Umberto Saccone
Ed Aracne
pp. 488
This latest book by Umberto Saccone, Governare ilrischio, fits into the climate of renewed attention by public opinion on security issues, due in part to the international but also national context, particularly due to the threat of ideological-religious terrorism. A Security Risk Management model, published by Aracne.
Nowadays, every person, community, structure, organization is particularly vulnerable and exposed to a variety of risks and in particular those related to security, says the author, senior vice president of security Eni, tracing in the thick pages of the volume the evolution of the risk concept and reiterating the importance of analysis, prevention and risk management within companies, complex organizations and institutions, whether private or public.
But what is the risk? Saccone defines the "risk" as "the probability of a given system or of a socio-system to suffer damage due to an intentional or accidental event" and, more specifically, "a function of the threat, of the vulnerability, of the impact and probability ".
Risks can be classified into strategic, financial, operational and potential. The risk of security falls within the latter, and is defined as "any event that may compromise company assets and personal injury" originating from a cause outside the company's business.
Once the security risk has been identified and its level of danger related to the probability of occurrence and the vulnerability of the system, all corrective and / or preventive actions must be taken. It is therefore essential for an organization to acquire an adequate security risk management process. A tool, that is, that allows to identify, analyze, prevent and manage the risks connected to the organization's activity, both tangible and intangible.
The model of security risk management developed in the essay is a deliberately general model, which can be used by any organization, if properly adapted to its activities, its objectives, its strategies and security needs. On the one hand, in fact, it develops a process based on the Plan-Do-Check-Act cycle, on the principles of quality and on the risk management techniques, which should be the basis of the security function in any organization, but on the other hand indicates some areas of activity and operational responsibilities attributable to the function itself, so that each company based on its specific needs can identify those of direct interest.
Another in-depth theme in the book is that on security legislation, understood as the set of safety (worker safety) and security (corporate security). According to the author, the current legislation appears to be lacking for the part concerning security activities, unlike that relating to safety activities, which are fully regulated. This regulatory vacuum "has slowed down the affirmation of security functions within companies". Saccone also insists on the need for cooperation and collaboration between the institutions responsible for national security and corporate security functions, proposing the formula of Public Private Partnerships (PPP).
These are the lines along which the articulated essay of Saccone unfolds, which is a candidate to be a first point of reference for companies in the construction of their security functions and structures and which at the same time may constitute an element of reflection and stimulating a debate on what should be - and what should be done - corporate security in our country.
Nicola Festa
