3. Sci-fi? Ghost hunting? Routine? Our responsibility ? Not for me? Dual use prevention at universities
4. Difference Safety Security Security = Intentional Counter measures last as long as somebody finds a way to work around them Safety = accident Countermeasures a good solution lasts long So stay alert… FOR EVER!
5.
6.
7. WELFARE ENVIRON MENT SAFETY RISP RISK INVENTORY & STEERING PROCES Organization Hazard Risk Management (Integrale Veiligheid) HEALTH SECURITY IT SECURITY Hazard Risk Management/ INTEGRALE VEILIGHEID CRISISMANAGEMENT BUSINESS CONTINUITY MANAGEMENT
8. Proces responsibility H-RM within Delft University of Technology DUT : Faculties, Business Units, Services, Students Integrated Safety, Security and IT security (= H-RM)
12. Who is responsible ? DELFT University of Technology Risk mgt dept. Real est. Fac.
13. We are all responsible ! DELFT University of Technology IV VGWM FM 25 m 25 m 25 m 25 m 25 m 25 m 25 m 25 m 25 m 25 m 25 m 25 m 25 m 25 m 25 m 25 m 25 m 25 m 25 m 25 m 25 m 25 m 25 m 25 m 25 m 25 m 25 m 25 m 25 m 25 m
14. IV Hazard Risk Management Research Responsibility + = Sustainable innovation Biosecurity shouldn’t be dependent on one serious caretaker. When the caretaker leaves security is lost. Bio security should be integrated in an overall hazard risk management system which is grounded in a culture of united responsibility
Notas del editor
Some scientists believe that their only responsibility is to do research and everything else is for the university at the other hand sustainability can only exist by being responsible
Professors want to teach their students everything, especially if they are interested which may lead to security problems. The probability of an incident is low but when there is an incident, it is a severe one.
Some people don’t take the biosecurity risks seriously enough so it is likely that they will not take the measurements seriously enough and when you are not conscious of risks, things that shouldn’t happen will happen. Researchers might approach risk with a safety approach, like a risk incident is an act of god. They take measurements and think that it will never happen again. However when you look at security objects, there is always someone that is thinking about getting around these measures.
When you look at risk, in general, there are two types Dynamic risk: which can provide for either a profit or a loss. (Enterprise) Static risk: which can only provide for a loss (Hazard) Together with the audit manager, you adopted the idea to look at risk management in a wide scope so you could cover enterprise management. We started with hazard risk because people seem to think that enterprise risk is about their daily work and don’t realize that there are other kinds of risk.
The university needed someone to implement hazard risk management within the university. We decided that there needed to be a hazard risk management system that covered the entire scope of the university, including both safety and security and ICT security and all processes needed to be united included, such as every small unit dealing with parts of security and safety so that all processes could be viewed and controlled as one system.
We began the project by looking at hazard risks in this context and connecting them to organizational goals. For instance, why do we need a university? To educate students and to do research. The strategy was developed in align to these goals. We collected the interest of all faculties and business units and try to view them from a central point and create a central organizing force so we could tell the board of directors that the university is in control.
The System: The policy: Implement security and safety from the point of view of risk management. all units deal with their operational issues of hazard risk but only within one organization which is responsible for the whole process. 31-01-11
- Report to the board of directors of the university. - Responsible for keeping track of the processes of the whole university - Makes decisions independently when board of directors is not present. - In charge of making decisions when there is a crisis - To ensure that the organization in control - Checks to ensure that faculty security and safety implementations are adequate to controle the situation. - Risk research (development of risk profile including scenarios), identification, assessment and management. This includes priority setting.
Implementation and control Handbook developed which covers several issues that should be managed within the faculties. For instance, protecting valuable assets. Biosecurity is included in the concept plans Once security and safety goals are set, it is up to the faculties to decide how they want to reach the goals. They can use any means of security or safety they want and in most cases will apply best practices.
A security problem needs strategic solutions and control measures that begin by taking account of the existing organization and organizational responsibilities and are developed from there. This ensures that the measures will be sustainable within the organization.
Universities mostly are Profi-naïve t.i. professional in knowledge and research Naïve in trusting every bright student researcher or employee Traditional security measures like camera and fences are difficult to operationalize in universities because universities prefer an open climate where knowledge and information is openly shared In universities you need to make individuals responsible
When next to balanced H-RM policy, regulations and a little technique, everybody feels responsible for his/her cirkel of 25 mtr diameter We don’t need severe measurement that makes education and research in academic way impossible