Skip to content

Risk, Threat and Vulnerability Assessment

location_on Atlanta, GA
$1095 (Standard) Member Price
$1395 (Standard) Nonmember Price

Earn Up to 18 CPE CREDITS

Reduce Risk ... Increase Resilience
Be a critical business partner to senior management.

What makes a risk, threat, and vulnerability assessment successful and effective? Why are assessments essential for organizational resilience?

This program starts by explaining the differences between risk, threat, and vulnerability and then demonstrates how assessments are absolutely essential for organizational resilience. Learn about acceptable business risk thresholds and the metrics you can use to describe them.

This workshop helps attendees establish a solid foundation to build a RTVA program. The program speakers were content experts in their field. Their ability to share personal experiences as they were presenting the workshop contents was very helpful.
--Dr. Timothy Burke, Advocate Health Care

Worth the investment. A great opportunity to expand knowledge and network with industry peers.

Immediate Benefits

  • Learn how to develop an effective risk management and assessment program that is highly valued within your organization.
  • Understand how to integrate risk assessment into the business process
  • Develop the skills to identify necessary people and assets that provide the enterprise tangible and intangible value.
  • Learn how to develop a solid business case for the program—one that addresses cost, benefits, and operational aspects.

Who Should Attend

  • Security management professionals across all public and private sectors
  • Anyone involved with design, specifications, implementation, operation, or maintenance of security systems, including those in specialties such as emergency management, business continuity planning, facility and infrastructure management, HR, and others.
  • Architects, designers, and integrators working on security project

Program Overview

This 3-day course offers a comprehensive examination of all aspects of planning and implementing a risk assessment program in any organization, small or large, public or private, and in any industry or setting. Through engaging lectures, eye-opening case studies, practical exercises and a relevant site visit, this program not only covers the essentials topics listed below, but also provides opportunities to apply the principles.

Communicating and Developing the Business Case
The key task behind planning and conducting a risk assessment program is developing an understanding of the organization to be assessed.

Enterprise Risk Management Process
Before starting the design and implementation of the risk assessment program, it is important to understand the objectives of the enterprise ​​​risk management program and to evaluate both the extent and efficacy of existing risk control measures and systems. Learn how to do this efficiently.

Enterprise Security Risk Management
Enterprise Security Risk Management (ESRM) is a security program management approach that links security activities to an enterprise's mission and business goals through risk management methods. Understand how to educate business leaders on the realistic impacts of identified risks, presenting potential strategies to mitigate those impacts, then enacting the option chosen by the business in line with accepted levels of business risk tolerance.

Critical Thinking
Critical thinking is so often a forgotten aspect of the risk analysis and assessment process, yet it is fundamental to risk analysis and assessment. Understanding how to formulate a question, knowing what you're looking for, and how that information is applied is indispensable to this process of risk assessment. By exploring other points of view and understanding other perspectives, you learn more about the subject, can reflect on the information you have,and how you feel.

Asset Characterization and Identification
Learn to identify and characterize the organization's assets in the context of critical thinking - the basis for all good analysis. This is the foundation for criticality and consequence analysis as well as​ for a majority of probability analysis, vulnerability analysis, and risk analysis itself. Comprehending the assets at risk is the first step in risk assessment. This leads to determining their criticality to the mission of the organization and determine the possible consequences if those assets are compromised.   

Analyzing the Risk
What is the scope of the risk assessment program? Is it meeting the organization's risk assessment objectives? Does it consider the context of the organization, its needs, and requirements? The scope should define the processes, functions, activities, physical boundaries (facilities and locations), and stakeholders within the boundaries of the risk assessment program. Learn how to match the scope to the resources available.

Treatment of the Risks/Mitigation
Risk rating scales are defined in relation to an organizations' objectives and scope. Risks are typically measured in terms of impact and likelihood of occurrence. Impact scales of risk should mirror the units of measure used for organizational objectives, which may reflect different types of impact such as financial, personnel, and/or reputation.

Organizational Resilience and Risk
Building a resilient organization is a cross-disciplinary and cross-functional endeavor. An organizational resilience approach to managing risk encourages critical infrastructure businesses to develop a more natural capability to deal with unexpected disruptions to business-as-usual activity. Discover the most effective ways to approach resilience that allow organizations to adapt to changes in their operating environment over time.

Test, Measure, Review, Document Control and Assurance
Understand the various tools and techniques that can be utilized to determine risk assessment. Identify how the organization can now bring its individual residual risk ratings together into a portfolio view to identify interdependencies and interconnections. Management can then determine any actions necessary to revise its risk responses or address design or effectiveness of controls.

Managing a Risk Assessment Program
Thinking with the end in mind, the culmination of this workshop will be review as well as the foundation and fundamentals of a risk assessment program. A risk assessment program establishes a framework for the overall assessment steps in the risk assessment process. It sets parameters for the overarching organizational structure, resources, commitment, and documented methods used to plan and execute risk assessments with clearly defined objectives.

Site Visit
Visit a major employer in the Atlanta, GA area to see how the organization has applied the principles of risk management. Return to the classroom to further explore how theory and practice come together. (Site visit location will be announced soon.)

Please Note:
This course includes a visit to a third-party site. The host organization may require the use of non-disclosure agreements or have other requirements for visitors to the site. The site tour is subject to the requirements of the host organization​​​​.

Hotel, Fees and Schedule

Hotel, Fees and Schedule

InterContinental Buckhead Atlanta
3315 Peachtree Road NE
Atlanta, GA 30326

For hotel reservations, contact our reservations department at 1.404.946.9191 or toll free at 1.877.422.8254. To receive our special group rate of $179.00 per night (plus taxes and fees), place your reservation by Friday, 7 June at 5:00pm EST and let them know you are participating in this course.


Delta Air Lines is pleased to offer travel discounts for ASIS International. To take advantage of these travel discounts, book your flights online or call +1.800.328.1111 and refer to meeting event code NMRV2 (Monday-Friday, 7:30 am - 7:30 pm CT).

Delta Airlines Logo

  • Discounts apply to round trip travel only
  • Not valid with other discounts, certificates, coupons or promotional offers
  • Fare rules will determine eligibility

Please note: There is no service fee for reservations booked and ticketed via our reservation 800 number.

Registration Fees

Register before 11 May and save $100!

Member $995 $1095
Nonmember $1295 $1395

Fees include daily continental breakfast, lunch on day one, a networking reception, and refreshment at  breaks. Hotel costs are not included.

Registration Hours

Monday, 24 June
7:00-8:00 am

Program Hours

Monday, 24 June
8:00 am–5:00 pm

Tuesday, 25 June
8:00 am–5:00 pm

Wednesday, 26 June
8:00 am–3:00 pm ​




If confirmation of registration and payment has not been received three days prior to the event, please email

Certificates of Attendance

ASIS reserves the right to withhold certificates, if attendance requirements are not met.

Last-Minute Registrations

While we welcome all registrations, including those on-site, the availability of handout materials cannot be guaranteed.


Business casual is recommended.

Continuing Professional Education (CPE)

Each 50-minutes of instruction is worth one CPE. 

Alternate Registration Methods

If you prefer, you can register by phone +1.703.519.6200, fax+1.703.519.6299, or mail.

Cancellation and Transfer Policy

For a full refund or transfer credit, written requests must be received at least 10 days before the start date of the program. Those received less than 10 days prior will be charged a $100 cancellation/transfer fee.

Transfers will be limited to a maximum of two per original registration. No refunds or transfers are made for requests received on or after the start date. Contact us at +1.703.519.6200 or fax your request to ASIS Member Services at +1.703.519.6298.

Tours of Third-Party Sites

When a program includes a visit to or a tour of a third-party site, the host organization may require the use of non-disclosure agreements. Subject to the requirements of the host organization, the agreements offered to nationals and non-nationals of the host country may differ.

Team Discount

Receive a 10% discount when three to five attendees register from the same organization, 15% for six or more. Email for details.​