Welcome Over 60 years of global innovation 1953-2014
WelcomeOver 60 years of global
innovation 1953-2014
Agenda
The Security Management Framework
Context and Risk Assessment
Developing A Security Approach
Meeting the Challenge
The Growing Risks1
2
3
4
5
The Growing Risks Of International Development Work• The year 2013 set a new record for violence against civilian
aid operations, with 251 separate attacks affecting 460 aid workers.
• Of the 460 victims, 155 aid workers were killed, 171 were seriously wounded, and 134 were kidnapped. Overall this represents a 66 per cent increase in the number of victims from 2012.
Source: Humanitarian Outcomes
Common
4
Road transport
Medical risks
Criminal action
5
The New Risks
6
Hotels as the new soft target
Marauding Firearms Terrorist Attack/Active Shooter
Kidnap For Ransom or/any Political Statement
Social Media as a risk factor
Security
The state of being protected against External/Internal threats
Definitions
Safety
The condition of being safe; freedom from risk or injury
Duty of Care • In an employer/employee context, an employer
can be deemed to have breached their duty of care by failing to do everything that was reasonable in the circumstances to keep the employee safe from harm
The Legal Test
The legal test for a breach of duty of care is generally considered to be that:
• Harm must be a "reasonably foreseeable" result of the employer’s conduct;
• A relationship of "proximity" must exist between the defendant/employer and the claimant/employee;
• It must be "fair, just and reasonable" to impose liability.
Negligent Failure To Plan
"Did you take reasonable
precautions to prevent a critical incident such as
this?"
"Were you prepared to respond with
proper protective actions for your
people following a critical incident like
this?"
A Higher Standard• Research found that of the 39 cases reviewed “in which
an employer was sued by an employee (or his survivors) over failure to provide duty of care, the employers lost 34.” - Dr. Lisbeth Claus, Willamette University Duty of
Care and Travel Risk Management Global Benchmarking
Study.
Seven P’s
• Prior• Preparation &• Planning• Prevents a• Pathetically• Poor• Performance
Context Analysis
Risk Assessments
Security Strategies
Standard Operating
Procedures
Contingency Planning
Incident Reporting
and Analysis
The Security Management Framework
15
The Security Mirage: Bruce Schneir Video
Context Analysis
Risk Assessments
Security Strategies
Standard Operating
Procedures
Contingency Planning
Incident Reporting
and Analysis
The Security Management Framework
Context
• Operational Context: Our perception of the
operating environment
• Organizational Context: How we are
perceived
• Partner Context: How our partners are
perceived
Context
CommunicationsClimateCultureReligion
GeographyCapabilities of Armed Groups
Other NGOs operating in our areas
Who Are We
• A knowledge of :• Mission• Mandate• Values • Who needs to know??• What is our capacity to manage security
risks within the context?
Context Analysis
The Security Management Framework
Context Analysis
Need to know the baseline context
Need to know what is in place and what is present
The Security Management Framework
Three Questions:
• What has happened?
• What is happening now?
• What may happen in the future?
Key Actors (Actor Mapping)
ACTOR MAPPING – STEP 1 LISTING ACTORS
Positive Neutral Negative• Religious Leaders community A
•Community A
• MOPH
•Tribal Elders Community A
•Police
• International Forces
• MOI *
•Community B *
• Religious Leaders Community C
• Community D
• Criminal Gang
• AOG Foreign Fighters
•AOG Local Fighters
• Community C
NGO
CommA
ComB
ReligiousLeaders
A
MOPH
Tribal EldersCom A
Police
InternatForces
AOG AForeignFighters
Comm C
CriminalGang
AOG BLocal
Fighters
MOI
Religious
LeadersB
Religious
LeadersC
CommD
ACTOR MAPPING – STEP 2 PLOTTING
• Programme Planning• Targeting Communications Strategy• Daily Activity• Briefing• Post Incident Assistance & Analysis
ACTOR MAPPING – USES
Situational Awareness
• A mindset that enables us to operate safely and effectively in a particular environment.
• An ability to identify and respond to subtle changes in the environment that may indicate a change in the security environment.
Absence Of The Normal
Presence Of The Abnormal
Cydny Mizell, Asian Rural Life Development Foundation
Kandahar, 2010
Context Analysis
Risk Assessments
The Security Management Framework
Risk Assessment:(Threats &
Vulnerabilities)
• Retrospective Assessment
• Proactive Assessment
Definitions
• Threats: (Specific) Dangers in the environment• Vulnerability: The extent to which the organisation is exposed to threats
• Risk: The combination of T x V. The potential
outcome of an incident
Security Risk Assessment
37
1. Identify the
Assets
2. Determine
the Threats
3. Assess
Likelihood
4. Determine
Impact
5 Steps in a Risk Assessment
1. Identify the specific threats: Safety/Security, Internal/External,
Direct/Indirect2. Identify the threat level and prioritise3.Examine how vulnerable you are and
prioritise4.Combination of Threat and Vulnerability is
the Risk5.Decide on mitigation measures
Common Threats
Shooting Direct & Indirect Bombing Direct & Indirect Road Traffic Collision Kidnapping Riots/Public Disorder Assault - Physical,
sexual, verbal Robbery - on foot,
vehicle, physical location Landmines/UXO Disease - air, blood,
vector, water borne
Fire Carbon Monoxide
Poisoning Medical emergencies Natural Disasters
Risk Table
Threshold of Acceptable Risk
(Impact & Likelihood)
Context Analysis
Risk Assessments
Security Strategies
The Security Management Framework
DeterrenceProtection
Security Strategies
Acceptance
Acceptance(Eliminate the threat)
Protection(Decrease your
vulnerability to the threat)
Deterrence(Counter the threat)
Make friends
Be culturally appropriate
Do good work
Community feedback mechanismsProactively address problems
Hire wisely
Bars on windows Gated
compounds
Razor wire
Unarmed guards
Armed guardsArmed convoys
Guard dogs
Withdraw
Context Analysis
Risk Assessments
Security Strategies
Standard Operating
Procedures
The Security Management Framework
The Right Procedures
Standard Operating Procedures(SOPs)
Country Office: Country Security Plans
Traveling Staff: Travel Checklist and sign off
Emergency ContactEmergency Phone
Call Centre
Contingency Plans When It Goes South
The Right Procedures What it might look like…
STANDARD OPERATING PROCEDURES (SOP’s)
An SOP is a directive or order designed toachieve a uniform response amongst stafffor a particular task or procedure.
Appropriate SOPs WILL
Reduce Vulnerability
Standard Operating Procedures
SOPs
Regular Activity Timeline
An agency must develop agreed procedures on a number of topics,
which are intended to reduce
vulnerability to identified threats.
Financial procedures
*
Communications
*
Travel & Transport
*
Office & Site security*
Standard Operational Procedures (SOPs):
Context Analysis
Risk Assessments
Security Strategies
Standard Operating
Procedures
Contingency Planning
The Security Management Framework
Contingency Planning
A pre planned response to an act or event, principally dictated
by the Risk Assessment process.
Must be clearly tabulated in a step by step process and applicable to:
• Individual/s who could be directly involved and reinforced through practical training to assist in generating an instinctive response – AVOID FIGHT, FLIGHT, FREEZE!!!
• Country Office – To steer the initial organizational response until a Crisis Management Team is formed.
• International Office.
Contingency Planning
SOPs
Implement
Contingency
Plan
Incident
Additional plans in addition to those identified in the risk assessment process are:
Medical evacuation routing for National &
International
Evacuation plan
Relocation
Hibernation
Hostage/Kidnap management
Contingency Planning
Example Contingency Plan
Head Office Field Office Individual
MASS CASUALTY EVENT
1. SMT Meet2. Inform HQ3. Establish CMT4. Tel Embassy (Name
& number)5. Prepare reactive
press statement6. Brief staff
1. Cnfm persons injured2. Arrange medical
services3. Notify Head Office4. Brief staff
Context Analysis
Risk Assessments
Security Strategies
Standard Operating
Procedures
Contingency Planning
Incident Reporting and
Analysis
The Security Management Framework
What is an Incident?
An act or event which can either directly or indirectly
cause harm. “Inclusive of a near miss”
The Six W’s
Who – The person reporting the incidentWhere – The location What – Details of the incidentWhen – The time What – The actions which you are doingWhat – The assistance you require
Confirm each line is fully understood –read back
PRO WORDS Incident, Incident, Incident
What constitutes “an incident” in this context?
*
How is an incident reported?
*
To whom to report? (Inter-agency)
Intra Agency
*
How does the incident affect the Context analysis
And Our Security Strategies, SOPs/CPs ?
Incident Reporting & Analysis
Incident Report
Collecting, analyzing and sharing incident report data is essential to
successful management and decision-making.
Better understanding of incident factors, patterns and trends
contributes to improved security planning, staff training and allocation
of resources.
Immediate Report (as soon as it is safe)
Pro Word – Incident, Incident, Incident
1. Who
2. Where
3. What
4. When
5. When
6. What
Incident Analysis: Building on Incident Reporting
• Written Report (1 - 2 days)
• Incident Analysis ( 2 - 4 days)
• Each step has element of analysis and interpretation
• Analysis seeks to understand WHY – Were SOPs appropriate and being followed
• CAREFUL ANALYSIS IS THE KEY TO IDENTIFYING ACTIONS THAT CAN BE TAKEN TO IMPROVE SECURITY
• SOPs can be updated to provide sufficient cover
• Contingency Plans adjusted
THERE ARE ALWAYS LESSONS TO LEARN
Incident Analysis: Building on Incident Reporting
• Identification of those involved
• Description of the incident
• Actions & Decisions taken and by whom
• Responses by others
• Any immediate follow up actions taken
Incident Analysis: Elements of an Incident Report
• Reconstruction
• Understand exactly what happened and when
• Outline actions, decisions, outcomes in chronological order
• Investigation which builds on and adds to the
written report
• May involve revisiting the scene, conducting more interviews, seeking witnesses etc.
• Analysis
Incident Analysis: Reconstruction and Analysis
Context Analysis
Risk Assessments
Security Strategies
Standard Operating
Procedures
Contingency Planning
Incident Reporting
and Analysis
The Security Management Framework
Questions