How Homeland Security uses Risk Management

The Department of Homeland Security (DHS) became one of the most important US agencies after 9/11. More than ever, it was understood that the security of the United States required a more encompassing, formal and rigorous framework, which could foil terrorism and other threats of similar devastation. The homeland security enterprise was subsequently set up with a five pronged mission including preventing terrorist attacks and fostering security, manning US borders, enforcing and administering all immigration laws, safeguarding the cyberspace and increasing resilience in the face of natural disasters (National Research Council, 2010). The homeland security concept was introduced to seal preexisting stovepipes of security activities that were previously exploited to cause harm to the US people. As such, it brought together a number of agencies and shared responsibilities by the state, federal, local and other levels of governance.  While the threat of terrorism has been significantly reduced, several others still exist. Disease epidemics and biological warfare, weapons of mass destruction, cyber attacks and borderless, transnational crimes brought about by the rapid information exchange due to globalization are just but a few to mention (Steiner, 2009). This has led to an ever vigilant and active homeland security enterprise. One of the tools pervasively used by the agency in their mandate is risk management. This refers to the identification, analysis and mitigation of risks to achieve strategic objectives. This paper explains how risk management is used by the DHS and the attendant benefits from such uses.

The Homeland security enterprise uses risk management in operational decision making. As highlighted before, the homeland security apparatus consists of several agencies coming together, sharing information and responsibilities to collectively enhance security and other functions within their mandate.  The broad nature of the enterprise complicates decision making in operations which calls for the use of risk management principles in the midst of operations. By identifying the risk in question and analyzing its threat level and the vulnerability of the systems in place, DHS is able to decide on the best group to dispatch as first responders, the best tactics to employ and the amount of resources to allocate in the operation (Schanzer et al., 2008). An example of this usage is in cases of natural disasters such as Hurricane Katrina where millions of lives were at risk. Risk management in this case came in handy in making a number of operational decisions including who to send where and what tactics to use in the rescue. In the end, operations are able to have proportionate resources, mitigate risks in a timely manner and take advantage of the most skilled personnel in handling the situation at hand. This is profound in the sense that the DHS may have communication crises, challenges in determining command control and responsibility in times of crisis if they do not understand the nature of risk and how it should be approached. An operational breakdown may follow as teams argue on who should be in charge, how much resources they should have and the accountability in the whole scenario. All these operational decisions are thus made possible through the application of risk management principles.

A similarly important application of risk management in the homeland security enterprise is on the ranking and prioritization of threats. As noted before, there are a number of threats that fall within the mandate of the Department of Homeland Security (DHS). Some of these threats are minute and do not require the dedication of the agency resources. Failure to identity the threats that matter will lead to focusing on the wrong areas while remaining vulnerable to more potent threats (U.S. Department of Homeland Security 2010). For instance, the DHS has been understood to be overly committed towards fighting terrorism, even after the fall of Al-Qaeda and the weakening of other players in global terrorism. This implies that they have prioritized the threat over any other due to past experience and its mainstreaming. Other threats that have been of prime importance to the homeland security enterprise include Weapons of Mass Destruction (WMDs) and chemical, biological, radiological and nuclear (CBRN) terrorism (National Research Council, 2010). Though some of these threats have devastating consequences, they have barely been witnessed before and are unlikely to occur. For instance, the use of VX Nerve agents is yet to be witnessed in the United States. In this case, risk management helps the DHS to identify which threats are more likely to occur and hence focus their efforts on that line. Some threats such as WMDs can only be monitored unlike domestic and global terrorism that requires daily activity. This implies that risk management plays a cardinal role in ensuring that the homeland security enterprise is focused on the right direction at all times and therefore a bulk of material and non material resources go into addressing more immediate threats. Without ranking and prioritizing threats using risk management principles, homeland security is likely to be functionally ineffective.

Risk management principles also help to direct research and development efforts in the homeland security enterprise. Though risk analysis, the DHS is able to identify their current weaknesses in various knowledge areas and therefore dedicate their research and development activities into sealing such loopholes (Steiner, 2009). For instance, natural disasters have been frequent in recent times due to climate change and every time hurricanes and other types of such catastrophes strike, the homeland security enterprise is called upon to respond. Over the years, there are clear gaps in the response with each threat coming with new challenges. Therefore, using risk analysis to identify various characteristics of hurricanes, the populations at risk and the best mitigation approaches, homeland security can focus their research and development activities to come up with innovative solutions to the problems. The same can be extended in determining the vulnerability of established security apparatus and how to improve on it (U.S. Department of Homeland Security 2010). For instance, analysis of risks facing critical infrastructure like airports will help to identify areas that need improvement through research and development. Therefore, without applying risk management principles, it is impossible to make meaningful use of research and development.

At the end, it is apparent that risk management is used by the DHS in three key areas including operational decision making, ranking and prioritization of risks and directing efforts of research and development. The main elements of risk management in use include risk identification and risk analysis from which various operational decisions are made, threats of relevance and immediacy are identified and loopholes that should be filled through research and development are illuminated on. The role of risk management is thus unimpeachable in the DHS and should only be expanded to all operations to discover improvement areas and guide daily activities. That way, the DHS will be able to execute their mandate in the different areas under their responsibility.

References

National Research Council. (2010). Review of the Department of Homeland Security’s approach to risk analysis. National Academies Press.

Schanzer, D. H., Eyerman, J., De Rugy, V., Bryson, J. M., Crosby, B. C., Stone, M. M., & Saunoi-Sandgren, E. O. (2008). Strategic risk management in government: A look at homeland security. IBM Center for the Business of Government.

Steiner, J. E. (2009). Needed: State-level, integrated intelligence enterprises. Studies in Intelligence, 53(3), 1.

U.S. Department of Homeland Security. (2010). Quadrennial homeland security review report: A strategic framework for a secure homeland. Washington, DC: Government Printing Office.