The Risk Communicator: May 2007 EditionWelcome to the Risk Communicator, SARMA's newsletter for information, trends and issues of concern to security analysis and risk management professionals. This complimentary news service is distributed every other month. Please feel free to share this e-mail with your colleagues and encourage them to sign up to get their own copy here.
If your server is blocking HTML e-mails you can view the current Risk Communicator through your browser by clicking: here.
|
Letter from the PresidentDear members and friends of SARMA,
I am pleased to have this opportunity to offer you the first newsletter of the Security Analysis and Risk Management Association (SARMA). Whether you are already a SARMA member or still considering membership, I hope that this newsletter and the ones which will follow it will become a valuable source of information for you.
As the Founding President of SARMA, this first newsletter represents more to me than just the collection of a news stories and useful information for security analysis and risk management professionals. For me it is a tangible indication of the progress SARMA has made in its first year as an all-volunteer, non-profit, professional trade association. Thanks to the collective efforts of numerous dedicated professionals, the security analysis profession has now taken its first bold steps toward organizing with a common goal and the public good in mind.
[Read More]
|
Return
to the top What is SARMA?The Security Analysis and Risk Management Association (SARMA) is a professional association serving those responsible for analyzing and managing security risks to systems, structures and operations from man-made threats. SARMA was created to provide a forum for the further development, standardization, and professionalization of the security analysis and risk management discipline. It is dedicated to providing leadership, education, and certification for security analysis and risk management professionals.
SARMA's goals are to:
1. Provide a forum for security analysis and risk management professionals to share information, ideas, and methodologies and collaborate to improve the development and application of the security analysis and risk management profession
[Read More]
|
Return
to the top Register Now!SARMA's First Annual Conference
Register Now! The First Annual SARMA conference is nearly upon us, but there is still time to register. The conference, entitled Risk Based Decision-making for Security: The Future of Security Analysis will be held May 22-23 at the Georgetown University Conference Center in Washington DC.
The agenda boasts three tracks of speakers addressing security analysis and risk management issues across a full range of uses in antiterrorism, counterintelligence, infrastructure protection, technology protection, information security, and other traditional security applications. "SARMA is honored to have many great speakers representing organizations such as the President's Homeland Security Council, the Departments of Homeland Security, Transportation Security Administration, US intelligence community, the military services, and numerous private sector experts," notes SARMA President Ed Jopeck, "This is the only conference where so many leading security risk management leaders, practitioners, and experts come together under one roof to share information and address the problems and the future of the profession."
For more information e-mail conference@sarma.org, or call SARMA at 703-635-7906. PLEASE JOIN US!
[Read More]
|
Return
to the top Spotlight on SARMA ProjectsKerry L. Thomas, Executive Vice President, Security Analysis and Risk Management Association
As an association created for security analysis and risk management practitioners, SARMA is committed to the betterment of the profession by providing leadership, education and certification for security analysis and risk management professionals. SARMA approaches its mission in a variety of ways, including through special projects that address key issues and common areas of interest. In this spirit, one of the Association's initial undertakings, the Common Knowledge Base (CKB) Program, is intended to address issues that have stymied practitioners since the terror attacks of September 11, 2001 - the lack of a common lexicon for security risk analysis, the lack of any comprehensive resource for understanding the various ways in which risk has been assessed in the past, and the lack of generally accepted approaches for tackling key issues like valuations of human life.
[Read More]
|
Security Risk Analysis Common Lexicon Project
The importance of words and their proper usage has been noted by experts throughout history. Without a common and consistent vocabulary for security risk analysis, its development is constrained, much like the completion of the biblical Tower of Babel was made impossible by the lack of a uniform language shared by those building the tower.
SARMA's founders believe that efforts to advance the profession and its analytical methods without a common professional language will end in frustration, inefficiency, and perhaps even failure. In recognition of this, SARMA has established the Security Risk Analysis Common Lexicon Project as one of the three initial efforts under the CKB Program.
Any practitioner may contribute to the Common Lexicon Project, and suggested terms and definitions will be accepted via the SARMA web site through August 31, 2007. A proposed list of terms and associated definitions for the Common Lexicon will then be published by the SARMA Project Team for additional review and comment.
It is anticipated that the first edition of the Common Lexicon will be published in final form by December 31, 2007. It is further anticipated that it will be reviewed annually thereafter to ensure it remains current and topical.
[Read More]
|
Return
to the top
Wiki of Security Analysis and Risk Assessment Methods Project
As long as security analysis and risk assessments have been performed, countless surveys and studies of available analytical methods, methodologies and processes have been conducted. Despite this, little of lasting or educational value has been created. Many such studies have been conducted in a less than thorough manner, and for limited purposes. As such, they provide little of enduring value to the security professional looking to increase his or her knowledge, and still less for serious practitioners, researchers and methodology developers.
The Wiki of Security Analysis and Risk Assessment Methods Project, another of the initial efforts under the CKB Program, is intended to capture the current state of the profession in an encyclopedic fashion - one that will provide the necessary foundation for future improvements in the profession and further educational development of security professionals themselves. The project leverages the same technology used by the original Wikipedia to create a dynamic environment where anyone who enters may add or edit content. It is envisioned that the Wiki will be an ongoing effort that adapts to changes in the profession and provides a current point of reference for the practitioner community for many years to come.
[Read More]
|
Return
to the top Bookmark SARMA.org| Check out sarma.org and help us make this a valuable resource to SARMA members and friends. Use the LIBRARY to find key reports-or send us links to some of your favorite resources. Check out the EVENTS page to see a calendar of upcoming meetings and events. Check out the OPPORTUNITY page to volunteer to help build SARMA or to look for job listings. Stop by, see what the site has to offer, and send us your feedback and ideas. |
Return
to the top Thought ProvokingWhat Makes a Threat a Threat?
A principal component necessary to derive a level of risk is characterizing the threat and then ascribing some value to that characterization. Specifically we need to know how threatening the threat is to one or more of our assets that may consist of our people, information, equipment, facilities, operations or activities. Threats may be categorized in a number of ways for example manmade or natural. Among the former are terrorists, criminals, foreign military, foreign intelligence services, business competitors and among the later flood, tornado, hurricane, lightning, mudslide, earthquake, eruption, etc.
[Read More]
|
Return
to the top OtherCommon Knowledge Base
Check out sarma,org and help us make this a valuable resource to SARMA members and friends. Use the LIBRARY to find key reports-or send us links to some of your favorite resources. Check out the EVENTS page to see a calendar of upcoming meetings and events. Check out the OPPORTUNITIES page to volunteer to help build SARMA or to look for job listings. Stop by, see what the site has to offer, and send us your feedback and ideas.
[SARMA Common Knowledge Base]
|
Spotlight on SARMA Projects
As an association created for security analysis and risk management practitioners, SARMA is committed to the betterment of the profession by providing leadership, education and certification for security analysis and risk management professionals. SARMA approaches its mission in a variety of ways, including through special projects that address key issues and common areas of interest. In this sprit, two of the Association's current projects tackle issues that have stymied practitioners since the terror attacks of September 11, 2001 - how we talk about risk in the context of security and understanding the various ways in which it has been assessed.
The importance of words and their proper usage has been noted by experts throughout history. Without a common and consistent vocabulary for security risk analysis, its development is constrained, much like the completion of the biblical Tower of Babel was made impossible by the lack of a uniform language shared by those building the tower.
SARMA's founders believe that efforts to advance the profession and its analytical methods without a common professional language will end in frustration, inefficiency, and perhaps even failure. In recognition of this, SARMA established the Security Risk Analysis Common Lexicon Project to develop a broad-based, consensus solution. Any practitioner may contribute, and the Project will accept suggested terms and definitions via the SARMA web site through August 31, 2007. A proposed list of terms and associated definitions for the Common Lexicon will then be published by the SARMA Project Team for additional review and comment. It is anticipated that the Common Lexicon will be published in final form by December 31, 2007.
Similarly, as long as security analysis and risk assessments have been performed, countless surveys and studies of available analytical methods, methodologies and processes have been conducted. Despite this, little of lasting or educational value has been created. Many such studies have been conducted in a less than thorough manner, and for limited purposes. As such, they provide little of enduring value to the security professional looking to increase his or her knowledge, and still less for serious practitioners, researchers and methodology developers.
The Wiki of Security Analysis and Risk Assessment Methods Project is intended to capture the current state of the profession in an encyclopedic fashion that will provide the necessary foundation for future improvements in the profession and further educational development of security professionals themselves. The project leverages the same technology used by the original Wikipedia to create a dynamic environment where anyone who enters may add or edit content. It is envisioned that the Wiki will be an ongoing effort that adapts to changes in the profession and provides a current point of reference for the practitioner community for many years to come.
Both projects will be addressed in detail during the SARMA Projects and Business Meeting session on the second day of the upcoming SARMA Conference. For more details on all SARMA activities, I invite you to visit the SARMA web site at www.sarma.org. If you are a risk management practitioner, SARMA needs your help in making these projects successful. Please take an interest in supporting one of the SARMA projects and contact the SARMA Projects Committee at projects@sarma.org.
Kerry L. Thomas, Vice President for Operations, Security Analysis and Risk Management Association
|
Return
to the top | |
|
|
|
|
|
|
|
|
|
| Contact
SARMA |
|
SARMA
P.O. Box 710172
Herndon, VA 20171
Phone: (703) 635-7906
Fax: (703) 635-7935
E-mail: info@sarma.org
| |
|
|
Sponsor
Notices
|
|
SARMA thanks the following organizations for their support:
| |
|
|
The Risk Communicator |
The Risk Communicator, newsletter of SARMA, the Security Analysis and Risk Management Association
Send questions and comments to
Editor-in-Chief
newsletter@sarma.org
Copyright 2008.
SARMA All rights reserved.
PRIVACY
POLICY
The views expressed in the Risk Communicator reflect the views of their authors, and do not necessarily reflect the views of SARMA, the US Government, or the employers or clients of the contributors.
|
|
|
