Demonstrate your competency in the growing practice of Enterprise Security Risk Management (ESRM) with an ASIS certificate course. Completely self-paced and online, the ESRM certificate will give you the fundamental knowledge and skills needed to partner with your executive team to better manage security risks.
The time may be right to reframe the conversation about resilience and security with a revitalized ESRM lens.
This guideline describes the ESRM approach and explains how it can enhance a security program while aligning security resources with organizational strategy to manage risk.
As part of ASIS International's 2022 Member Appreciation Month, President-Elect Timothy McCreight, CPP, has accepted that challenge. In this video, he explains the fundamentals of ESRM in under 60 seconds.
ESRM and Security Cultures: Leadership and Business Growth
Webinar
Learn to develop ESRM strategies that extend beyond tools and systems, to include holistic components to support both business growth and workplace culture.
On-Demand Webinar
How Your Influence Can Help or Hinder ESRM Maturity
Article
There’s a catch-22 in enterprise security risk management: ESRM increases security’s influence in the organization, but security leaders need influence in order to advocate for an ESRM approach to risk management.
Security Management article, 2023
How Mature Is Your ESRM Program?
Article
The enterprise security risk management (ESRM) philosophy can apply to any organization—large or small, public or private. But it can be challenging to map out a path from the initial introduction to mature implementation. Thankfully, members of the ASIS ESRM steering committee spent two years building an ESRM maturity model to measure current efforts and enable security practitioners to guide their organizations to the next level of risk management.
Security Management article, 2023
ESRM Decision-Making—Tactics for Explaining Security Risks and Mitigation Options to Your Stakeholders
Webinar
This webinar will give security professional tools and advice for communicating across their organization to drive clarity around risk profiles, risk tolerance, and appropriate risk mitigation options.
On-Demand Webinar
How to Anticipate Pandemic-Influenced Risk Developments
Article
Security directors add value when they find data-based leading indicators that can help an organization prepare in advance for the risk factors unfolding as a result of COVID-19.
Security Management Online, May 2020
Resetting the Business After the COVID-19 Pandemic
Article
Using an ESRM-based approach can help organizations re-emerge after facing major, pandemic-induced disruptions.
Security Management Online, May 2020
Pandemic-Based Risk Mitigations
Article
A U.K.-based security risk consultant shares a collection of risk mitigations gleaned from the COVID-19 pandemic that security managers can include in future planning.
Security Management Online, May 2020
A Brief Guide to ESRM Implementation
Article
Adopting a successful ESRM program often requires a full understanding of ESRM – its components, contexts, and complementary strategies.
Security Management, November 2019
How to Use Scenario Analysis to Manage in Uncertain Times
Article
Scenario analysis helps security leaders manage business threats by accounting for all possible uncertainties.
Security Management, October 2019
Five Insights on ESRM
Article
Learn what ESRM is, what it can do for security managers, how security can gain C-suite approval for it, and how to implement a vibrant ESRM program for the enterprise.
Security Management, September 2017
How to Implement ESRM
Article
A look at how International Paper refocused its security initiatives around a risk management approach.
Security Management, August 2018.
Less Is More: A KISS Approach to ESRM
Article
Plugging security into an organization's various business drivers via risk management can seem like an overwhelming task. This article provides a simplified, focused approach.
Security Management, September 2017
The Unseen Threat
Article
This article describes and ESRM-inspired approach for plant managers to understand their security and infrastructure vulnerabilities.
Security Management, November 2017.
