This book describes the risk management methodology as a specific process, a theory, or a procedure for determining your assets, vulnerabilities, and threats and how security professionals can protect them. "Risk Management for Security Professionals" is a practical handbook for security managers who need to learn risk management skills. It goes beyond the physical security realm to encompass all risks to which a company may be exposed. Risk Management as presented in this book has several goals: it provides standardized common approach to risk management through a framework that effectively links security strategies and related costs to realistic threat assessment and risk levels; it offers flexible yet structured framework that can be applied to the risk assessment and decision support process in support of your business or organization; it increases awareness in terms of potential loss impacts, threats and vulnerabilities to organizational assets; and, it ensures that various security recommendations are based on an integrated assessment of loss impacts, threats, vulnerabilities and resource constraints. Risk management is essentially a process methodology that will provide a cost-benefit payback factor to senior management. This title provides a stand-alone guide to the risk management process. It also helps security professionals learn the risk countermeasures and their pros and cons, and addresses a systematic approach to logical decision-making about the allocation of scarce security resources.