Security management is the identification of an organization's assets (including
information assets), followed by the development, documentation, and implementation
of policies and procedures for protecting these assets. An organization uses such
security management procedures as information classification, risk assessment, and
risk analysis to identify threats, categories assets, and rate system vulnerabilities
so that they can implement effective controls and prevention of losses.
Loss prevention focuses on what your critical assets are and how you are going to
protect them. A key component to loss prevention is assessing the potential threats
to the successful achievement of the goal. This must include the potential opportunities
that further the object (why take the risk unless there's an upside?) Balance probability
and impact determine and implement measures to minimize or eliminate those threats.
Management of security risks applies the principles of risk management to the management
of security threats. It consists of identifying threats (or risk causes), assessing
the effectiveness of existing controls to face those threats, determining the risks'
consequence(s), prioritizing the risks by rating the likelihood and impact, classifying
the type of risk and selecting and appropriate risk option or risk response.
Security Management Systems (SeMS) protects facilities. It is a security solutions
for organization of every size. The main focus of Security SMS is keeping facilities
and data secure.
The Security Management System (SeMS) is an application that organization will use
to grant their staff access to secured information. The role of Security Manager
is important. ICAO has implemented Security Management System in Aviation Business.,
which is being implemented in Pakistan CAA.