W2-E
Applications and advances in risk analysis for homeland security 1Maryland E 1:30 PM
|
| Chair(s): Henry Willis hwillis@rand.org
|
| Over the last four years, the US DHS has made tremendous progress in maturing homeland security policy. Shortly after September 11, 2001, decisions were dominated by the use of crude indicators, such as population, which approximated consequences of terrorist events. Subsequently, policy moved to vulnerability reduction and more recently, Secretary Michael Chertoff has called on the DHS to adopt risk-based decision making. In response, DHS as well as researchers at universities, think tanks, national labs, and private industry, have been developing models and tools to inform decision making at DHS. This session reports on current applications of risk analysis at DHS, challenges to extending the integration of risk analysis into the department's management decisions, and novel approaches to addressing some of these challenges. The first session (W2-E) focuses on using risk analysis to inform resource allocation, including an overview of the risk assessment process DHS has used to guide allocation of the Urban Area Security Initiative and complementary approaches for guiding DHS grant allocation processes developed at universities and think tanks. The second session (W3-E) extends this discussion by providing examples of novel approaches to expand the use of risk analysis at DHS and insights from DHS on the challenges of further integration of risk analysis in decisionmaking. |
|
W2-E.1 1:30 PM Risk analysis for homeland security grants: A balance between science and policy. Weinberg DM*; US DHS david.weinberg@dhs.gov
Abstract: The DHS manages a variety of grant programs that provide funding to public jurisdictions and private owners/operators to prevent, protect, respond and recover from terrorist attacks. Because it is widely agreed that the federal sector cannot protect all things all the time, some method of prioritization must be made to allocate scarce resources in a way that minimizes the occurrence or impact of terrorist attacks. Naturally, different methods to allocate resources for such purposes have been proposed by various individuals and groups. Additionally, while individual, local and state governmental and collective Congressional interests are elicited and considered, they cannot confound the overall policy considerations instituted by the Secretary. The parameters for inclusion into the DHS analysis are set by Congressional language during the appropriations process. Harking back to the 2003 appropriations bill, $50M was distributed to 20 cities for homeland security enhancements based on population density, critical infrastructure, vulnerability, and threat. In 2005, Congress appropriated $765M for FY 2006 Urban Area Security Initiative grants that were spread among 50 cities using a "hybrid" model designed to address both technical and political considerations. In the 2006 appropriation, "need," in addition to risk, was to be considered. This paper addresses only the risk component of risk and need (interpreted by DHS as effectiveness). In DHS, risk is defined as being comprised of consequence, vulnerability, and threat elements that are subsequently broken down into finer subdivisions. Further, two types of risk are calculated, namely an asset-based risk and a geographically-based risk; their sum representing total terrorism risk. DHS risk values are relative rather than absolute as they were specifically designed to address the Department's need to prioritize infrastructures and geographic entities such as states and urban areas.
|
W2-E.2 1:50 PM Vulnerabilities to terrorism. Brunet A*, Morse A; Northwestern University School of Law, University of Michigan a-brunet@law.northwestern.edu
Abstract: In December, 2005, the US Department of Homeland Security decided that its current formula for funding state and local governments for preparedness against terrorism was inadequate and has begun working to implement a risk-based formula. Until now, the Federal government distributed funding based on a 40/60 formula, which distributes 40% of the annual Homeland Security appropriation equally to all States and 60% based on a State's percentage of the nation's total population. We propose a new model for allocating federal funds based on risk of terrorist attack by target type. The optimal allocations depend on the number of targets in a State, the government budget, and three parameters specific to a target type -- the probability of attack, the expected damage upon attack, and the effectiveness of mitigation. The novelties of our approach are twofold. First, we introduce a damage mitigation function to model the effectiveness of grant funding on reducing expected damage. Second, by observing that targets (or portions thereof) can be equally distributed across States, correlated with population, or unsystematically distributed, we derive three distortions in the 40/60 formula: (i) the size of the 40% equal allocation for equally distributed targets, (ii) the size of the 60% allocation for population-based targets, and (iii) the non-coverage of unsystematic targets. Our main theoretical conclusion is that because Homeland Security allocates grants to States through the federal system and not to targets directly, a calculation of funding biases across State must incorporate all three distortions. Finally, we combine the theoretical results with available data to test whether the optimal funding formula yields a different allocation of funds across states as compared to the current allocations. Our initial results suggest that the current program over-compensates population-based vulnerabilities leaving unsystematic vulnerabilities exposed.
|
W2-E.3 2:10 PM The critical asset and portfolio risk analysis methodology for critical infrastructure protection. Ayyub BM*, McGill WL; University of Maryland ba@umd.edu
Abstract: This paper describes the Critical Asset and Portfolio Risk Analysis (CAPRA) methodology, a quantitative asset-driven risk assessment and management framework for informing resource allocation decisions for homeland security. The CAPRA methodology is a five phase process consisting of scenario development, consequence and criticality assessment, security vulnerability assessment, threat likelihood assessment, and risk management. Implementation of the CAPRA methodology is done at several levels of abstraction; namely the asset-level where the focus is on the scope of concerns of a single asset-owner, and the portfolio-level where the focus is on a collection of interdependent assets. The product of the CAPRA process is a set of actionable risk assessments tailored to meet the needs of all relevant stakeholders. Following a brief overview of the methodology, directions for future research will be provided.
|
W2-E.4 2:30 PM Guiding resource allocations based on terrorism risk. Willis HH*; RAND Corporation hwillis@rand.org
Abstract: Establishing tolerable levels of risk is one of the most contentious and important risk management decisions. With every regulatory or funding decision for a risk management program, society decides whether or not risk is tolerable. The Urban Area Security Initiative (UASI) is designed to enhance security and overall preparedness to prevent, respond to, and recover from acts of terrorism, by providing financial assistance for planning, equipment, training, and exercise needs of large urban areas. After briefly reviewing rationales for risk-based resource allocation and challenges in estimating terrorism risk, this paper compares estimates of terrorism risk in urban areas that received UASI funding in 2004 to other federal risk management decisions. This comparison suggests that UASI allocations are generally consistent with other federal risk management decisions. However, terrorism risk in several cities that received funding is below levels that are often tolerated in other risk management contexts. There are several reasons why the conclusions about terrorism risk being de minimis in specific cities should be challenged. Some of these surround the means used to estimate terrorism risk for this study. Others involve the comparison that is made to other risk management decisions. However, many of the observations reported are valid even if reported terrorism risk estimates are several orders of magnitude low. Discussion of resource allocation should be extended to address risk tolerance and include explicit comparisons, like those presented here, to other risk management decisions.
|
