1 / 41

Contemporary Security Management Chapter Nine Managing Risk

Contemporary Security Management Chapter Nine Managing Risk. United State Air Force Operation Risk Management ( ORM ) project. U.S. Air Force Operational Risk Management. 6 Steps Process. HARD VERSION. EASY VERSION. 1. Identify the Hazard 2. Assess the Risk

nasim-sears
Download Presentation

Contemporary Security Management Chapter Nine Managing Risk

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Contemporary Security Management Chapter Nine Managing Risk Chapter 9 - Managing Risk

  2. United State Air Force Operation Risk Management (ORM) project. Chapter 9 - Managing Risk

  3. U.S. Air ForceOperational Risk Management Chapter 9 - Managing Risk

  4. 6 Steps Process HARD VERSION EASYVERSION 1. Identify the Hazard 2. Assess the Risk 3. Analyze Control Measures 4. Make A Control Decision 5. Implement Controls 6. Supervise 1. What’s Gonna Hurt Ya? 2. How Often - How Bad? 3. What YaGonna Do About It? 4. Got Permission? 5. Do The Fix 6. Does It Work? Chapter 9 - Managing Risk

  5. What’s Gonna Hurt Ya?Step 1 • Look around you… • What is likely to hurt you? • What has hurt you in the past? • Cannot control the hazard if you don’t know what it is? Chapter 9 - Managing Risk

  6. Chapter 9 - Managing Risk

  7. Chapter 9 - Managing Risk

  8. Chapter 9 - Managing Risk

  9. How Often?Step 2 • How likely is it to hurt you? • Not, very likely - probability? • Severity? • How badly is it going to hurt you? • Exposure – time, proximity, volume or repetition of hazardous task. DIFFICULT TO DETERMINE FOR A NEW PROCESS Chapter 9 - Managing Risk

  10. Chapter 9 - Managing Risk

  11. I think I got it… Chapter 9 - Managing Risk

  12. Such a cool dude. Check out the water. Chapter 9 - Managing Risk

  13. Risk Assessment Matrix Chapter 9 - Managing Risk

  14. Risk Ranking • Rank risks from most to least hazardous • Determine if resources are readily available to abate most severe hazards first Chapter 9 - Managing Risk

  15. Do ya think the ladder up against the house like this is okay? Chapter 9 - Managing Risk

  16. What YaGonna Do About It?Step 3 • What can you do to keep it from hurting you (again)? • Stay away from it • Move it • Make it go away • Pick one – Pick two! Analyze control measures… Reject, avoid, delay, transfer, spread, reduce. Determine if the control will reduce the severity, probability, or exposure to the hazard Chapter 9 - Managing Risk

  17. Big Barney’s Towing Service Chapter 9 - Managing Risk

  18. What Plane? I didn’t see a plane. Where? Chapter 9 - Managing Risk

  19. Road kill or is it Air kill? Chapter 9 - Managing Risk

  20. Got Permission?Step 4 • Process owner makes control decision based on analysis provided • Process owner decides cost versus benefit • Control decision maker must be in a position to obtain resources needed to implement control decision selected • Keep in mind process age and diminishing returns • Did your supervisor tell you it’s OK to make the change? • If YES, then go to step 5 Chapter 9 - Managing Risk

  21. Air Force 40209 to control …. I think I may have hit something. (Another case of texting while operating a vehicle) Chapter 9 - Managing Risk

  22. Do The FixStep 5 • Make the change your supervisor gave you permission to make Chapter 9 - Managing Risk

  23. Does It Work?Step 6 • Does the change fix the problem? • If YES, good on ya! • If NO, • Go back to step 3 • Get your buddy to help you come up with a better fix • Ask your supervisor for help • Do steps 4, 5, and 6 again Chapter 9 - Managing Risk

  24. Do you think you really need ORM?? Chapter 9 - Managing Risk

  25. Think again. Chapter 9 - Managing Risk

  26. …and again. Chapter 9 - Managing Risk

  27. …and again. Honest. I was driving along and this plane ran over me. Chapter 9 - Managing Risk

  28. …and again. Chapter 9 - Managing Risk

  29. EASY VERSION ORHARD VERSION • Using ORM will help keep you from getting hurt • It will help keep you from hurting your buddy • Remember, if you see it and don’t fix it, it won’t get fixed • Every day, take a couple of minutes and think of a way to use ORM to help keep you or someone else from getting hurt Not Everyone Understands the Concept! Chapter 9 - Managing Risk

  30. Assignment • Go on the internet and find me at least five different security checklist. Be prepared to discuss them in class. Chapter 9 - Managing Risk

  31. Standards and Regulations Standards Regulations Binding legislative rules Use is mandatory Available to the public Providing Technical Specifications directly or by reference - e.g. to standards Adopted by an Authority • Recommendations • Use is voluntary • Available to the Public • Established by consensus of all parties concerned • Based on consolidated results of science, technology and experience • Approved and published by recognized Standardization Body Chapter 9 - Managing Risk

  32. Standards and Regulations • The National Technology Transfer and Advancement Act (NTTAA), 1996, directs federal agencies to adopt private sector standards, wherever possible rather than create proprietary, nonconsensus standards. Chapter 9 - Managing Risk

  33. Standards and Regulations p. 58 • Standards can be based on: • purpose include terminology standards that standardize nomenclature • test and measurement standards that define methods to assess performance • product and service standards that promote quality • intended user group • performance • design Chapter 9 - Managing Risk

  34. Standards and Regulations p. 58 • Consensus standards: are accepted industry practices developed through a consensus process by experts. • Consensus standards do not have the force of law unless a jurisdiction adopts them as law. • Guidelines: are often published by professional groups that offer organizations information and factors to consider when developing programs (e.g. security or fire protection) • guidelines are without the force of law. • Standard of Care: the watchfulness, attention, caution and prudence that a reasonable person in the circumstances would exercise. Chapter 9 - Managing Risk

  35. Standards and Regulations p. 58 • Consensus standards: are accepted industry practices developed through a consensus process by experts. • Consensus standards do not have the force of law unless a jurisdiction adopts them as law. • Guidelines: are often published by professional groups that offer organizations information and factors to consider when developing programs (e.g. security or fire protection) • guidelines are without the force of law. Chapter 9 - Managing Risk

  36. Standards and Regulations • Standard and Care: standards may be used to establish a standard of care or used during litigation. • Angle defines standard of care as “the concept of what a reasonable person with similar training and equipment would do in a similar situation.” • Note: an employer can face negligent charges for not adhering to policies, procedures, standards, or legal mandates. Chapter 9 - Managing Risk

  37. Evaluation of Loss Prevention Programs • Pretest-posttest Design: • The rate for an incident is measured by compiling statistics before a program is implemented. • The program is implemented and the rate measured again. • Robbery rates before and after program implementation are compared. • If the particular incident rate is lower then the prevention program may be the causative factor. Chapter 9 - Managing Risk

  38. Evaluation of Loss Prevention Programs p. 62 • Experimental Control Group Design • Experimental group (plant) gets security • The control group (plant) gets no security • Before the program is implemented, the rate of crime of each group is measured. • After the program has been in effect for a predetermined period of time, the rate of crime is then measured for each group. • If the crime rate goes down for the experimental group but remains the same for the control group then crime prevention program may said to be successful. Chapter 9 - Managing Risk

  39. Evaluation of Loss Prevention Programs p. 62 • Scientific Method (4 steps) • statement of the problem • hypothesis • testing • conclusion Chapter 9 - Managing Risk

  40. Evaluation of Loss Prevention Programs • Statement of the Problem • Example: employee theft • Hypothesis • Employee theft can be reduced by using CCTV • Testing • Control group no CCTV • Experimental group gets CCTV • Conclusion • Control group shows no drop in theft • Experimental group shows drop in theft Chapter 9 - Managing Risk

  41. Sources of Research Assistance p. 63 • Four potential sources of research assistance: • In-house: have you own people conduct research • University: contact local colleges and universities • Private consulting firms: have highly trained personnel • Insurance companies: are active in studying threats, hazards, and risk. Chapter 9 - Managing Risk

More Related