Homeland Security Watch

News and analysis of critical issues in homeland security

February 14, 2006

Chertoff discusses risk management in the WSJ

Filed under: DHS News,Risk Assessment — by Christian Beckner on February 14, 2006

Sec. Chertoff has an opinion piece today in the Wall Street Journal (available by subscription only) entitled “There Is No Perfect Security,” which succinctly restates the core thesis of his tenure as Secretary: the imperative to apply risk management principles to homeland security. From the article:

This process of assessing risk and setting priorities should be familiar to those in the private sector. Companies use risk management to make tough decisions and weigh the costs and benefits of a particular set of investments in money and effort against an array of potential outcomes. For our department, risk management starts with weighing threats, vulnerabilities and consequences of a potential terrorist attack or catastrophic event, then conducting a rigorous, information-driven analysis both to set priorities for resources and to give focus and strategic direction to our policies and programs.

In short, we drive homeland-security investments by looking to facts and analysis, not politics. We acknowledge, however, that while most people support risk management in theory, enthusiasm tends to diminish once it is applied in practice. This is because risk management, by its very nature, involves a trade-off. In a free and open society, we simply cannot protect every person against every risk at every moment in every place. There is no perfect security. If we tried to attain total security the cost would be exorbitant — in financial terms and in lost freedom and prosperity. Balancing risk necessarily means applying resources against the highest risks — and not against all risk. As in any trade-off, some will gain resources and others will not.

Chertoff then defends the FY 2007 budget request, arguing that it reflects these risk management priorities, both in terms of the allocations for the key homeland security grant programs and in the operational activities of the Department. On the latter subject, he notes:

Of course, risk management is about more than just funding. We have to manage the risk posed by thousands of individuals and tons of cargo arriving at our airports, seaports and overland borders every day. This means promoting optimal security without damaging the flow of travelers and trade that promote our prosperity. Since 9/11, we have implemented a full range of screening systems, technology and infrastructure to identify and dismantle potential threats while keeping the lines moving and cargo flowing.

For airline passengers, risk management means using information and intelligence, coupled with advanced technology and screening procedures, to check individuals quickly — and to focus on those who pose the greatest risk. For shipping containers, it means using information and intelligence to separate high-risk cargo from low-risk cargo and then inspecting those containers that give us cause for concern. This allows us to keep our maritime trade moving, preserve jobs and promote our economy….

This is absolutely what the Department needs to be doing, and I’ve been glad to see DHS taking these positive steps in the direction of risk management in the past year. I worry though that the current mania in Congress and the media over US-Mexico border security could lead the Department astray from this imperative, and lead to underfunding of other initiatives targeted more directly at preventing and defending against the terrorist threat.

I’m also concerned that the current Katrina investigations – which are necessary and justified – could weaken the leadership of the Department politically and decrease their ability to push through programs and activities that are consistent with a risk management approach. Hopefully we can chart a course in the months ahead that strengthens our preparedness and response capabilities without having to abandon the smart risk-based strategy for terror prevention that Chertoff and his team have developed in the last year.

Share and Enjoy:
  • Digg
  • Reddit
  • Facebook
  • Yahoo! Buzz
  • Google Bookmarks
  • email
  • Print
  • LinkedIn



Comment by Brian

February 14, 2006 @ 2:50 pm

The risk management approach is as you state, a constructive course of action. However, in a politically charge world this is a risky move in itself. The unfortunate aspect is that 9 out of 10 times your game theory was accurate, but the one time you fail all hell brakes loose with the MSM leading the charge and the political hacks of both parties on capital hill screaming and yelling. Again I agree with your assessment.

In order for this to gain deep acceptance with the American people the administration must start speaking about, educating, and then keep beating the drum. Why is there little concern with the NSA wiretaps by Americans; because for the most part they accept it as a reality of war. The same belief must gain traction when it comes to a risk based approach to homeland security


Comment by William R. Cumming

February 14, 2006 @ 6:20 pm

Actually risk management worked as evidenced by Katrina. Not only did major regional exercises focus on the Gulf Coast and Louisiana (1995 and Hurricane Pam) but meterological and hydrological studies completely and successfully identified the risk. Investments by the States involved and the Army COE since 1927 represented a principal domestic investment. The question now is was it wasted or improperly expended or inadequate technically. It is interesting to note that the factor of subsidence and levee construction and maintenance was never publically documented for southern Louisiana. Is this a risk? USGS documented the inaccuracy of its benchmarks in various studies and sought FEMA money to update those benchmarks so flood study money would not be wasted. Is this risk management?

RSS feed for comments on this post. TrackBack URI

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>