The$Forum$on$Education$Abroad ... › wp-content › uploads › 2014 › 08 › ... · 6/23/2016...
Transcript of The$Forum$on$Education$Abroad ... › wp-content › uploads › 2014 › 08 › ... · 6/23/2016...
Christopher Daniel Michigan State University
Todd Holmes Massachusetts Institute of Technology
The Forum on Education Abroad Standards of Good Practice Institute Northwestern University June 23, 2016
Risk Management with Seinfeld
https://www.youtube.com/watch?v=laKprX-HP94
Learning Objectives
• Define some key risk management terms relevant to education abroad
• Familiarize participants with key concepts of the Security Risk Management Model (SRM) developed by the United Nations
• Describe methodology for conducting threat, vulnerability and risk assessments in higher risk / dynamic areas
• Train participants to assess education abroad locations and proposed activities using the SRM, including development of safety and security procedures based on assessment outcomes
SRM can help respond to the Duty of Care by
• Proactively assessing & managing risks • Minimizing the risk of harm to students, faculty and staff traveling internationally through the implementation of comprehensive security policies and procedures. • Promoting readiness to respond to a crisis through up-‐to-‐date analyses
Security Risk Management… includes Security and Safety
• Security = risks to human resources, assets, and operations as a result of intentional violence
• Safety = risks associated with accidental hazards such as natural disasters, health risks, and vehicle accidents
Terminology & Concepts • The terminology used by the different agencies, departments, organizations and services within the United Nations (e.g., OCHA, UNHCR, UNDP, UNDSS, WFP, etc.) as well as that used within the non-‐governmental humanitarian orgs may differ slightly
• However, the security risk management concepts presented, discussed and exercised today remain highly similar to nearly identical
• We have taken the liberty to use what we believe is best suited to assist education abroad, which does not include all aspects of the SRM
What is Risk?
Risk = Threat x Vulnerability Risk is the potential for negative consequences to University personnel, assets, and programs based on a combined assessment of the likelihood of a threat event and severity of impact on the organization should a threat event occur.
Risk Assessment -‐ -‐ it’s a process
Acceptable Risk Threshold
• The Threshold of Acceptable Risk is defined as “the point beyond which you consider the risk too high to continue operating so that you must withdraw yourself from the danger zone; influenced by the probability that an incident will occur, and the seriousness of the impact if it occurs.”
• It can be used as measurement to determine if an education abroad program should operate or if a student should study in a given location
What is a Threat?
Risk = Threat x Vulnerability u A danger or hazard in your
learning or traveling environment.
u Any possible occurrence that may cause injury to students, faculty and staff, loss or damage to property, or program delays or suspension.
Threats to your students can be numerous…
Examples of Threats u Carjacking u Home invasion u Earthquake
u Demonstrations u Dorm theft
u Kidnapping u Hepatitis A
u Car accidents u Stress from studying u Armed robbery
u HIV infection u Classroom Fire
u Illegal Detention u IED
u Banditry
What is Vulnerability? Risk = Threat x Vulnerability Ø The degree of the impact that any given threat event would have on University personnel, assets, or programs.
Ø The likelihood that University personnel, assets, or programs will experience any given threat event.
Vulnerability Factors: What can put student travelers at risk?
u Location u Identity (i.e. U.S., Academic, young adult) u Value of property (perceived or otherwise) u Adoption/compliance with appropriate safety and
security measures u Faculty leader experience & interpersonal skills u Image of staff and programs u Affiliations – real or perceived (partners, local
government, donor governments, local non-state actors)
u Student orientation u Staff Training u Cross-cultural & communication skills u Gender
UN Security Risk Management (SRM) u SRM Methodology – as of June
2004 u Prior to SRM, the UN used “Threat
Assessments” to determine levels of threat and identify Security Phases;
u In SRM, Threat Assessment is one of step of a multifaceted process with more focus on Risk Management.
u SRM process produces a Security Risk Assessment (SRA) – which is a tool that can be undertaken at multiple levels: country or city level, individual building level, road mission, etc.
August 2003: UN HQ, Baghdad
UN Security Risk Management (SRM) Model
Threat Assessment
Risk Analysis
Review and Modify
Program Assessment
Vulnerability Assessment
Options
Decide and Plan
Implement
Security Risk Assessment (SRA) part of SRM, includes
A. Threat Assessment: Information is collected on current safety and security threats in the operating environment
B. Vulnerability Assessment: Information about threats is analyzed through the lens of the University’s identity, footprint and program profile to understand how if may be more or less vulnerable to the various threats
C. Risk Assessment: A risk rating for each type of threat is assigned based on the analysis of how likely a given security incident could occur and how severe the impact
Conducting a Threat Assessment
Question for the plenary: Name some types of threats that affect your international operating environment, i.e. could cause: Ø Injury or death to your students, faculty or staff Ø Loss or damage to your property; or Ø Delay or suspension of education abroad programs.
u State’s Travel Warnings, Alerts
u CDC Alerts u OSAC (CSRs / AWG) u Key Informant Interviews
(RSOs, etc) u Reports/analysis by third
parties (UNDSS, local law enforcement & staff)
u Local University Partners u Summary/analysis of
recent incidents u Pulse u Security Consultants
Where do we seek out information?
Example Pattern Analysis
FACTORS DESCRIPTION TALLY TOTAL Types of Incident: § Carjacking
§ Burglary § Theft § Abduction
X X X X X X X X X
8 4 4 2
Time of Day: § Late afternoon § Night
X X X
2 4
Number of Perpetrators:
§ >1 § 3 § 4 § 5
X X X X /
2 4 2 1
Weapons Used: § ‘Armed’ § Gun § Iron bar
X X / /
4 1 1
Location: § At/outside residence § Office § Parked on roadside § Road block
X X / / / X
5 1 1 2
Type of car: § Sedan § 4WD (note parts removed from several cars)
X X / / X X
5 1 4
Other factors of note:
§ Vehicle followed § Entering Compounds
X / X X
3 4
What type of information is useful?
Conducting a Vulnerability Assessment
Threats Students and programs
1. Where do students, programs and threats potentially interface?
2. Determine Mitigating Factors
þ Standard Operating Procedures
þ Training/Orientation/Regular Briefings
þ Curfews
þ Support of local partners
þ Classroom /Residence Location
þ Physical Security
þ behavioral agreements
þ Experience of Faculty Leaders
þ Security Strategy Mix (acceptance {goodwill}, protection {walls, locked doors} )
þ Communications systems
þ Compliance with policies, guidance
þ Support from the institution
Golfing with Gators: Vulnerability Assessment
Think about your institution's vulnerability and share…
1. What are some vulnerability factors?
2. How do these factors affect your student’s and program’s security?
3. What possible actions could reduce these vulnerabilities?
Security Risk Assessment (SRA)
• Led by Todd • Familiarize participants with tools • Application exercise
SRA Format
Threat Impact Likeli- hood Risk
(UnMit) Weaknesses Strengths Mitigation Measures Risk
(Mit)
Threat Vulnerability
Definitions of Metrics
Security Risk Assessment (SRA)
SRA Threat Only Threats Impacts Likelihood Risk3(unmitigated)
Terrorism((ISIL,(PKK,(Far(Left)
Road(Accidents
Civil(War
Turkish(Security(Forces
Crime
Sexual(Harassment
Natural(Disasters((earthquakes,(floods)
Risk(=(Threat(x(Vulnerabiltiy
Threat!General!Turkey!Security!Risk!Assessment!(SRA)!Threat!Template
Good practice recommendations for managing risk
The next step in the SRA process is to determine whether risk is at an acceptable level and whether it can be reduced by means that are affordable, achievable, and effective. In general, risk can be reduced in three ways:
• 1. Reduce the impact or harm that is done if the threat actually occurs (pushing the threat towards the left of the matrix). Measures that are designed to reduce the impact of a threat are generally called ‘mitigation measures'.
• 2. Reduce the likelihood that a particular threat will occur (pushing the threat down on the matrix). Measures to accomplish this are generally called ‘prevention measures'.
• 3. Reduce both the impact and the likelihood of potential threats. In reality, many of the security measures taken in offices and operations have both mitigation and prevention aspects.
Sample SECURITY RISK ASSESSMENT -‐ Abuja, Nigeria Cultural Immersion Experience
Threat Vulnerability
Threat Assessment Impact Probability Risk (w/out ac;on) Weakness Strengths Mi;ga;on Measures Risk ( w/ ac;on)
Terrorist ADack
Cri%cal (5) Very Likely (4)
CriFcal
Lack of government ability to stop a<acks, not enough metal detectors (including at dorms, classroom)
Local provider regularly seeks and shares security informa%on and requires behavioral agreements
Provide %mely security informa%on to all staff and students, use phone tree
Medium
Fire Severe (4) Moderately Likely (2) Medium Insufficient training and equipment of faculty and staff responsible
There are fire ex%nguishers in dorms and some training already provided
Add more fire ex%nguishers, training and run fire drills and office evacua%on
Low
Carjacking Severe (4) Moderately Likely (2) Medium Insufficient training of drivers used by program and lack of respect for SOPs
Security training related to vehicle use, good protocols to prevent and manage carjacking
Avoid using Toyota Land Cruisers, which the most targeted type of vehicle
Medium
Epidemic / Pandemic Cri%cal (5) Moderately Likely (2) Medium Beyond control of the ins%tu%on and poor health infrastructure
Exis%ng Pan Flu, SARs, Ebola protocols, SOPs
Training on health SOPs and med-‐surge kits with gloves, masks, cleaning supplies, etc
Low
Civil War Cri%cal (5) Moderately Likely (2) Medium No evacua%on plans for na%onal faculty and staff, no emeregency hyberna%on kits
Field security plan and training
Stock hiberna%on kits in dorms, offices and certain residences
Low
Malaria Moderate (3) Likely (3) Medium Not taking precau%ons such as bed nets, etc.
Students are aware of threat and used to seeking care and treatment
Refresher training on preven%ng malaria, use bed nets and keeping treatment meds at home / office
Medium
TheO in Dorms Minor (2) Moderately Likely (2) Low Once people enter the dorms they are not monitored
Guards stop all visitors and seek approval before allowing them to enter
Exert further control on who is allowed in office, metal detectors and don't let visitors move around una<ended
Low
Riots Moderate (3) Very Likely (4) High Being in wrong place at wrong %me
Staff share info on which areas to avoid
Stay on top of informa%on and avoid crowds / demonstra%ons
Medium
Describe SOPs Impact Score 1 -‐ 5 Probability Score 1 -‐ 5
Impact
RISK
Likelihood
NEGLIGIBLE No serious injuries. Minimal loss or damage to assets. No delays to programs. (1)
MINOR Minor injuries. Some loss or damage to assets. Some delays to programs. (2)
MODERATE Non-life threatening injury. High stress. Loss or damage to assets. Some program delays and disruptions (3)
SEVERE Serious injury. Major destruction of assets. Severe disruption to programs (4)
CRITICAL Death or severe injury. Complete destruction or total loss of assets. Loss of programs and projects (5)
Certain/ Imminent
(5)
Low
Medium
High
Critical
Critical
Very Likely (4)
Low
Medium
High
High
Critical
Likely (3)
Negligible
Low
Medium
High
High
Moderately
Likely (2)
Negligible
Low
Low
Medium
Medium
Unlikely
(1) Nil
Negligible
Negligible
Low
Low 34
How much Risk is Acceptable Risk?
Risk tolerance and Risk Threshold: u Most universities have risk tolerance that ranges from risk adverse
to controlled risk taking. u Academic Mission in-‐country (Program Assessment) – what is our
value (benefit to students) u Cost of program suspension/withdrawal – on partnership, for future
re-‐entry, on reputation, etc. u Has the University done everything within its means to mitigate
vulnerabilities?
As a general rule, if a University cannot reduce its assessed risk to MEDIUM or below, the option of program withdrawal or
suspension must be on the table.
Security Risk Management u If the international education environment is
dynamic, the “SRA” tool can be used as a management tool, and should be updated anytime a change in the security environment is noted.
u Capture “lessons learned” throughout – both on the use of the methodology generally as well as on specific actions taken to reduce risk.
Risk Assessment Exercise Conduct an SRA
Exercise Guidance (15 minutes): 1. Separate into groups of 5 – 8 people 2. Read the scenario and threat matrix information handouts 3. Pick a scribe to record your group’s responses 4. Use the provided SRA templates and work as a group to
determine vulnerabilities and mitigating factors to assess a potential program in Turkey.
5. How would you assess the overall risk to your higher educational institution?
1. Share your group’s SRA with the plenary 2. Let’s plot it on the RRM so you may all see 3. Is the program acceptable or unacceptable?
Impact
RISK
Likelihood
NEGLIGIBLE No serious injuries. Minimal loss or damage to assets. No delays to programs. (1)
MINOR Minor injuries. Some loss or damage to assets. Some delays to programs. (2)
MODERATE Non-life threatening injury. High stress. Loss or damage to assets. Some program delays and disruptions (3)
SEVERE Serious injury. Major destruction of assets. Severe disruption to programs (4)
CRITICAL Death or severe injury. Complete destruction or total loss of assets. Loss of programs and projects (5)
Certain/ Imminent
(5)
Low
Medium
High
Critical
Critical
Very Likely (4)
Low
Medium
High
High
Critical
Likely (3)
Negligible
Low
Medium
High
High
Moderately
Likely (2)
Negligible
Low
Low
Medium
Medium
Unlikely
(1) Nil
Negligible
Negligible
Low
Low 34
Security Risk Management Next Steps
u Overall Risk Rating should inform the Security Level assigned by your institution and help your risk assessment committees with their decision-‐making
u Identify any changes following the risk analysis that would suggest modifying or adding mitigating measures – recommend new/changes to SOPs/policies
u Review Travel Safety Plans – and update according to any changes in the context, program profile, threat environment, staffing, SOPs
u Communicate and implement changes
Questions, Answers, & Recap
HERE’S WHAT WE DISCUSSED & EXERCISED TODAY
• Key risk management terms relevant to education abroad
• Key concepts of the Security Risk Management Model (SRM) developed by the United Nations
• The methodology for conducting threat, vulnerability and risk assessments in higher risk / dynamic areas
• Assessed a hypothetical education abroad location using the SRM, and safety and security procedures based on assessment outcomes
Resources
• https://emergency.unhcr.org/entry/48987/security-‐risk-‐management
• http://documents.wfp.org/stellent/groups/ercb_content/documents/manual_guide_proced/wfp203399.pdf
• http://odihpn.org/wp-‐content/uploads/2010/11/GPR_8_revised2.pdf
• https://www.interaction.org/sites/default/files/2581/NGO_SRM_APPROACH_FINAL_SAG_APPROVED.pdf
• ASIRT (Association for Safe International Road Travel) – www.asirt.org (subscription)
• Department of State (incl. OSAC and OSAC working and interest groups, Crime & Safety, Special reports)
• Third party security information providers (for example, International SOS, iJet, Drum-‐Cussac, HX Global, Control Risks, Stratfor) (this is not an endorsement)
• PULSE (if your institution of higher education has a full time International Health & Safety professional)