Skip to main content
Search
Practice paper

Building resilience: The role of enterprise security risk management in developing a resilient organisation

Tim Mccreight
Journal of Business Continuity & Emergency Planning, 17 (4), 363-374 (2024)
https://doi.org/10.69554/FWWL3167

Abstract

Enterprise security risk management (ESRM) has continued to gain global acceptance as a management philosophy for the development and implementation of an enterprise-wide corporate security programme. As organisations continue to rebuild and recover from COVID-19, the value of assessing the resilience of an organisation through regular testing of its response to events has gained prominence. There are opportunities to link the development and implementation of a risk-based approach for designing a security programme, to assessing an organisation’s resilience to future events. Organisations can benefit from the complementary approaches of ESRM and organisational resilience once the commonalities are identified and embraced. This paper expands upon the ESRM management approach, linking the concepts of ESRM to the design of a resilient enterprise.

Keywords: enterprise security risk management; ESRM; organisational resilience; risk-based

The full article is available to subscribers to the journal.

Already a subscriber? Login or review other options.

Author's Biography

Tim Mccreight is Vice President — Canada for Apollo Information Systems. Prior to joining Apollo, he held several positions including National Director Market Development and Strategic Advisory for CGI; Managing Director — Enterprise Security for CP Rail; Chief Security Officer for the City of Calgary; and Chief Information Security Officer for the Government of Alberta. McCreight has over 40 years’ experience in both physical and cyber security, developing enterprise security programmes in both realms. He is the immediate Past President of ASIS International for 2023, and has attained his CISSP, CPP and CISA designations. McCreight earned his Master of Science in Security and Risk Management (with merit) from the University of Leicester.

Citation

Mccreight, Tim (2024, June 1). Building resilience: The role of enterprise security risk management in developing a resilient organisation. In the Journal of Business Continuity & Emergency Planning, Volume 17, Issue 4. https://doi.org/10.69554/FWWL3167.

Options

cover image, Journal of Business Continuity & Emergency Planning
Journal of Business Continuity & Emergency Planning
Volume 17 / Issue 4
© Henry Stewart
Publications LLP