December 2009
|
|
SARMA Thanks the Gold-Level Sponsor of our 3rd Annual Conference
|
Visit the PriceWaterhouseCoopers website
|
Need Your Own Copy of The Risk Communicator?
|
|
Write for Us
|
| Have you seen a story you would
like to see included in The Risk Communicator? Do you have a research project you want to share with your colleagues? If so, please contact
the newsletter staff at newsletter@sarma.org. |
Legal Matters
|
Copyright 2009
SARMA
All Rights Reserved
Privacy Policy
The views expressed in The Risk Communicator reflect the views of their authors, and do not neccesarily reflect the views of SARMA, the US Government or the employers or clients of the contributors.
|
|
|
President's Corner
|
|
Dear Fellow SARMA Members,
If you are like me, you are probably thinking it is hard to believe that another year has passed. Even so, it has certainly been eventful - a new President, an economy struggling to recover from recession, continuing wars in Iraq and Afghanistan, and ongoing reminders of the dangers posed by extremist terrorism stretching from Mumbai to Denver.
Around this time last year, I also wrote about the Homeland Security Advisory Council's (HSAC) analysis of the top challenges facing the incoming Homeland Security Secretary. One of the items on that list was improving the way the Department of Homeland Security (DHS) employs risk management principles in its decision-making processes. Specifically, the report called for "establishing and improving performance metrics for measuring risk and building a framework for risk-informed decision-making." In addition, the HSAC recommended that DHS "make an effort to consolidate the different, existing risk management programs across its many components and agencies, to ensure that the DHS risk methodology is consistent within the Department, and consistent when presented to the Department's many partners."
Progress has been made in meeting these goals. The Department has developed a draft Integrated Risk Management Framework. Likewise, the Risk Assessment Process for Informed Decision-making (RAPID) has made progress in establishing a standardized approach for assessing the effectiveness of the Department's risk management efforts. DHS Secretary Janet Napolitano has also made risk management a major area of focus in the ongoing Quadrennial Homeland Security Review (QHSR).
An additional area where progress can be made in the year ahead lies in improving the process for measuring the impact of the Department's preparedness grants. Congress has provided the impetus for reviewing this issue by mandating the creation of a national preparedness task force as part of the Fiscal Year 2010 Homeland Security Appropriations Act.
While the process for allocating the grant funding to states, urban areas and critical infrastructure owners/operators is largely risk-based, the manner in which the funds are expended is not. Efforts to address this issue have been underway almost since the inception of these programs - typically in the form of new requirements for planning and reporting. However, while these initiatives have provided DHS with considerable information on the enhancement of preparedness capabilities, a defensible, risk-based framework for prioritizing expenditures and measuring the impact of investments has remained elusive. Therefore, as DHS prepares to implement the Congressionally-mandated task force, it has been handed a golden opportunity to pause, take stock and implement needed changes. In so doing, it must consider the totality of the requirements levied upon grantees since 2001, while also avoiding the temptation to discard the baby with the bath water.
Among the most critical and challenging issues that must be tackled is the development of an approach to assessing strategic risks in a way that both addresses national priorities and integrates state and regional perspectives. In many respects, the mechanisms for accomplishing this task already exist in the form of the state/regional fusion centers and the Department's Homeland Infrastructure Threat and Risk Analysis Center (HITRAC). However, the precise methodology for defining a risk baseline for each state and urban area still needs to be determined, and once such a risk baseline has been established, it will then be necessary to identify gaps between current and required capabilities. Here again, there are existing data points that should not be ignored or discounted. Examples of potential baseline data include the original needs assessments conducted in 1999 and 2003, and the current State Preparedness Reports.
Once a risk and capabilities baseline has been established, priorities must then be set and a plan for closing gaps developed. Updating existing documents like the State Homeland Security Strategies, Urban Area Homeland Security Strategies, Regional Transit Security Strategies and Port-wide Risk Management Plans could potentially address this requirement. Likewise, in determining the most effective means for addressing each priority, the Target Capabilities List and Cost to Capabilities initiative could provide a valuable foundation upon which to build. If implemented in conjunction with a robust monitoring program, the current administrative burden for grantees could, in all likelihood, also be significantly reduced.
At the end of the day, implementing a risk-based process for making investments in homeland security is essential to providing the nation with the security it needs at a price it can afford. In my opinion, a unique opportunity currently exists to make progress toward this important goal, and SARMA should be prepared to assist this effort in any way it can.
Enjoy your holidays, and this, the final 2009 issue of The Risk Communicator!
Sincerely,
Kerry
Kerry L. Thomas
President
Security Analysis and Risk Management Association
|
|
Events |
|
Conference: The Relevance of Risk Management and Information Sharing to Homeland Security
SARMA is proud to announce that it is co-hosting a unique one-day conference on the topic of "The Relevance of Risk Management and Information Sharing to Homeland Security," with the George Mason University School of Law Center for Infrastructure Protection. The 10 February 2010 event, to be held at GMU's Arlington, Virginia campus, is is being sponsored by PricewaterhouseCoopers.
Scheduled keynote speakers for the event are Rep. Bennie Thompson, the chairman of the House Homeland Security Committee, and Cathleen Berrick of US Government Accountability Office (GAO). Panel discussions will cover such issues as cyber risk mitigation and information sharing in emergency circumstances.
To learn more about the event, please click here.
|
News
|
|
Hospitals Put New Emphasis on Risk Assessment
by Caroline Ramsey Hamilton
The risk assessment process has come to hospitals. Several factors have hospitals reassessing their physical security controls and their ability to adequately protect clinical staff and patients.
In early 2009, the Joint Commission, a non-profit organization responsible for accrediting hospitals, released new recommendations centered on promoting patient safety and security. They included the suggestion that "the hospital should conduct an annual Risk Assessment that evaluates potential adverse impact of the external environment on the security of patients, staff, and others coming into the facility, and use the risks identified to select and implement procedures and controls to achieve the lowest potential for adverse impact on security."
Photo by bowbrick via a Creative Commons License.
At the same time, several surveys, including one by the Bureau of Labor Statistics, have noted an increase in workplace violence in hospitals and other healthcare facilities, with female nurses bearing the brunt. (This might be explained as a by-product of the overall shortage of nurses, which means more nurses are working alone in situations with unstable individuals.) Other challenges include homeless people with psychological disturbances coming into emergency departments, patients attacking nurses and doctors, patients stealing from other patients, stalking by domestic partners and rape.
Although the recession has put pressure on security costs, the Joint Commission's renewed focus on risk management has made physical security a high priority for hospitals. Some of the group's specific recommendations include separate entrances for visitors re-entering emergency departments; discontinuing publication of birth notices; installation of visitor management systems; and badging of visitors. Overall, the Joint Commission made more than 600 specific recommendations.
Hospitals are working hard to improve security and create a truly safe and security environment, not only for patients but for the hospital's doctors, nurses and staff. Increased physical security in hospitals, health care facilities, retirement homes and assisted living facilities is definitely a trend worth watching.
Caroline Ramsey Hamilton is a risk assessment expert based in Annapolis, Maryland, who has built over 20 risk assessment models for different industries. As President of RiskWatch International, she works with organizations around the world to quantify risk. Her next project is creating an aviation security model for a Southeast Asian government.
|
SARMA Welcomes Dr. Michael Gresalfi to Board
For many security experts, radiation threats are associated with dirty bombs, 'suitcase nukes' and attacks on nuclear power sites. But it wasn't that long ago that some of the most worrisome threats came from non-hostile sources such as reactor meltdowns or the improper dismantling of closed nuclear sites. Lessons learned from tackling those issues have been vital in helping policymakers address the threat of radiological terrorism.
Dr. Michael Gresalfi, the newest member of SARMA's Board of Directors, has looked at the radiation threat from numerous angles. Following a position in Army intelligence, he began his private sector career cleaning up demobilized nuclear weapons sites as an environmental program manager with Science Applications International Corporation. That work, he says, made him "interested in health and safety related to radiation and communities around the sites."
Later, when employed by Oak Ridge National Laboratory, Dr. Gresalfi helped create the interagency Homeland Defense Equipment Reuse (HDER) Program, which refurbishes excess radiation monitoring and analysis equipment from Department of Energy sites and distributes it to local first responders. He also supported the definition, rapid prototyping and field deployment of an effort to develop airborne radiation detection systems.
In his current role as senior advisor within FEMA's Disaster Operations Directorate, Dr. Gresalfi is responsible for the development and implementation of FEMA's capacity to respond to, and recover from, the detonation of an improvised nuclear device (IND). As part of his mission objective, he is defining FEMA's IND Response Preparedness Cycle and building its IND Response and Recovery program.
Dr. Gresalfi's experience handling radiation and emergency response issues makes him an ideal addition to SARMA's Board. "Federal decision-makers are becoming increasingly aware of the importance of risk management," he said. "SARMA is a critically important element of that."
|
Education and Programs
|
|
National Risk Management Training for College Sport Safety and Security Command Groups
by Dr. Stacey A. Hall
Since September 11, 2001 the American sports industry has increased its security efforts at high-profile events such as the World Series, Olympics and the Super Bowl. Similarly, college administrators have taken necessary steps to secure stadiums and arenas from all-hazard threats. However, previous research conducted at the National Center for Spectator Sports Safety and Security (NCS4) identified deficiencies in the level of preparedness of intercollegiate venue managers related to risk management practices and effective emergency response and evacuation. Effective risk management practices are imperative to reduce legal exposure, protect assets and prevent financial loss.
NCS4, in conjunction with DHS and with cooperation from the National Association of Collegiate Directors of Athletics, has developed a Sport Event Risk Management (SERM) training curriculum for key security personnel at NCAA institutions. The workshop is focused on building multi-agency collaboration capabilities among college sport security command groups. Sport security command groups are composed of specialists from five distinct areas: athletic departments, campus police, emergency management, fire/hazardous materials and emergency medical/health services. Additional representatives may be culled from public health, public relations and media personnel. The expectation is for the college leadership teams to return to their respective universities and coordinate development of a SERM system.
The curriculum consists of several modules including threat assessment, incident management, multi-agency collaboration and planning, sport venue risk assessment, protective security measures, staff training and exercises. The two-day 2010 SERM workshops will start in April and will run through July. Currently, there are 37 workshops scheduled with an invitation list of over 500 NCAA institutions. The workshop schedule and invitee list can be seen online at the NCS4 website.
Dr. Stacey A. Hall is Associate Director of the National Center for Spectator Sports Safety and Security at the University of Southern Mississippi.
|
|
Key Reports |
|
UN: New Technologies in Emergencies and Conflicts
A new report by the United Nations Foundation finds new technology provides a unique opportunity for improving emergency communications but "the right balance between faster access to and reliability of information must be found."
Get the report
DHS: FY 2010 Preparedness Grant Programs Overview
DHS's 2010 grant application guidance
kits cover 13 DHS grant programs totaling more than $2.7 billion in funding
for state, local, tribal and territorial governments and private-sector
entities.
Together, DHS grant programs may fund a wide range of preparedness
activities, to include planning, organization, equipment purchase,
training, exercises and grant management and administration costs.
Get the report
DHS: Security of Air Cargo During Ground Transportation
The department's inspector general finds in a new report that "air cargo is vulnerable to the introduction of explosives and other
destructive items before it is loaded onto planes, potentially creating
risks for the traveling public." The audit "recorded 254
violations of access controls, 731 related to security-threat
assessments and 1,655 of security training and testing requirements."
Get the report
|
Jobs
|
|
Analyst Position with the Federal Emergency Management Agency (FEMA)
General:
ABS Consulting is seeking a talented professional to provide technical and management consulting services to the federal government, specifically in the area of homeland security risk analysis for grant allocation at FEMA. Education and experience with economics or a related field is a key requirement. An active security clearance is preferred.
Education:
- BS or MS in economics or related field
Experience:
- 1-2 years experience in the consulting, economics or engineering disciplines
Desired Background and Skills:
- Strong technical background in economics and mathematics
- Relevant coursework in risk analysis, decision analysis, economics and other technical disciplines designed to support data-driven decision making
- Possess and have demonstrated excellent written and oral communication skills
- Strong working knowledge of Excel
- Demonstrated ability to work as member of a team or independently
- Demonstrated ability to conduct, document and explain complicated technical issues
Send resumes and cover letter to:
Jake Stenzler Director, DHS Risk Programs ABS Consulting E-Mail: jstenzler@absconsulting.com |
|
|
|
|
