Book Review: The Security Risk Assessment Handbook, Second Edition
The Security Risk Assessment Handbook: A Complete Guide for Performing Security Risk Assessments, Second Edition. By Douglas J. Landoll. Taylor & Francis Group, LLC; taylorandfrancis.com; 495 pages; $54.95.
Security practitioners need to understand that a culture of preparedness often necessitates a change in company attitude based on risk assessments, individual perception, and the protection of life and property. Risk assessments provide organizations with a sense of resilience that is not only an accepted practice but is an essential component of the way business should be conducted. Douglas Landoll does an exceptional job throughout the 13 chapters of The Security Risk Assessment Handbook in providing an explanation as to why properly conducted risk assessments are vital to an organization.
Business mission definitions and company branding strategies are important to any organization. Landoll emphasizes how organizations need to protect their people and brand. The various types of assessments to reduce or mitigate the risk are mentioned throughout the book. Also discussed and defined are key strategies such as business impact assessments (BIA), security risk assessments, facilitated risk analysis process, qualitative and quantitative analysis, threats and safeguards, and GAP analysis. These concepts provide the reader with risk management strategies that can be applied by most organizations to avoid disaster or mitigate heavy losses.
The chapters are well organized. In Chapter 5, “Data Gathering,” Landoll includes mathematical equations to provide insight to section 5.1, “Sampling.” Those without a background in mathematics might find this confusing. However, that is not the case. The author effectively devises his methodology and explains how and why specific formulas are used.
Those in the field of security and risk management will find this book a valuable part of their library. The information provided is written in a concise manner and can be applied to almost any security or emergency management operation.
Reviewer: Kevin Cassidy lectures at John Jay College of Criminal Justice in New York City and at Slippery Rock University in Pennsylvania. He is also a member of ASIS.