Skip Navigation LinksASIS International / Education & Events / Education Programs / Classroom / Risk, Threat & Vulnerability Assessment

Risk, Threat & Vulnerability Assessment

What are CPE credits?
up to
CPE Credits
23 - 24 October 2014
The Westin Las Vegas Hotel


Reduce Risk ... Increase Resilience

Be a critical business partner to senior management

Create added value for your department and organization by learning the effectiveness of a proper risk, threat, and vulnerability assessment. Start with solid definitions and differentiators between risk, threat, and vulnerability and then see how assessments are absolutely essential for organizational resilience. Certain kinds of people controls can limit damage and must be considered. Review asset-threat/hazard pairs that should receive measures to mitigate vulnerabilities and reduce risk. The common practice of not reporting intrusions to law enforcement could make a difference to your risk assessment team and needs to be considered. Learn about acceptable business risk thresholds and the metrics you can use to describe them. Meeting corporate objectives is an essential part of any discussion as well as what the CSO can do to prepare a solid business case and address cost and operational optimization and sustainability using the risk assessment methodology.

Registration Fees

 Read Our Brochure


 Pertinent Information

 Immediate Benefits

• Learn how to develop an effective risk assessment program.

• Create an effective risk assessment process that is increasingly important to the success of your organization.

• Form the foundation of an effective enterprise risk management program.

• Understand how to integrate risk assessment into the business process in a way that provides timely and relevant risk information to management.

• Understand the necessity in identifying necessary people and assets that provide the enterprise tangible and intangible value.

• Learn about risk criteria when evaluating the significance of risk.

 Who Should Attend

​Risk management personnel

Individuals with risk management and homeland security

Specialists/managers/directors of critical infrastructure security programs

Business continuity planners

Facility and infrastructure managers

Emergency management professionals

Architects, designers, integrators

Security directors

HR Professionals

Corporate security professionals

University and campus security professionals

Security program and project managers

Practitioners responsible for their organization’s physical security controls

Personnel directly involved in the design, specification,
implementation, operation, or maintenance of security systems

 Program Overview

Communicating, Consulting, Establishing the Context, and Developing the Business Case
The key task behind planning and conducting a risk assessment program is developing an understanding of the organization to be assessed.
Risk Management Process
Learn how and why the risk management context of the organization describes the scope as well as risk control parameters, methods, and plans currently in place for the risk management activities. Before starting the design and implementation of the risk assessment program, it is important to understand the objectives of the risk management program and to evaluate and understand both the extent and efficacy of the current risk control measures and system.
Risk Assessment—Analyzing the Risk
The scope of the risk assessment program should be defined in order to achieve the risk assessment objectives and should consider the context of the organization, its needs, and requirements. The scope should define the processes, functions, activities, physical boundaries (facilities and locations), and stakeholders to include within the boundaries of the risk assessment program. The scope of the risk assessment program will have a direct effect on the resource and time requirements needed for the individual risk assessments. When setting the scope of the risk assessment program, it should be kept in mind that resource and time requirements are directly proportional to the size of the scope.
Risk Assessment—Treatment of the Risks/Mitigation
Risk rating scales are defined in relation to organizations’ objectives in scope. Risks are typically measured in terms of impact and likelihood of occurrence. Impact scales of risk should mirror the units of measure used for organizational objectives, which may reflect different types of impact such as financial, people, and/or reputation. Similarly, the time perspective used to assess the likelihood of risks should be consistent with the time perspectives related to objectives.
Organizational Resilience and Risk
Quintessential in completing proper risk assessment is understanding the process of resiliency. Building a resilient organization is a cross-disciplinary and cross-functional endeavor. An organizational resilience approach to managing risks encourages critical infrastructure businesses to develop a more natural capability to deal with unexpected disruptions to business-as-usual activity. The resilience approach also helps organizations adapt to changes in their operating environment that occur over longer timeframes thereby demonstrating the importance of risk assessment.
Risk Assessment—Test, Measure, Review, Document Control and Assurance
Understand the various tools and techniques that can be utilized to determine risk assessment. Identify how the organization can now bring its individual residual risk ratings together into a portfolio view to identify interdependencies and interconnections between risks, as well as the effect of risk responses on multiple risks. Management can then determine any actions necessary to revise its risk responses or address design or effectiveness of controls. Successful implementation should translate into reduced risk exposures on the organization’s risk map.
Site Visit
Practically apply the principles set forth through a site visit (site to be determined). The key to any proper security master plan and the maintenance of organizational resilience is the objective evaluation of risk in which assumptions and uncertainties are clearly considered and presented. Risk assessments, if performed properly, provide that through a comprehensive examination of threats and vulnerabilities to determine that potential for loss.
Please Note:
Registrants should be aware that this course includes a visit to a third party site and that the host organization may require the use of non-disclosure agreements. Subject to the requirements of the host organization, the agreements offered to nationals and non-nationals of the host country may differ.

 Hours, Fees, & Hotels

​Registration Hours
5:00–6:00 pm
7:00–8:00 am
Program Hours
8:00 am–5:00 pm
Registration Fees
Fees include daily continental breakfast, refreshment breaks, and a networking reception. Hotel costs are not included. 
    $   825
$   925
Be sure to mention ASIS when requesting the special room rate of $169 single/double (plus tax). It will be honored until the room block is full or September 28.  
Westin Las Vegas, Hotel, Casino and Spa
160 East Flamingo Road
Las Vegas, NV 89109


Team Discount:
Receive a 10% discount when three to five attendees register from the same organization, 15% for six or more. Email for details.

Certification Discount:
ASIS members and nonmembers holding the distinction of CPP, PCI, and PSP receive a $25 discount per classroom program. This discount is automatically applied at checkout.