WelcomeOver 60 years of global

innovation 1953-2014

Agenda

The Security Management Framework

Context and Risk Assessment

Developing A Security Approach

Meeting the Challenge

The Growing Risks1

2

3

4

5

The Growing Risks Of International Development Work• The year 2013 set a new record for violence against civilian

aid operations, with 251 separate attacks affecting 460 aid workers.

• Of the 460 victims, 155 aid workers were killed, 171 were seriously wounded, and 134 were kidnapped. Overall this represents a 66 per cent increase in the number of victims from 2012.

Source: Humanitarian Outcomes

Common

4

Road transport

Medical risks

Criminal action

5

The New Risks

6

Hotels as the new soft target

Marauding Firearms Terrorist Attack/Active Shooter

Kidnap For Ransom or/any Political Statement

Social Media as a risk factor

Security

The state of being protected against External/Internal threats

Definitions

Safety

The condition of being safe; freedom from risk or injury

Duty of Care • In an employer/employee context, an employer

can be deemed to have breached their duty of care by failing to do everything that was reasonable in the circumstances to keep the employee safe from harm

The Legal Test

The legal test for a breach of duty of care is generally considered to be that:

• Harm must be a "reasonably foreseeable" result of the employer’s conduct;

• A relationship of "proximity" must exist between the defendant/employer and the claimant/employee;

• It must be "fair, just and reasonable" to impose liability.

Negligent Failure To Plan

"Did you take reasonable

precautions to prevent a critical incident such as

this?"

"Were you prepared to respond with

proper protective actions for your

people following a critical incident like

this?"

A Higher Standard• Research found that of the 39 cases reviewed “in which

an employer was sued by an employee (or his survivors) over failure to provide duty of care, the employers lost 34.” - Dr. Lisbeth Claus, Willamette University Duty of

Care and Travel Risk Management Global Benchmarking

Study.

Seven P’s

• Prior• Preparation &• Planning• Prevents a• Pathetically• Poor• Performance

Context Analysis

Risk Assessments

Security Strategies

Standard Operating

Procedures

Contingency Planning

Incident Reporting

and Analysis

The Security Management Framework

15

The Security Mirage: Bruce Schneir Video

Context Analysis

Risk Assessments

Security Strategies

Standard Operating

Procedures

Contingency Planning

Incident Reporting

and Analysis

The Security Management Framework

Context

• Operational Context: Our perception of the

operating environment

• Organizational Context: How we are

perceived

• Partner Context: How our partners are

perceived

Context

CommunicationsClimateCultureReligion

GeographyCapabilities of Armed Groups

Other NGOs operating in our areas

Who Are We

• A knowledge of :• Mission• Mandate• Values • Who needs to know??• What is our capacity to manage security

risks within the context?

Context Analysis

The Security Management Framework

Context Analysis

Need to know the baseline context

Need to know what is in place and what is present

The Security Management Framework

Three Questions:

• What has happened?

• What is happening now?

• What may happen in the future?

Key Actors (Actor Mapping)

ACTOR MAPPING – STEP 1 LISTING ACTORS

Positive Neutral Negative• Religious Leaders community A

•Community A

• MOPH

•Tribal Elders Community A

•Police

• International Forces

• MOI *

•Community B *

• Religious Leaders Community C

• Community D

• Criminal Gang

• AOG Foreign Fighters

•AOG Local Fighters

• Community C

NGO

CommA

ComB

ReligiousLeaders

A

MOPH

Tribal EldersCom A

Police

InternatForces

AOG AForeignFighters

Comm C

CriminalGang

AOG BLocal

Fighters

MOI

Religious

LeadersB

Religious

LeadersC

CommD

ACTOR MAPPING – STEP 2 PLOTTING

• Programme Planning• Targeting Communications Strategy• Daily Activity• Briefing• Post Incident Assistance & Analysis

ACTOR MAPPING – USES

Situational Awareness

• A mindset that enables us to operate safely and effectively in a particular environment.

• An ability to identify and respond to subtle changes in the environment that may indicate a change in the security environment.

Absence Of The Normal

Presence Of The Abnormal

Cydny Mizell, Asian Rural Life Development Foundation

Kandahar, 2010

Context Analysis

Risk Assessments

The Security Management Framework

Risk Assessment:(Threats &

Vulnerabilities)

• Retrospective Assessment

• Proactive Assessment

Definitions

• Threats: (Specific) Dangers in the environment• Vulnerability: The extent to which the organisation is exposed to threats

• Risk: The combination of T x V. The potential

outcome of an incident

Security Risk Assessment

37

1. Identify the

Assets

2. Determine

the Threats

3. Assess

Likelihood

4. Determine

Impact

5 Steps in a Risk Assessment

1. Identify the specific threats: Safety/Security, Internal/External,

Direct/Indirect2. Identify the threat level and prioritise3.Examine how vulnerable you are and

prioritise4.Combination of Threat and Vulnerability is

the Risk5.Decide on mitigation measures

Common Threats

Shooting Direct & Indirect Bombing Direct & Indirect Road Traffic Collision Kidnapping Riots/Public Disorder Assault - Physical,

sexual, verbal Robbery - on foot,

vehicle, physical location Landmines/UXO Disease - air, blood,

vector, water borne

Fire Carbon Monoxide

Poisoning Medical emergencies Natural Disasters

Risk Table

Threshold of Acceptable Risk

(Impact & Likelihood)

Context Analysis

Risk Assessments

Security Strategies

The Security Management Framework

DeterrenceProtection

Security Strategies

Acceptance

Acceptance(Eliminate the threat)

Protection(Decrease your

vulnerability to the threat)

Deterrence(Counter the threat)

Make friends

Be culturally appropriate

Do good work

Community feedback mechanismsProactively address problems

Hire wisely

Bars on windows Gated

compounds

Razor wire

Unarmed guards

Armed guardsArmed convoys

Guard dogs

Withdraw

Context Analysis

Risk Assessments

Security Strategies

Standard Operating

Procedures

The Security Management Framework

The Right Procedures

Standard Operating Procedures(SOPs)

Country Office: Country Security Plans

Traveling Staff: Travel Checklist and sign off

Emergency ContactEmergency Phone

Call Centre

Contingency Plans When It Goes South

The Right Procedures What it might look like…

STANDARD OPERATING PROCEDURES (SOP’s)

An SOP is a directive or order designed toachieve a uniform response amongst stafffor a particular task or procedure.

Appropriate SOPs WILL

Reduce Vulnerability

Standard Operating Procedures

SOPs

Regular Activity Timeline

An agency must develop agreed procedures on a number of topics,

which are intended to reduce

vulnerability to identified threats.

Financial procedures

*

Communications

*

Travel & Transport

*

Office & Site security*

Standard Operational Procedures (SOPs):

Context Analysis

Risk Assessments

Security Strategies

Standard Operating

Procedures

Contingency Planning

The Security Management Framework

Contingency Planning

A pre planned response to an act or event, principally dictated

by the Risk Assessment process.

Must be clearly tabulated in a step by step process and applicable to:

• Individual/s who could be directly involved and reinforced through practical training to assist in generating an instinctive response – AVOID FIGHT, FLIGHT, FREEZE!!!

• Country Office – To steer the initial organizational response until a Crisis Management Team is formed.

• International Office.

Contingency Planning

SOPs

Implement

Contingency

Plan

Incident

Additional plans in addition to those identified in the risk assessment process are:

Medical evacuation routing for National &

International

Evacuation plan

Relocation

Hibernation

Hostage/Kidnap management

Contingency Planning

Example Contingency Plan

Head Office Field Office Individual

MASS CASUALTY EVENT

1. SMT Meet2. Inform HQ3. Establish CMT4. Tel Embassy (Name

& number)5. Prepare reactive

press statement6. Brief staff

1. Cnfm persons injured2. Arrange medical

services3. Notify Head Office4. Brief staff

Context Analysis

Risk Assessments

Security Strategies

Standard Operating

Procedures

Contingency Planning

Incident Reporting and

Analysis

The Security Management Framework

What is an Incident?

An act or event which can either directly or indirectly

cause harm. “Inclusive of a near miss”

The Six W’s

Who – The person reporting the incidentWhere – The location What – Details of the incidentWhen – The time What – The actions which you are doingWhat – The assistance you require

Confirm each line is fully understood –read back

PRO WORDS Incident, Incident, Incident

What constitutes “an incident” in this context?

*

How is an incident reported?

*

To whom to report? (Inter-agency)

Intra Agency

*

How does the incident affect the Context analysis

And Our Security Strategies, SOPs/CPs ?

Incident Reporting & Analysis

Incident Report

Collecting, analyzing and sharing incident report data is essential to

successful management and decision-making.

Better understanding of incident factors, patterns and trends

contributes to improved security planning, staff training and allocation

of resources.

Immediate Report (as soon as it is safe)

Pro Word – Incident, Incident, Incident

1. Who

2. Where

3. What

4. When

5. When

6. What

Incident Analysis: Building on Incident Reporting

• Written Report (1 - 2 days)

• Incident Analysis ( 2 - 4 days)

• Each step has element of analysis and interpretation

• Analysis seeks to understand WHY – Were SOPs appropriate and being followed

• CAREFUL ANALYSIS IS THE KEY TO IDENTIFYING ACTIONS THAT CAN BE TAKEN TO IMPROVE SECURITY

• SOPs can be updated to provide sufficient cover

• Contingency Plans adjusted

THERE ARE ALWAYS LESSONS TO LEARN

Incident Analysis: Building on Incident Reporting

• Identification of those involved

• Description of the incident

• Actions & Decisions taken and by whom

• Responses by others

• Any immediate follow up actions taken

Incident Analysis: Elements of an Incident Report

• Reconstruction

• Understand exactly what happened and when

• Outline actions, decisions, outcomes in chronological order

• Investigation which builds on and adds to the

written report

• May involve revisiting the scene, conducting more interviews, seeking witnesses etc.

• Analysis

Incident Analysis: Reconstruction and Analysis

Context Analysis

Risk Assessments

Security Strategies

Standard Operating

Procedures

Contingency Planning

Incident Reporting

and Analysis

The Security Management Framework

Questions