Security, Risk, Safety and Resilience Newsletter - Week of 24 Mar 22
Ridley Tony
Experienced Leader in Risk, Security, Resilience, Safety, and Management Sciences | PhD Candidate, Researcher and Scholar
The following is a summary of security, risk, safety and resilience articles, topics and issues ending the week of 24 Mar 22.
Key themes for this week include:
-----------------------------------------------------------
Risk management policy is influenced by organisational and individual doctrine.
That is, organisational and individual ideology shapes both policy and framing of 'risk', inclusive of how it is 'managed'.
However, few organisations and entry-level risk practitioners adequately understand or disclose doctrinal variance or alternatives, including the likely counterpart for each dominate doctrinal approach.
More problematic is that of risk management policy which is created over many years, via many stakeholders and varying leadership.
In other words, current risk management policy may be the product of many varied and past doctrinal influences and ideology.
"The?#RiskManagement?Process for Federal Facilities: An Interagency Security Committee Standard (Standard) defines the criteria and processes that those responsible for the?#security?of a facility should use to determine its facility security level (FSL) and provides an integrated, single source of physical security countermeasures for all Federal facilities. The Standard also provides guidance for customization of the countermeasures for facilities and the integration of new standards and concepts contained in the Interagency Security Committee’s (ISC)?"
The concept and application of security remains predominately situational.
That is, the specific locale, context and circumstances which combine result in either secure or unsecure outcomes.
Moreover, security is further nuanced into prevention and that of protection.
The distinction being is that prevention results in deterrence of security related threats and compromises, whereas protection is more assertive, visible, actively applied in order to protect one or more assets.
"A clear and coherent written policy framework supports the effective, efficient and accountable management of?#security?operations. The security policy framework is comprised of guidance material, hereby defined as all types of documents that explain principles, responsibilities and procedures to United Nations personnel. These include Policies, Guidelines, Manuals, Handbooks, Aide Memoires and Communiqués."
Security, risk and intelligence continue to struggle with acceptance and scales of demonstrable, consistent 'professionalism'.
That is, making clear distinctions between 'craft' or alchemy-style practices to that of a bonafide profession and/or science.
Most recently, intelligence scholars and academics have lamented:
"Private sector intelligence is on its way to professionalization, but the road is a long one and the destination is uncertain.??" (Robson Morrow, 2022)
领英推荐
"The purpose of the?#cybersecurity?principles within the ISM is to provide strategic guidance on how an organisation can protect their systems and data from cyber threats. These cyber security principles are grouped into four key activities: govern, protect, detect and respond. An organisation should be able to demonstrate that the cyber security principles are being adhered to within their organisation.?"
All too often, projects go astray. Risk is not managed, safety is less assured and security is not achieved.
Ironically, many projects continue to drift into failure, long after all the warning signs and concerns are documented or communicated.
Paradoxically, many projects continue to 'double down' or escalate commitment when warning signs of duress, failure or drift are first realised.
As a result, risk, safety and security is not only revised but routinely distorted to conform to the 'new' vision, vigour or corrective view.
In other words, projects and business initiatives continue to stay the 'wrong course' in safety, security and risk despite efforts to correct errors, drift or pending failure.
"Enterprise Risk Management – How?#riskmanagement?as a set of coordinated activities is applied at Council to manage the significant?#risks?to operations and the organisation itself?"
Recent, significant flooding in Australia has been described as an unprecedented and unforeseeable risk by some.
But, is it really?
In reality, like many other significant disasters in recent years, the flooding and catastrophic outcomes where not only foreseeable but communicated at length to successive governments, decision makers and communities.
Moreover, collective building programs changing flood plain landscapes, lack of central oversight and a lack of focus on more than just physical construction solutions to mitigate flood risk compounded the vulnerability and threat.
"The?#riskmanagement?process begins by outlining the approach necessary to identify, assess, and prioritize the risks to federal facilities. The process provides the method for determining the facility security level (FSL) based on the characteristics of each facility and the federal occupant(s) who inhabit that facility. The five factors quantified to determine the FSL are mission criticality, symbolism, facility population, facility size, and threat to tenant agencies. After using the five factors, the assessor may then consider any intangibles that might be associated with the facility. An adjustment to the FSL may be made accordingly, and a final FSL is determined.?"
"Security Risk Management is essential to achieving the United Nations goals by decreasing the effect of threats. Security Risk Management offers a structured approach to identifying and assessing the threats to the United Nations, enabling identification of SRM measures to reduce the level of assessed?#risk?and enhancing the decision-making process in line with the Framework of Accountability, UNSMS policies and guidelines. It allows managers to maximize programme opportunities and to allocate security-related resources in ways that enable programme delivery within acceptable levels of risk.3 It is vital for achieving the planned and envisioned programme results for the UNSMS organizations, especially in complex and dangerous environments?"
Tony Ridley, MSc CSyP MSyI M.ISRM
Security, Risk, Safety, Resilience & Management Sciences
Bachelor of Commerce - BCom from Nizam College at Hyderabad Public School
2 年????
Adjunct Fellow-Tourism at University of Technology Sydney
2 年Tony, There is some great information in your newsletters.