Q EXERCISE #1 - RISK MANAGEMENT PRINCIPLES AND PRACTICES The ASIS "General Security Risk Assessment Guideline" is a 2003 ASIS International publication and a key resource for security operatives responsible of examining, evaluating, and managing risk to organizational assets and planning security operations. After thoroughly reading and studying the publication’s contents, particularly the seven (7) Recommended Practice Advisories and the corresponding commentaries, explain why a corporate security officials must understand the various risk management principles and be able to apply those principles when assessing the vulnerability of an organization’s assets. Incorporate into your response the significance of determining not just the various crime-related AND non-criminal threats to assets, but also the impact or "criticality" (losses, harm, and costs) of those threat or “risk” events AND the probability or likelihood of those events occurring. Use examples to demonstrate the points you make in your response. Finally, identify the various information sources available to corporate security officials to determine the probability of the various threats that may be directed at the organization. Again use examples of sources used by a real-world company (Exxon, Walmart, Apple, Proctor and Gamble, Amazon, Kroger, etc.) to demonstrate the points you make in your response.