Ideally implemented, an Enterprise Security Risk Management approach would help organizations plan and prepare to reduce the likelihood or impact of events from occurring, while ensuring that appropriate response and recovery processes are in place, should an event occur. But what does a successful execution of this approach actually look like? Where do ERM and ESRM cross paths and when are you aligned, or just a line?

Join ASIS and Resolver for a discussion on the emerging trend towards Enterprise Security Risk Management in the risk and security industries, including what it entails and where it’s headed. Panelists include industry pundits Dennis Shepp, Security Industry Consultant, Brian McIlravey, EVP of Command Center Applications at Resolver, Brian Link, VP of GRC Strategy and Partnerships at Resolver.

Based on empirical data, individual perspectives and apparent attitudes within the security, audit and risk communities respectively, the panelists will address the following topics:

• Are we there yet? What do the next 2,3, 5+ years look like for ESRM?

• ERM vs. ESRM alignment? What is ESRM, how is it different from ERM and why are dominant industry organizations, such as ASIS, specifically pivoting towards it?

• How to get there? What tools are needed to implement ESRM and what are the potential pitfalls or drawbacks to its implementation? Are there lessons learned from organizations that have successfully implemented ERM that are relevant to ESRM as well?