The latest issue of the Journal of Commerce has an interesting article that profiles a new risk assessment tool used by the Coast Guard to assess maritime security-related threats. From the article (available by subscription only):
No one will dispute that the government lexicon is jargon-happy, and the Coast Guard has coined some doozies. One of the newest acronyms is the Maritime Security Risk Assessment Model, or MSRAM, which is rapidly becoming one of the agencyâ€™s premier risk-management tools.
The Coast Guard launched MSRAM last spring, and by the end of summer, the whole national inventory of freight and cargo terminals, bridges, tunnels and other port infrastructure had been given new, improved risk scores. When the Department of Homeland Security handed out $168 million in port security funds in September, the MSRAM score counted for 25 percent of an applicantâ€™s total score. Future grant rounds are as likely to depend on MSRAM results.
Officials said that the MSRAM will make risk assessment more consistent among ports. It replaces the Port Security Risk Assessment Tool, or PSRAT, which that was introduced after the Sept. 11, 2001, terrorist attacks.
….MSRAM is a computer program that is based on the Coast Guardâ€™s triangle of risk management: threat â€” vulnerability â€” consequence. For each port facility or â€œasset,â€ the program walks the user through the process of identifying threats to the asset, its vulnerability to attack and the consequences of an attack. With that information, MSRAM computes a numerical score that represents the risk posed by a terrorist attack on that particular asset. The numerical scores are classified. On the one hand, assessing threat requires the use of national intelligence. On the other hand, the Coast Guard doesnâ€™t want to say which facilities are vulnerable.
This seems to be unambiguously an improvement on earlier risk assessment methodologies, and is a positive sign that DHS, despite occasional setbacks, is gradually getting better at the difficult task of risk assessment.
To find out more about the MSRAM, there’s a scattering of information on the internet about it. Perhaps the most useful explanation of it is found in this Naval Postgraduate School master’s thesis by a Coast Guard officer on vulnerability assessment of maritime infrastructure, a document that includes this chart that summarizes the methodology:
For additional info, see the chapter entitled “Safely Securing U.S. Ports” in this issue of the Coast Guard’s Proceedings magazine and this GAO report from earlier in 2006 which mentions it several times.