***** Risk Assessment: Theory, Methods, and Applications. By Marvin Rausand. Wiley; wiley.com; 664 pages; $135; also availa-ble as e-book.
Reading this text, it is hard not to be thoroughly impressed by author Marvin Rausand’s brilliant assessment of quantitative approaches to risk management. Although many of the examples cited are from other disciplines, the principles can be applied to security problems as well. It is practical, mathematically rigorous, and contains many theorems. Also, it is well organized as it transitions from one fundamental topic to the advanced topics. The author provides an “additional reading” section at the end of each chapter to reinforce the material.
The quantitatively challenged security professional will find it enlightening, though somewhat daunting. The reader is taken step-by-step through the issues that merit consideration when analyzing risks.
The author draws conclusions with a competent and smooth review of relevant applied probability, statistics, and simulation modeling. The book concludes by offering methods that can be used to assess risk, and it explains what data should be in the collection process to allow for useful analysis of data and findings.
Overall, this book is well researched, well written, and very informative. Reading this work will be an eye-opener for security professionals since Rausand touches upon every conceivable aspect of risk in detail. It is recommended reading for every level of security professional.