Skip to main content
Mobile
  • Finance, Accounting & Economics
  • Global Business Management
  • Management, Leadership & Organisation
  • Marketing & Sales
  • Strategy
  • Technology & Operations
HS Talks HS Talks
Subjects  
Search
  • Notifications
    Notifications

    No current notifications.

  • User
    Welcome Guest
    You have Limited Access The Business & Management Collection
    Login
    Get Assistance
    Login
    Forgot your password?
    Login via your organisation
    Login via Organisation
    Get Assistance
Finance, Accounting & Economics
Global Business Management
Management, Leadership & Organisation
Marketing & Sales
Strategy
Technology & Operations
You currently don't have access to this journal. Request access now.
Practice paper

Improving organisational resilience through enterprise security risk management

John Petruzzi and Rachelle Loyear
Journal of Business Continuity & Emergency Planning, 10 (1), 44-56 (2016)
https://doi.org/10.69554/AIZS3061

Abstract

Enterprise Security Risk Management (ESRM) is a new philosophy and method of managing security programmes through the use of traditional risk principles. As a philosophy and life cycle, ESRM is focused on creating a business partnership between security practitioners and business leaders to more effectively provide protection against security risks in line with acceptable risk tolerances as defined by business asset owners and stakeholders. This paper explores the basics of the ESRM philosophy and life cycle and also shows how embracing the ESRM philosophy and implementing a risk-based security management model in the business organisation can lead to higher levels of organisational resilience as desired by organisation leaders, executives and the board of directors.

Keywords: ESRM; security risk management; organisational resilience; security management philosophy

The full article is available to subscribers to the journal.

Already a subscriber? Login or review other options.

Author's Biography

John Petruzzi currently holds the position of Vice President, Enterprise Security Operations for Time Warner Cable and is based in New York City. He oversees the deployment and ongoing management of physical security, investigations, threat management and the business continuity and crisis management services of the company. He has extensive experience leading enterprise security, risk and information management services for several domestic and global corporations. He also led the regional operations and business development activities of a global security services and consulting firm. He previously served in the United States Marine Corps as a Non-commissioned Officer. He is an active volunteer of three industry leading associations: ASIS International (ASIS), where he currently serves on the Board of Directors and has previously served as President for the ASIS Foundation; the Information Systems Audit and Control Association (ISACA); and the Information Systems Security Association (ISSA). Additionally he is a founding member of the Alliance for Enterprise Security Risk Management (AESRM). He holds a Bachelor’s degree in Security Management, an Associate’s degree in Criminal Justice, and has completed the ISMA Leadership Programme at Georgetown University. He maintains board certification with the Certified Protection Professional (CPP), Certified Information Security Manager (CISM) and Certified Business Continuity Professional (CBCP) designations.

Rachelle Loyear is the Director of Enterprise Business Continuity Management for Time Warner Cable. She directs BCM programme design and development, crisis management and emergency response planning, business function recovery and continuity planning, BCM training and exercises, and logistical programmes such as state and local OEM relationships and TWC’s continuity equipment and resource programme. She began her career in the Information Technology field and worked in programming and training design prior to joining Time Warner Cable in 2003. At TWC, she worked in development, business analysis, and project management in IT prior to moving into the Enterprise Security Group in 2005. With this diverse background in security, BCM, project management and IT, she approaches business continuity and disaster recovery with a broad methodology that melds many recovery aspects into a cohesive whole. She holds a Bachelor’s degree in History and a Master’s degree in Business Administration. Additionally, she is certified as an MBCP through DRI International; an AFBCI through the Business Continuity Institute; a CISM through ISACA; and a PMP through PMI. She is active in multiple BCM industry groups and is a vice-chair of the Crisis Management and Business Continuity Council of ASIS International.

Citation

Petruzzi, John and Loyear, Rachelle (2016, September 1). Improving organisational resilience through enterprise security risk management. In the Journal of Business Continuity & Emergency Planning, Volume 10, Issue 1. https://doi.org/10.69554/AIZS3061.

Options

  • Download PDF
  • Share this page
    Share This Article
    Messaging
    • Outlook
    • Gmail
    • Yahoo!
    • WhatsApp
    Social
    • Facebook
    • X
    • LinkedIn
    • VKontakte
    Permalink
cover image, Journal of Business Continuity & Emergency Planning
Journal of Business Continuity & Emergency Planning
Volume 10 / Issue 1
© Henry Stewart
Publications LLP

The Business & Management Collection

  • ISSN: 2059-7177
  • Contact Us
  • Request Free Trial
  • Recommend to Your Librarian
  • Subscription Information
  • Match Content
  • Share This Collection
  • Embed Options
  • View Quick Start Guide
  • Accessibility

Categories

  • Finance, Accounting & Economics
  • Global Business Management
  • Management, Leadership & Organisation
  • Marketing & Sales
  • Strategy
  • Technology & Operations

Librarian Information

  • General Information
  • MARC Records
  • Discovery Services
  • Onsite & Offsite Access
  • Federated (Shibboleth) Access
  • Usage Statistics
  • Promotional Materials
  • Testimonials

About Us

  • About HSTalks
  • Editors
  • Contact Information
  • About the Journals

HSTalks Home

Follow Us On:

HS Talks
  • Site Requirements
  • Copyright & Permissions
  • Terms
  • Privacy
  • Sitemap
© Copyright Henry Stewart Talks Ltd

Personal Account Required

To use this function, you need to be signed in with a personal account.

If you already have a personal account, please login here.

Otherwise you may sign up now for a personal account.

HS Talks

Cookies and Privacy

We use cookies, and similar tools, to improve the way this site functions, to track browsing patterns and enable marketing. For more information read our cookie policy and privacy policy.

Cookie Settings

How Cookies Are Used

Cookies are of the following types:

  • Essential to make the site function.
  • Used to analyse and improve visitor experience.

For more information see our Cookie Policy.

Some types of cookies can be disabled by you but doing so may adversely affect functionality. Please see below:

(always on)

If you block these cookies or set alerts in your browser parts of the website will not work.

Cookies that provide enhanced functionality and personalisation. If not allowed functionality may be impaired.

Cookies that count and track visits and on website activity enabling us to organise the website to optimise the experience of users. They may be blocked without immediate adverse effect.