Preface Acknowledgments Author Risk Analysis: The Basis for Appropriate and Economical Countermeasures For Students Using This Book in an Academic Environment Introduction Critical Thinking Qualitative versus Quantitative Analysis Theory, Practice, and Tools Organization Summary References Q&A Risk Analysis Basics and DHS-Approved Risk Analysis Methods Introduction U.S. Department of Homeland Security Concerns Risk Analysis for Facilities and Structures Many Interested Stakeholders and Agendas Commercially Available Software Tools Risk Analysis Basics Risk Assessment Steps Which Methodology to Use? Summary References Q&A Risk Analysis Skills and Tools Introduction Security Risk Analysis Skills Security Risk Analysis Tools Summary References Q&A Critical Thinking and the Risk Analysis Process Introduction Overview of Critical Thinking Importance of Critical Thinking Analysis Requires Critical Thinking The Eight Elements That Make Up the Thinking Process The Concepts, Goals, Principles, and Elements of Critical Thinking Summary References Q&A Asset Characterization and Identification Introduction Theory Practice Tools Summary Reference Q&A Criticality and Consequence Analysis Introduction Twofold Approach Criticality versus Consequence Criticality Visualization Consequence Analysis Building Your Own Criticality/Consequences Matrix Criticality/Consequence Matrix Instructions Summary Q&A Threat Analysis Introduction Theory Practice Tools Predictive Threat Assessment Inductive versus Deductive Reasoning Predictive Risk Example Summary References Q&A Assessing Vulnerability Introduction Review of Vulnerability Assessment Model Define Scenarios and Evaluate Specific Consequences Evaluate Vulnerability Summary References Q&A Estimating Probability Introduction Resources for Likelihood Criminal versus Terrorism Likelihood Resources Criminal Incident Likelihood Estimates Summary References Q&A Risk Analysis Process Introduction Objective Complete Risk Analysis Process Risk Analysis Process Diagram Analysis Asset Target Value Matrixes Probability Summary Matrix Vulnerability Components Summary Q&A Prioritizing Risk Introduction Prioritization Criteria Natural Prioritization (Prioritizing by Formula) Prioritization of Risk Communicating Priorities Effectively Best Practices: Ranking Risk Results Summary Q&A Security Policy Introduction Introduction Hierarchy of Security Program Development What are Policies, Standards, Guidelines, and Procedures? Summary Q&A Security Policy and Countermeasure Goals Introduction Theory Role of Policies in the Security Program Role of Countermeasures in the Security Program Why Should Policies Precede Countermeasures? Security Policy Goals Security Countermeasure Goals Policy Support for Countermeasures Key Policies Summary Q&A Developing Effective Security Policies Introduction Process for Developing and Introducing Security Policies Policy Requirements Basic Security Policies Security Policy Implementation Guidelines Regulation-Driven Policies Non-Regulation-Driven Policies Summary Q&A Countermeasure Goals and Strategies Introduction Countermeasure Objectives, Goals, and Strategies Access Control Deterrence Detection Assessment Response Evidence Gathering Comply With The Business Culture of the Organization Minimize Impediments to Normal Business Operations Safe and Secure Environment Design Programs to Mitigate Possible Harm from Hazards and Threat Actors Summary Reference Q&A Types of Countermeasures Introduction Baseline Security Program Specific Countermeasures Countermeasure Selection Basics Summary References Q&A Countermeasure Selection and Budgeting Tools Introduction The Challenge Countermeasure Effectiveness Functions of Countermeasures Countermeasure Effectiveness Metrics Helping Decision Makers Reach Consensus on Countermeasure Alternatives Summary Q&A Security Effectiveness Metrics Introduction Theory Sandia Model A Useful Commercial Model What King of Information Do We Need to Evaluate to Determine Security Program Effectiveness? What Kind of Metrics Can Help Us Analyze Security Program Effectiveness? Summary References Q&A Cost Effectiveness Metrics Introduction What are the Limitations of Cost-Effectiveness Metrics? What Metrics Can Be Used to Determine Cost Effectiveness? Communicating Priorities Effectively Complete Cost Effectiveness Matrix Complete Cost Effectiveness Matrix Elements Summary Q&A Writing Effective Reports Introduction Comprehensive Risk Analysis Report Summary Q&A.