Enterprise Security Risk Management (ESRM) considers a variety of operating environments that influence organizational risk, including geopolitical, economic, legal, and technological factors. The geopolitical environment—such as regional instability, regulatory changes, and political threats—plays a critical role in shaping security strategy and risk prioritization.

A (Legal), B (Digital), and C (Physical) are important, but they are all subsets of the broader geopolitical and global risk context within ESRM.