Key concepts in security risk management: A psychometric concept map to approach to understanding

Document Type



VDM Verlag Dr. Müller

Place of Publication

Saarbrücken, Germany


Faculty of Computing, Health and Science


School of Computer and Security Science / Centre for Security Research




Brooks, D.J. (2009). Key concepts in security risk management: A psychometric concept map to approach to understanding. Saarbrücken, Germany: VDM Verlag Dr. Müller. Original book available here



Risk management is becoming a well established discipline, with its own body of knowledge and practitioners. States worldwide now have their own risk management standards and in many, it is the company directors'' responsibility to ensure risk management compliance. A subset of risk management is security risk management; however, security risk is unique from other forms of risk management and many generic risk models lack key concepts necessary for effective design, application and mitigation of security risks. This book defines the key concepts of security risk management and forms these into a conceptual map, based on a scientific study. The security risk management map demonstrates the inclusive and spatial locality of the more significant security risk concepts, domain complexity and the central aspect of such concepts as threat, criticality, etc. In addition, the book presents 14 core organisational security knowledge categories, arranged within a framework. Such an approach allows in-depth understanding, improved teaching and learning, system design and application of these areas of security and security risk management.