Proven set of best practices for security risk assessment and management, explained in plain English This guidebook sets forth a systematic, proven set of best practices for security risk assessment and management of buildings and their supporting infrastructures. These practices are all designed to optimize the security of workplace environments for occupants and to protect the interests of owners and other stakeholders. The methods set forth by the authors stem from their research at Sandia National Laboratories and their practical experience working with both government and private facilities.
Following the authors' step-by-step methodology for performing a complete risk assessment, you learn to:
- Identify regional and site-specific threats that are likely and credible
- Evaluate the consequences of these threats, including loss of life and property, economic impact, as well as damage to symbolic value and public confidence
- Assess the effectiveness of physical and cyber security systems and determine site-specific vulnerabilities in the security system
The authors further provide you with the analytical tools needed to determine whether to accept a calculated estimate of risk or to reduce the estimated risk to a level that meets your particular security needs. You then learn to implement a risk-reduction program through proven methods to upgrade security to protect against a malicious act and/or mitigate the consequences of the act.
This comprehensive risk assessment and management approach has been used by various organizations, including the U.S. Bureau of Reclamation, the U.S. Army Corps of Engineers, the Bonneville Power Administration, and numerous private corporations, to assess and manage security risk at their national infrastructure facilities. With its plain-English presentation coupled with step-by-step procedures, flowcharts, worksheets, and checklists, you can easily implement the same proven approach and methods for your organization or clients. Additional forms and resources are available online at www.wiley.com/go/securityrisk.
About the Author: BETTY E. BIRINGER is currently the manager of the Security Risk Assessment Department at Sandia National Laboratories. She has developed security risk assessment methodologies for dams, high-voltage electric power transmission, chemical facilities, communities, and energy infrastructures that connect the gas industry to the electric power grid. She previously managed projects for the Office of Counterintelligence, where she developed a risk method to address the insider threat. RUDOLPH V. MATALUCCI, PhD, PE, is a retired Lieutenant Colonel in the United States Air Force and President of Rudolph Matalucci Consultants, Inc. Prior to starting his consulting firm, Dr. Matalucci was a project engineer/manager for Sandia National Laboratories, where he directed numerous risk-related projects for the Department of Energy, the Department of Defense, several other government agencies, and private organizations. He has developed, validated, implemented, and taught risk assessment methodologies for dams/locks/levees, electric power generation/transmission facilities, buildings, and other infrastructures.
SHARON L. O'CONNOR is a Principal Member of the Laboratory Staff in the Security Systems and Technology Center at Sandia National Laboratories. For the last ten years, she has supported Architectural Surety(c) and security risk assessment work. Her baccalaureate degree is from the University of New Mexico.
