Risk Management

, Volume 13, Issue 1–2, pp 17–41 | Cite as

Security risk management: A psychometric map of expert knowledge structure

  • David J Brooks
Original Article


The security industry operates within a diverse and multi-disciplined knowledge base, with risk management as a fundamental knowledge domain within security to mitigate its risks. Nevertheless, there has been limited research in understanding and mapping security expert knowledge structures within security risk management to consider if parts of security risk management are unique from more general risk management. This interpretive study applied a technique of multidimensional scaling (MDS) to develop and present a psychometric map within the knowledge domain of security risk management, validated with expert interviews. The psychometric MDS security risk management concept map presented the expert knowledge structure of security risk management, demonstrating the inclusive and spatial locality of significant security risk concepts, conceptual complexity, uniqueness of the domain and the importance of the concept threat. Understanding security experts’ consensual knowledge of security risk may allow improved understanding of threat-based risk, the issue with applying probabilistic risk analysis against antagonist events, and improved teaching and learning within this knowledge domain.


security risk management knowledge structure experts 


  1. American Society for Industrial Security. (2000) Proceedings of the 2000 Academic/Practitioner Symposium, The University of Oklahoma, OK: American Society for Industrial Security.Google Scholar
  2. Angus and Roberston (1992) Dictionary and Thesaurus. Sydney, Australia: Harper Collins Publishers.Google Scholar
  3. ASIS International. (2003a) Proceedings of the 2003 Academic/Practitioner Symposium, The University of Maryland, MD: ASIS International.Google Scholar
  4. ASIS International. (2003b) Proceedings of the 2003 Academic/Practitioner Symposium, The University of Maryland, MD: ASIS International.Google Scholar
  5. ASIS International. (2007) Academic institutions offering degrees and/or courses in security,, accessed 7 March 2007.
  6. ASIS International. (2009) Security body of knowledge (BoK): Substantive considerations. Unpublished ASIS International Academic/Practitioner Symposium 2009, ASIS International.Google Scholar
  7. Association of Universities and Colleges of Canada. (2005) Speaking for Canada's universities at home and abroad,, accessed 28 July 2005.
  8. Aven, T. (2008) Risk Analysis: Assessing Uncertainties Beyond Expected Values and Probabilities. West Sussex, UK: John Wiley & Sons.CrossRefGoogle Scholar
  9. Bar, V. and Travis, A.S. (1991) Children's views concerning phase changes. Journal of Research in Science Teaching 28 (4): 363–382.CrossRefGoogle Scholar
  10. Beard, B. and Brooks, D.J. (2006) Security Risk Assessment: Group Approach to a Consensual Outcome, Proceeding of the 7th Australian Information Warfare and Security Conference. Perth, Australia: Edith Cowan University, pp. 5–8.Google Scholar
  11. Bennett, B. and Rolheiser, C. (2001) Beyond Monet: The Artful Science of Instructional Integration. Toronto, Canada: Bookation.Google Scholar
  12. Bier, V.M. (1999) Challenges to the acceptance of probabilistic risk analysis [Electronic version]. Risk Analysis 19 (4): 703–710.Google Scholar
  13. Bier, V.M. (2007) Choosing what to protect [Electronic version]. Risk Analysis 27 (3): 607–620.CrossRefGoogle Scholar
  14. Borges, T.A. and Gilbert, J.K. (1999) Mental models of electricity. International Journal of Science Education 21 (1): 95–117.CrossRefGoogle Scholar
  15. Brooks, D.J. (2009a) Key Concepts in Security Risk Management: A Psychometric Concept Map Approach to Understanding. Saarbrucken, Germany: VDM Verlag.Google Scholar
  16. Brooks, D.J. (2009b) What is security: Definition through knowledge categorisation. Security Journal, DOI 101057/sj.2008.18, 1–15.Google Scholar
  17. Cheng, C.C. (2004) Statistical approaches on discriminating spatial variation of species diversity. Botanical Bulletin of Academia Sinica 45: 339–346.Google Scholar
  18. Clancey, W.J. (1997) The conceptual nature of knowledge, situations, and activity. In: P.J. Feltovich, K.M. Ford and R.R. Hoffman (eds.) Expertise in Context: Human and Machine. Menlo Park, CA: The MIT Press, pp. 247–291.Google Scholar
  19. Cohen, L., Manion, L. and Morrison, K. (2002) Research Methods in Education, 5th edn. London: RoutledgeFalmer.Google Scholar
  20. Cox, L.A. (2008) Some limitations of ‘risk=threat x vulnerability x consequence’ for risk analysis of terrorist attacks [Electronic version]. Risk Analysis 28 (6): 1749–1761.CrossRefGoogle Scholar
  21. Cox, T.F. and Cox, M.A.A. (2000) Multidimensional Scaling: Monographs on Statistics and Applied Probability, Vol. 88, 2nd edn. Boca Raton, FL: Chapman & Hall/CRC.Google Scholar
  22. Davidson, M.A. (2005) A matter of degrees. Security Management 49 (12): 72–99.Google Scholar
  23. Eysenck, M.W. and Keane, M.T. (2002) Cognitive Psychology: A Student's Handbook, 4th edn. New York: Psychology Press.Google Scholar
  24. Fischer, R.J. and Green, G. (2004) Introduction to Security, 7th edn. Boston, MA: Butterworth Heinemann.Google Scholar
  25. Garlick, A. (2007) Estimating Risk: A Management Approach. Aldershot, UK: Gower Publishing Company.Google Scholar
  26. Good Guides. (2004) Helping you make decisions about where and what to study in Australia,, accessed 28 October 2004.
  27. Hesse, L. and Smith, C.L. (2001) Core Curriculum in Security Science, Proceedings of the 5th Australian Security Research Symposium, Perth, Western Australia. Perth, Australia: Edith Cowan University, pp. 87–104.Google Scholar
  28. Horvath, J. (2004) The fear factor,, accessed 3 September 2004.
  29. Howard, J. (2004) Business government forum on national security,, accessed 3 July 2004.
  30. Hoz, R., Bowman, D. and Chacham, T. (1997) Psychometric and edumetric validity of dimensions of geomorphological knowledge which are trapped by concept mapping. Journal of Research in Science Teaching 34 (9): 925–947.CrossRefGoogle Scholar
  31. Jay, C. (2005) Big debacles help shape a new science. The Australian Financial Review, 17 March: 2.Google Scholar
  32. Johnson-Laird, P.N. (1983) Mental Models: Towards a Cognitive Science of Language, Inference and Consciousness. Cambridge, UK: Cambridge University Press.Google Scholar
  33. Johnson, R.A. and Wichern, D.W. (2002) Applied Multivariate Statistical Analysis, 5th edn. Upper Saddle River, NJ: Prentice-Hall.Google Scholar
  34. Jones, D.E.L. and Smith, C.L. (2005) The development of a model for the testing and evaluation of security equipment within Australian Standard/New Zealand Standard AS/NZS4360:2004 – Risk management. Recent Advances in Counter-Terrorism Technology and Infrastructure Protection.Google Scholar
  35. Kealy, W.A. (2001) Knowledge maps and their use in computer-based collaborative learning environments. Journal of Computing Research 25 (3): 325–349.Google Scholar
  36. Kellogg, R.T. (2003) Cognitive Psychology, 2nd edn. Thousand Oaks, CA: Sage Publications.Google Scholar
  37. Kidd, S. (2006) The Security Institute yearbook and directory of qualifications 2006,, accessed 25 June 2007.
  38. Kruskal, J.B. and Wish, M. (1978) Multidimensional Scaling, Vol. 07, London: Sage Publications.CrossRefGoogle Scholar
  39. Lockhart, R.S. and Craik, F.I.M. (1990) Levels of processing: A retrospective commentary on a framework for memory research. Canadian Journal of Psychology 44: 87–112.CrossRefGoogle Scholar
  40. Manunta, G. (1996) The case against: Private security is not a profession. International Journal of Risk, Security and Crime Prevention 1 (3): 233–240.Google Scholar
  41. Manunta, G. (1999) What is security? Security Journal 12 (3): 57–66.CrossRefGoogle Scholar
  42. Manunta, G. (2002) Risk and security: Are they compatible concepts? Security Journal 15 (2): 43–55.CrossRefGoogle Scholar
  43. Markham, K.M., Mintzes, J.J. and Jones, M.G. (1994) The concept map as a research and evaluation tool: Further evidence of validity. Journal of Research in Science Teaching 31 (1): 91–101.CrossRefGoogle Scholar
  44. Martinez-Torres, M.R., Garcia, F.J.B., Marin, S.L.T. and Vazquez, S.G. (2005) A digital signal processing teaching methodology using concept-mapping techniques. IEEE Transactions on Education 48 (3): 422–429.CrossRefGoogle Scholar
  45. McGill, W.L., Ayyub, B.M. and Kaminsky, M. (2007) Risk analysis for critical asset protection [Electronic resource]. Risk Analysis 27 (5): 1265–1281.CrossRefGoogle Scholar
  46. Morgan, G. and Henrion, M. (1990) Uncertainty: A Guide to Dealing With Uncertainty in Quantitative Risk and Policy Analysis. New York: Cambridge University Press.CrossRefGoogle Scholar
  47. Norman, D.A. (1983) Some observations on mental models. In: D. Gentner and A.L. Stevens (eds.) Mental Models. Hillsdale, NJ: Lawrence Erlbaum Associates, pp. 7–14.Google Scholar
  48. Novak, J.D. (1990) Concept mapping: A useful tool for science education. Journal of Research in Science Education 27: 937–949.Google Scholar
  49. Novak, J.D. (1998) Learning, Creating and Using Knowledge: Concept Maps as Facilitative Tools in Schools and Corporations. Mahwah, NJ: Lawrence Erlbaum Associates.Google Scholar
  50. Novak, J.D. and Gowin, D.B. (1984) Learning How to Learn. Cambridge, USA: Cambridge University Press.CrossRefGoogle Scholar
  51. Pennebaker, J.W., Francis, M.E. and Booth, R.J. (2001) Linguistic Inquiry and Word Count (LIWC2001). Mahwah, NJ: Erlbaum Publishers.Google Scholar
  52. Power, M. (2007) Organized Uncertainty: Designing a World of Risk Management. Oxford, UK: Oxford University Press.Google Scholar
  53. Reisberg, D. (2001) Cognition: Exploring the Science of the Mind, 2nd edn. New York: W. W. Norton & Company.Google Scholar
  54. Rennie, L.J. and Gribble, J. (1999) A Guide to Preparing Your Application for Candidacy. Perth, Western Australia: Curtin University of Technology.Google Scholar
  55. Risk Management Institute of Australasia. (2007b) Security risk management body of knowledge,, accessed 24 January 2007.
  56. Ruiz-Primo, M.A., Schultz, S.E., Li, M. and Shavelson, R.J. (2001) Comparison of the reliability and validity of scores from two concept-mapping techniques. Journal of Research in Science Teaching 38 (2): 260–278.CrossRefGoogle Scholar
  57. Simonsen, C.E. (1996) The case for: Security management is a profession. International Journal of Risk, Security and Crime Prevention 1 (3): 229–232.Google Scholar
  58. Smith, C.L. (1984) Learning astronomy and the organisation of astronomy concepts in semantic memory. Unpublished doctoral thesis, Murdoch University, Perth, Western Australia.Google Scholar
  59. Smith, C.L. (2001a) Security science as an applied science? Australian Science Teachers’ Journal 47 (2): 32–36.Google Scholar
  60. Smith, C.L. (2001b) Security science: An emerging applied science. Journal of the Science Teachers Association of Western Australia 37 (2): 8–10.Google Scholar
  61. Smith, C.L. (2003) Understanding Concepts in the Defence in Depth Strategy, Security Technology, 2003. Proceedings, IEEE 37th Annual 2003 International Carnaham Conference. Taipei, Taiwan, Republic of China, pp. 8–16.Google Scholar
  62. Standards Australia. (2004a) AS/NZS4360:2004 Risk Management. Sydney, Australia: Standards Australia International.Google Scholar
  63. Standards Australia. (2004b) AS/NZS 4360: 2004 Risk Management. Sydney, Australia: Standards Australia.Google Scholar
  64. Standards Australia. (2004c) HB221 Business Continuity Planning. Sydney, Australia: Standards Australia International.Google Scholar
  65. Standards Australia. (2004d) HB436:2994 Risk Management Guidelines: Companion to AS/NZS4360:2004. Sydney, Australia: Standards Australia International.Google Scholar
  66. Standards Australia. (2006) HB 167:2006 Security Risk Management. Sydney, Australia: Standards Australia.Google Scholar
  67. Standards Australia. (2009) AS/NZS ISO31000:2009 Risk Management – Principles and Guidelines. Sydney, Australia: Standards Australia.Google Scholar
  68. Standards Australia. (2011) Imagine a world without standards. Brochure. Homebush.Google Scholar
  69. Stein, E.W. (1997) A look at expertise from a social perspective. In: P.J. Feltovich, K.M. Ford and R.R. Hoffman (eds.) Expertise in Context: Human and Machine. Menlo Park, CA: The MIT Press, pp. 181–194.Google Scholar
  70. Streveler, R., Miller, R.L. and Boyd, T.M. (2001) Using an on-line tool to investigate chemical engineering seniors’ concept of the design process. Paper presented at the Annual Meeting of the American Educational Research Association, Seattle, WA.Google Scholar
  71. Talbot, J. and Jakeman, M. (2008) SRMBOK: Security Risk Management Body of Knowledge. Carlton South: Risk Management Institution of Australasia.Google Scholar
  72. Tate, P.W. (1997) Report on the Security Industry Training: Case Study of an Emerging Industry. Perth, Australia: Western Australian Department of Training. Western Australian Government Publishing.Google Scholar
  73. Trochim, W.M.K. (1989) An introduction to concept mapping for planning and evaluation. Evaluation and Program Planning 12 (1): 1–16.CrossRefGoogle Scholar
  74. Trochim, W.M.K. (1993) The reliability of concept mapping,, accessed 24 July 2005.
  75. Trochim, W.M.K. (2005) Concept mapping., accessed 28 July 2005.
  76. Trochim, W.M.K. and Cook, J.A. (1994) Using concept mapping to develop a conceptual framework of staff's views of a supported employment program for persons with severe mental illness. Journal of Consulting and Clinical Psychology 62 (4): 766–775.CrossRefGoogle Scholar
  77. Turner, P. (2002) Multidimensional scaling analysis of techniques used by physiotherapists in Southeast Australia: A cross-national replication. Australian Journal of Physiotherapy 48: 123–130.CrossRefGoogle Scholar
  78. Wallace, A., Schirato, T. and Bright, P. (1999) Beginning University: Thinking, Researching and Writing for Success. Sydney, Australia: Allen & Unwin.Google Scholar
  79. Zedner, L. (2009) Security: Keys Ideas in Criminology. London: Routledge.Google Scholar

Copyright information

© Palgrave Macmillan, a division of Macmillan Publishers Ltd 2011

Authors and Affiliations

  • David J Brooks
    • 1
  1. 1.School of Computer & Security ScienceJoondalupAustralia

Personalised recommendations