What factors might determine which traditional method for treating risk (reduce, transfer, avoid, redistribute, and accept) would be the most appropriate to take in order to appropriately manage identified risk? What are the three distinct stages found within the ISO 31000 Risk Management process and what are some example of how the security manager would carry each out?
The post should be at least 350 words. Please use the links below as sources. APA format.
Security Science : The Theory and Practice of Security – Chapter 3
Strategic Security Management : A Risk Assessment Guide for Decision Makers – Chapters 3, 5, and 6