top of page


What is the
SRM body of knowledge?

Protecting Our Societies Through Excellence in Security Risk Management

The 2008 edition of the Security Risk Management Body Of Knowledge (SRMBOK) was the first comprehensive attempt to define the scope and content of the security risk management profession. It standardizes knowledge and practices, guides professional development, ensures quality and compliance, adapts to emerging threats, and supports decision-making in this complex, evolving field. SRMBOK integrates cross-disciplinary insights, which are crucial for navigating the diverse challenges in security risk management. This website builds on that tradition with additional resources and information.


The Full Story

In 2008, we published the original SRMBOK where we did our best to outline and integrate all there was to know about security risk management.


The first edition was a paperback book of roughly 450 pages, where, with the help of over 100 security and risk professionals, we outlined best practice and did our best to integrate and align the various SRM models and concepts..


We updated that in 2009 into a hard cover second edition published by John Wiley and Sons of New York which was almost 500 pages. The world is changing almost daily it seems so Julian, Miles, and Jason, with the help of dozens of generous contributors are now working on the third edition.

On this website, you will find some of our updated initial thoughts, training offerings, additional resources, and guides to implementing security risk management. 

For the moment, you can also find an update to the original SRMBOK in the Security Risk Management Aide-Mémoire (SRMAM).

What People Say About SRMBOK

John Pumphrey

“This is the most cogent synthesis of enterprise security risk management that I have found. I especially appreciate the diagrams and tables that compliment the text and have used this material to explain security risk management activities at the strategic and operational levels. I consider this a 'must have' text.”

Jan Husdal

“This 445-page heavy-weight of a book ... is is a vast and practically all-encompassing repository of knowledge, filled with accepted best practices, innovations and research in the evolving field of security risk management. Accompanied by rich and colorful illustrations on every other page, the message is clear: While today's business world may be complex, security risk management doesn't have to follow suit with the same complexity.”

Tony Ridley

“Read this book and enjoy the benefits it holds. Unlike the vast majority of technical security manuals, this book is very easy to read and extremely helpful in communicating the key points in order to achieve success and get immediate results.
Great visuals, practical case examples, insightful teachings, natural flow and based on actual experience.”
Join our mailing list

Thanks for subscribing!

SRM Resources


Thanks for getting in touch!

Subscribe Form

Thanks for subscribing!

bottom of page