Abstract
In today’s interdependent world, marked by unprecedented business opportunities but also numerous and complex risks, the theory and practice of risk management are fast evolving. As Chew (2008: viii) observes in the introduction to his book Corporate Risk Management, the uncertainties facing companies today are increasing in scale and variety, encompassing ‘everything from fluctuating commodity prices to threats of re-regulation and terrorist attacks.’ With the immediacy and reach of the mass media growing at an extraordinary rate, the pressure on companies is compounded by the need to be seen to be doing things right. As the American investor Warren Buffett famously pronounced, ‘it takes twenty years to build a reputation and five minutes to ruin it’ (Lowe, 2007: 27).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Aleem, A. Wakefield, A. and M. Button. (2013) ‘Addressing the Weakest Link: Implementing Converged Security.’ Security Journal 26/3: 236–248.
ASIS International. (2010) Enterprise Security Risk Management: How Great Risks Lead to Great Deeds: A Benchmarking Survey and White Paper. Alexandria, VA: ASIS International.
Ballou, B. and D.L. Heitger. (2005) ‘A Building-block Approach for Implementing COSO’s Enterprise Risk Management-integrated Framework.’ Management Accounting Quarterly, Winter: 1–10.
Beasley, M., Branson, B. and B. Hancock. (2010) Report on the Current State of Enterprise Risk Oversight, 2nd Edition. Raleigh, NC: North Carolina State University
Booz Allen Hamilton. (2005) Convergence of Enterprise Security Organizations. Alexandria, VA: The Alliance for Enterprise Security Risk Management.
Button, M. (2008) Doing Security: Critical Reflections and an Agenda for Change. Basingstoke: Palgrave.
Casualty Actuarial Society. (CAS) (2003) Overview of Enterprise Risk Management. Arlington, VA: Casualty Actuarial Society, available at: http://www.casact.org/area/erm/overview.pdf, accessed 11 May 2013.
Chew, D.H. (2008) ‘Introduction’ in D.H. Chew (ed.) Corporate Risk Management. New York: Columbia University Press.
Cleary, S. and T. Malleret (2007) Global Risk: Business Success in Turbulent Times. Basingstoke: Palgrave Macmillan.
COSO. (2004) Enterprise Risk Management — Integrated Framework: Executive Summary. New York: Committee of Sponsoring Organizations of the Treadway Commission (COSO), available at: http://www.coso.org/Publications/ERM/COSO_ERM_ExecutiveSummary.pdf, accessed 11 May 2013.
European Commission. (2010) A Reference Security Management Plan for Energy Infrastructure. Brussels: European Commission, available at http://ec.europa.eu/energy/infrastructure/critical_en.htm, accessed 11 May 2013.
Halpert, A.M. and L.R. Marlo. (2007) Linkage of Risk Management, Capital Management and Financial Management. Arlington, VA: Joint CAS-CIA-SOA Risk Management Section White Paper Project, available at: http://www.soa.org/research/research-projects/risk-management/research-linkage-rm.aspx, accessed 5 November.2013.
Hamilton, G. (1996) Risk Management 2000. Lund: Studentlitteratur.
IBM. (2007) Balancing Risk and Performance with an Integrated Finance Organization: The Global CFO Study 2008. Somers, NY: IBM Corporation, available at: http://www-935.ibm.com/services/us/gbs/bus/html/2008cfostudy.html, accessed 11 May 2013.
Institute of Risk Management (2012) Risk Culture: Under the Microscope Guidance for Boards. London: IRM, available at: http://www.theirm.org/RiskCulture.html.
Institution of Civil Engineers and the Faculty and Institute of Actuaries. (2009) ERM — A Guide to Implementation. London: The Institution of Civil Engineers and the Faculty and Institute of Actuaries, available at: http://www.actuaries.org.uk/practice-areas/pages/erm-guide-implementation, accessed 11 May 2013.
KPMG. (2011) The E-Crime Report: Managing Risk in a Changing Business and Technology Environment. London: KPMG, available at: http://www.kpmg.com/UK/en/IssuesAndInsights/ArticlesPublications/Documents/PDF/Advisory/ecrime-report-2011-accessible-2.pdf, accessed 11 May 2013.
Lowe, Janet. (2007) Warren Buffet Speaks: Wit and Wisdom from the World’s Greatest Investor. Hoboken, N.J.: John Wiley and Sons, Inc.
Nocco, B.W. and R.M. Stultz. (2008) ‘Enterprise Risk Management: Theory and Practice.’ in D.H. Chew (ed.) Corporate Risk Management. New York: Columbia University Press.
Pettinger, R. (2007) Introduction to Management, 4th Edition. Basingstoke: Palgrave Macmillan.
Power, Michael. (2007) Organized Uncertainty: Designing a World of Risk Management. Oxford: Oxford University Press.
PwC. (2012) UK Information Security Breaches Survey Results in 2012. London: PricewaterhouseCoopers, available at: http://www.pwc.co.uk/audit-assurance/publications/uk-information-security-breaches-survey-results-2012.jhtml, accessed 11 May 2013.
PwC/ISAF. (2010) Convergence of Security Risks: Addressing the Security Dilemma in Today’s Age of Blended Threats. London: PricewaterhouseCoopers, available at: http://www.theisaf.org/documents/Security_Risk_Convergence.pdf, accessed 11 May 2013.
Rahman, S. and S. Donahue. (2010) ‘Convergence of Corporate and Information Security.’ International Journal of Computer Science and Information Security 7/1: 63–68.
Slater, D. (2005) ‘The Holistic Security Momentum Theory: Why Resistance Is Futile,’ CSO Magazine, 15 April, available at http://www.csoonline.com/article/220292/the-holistic-security-momentum-theory-why-resistance-is-futile, accessed 11 May 2013.
Speight, P. (2012) Why Security Fails: How the Academic View of Security Can Be Balanced with the Realities of Operational Delivery. Ossett, West Yorkshire: Protection Publications.
Standard and Poor’s. (2009) ‘Progress Report: Integrating Enterprise Risk Management Analysis into Corporate Credit Ratings.’ Ratings Direct. 22 July, available at: http://www.standardandpoors.com/ratings/erm/en/us, accessed 11 May 2013.
Verbrugge, J. (2008) ‘University of Georgia Roundtable on Enterprise-wide Risk Management.’ in G. Chew (ed.) Corporate Risk Management. New York: Columbia University Press.
Willison, J. (2009) Security Convergence and ERM: A Case for the Convergence of Cor- porate Physical and IT Security Management. Alexandria, VA: The Alliance for Enterprise Security Risk Management.
Editor information
Editors and Affiliations
Copyright information
© 2014 Alison Wakefield
About this chapter
Cite this chapter
Wakefield, A. (2014). Corporate Security and Enterprise Risk Management. In: Walby, K., Lippert, R.K. (eds) Corporate Security in the 21st Century. Crime Prevention and Security Management. Palgrave Macmillan, London. https://doi.org/10.1057/9781137346070_13
Download citation
DOI: https://doi.org/10.1057/9781137346070_13
Publisher Name: Palgrave Macmillan, London
Print ISBN: 978-1-349-46681-8
Online ISBN: 978-1-137-34607-0
eBook Packages: Palgrave Social Sciences CollectionSocial Sciences (R0)