Developing an Effective Risk Managementassessment free essay sample

Developing an effective risk management assessment Todays society has brought risk at each level of society. Risk is no long just in the corporate world, but within the criminal Justice and security areas. Identifying and planning according to the risk within the Justice and security areas is ever changing. Knowing the resources available Is the first step to developing a plan to protect and service the public. The risk planning for Justice and security Is similar to what a security firm would do for a corporation, but on a larger scale.Law enforcement needs to put the risk in order of importance. When law enforcement is developing a risk management plan they need to accommodate for the cost of enforcing the plan. To balance the cost developers need to show the benefits and consequences of a risk management plan. Each one of these steps needs to occur if a risk management plan is to be effective. Knowing the resources available and planning for the risks Knowing and completely understanding the threats provides law enforcement an advantage in preparing for a range of risk and challenges.The risk that criminals, terrorists, and extremists practice are striking society when and where these organization are ready and they perceive law enforcement Is absent or Is lease likely ready. Development of risk plans by law enforcement need to recognize potential risk and plan accordingly to counter external or internal risk in society. The correct assessment provides the leadership with critical information and trends that impact the strategic planning. Risk management report also identify future security and operational opportunities, provide for reasoning for funding, and provide the citizens of public safety plans (Federal Bureau of Investigation, n. D. ). Law enforcement agencies risk assessment should not only happen when a disaster occurs, but when a leadership change happens, procedural or a physical security modification happens. Analytical risk assessment and security risk assessments should both be developed and use when identifying risk to law enforcement.These reports provide managers with the types of security programs to lower risk, justify the funding and resources that are requested, and describe methods of improving security in the entire law enforcement organization. Analytical risk assessment and security risk assessments a stricture of the current threats, risk, vulnerabilities, and assets of a law enforcement agency. Analytical risk assessment offer methods of examining security and operational readiness and cost-effective countermeasures. With security risk assessment the finding provide information to make informed Decision.When these two assessments are used, law enforcement improves the ability to face the risks that are current and that happen with no warning (Federal Bureau of Investigation, n. D. ). People The first area law enforcement examines when managing risk to the organization is the people. The more personnel the organization employs the more security and challenges it faces. The organization must provide current technology to ensure the personnel can carrier out the duties to provide security to mitigate the risk. Ensure personnel are protected allows for the protection of society.The society and law enforcement personnel need each other to prevent the risk to security from occurring. The manner that the organization can accomplish this is conducting refresher training, and asking the personnel who ride everyday on the streets what they see as developing risk (Federal Bureau of Investigation, n. . ). Information Prior to September 1 1, 2001 Americas law enforcement data came from several avenues and agencies. The years following the attack this has expanded not Just within the United States but worldwide.No longer is information gathered or shared by personnel but along with the advancement in electronic and Internet means. The reducing of threats from these methods of obtaining information, law enforcement need to follow what the Army calls operation security. This is only allowing information to be known or shared with personnel that need to know. Not everyone needs to know everything. Just because the commissioner knows everything the patrol officer does not need to know what the commissioner knows.With regard to electronic and the Internet the advancement in software security that federal agencies have should be shared with state and local agencies. Information on these systems is Just as deadly as in federal agencies (Federal Bureau of Investigation, n. D. ). Operations Operational security can also be included in the operations of law enforcement. As advancement and incorporating of technology happens the geographically area disappears and reliance on electronic connection happens, which develops a limitability for sabotage and espionage.Law enforcement agencies can lower these risks by incorporating operational security into the development of the technology and into the daily duties, and integrate security compliance into the plans, procedures, policies and performance reviews. When personnel integrate security into every area of operations areas of information and personnel is affected to the level that it is a common occurrence (Federal Bureau of Investigation, n. D. ). Equipment Law enforcement personnel, information, and operations encompass the use of becoming a risk to the system.For law enforcement to lower risk to the security of the equipment, agencies can develop physical barriers, monitoring surveillance, electronic sensors, and human security. If a computer from a patrol officers car was to be stolen. The information on this laptop is critical. Perhaps finger scans of the law enforcement officer are a human system that could be used on this technology. With regard to sensors and monitoring this has begun with dash board cameras for when a police officer pulls over a citizen.Perhaps putting a camera in the back seat of the officers car can prevent risk of lawsuits by an arrested citizen (Federal Bureau of Investigation, n. D. ). Facilities Some would not believe that law enforcement facilities would need risk managing. Why would a law enforcement facility need one. Perhaps it is preventing escapes, protection from lawsuits, or basic building security. Agencies can mitigate these risks by developing a security perimeter with multiple levels of supporting protection.For any door besides the front door or restrooms a buzzer or badge access should be used. Once pass this level additional to badge access on doors, sensors in the wall, floor, and ceiling should be used. Depending on the information, personnel, or equipment in the room would depend on the level of security used. Costs associated in managing risk When developing a risk assessment plan one element to encompass is the cost that will happen in managing the risks. Not including the cost in the plans will lead to areas not being protected, and that leaves gaps of vulnerabilities.These areas of vulnerabilities demonstrate cracks that can be exploited to gain access or control of critical areas of security and law enforcement. It is critical vulnerable areas, such as personnel, information, equipment, operations, and facilities become part of the cost associated with managing these risks. When determine the cost of managing risks to the organization four criteria should be used to determine if the cost is worth it (Federal Bureau of Investigation, n. D. ). * Critical: no effective countermeasures currently are in place, and known adversaries would be capable of exploiting weaknesses to reach the asset. High: some effective countermeasures exist, but the asset has multiple weaknesses that adversaries could exploit to their advantage. * Medium: some effective countermeasures exist, but the asset has at least one weakness that adversaries could exploit to their advantage. Low: multiple layers of effective countermeasures exist, and few or no known adversaries could exploit to their advantage (Federal Bureau of Investigation, n. D. ). For law enforcement not to monitor risk to the organization is a critical error. This is the one organization that needs to manage this area.Not managing a risk to law enforcement leaves citizens with no confidence in the abilities for the organization to protect them from risk to society. If the public sees law enforcement not stopping the risk to escapes of suspects, which this ties into managing risk to facilities of law enforcement by not securing the building the suspect could escape. Another example would be if the information on an abuse woman was able to be access by the abuser, and if the risk of information on a terrorist that was held by law enforcement was obtaining this could put the security of the nation at risk.It is the times we currently live in that provides the need for applying the correct level of protection to the risks of the organization, and not managing these risk or not possess a plan is also wasting funds. When improper managing is done this also has an effect on the citizens the law enforcement agencies are protecting. There needs to be monitoring of risk and the cost of them to ensure these risk an operation correctly and the elements that go into them are done correctly as well. The affect a properly performed risk analysis has for management Developing a proper security risk assessment enables leadership to make informed decisions.Making accurate decisions based on properly known assessments allows leadership to derive acceptable level s of risk and the correct course of action. A risk analysis provides a list of the risk to what resources are available and needed to meet the risk. From the analysis stakeholders and leadership can decide on the type f countermeasures to implement and where to implement them, or they may accept risk conditions based on existing priorities, resources, and threat status (Federal Bureau of Investigation, n. D. ).A risk analysis report to be beneficial should include: * The summary must highlight the major findings, requests, and suggestions. * Overview detailing the analytical risk assessment to familiarize stakeholders and leadership with the process. * Status of any connected assessment reports received from other agencies. * In-depth description of assessed assets, threats, and vulnerabilities. Examining the calculated security or operational risks. * Provide countermeasure options on the types and quantities desired. Critical concerns and prioritize specific problems. * A security program plan describing the departments plan of action to mitigate risks. * Discussion of planning, programming, and budgeting requirements. * Overall lessons learned and information for sharing. * Predictive risk analysis describing future risks and preventive measures. * Summary and conclusion recapping major findings and recommendations. With this information in the risk analysis the developing, cost, consequence, and infinite for leadership is provided.Leadership cannot explain or examine the benefits of any risk without this information. Conclusion Picturing a law enforcement agency the first image is security, which leans itself to the organization developing countermeasures to each risk to the organization. When a law enforcement agency identifies and plans accordingly it needs to include the cost that will happen to complete the risk assessment and implement the plan. When it is developing the cost the areas that should be included are the personnel, operations, equipment, and facilities.