Figure 2 - Integrated Security Risk Management
The image illustrates how security risks can be managed at all levels of program activity. A vertical arrow portrays that security risks range from operational at the bottom of the arrow to strategic at the top. Parallel to the arrow is a pyramid depicting departmental operations. The pyramid is divided into five horizontal tiers that represent the levels of program activity architecture. The bottom tier, entitled "operations" includes information, assets, services, and individuals. Working up from the bottom, the second, third and fourth tiers are together entitled "programs". The second tier represents "sub-sub-activities". The third tier represents "sub-activities" and the fourth tier represents "program activities". The fifth tier, and the top of the pyramid entitled "departmental", represents the strategic outcomes of a department.
Return to the Complete Text