Enterprise Risk Management (ERM) is the process of planning, organizing, leading, and controlling the activities of an enterprise in order to minimize the effects of risk. It includes not just those risks that result from the normal operation of an enterprise, but also those that originate from actors that intentionally want to cause harm to an enterprise, its assets and operations. We call these security risks.
Security Risk Management (SRM) applies the principles of risk management to the management of security risks and threats using intelligence-led security best practices. It is the demarcation of risk into the security silo from the broader ERM framework for the purposes of isolating and analysing unique events, outcomes and consequences that may cause harm or pose a danger to an enterprise. To read more on Core's solutions to managing your security risks, please follow these links: