Student’s Name: Alexis Schoenlaub EKU ID#: 9015789871Course #/Name: HLS 301 Date: Aug 27, 2018Reading Assignment: Homeland Security and Critical Infrastructure Protection Chapter # or Page #s: 5STEP ONE: SURVEYTo become familiar with the material before you read and to activate any prior knowledge you have of the subject. Step One Instructions: 1A.
Three Main Concepts / Ideas in the manuscript that I am already familiar with: 1 CARVER Analysis 2 Consequence Assessment3 NIPP1B. Three Main Concepts / Ideas in the manuscript that were unfamiliar and I predict I might learn by reading the manuscript: 1 ASIS international 2 Protective Security Advisors3 Risk Management Strategies STEP TWO: QUESTIONThis step is necessary to make the reading process a critical thinking exercise and to focus your attention on what information you need to get from the reading. Reading with a purpose (to answer questions) increases concentration, comprehension, retention, and interest in the subject matter. Step Two Instructions: S1: Risk Management Q1: What are the key principles for effective risk management?S2: Risk ManagementQ2: What is the Standard Risk Formula and how is it used?S3: Risk ManagementQ3: What are the components that lead to calculating consequence?S4: Element 4: Develop AlternativesQ4: What are the risk management strategies?S5: Common Homeland Security Risk Assessment Methodologies, Frameworks, and GuidelinesQ5: What components constitute the NIPP Critical Infrastructure Risk Management Framework?STEP THREE: READThe fundamental step required for mastering the course material. Step Three Instructions: Q1: What are the key principles for effective risk management?A1: Unity of effort, Transparency, Adaptability, Practicality, Customization. Q2: What is the Standard Risk Formula and how is it used?A2: Risk is a function of threat, vulnerability and consequence. Risk=Function (Threat x Vulnerability x Consequence) or R=f(TxVxC)Q3: What are the components that lead to calculating consequence?A3: Human (How many lives were lost) Economic (economic impact or loss of money) Mission (operational mission affected) Psychological (psychological effect on the community. )Q4: What are the risk management strategies?A4: Risk Acceptance (not to take action) Risk Avoidance (removing exposure to risk) Risk Control (reducing harm form risk) Risk Transfer (shift risk to another) Q5: What components constitute the NIPP Critical Infrastructure Risk Management Framework?A5: Elements of critical infrastructure including Physical, Cyber and Human in a constant state of information sharing through steps including; Set goals, identify infrastructure, asses and analyze risk, implement risk activities and measure.
STEP FOUR: RECORD By incorporating the motor activity of writing information down, readers will have review notes and will better establish the information into long-term memory. Step Four Instructions: #: Fundamental and Powerful Concept: Explanation: 1 THIRA Threat and Hazard Identification and Risk Assessment. It includes 32 core capabilities that are useful in determining resource allocation according to National Preparedness. 2 RAMCAP Risk Analysis and Management for Critical Asset Protection. It is a seven step process to assess an asset’s risk and include hazard scenarios. 3 ASIS international It is a security company that developed guidelines and the RAMCAP process.
4 CARVER A structured analytic technique that stands for Criticality, Accessibility, Recoverability, Vulnerability, Effect and recognizably and is in place to identify the threat with the most risk. 5 Sandia Risk Methodologies Type of risk assessment methodology that includes a formula, based off the traditional risk equation. Risk= PaX(1-Pe)XC.
6 RAM Risk Assessment Model. Includes specific steps that are on a performance based system for example, specific to Dams, Prisons, Chemical Facilities etc.. 7 “Shock” Attribute Included into the CARVER on attacks within the food industry.
Added by the FDS8 CISR Managing Risks Includes verbs to shape or control the threats including “deter threats”, “mitigate vulnerabilities” and “minimize consequences.”9 Risk Management Fundamentals Outlined by the DHS and included in the risk management approach to communicate, evaluate, define the context, identify risk, asses and analyze risk, develop alternatives, and decide and implement. 10 One size fits all An approach with the idea to give an overall decision-making pathway to shape and control risks and lead to mission success. Is not yet specified to each threat. STEP FIVE: REVIEW/RECITE Activating long-term memory storage is aided tremendously by hearing and verbalizing the material. If you can explain/summarize the manuscript for others, you are one step closer to material mastery. Step Four Instructions: This information in chapter 5, Risk Management for Infrastructure Security and Resilience, gives an overview on the components of a risk analysis. These components are important when loaning money, supplies and operations to protect assets.
The chapter emphasized the fundamentals for risk management and including the importance of continual communication. The chapter also examines some frameworks and guidelines under homeland security that real with risk like the NIPP and THIRA. These along with other guidelines like a RAMCAP or specific RAM, and the use of structured analytic techniques like the CARVER analysis, all help security personnel make the best, informed decisions when it comes to risk. STEP SIX: RELATE/REFLECTThis is a metacognitive activity to make you a more self-aware learner.
It also enhances long-term memory storage for successful retrieval at a later date. Step Four Instructions: Review your notes, questions/answers and fundamental concepts and the one paragraph overview you just developed. Develop another paragraph that relates this manuscript to the subject of the course or the homeland security mission of “safeguarding life and property.” Remember, paragraphs are a minimum of five complete sentences.
Additionally, the paragraph should not be pulled from the manuscript, it should be written in your own words. Calculating risk is used in all levels of security, local to federal and including private infrastructure. This is used to show things like probability, consequences and level of risk so managers can make informed decision on how to properly protect an asset, people and operations. Consequently, pieces of the risk matrix and risk calculation products are used in analysis products around the world. Personnel in the security field will make use of risk analysis components in building structures, purchasing levels of security for cyber operations, and integrating plans and procedures to different specializations.
Learning about these components will hopefully give readers insight on how to conduct risk assessments, what to conduct them on and what policies will aide them in this process.