Cover Image

Not for Sale

View/Hide Left Panel
Click for next page ( 9

The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement

Below are the first 10 and last 10 pages of uncorrected machine-read text (when available) of this chapter, followed by the top 30 algorithmically extracted key phrases from the chapter as a whole.
Intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text on the opening pages of each chapter. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.

Do not use for reproduction, copying, pasting, or reading; exclusively for search engines.

OCR for page 8
Project Rationale and Approach 9 Mission disruption Social/cultural disruption The CAPTA methodology, as implemented in a spreadsheet (CAPTool), contains exam- ples and default values to assist the user in choosing consequence thresholds, identifying existing means for avoiding adverse consequences, choosing countermeasures that fill gaps in coverage, winnowing those choices through a cost analysis, and then packaging them for implementation. Basic Definitions The basic concepts of risk management combine an understanding of what makes an asset susceptible to damage from a hazard and an understanding of what makes an asset attractive to attack by people intent on malicious action. These vulnerabilities to attack and/or failure likely trigger a consequence composed of the loss of use of that asset and the loss of the benefit that accrues to users from the use of that asset. Traditional approaches to risk assessment typi- cally represent the frequency and severity of threats (intentional events) and hazards (natural or unintentional events) into a single factor in the general risk equation. Figure 1 illustrates the interaction of an asset with the elements of threat or hazard, vulnerability, and consequences (defined below): Target/Asset. Persons, facilities, activities, or physical systems that have value to the owner or society as a whole. Threat/Hazard. The potential natural event, or intentional or unintentional act, capable of disrupting or negatively impacting an asset. In the case of natural events, the hazard is the frequency and magnitude of a potentially destructive event. Hazards can be expressed in probabilistic terms where data are available. Consequences. The loss or degradation of use of an asset resulting from a threat or hazard. Consequences may also be determined by loss of life (casualty). Mission-related consequences include destruction or damage causing real loss or reduction of functionality. Consequences grow as a function of an asset's criticality. However, a critical asset may be damaged without total loss of functionality. Vulnerability. A weakness in asset design or operations that is exposed to a hazard or can be exploited by a threat resulting in negative consequences. Specific hazards or threats may Figure 1. Elements of risk management against hazards and threats.