In this publication, Prof Doraval Govender has produced a comprehensive study focused on the management of security information by security practitioners in the field of private security. However, it is as applicable for security managers and risk managers working in government departments and entities.

In the process of researching this topic, Prof Govender also investigated aspects of the sub-discipline of security risk management. As a starting point for his analysis he used the broad concept/term ‘security’, which in itself implies that there exists the threat of risk. Such security risk or threat can emanate from a number of different quarters inter alia terrorism, cybercrime and other forms of criminality or identity/personal information theft threat. As a result, organisational management decisions on security risk control measures need to be taken in order to secure an organisation from all of these diverse threats. The security industry itself operates within a diverse and multi-disciplined knowledge base, with security risk management being a fundamental knowledge domain within the security environment.

Accordingly, his study was undertaken in order to understand the role of security information and its collection, interpretation and utilisation in addressing the threat of risks facing in the security industry and the clients they serve and protect. Any incidents of information theft, breaches in security, threats and vulnerabilities have the potential to negatively affect an organisation's assets. Therefore, as Prof Govender points out, information on these incidents, threats and vulnerabilities are crucially important to any organisation's overall security.

The core outcome of his research and outlined in detail in this book was the development of a security information management model (SIMM). In brief, this model is explained as follows: Security information management is spread out in three phases, namely the collection of security information phase; analysis of security information phase; and the implementation of security risk control measures phase. The collection and the analysis of the security information is handled by the Security Information Management Centre (SIMC) and referred to top management as an analysis report (result/outcome). The analysis report is handled by top management and referred to the operational manager or the human resources manager for the application of security risk control measures.