman of the ASIS ESRM Guideline Technical Committee.

ESRM recommends that security professionals maintain an understanding of the organization’s overall strategy, including its mission and vision, core values, operating environment, and stakeholders. Understanding this context will enable security professionals to effectively support and align with the organization’s strategic goals.

The new guideline further outlines how the ESRM Cycle is built on a foundation of transparency, governance, partnership with stakeholders, and holistic risk management. By continually repeating the ESRM Cycle, security professionals can bring ESRM practice to maturity and maintain high performance over time.

“We remain committed to the global development of ESRM, and the release of our ESRM Guideline demonstrates the ASIS Board of Director’s ongoing support to formalize ESRM globally,” said Tim McCreight, ASIS Global Board sponsor of the ESRM Initiative.

Security professionals can learn more about ESRM during the Introduction to Enterprise Security Risk Management classroom program on September 8 at McCormick Place in Chicago—the convening place of Global Security Exchange (GSX) 2019.

ASIS members receive free digital access to the new ESRM Guideline at https://www.asisonline.org/publications--resources/standards--guidelines/esrm-guideline. Nonmembers may purchase a softcover or read-only copy of the Guideline online in the ASIS Store. GSX attendees can purchase a copy in the ASIS Bookstore onsite and learn more about ASIS standards currently in development by visiting the ASIS Hub (Booth #2027) in the exhibit hall.