Skip to content

Enterprise Security Risk Management (ESRM)

Featured Resources: Enterprise Security Risk Management (ESRM)

New Enterprise Security Risk Management Guideline

ASIS recently released its Enterprise Security Risk Management (ESRM) Guideline, which takes a different approach to traditional security. The new guideline is the first strategic security management tool of its kind, elevating the security function by establishing a partnership between security professionals and business leaders to manage security risks. Read more in the September 6 press release.

ESRM Maturity Assessment Tool

ASIS International's ESRM Initiative Workgroup developed a tool for security directors to assess how developed their ESRM program is. ASIS Members Only.

Learn More

Five Insights on ESRM

This Security Management article describes an overview of ESRM, what it can do for security managers, how security can gain C-suite approval, and how to implement it.

Learn More

Additional ESRM Resources

Maximizing ROI Through Effective Risk Analysis
Applying ESRM to create a risk analysis for an organization and develop metrics that measure the return on investment in managing security risk.
On-demand webinar, registration and fee required.

How to Implement ESRM
A look at how International Paper refocused its security initiatives around a risk management approach. 
Security Management, August 2018.

Less Is More: A KISS Approach to ESRM
Plugging security into an organization's various business drivers via risk management can seem like an overwhelming task. This article provides a simplified, focused approach.
Security Management, September 2017

GSOC Principles: How They Support ESRM
This webinar aligns a Global Security Operations Center (GSOC) approach with the goals and outcomes of ESRM. 
On-demand webinar, free with registration.

ESRM: Another Fad or an Enduring Industry Trend? A Discussion on the Direction of Enterprise Security Risk Management
This discussion seeks to describe what a successful execution of ESRM looks like for an organization.
On-demand webinar, free with registration.

The Unseen Threat
This article describes and ESRM-inspired approach for plant managers to understand their security and infrastructure vulnerabilities.
Security Management, November 2017.