I recently reviewed a Government Accountability Office (GAO) report evaluating the MSRAM - the Coast Guard's primary tool for assessing and managing security risks. The GAO found that MSRAM generally meets the Department of Homeland Security's (DHS's) risk assessment criteria, and the Coast Guard concurred with DHS's recommendations to:

• Provide more thorough documentation about key assumptions and sources of uncertainty within MSRAM;
• Make MSRAM available to appropriate parties for additional external peer review;
• Provide additional training for sector command staff and others involved in sector management on how MSRAM can be used as a risk management tool; and
• Take action to report the results of the risk reduction measure as a range rather than a point estimate.

The GAO elaborated on the reasoning behind their recommendations, and in some instances, the Coast Guard indicated the actions it will take to implement the recommendations.

Using MSRAM, Coast Guard analysts often make judgments about factors like the probability of an attack and economic and environmental consequences. These judgments are inherently subjective and therefore have implications that the GAO believes should be documented and communicated to Coast Guard officials so they can gain a complete understanding of the uses and limitations of the MSRAM data.

The GAO believes that providing additional training could allow MSRAM to inform operational, tactical, and resource allocation decisions at not only the national level but the sector level as well. While MSRAM is part of the Coast Guard's contingency planning course, the Coast Guard indicated that it will explore other opportunities to provide risk training to sector command staff, including online and webinar training opportunities.

The Coast Guard's measurement of the impact of its maritime security programs on risk in U.S. ports and waterways is partly based on subject matter experts' estimates of the percentage reduction of maritime security risk resulting from Coast Guard actions. The measurement is challenging to develop due to the limited historical data on maritime terrorist attacks. As such, the GAO believes the Coast Guard should report the risk reduction measure as a range of plausible estimates rather than as a specific estimate, which is more consistent with risk analysis criteria.

Ensuring the Coast Guard accurately evaluates security risks associated with the nation's ports and waterways is essential to preventing a maritime terrorist attack or other transportation security incident. For MTSA Security Tips and updates, take a look at the white paper that was posted last week.

Ryan Loughin is Director of Petrochemical & Energy Solutions for the Advanced Integration division of ADT- www.adtbusiness.com/petrochem. He provides security education to CFATS and MTSA-affected companies and is a member of the National Petrochemical and Refiners Association (NPRA), Society of Chemical Manufacturers and Associates (SOCMA), Energy Security Council (ESC) and American Society for Industrial Security (ASIS). Loughin has also completed multiple levels of CVI Authorized User training (Chemical-Terrorism Vulnerability Information) which was authored by the U.S. Department of Homeland Security.

Copyright © ADT Security Services, Inc. 2012 - All Rights Reserved. Legal Disclaimer - Some of the individuals posting to this site, including the moderators, work for ADT Security Services, Inc. Opinions expressed here and in any corresponding comments are the personal opinions of the original authors, not of ADT Security Services, Inc. The content is provided for informational purposes only and is not meant to be an endorsement or representation by ADT Security Services, Inc. or any other party. This site is available to the public. No information you consider confidential should be posted to this site. By posting you agree to be solely responsible for the content of all information you contribute, link to, or otherwise upload to the Website and release ADT Security Services, Inc. from any liability related to your use of the Website. You also grant to ADT Security Services, Inc. a worldwide, perpetual, irrevocable, royalty-free and fully-paid, transferable (including rights to sublicense) right to exercise all copyright, publicity, and moral rights with respect to any original content you provide. The comments are moderated. Comments will appear as soon as they are approved by the moderator.