Download DHS Directive 007-03: Homeland Security Integrated Risk Management and more Lecture notes Decision Making in PDF only on Docsity!
Department of Homeland Secu rity DHS Directives System Directive Number: 007- Revision Number: 00 Issue Date:
INTEGRATED RISK
MANAGEMENT
03/28/
I. Purpose
This Directive establishes responsibilities for implementing the Department of Homeland Security (DHS) Policy for Integrated Risk Management (IRM).
II. Scope
A. This Directive applies throughout DHS with the exception of the Office of Inspector General.
B. This Directive supersedes Secretarial Memorandum "DHS Policy for Integrated Risk Management ," May 27,2010.
III. Authorities
A. Title 6, United States Code, Section 112, "Secretary; functions"
B. DHS Delegation 17001, Delegation to the Under Secretary for National Protection and Programs
IV. Responsibilities
A. The Under Secretary for the National Protection and Programs Directorate (NPPD) is responsible for overseeing all aspects of this Directive and:
- Leads DHS efforts to establish a common framework to address the overall management and analysis of homeland security risk.
- Engages the Secretary and Component Heads as needed on risk-related matters and chairs the DHS Risk Steering Committee.
- The Director. Office of Risk Management and Analysis (RMA):
a. As directed by the Under Secretary for NPPD, advises and represents the Secretary on risk management, risk analysis, and decision support. 10f 7 Directive # 007-
b. Administers the Risk Steering Committee (RSC).
c. Develops and coordinates a policy framework, in collaboration with the RSC, to inform risk-based strategies to enhance and integrate the Department's risk management capability.
d. Conducts a periodic assessment of the Department's risk management capability to assess status and progress.
e. Develops and shares innovative concepts, training, and tools to support risk management, analysis, and decision support for DHS and the homeland security enterprise, leveraging existing efforts where possible. This shall include a risk knowledge management system to facilitate the sharing of methodologies, analysis and data across the homeland security enterprise.
f. Supports Component Heads, along with Component lead executives, in promoting IRM within and across the homeland security enterprise.
g. Through a policy framework, informs and executes risk assessments and analysis in support of DHS cross Component strategic decision-making, including the resource allocation process and other activities related to the Planning, Programming, Budgeting, and Execution process.
h. Participates in and provides risk-related advice and technical assistance to DHS strategic decision-making bodies.
- The Assistant Secretary for Infrastructure Protection (lP) :
a. Leads and executes, in collaboration with Components and Federal departments and agencies, a risk-informed approach for supporting the protection and resilience of critical infrastructure and key resources consistent with the National Infrastructure Protection Plan (NIPP).
b. Provides guidance, methodologies, and assistance to NIPP public and private sector partners in the execution of infrastructure protection risk assessments that contribute to cross-sector risk assessment and IRM.
2 of 7 Directive # 007-
processes, and practices, including participating in the RSC and coordinating with the Director of RMA and other Components' lead executives.
c. Establishes, as appropriate, an internal Component coordination process to promote integration for cross mission risk management requirements.
- Provides appropriate representation and participation in the RSC and the RSC working groups.
- Provides subject matter expertise, tailored data, and information, as requested and appropriate, to RMA and other DHS Components executing cross-Component risk analyses.
- Provides risk data to RMA in support of a risk knowledge management system unless otherwise barred by law, regulation, or policy.
D. The Administrator of the Federal Emergency Management Agency:
Incorporates IRM policies, processes, and practices into national preparedness efforts, including the development of training and education for homeland security enterprise partners compatible with DHS IRM policies, processes, and practices.
Risk-informs the National Preparedness Goals, National Planning Scenarios, and National Preparedness System, or successors.
Coordinates with RMA, the RSC, IP, the NIPP Sector Specific Agencies, and other appropriate stakeholders to develop a common approach to assist State, local, tribal, and territorial government organizations in assessing and managing risks, compatible with DHS integrated risk management and the NIPP.
Provides strategic and operational natural hazard analysis and assessments to support the Department's overall risk-informed decision-making requirements.
E. The Under Secretary of Intelligence and Analysis:
- Provides strategic and operational threat analysis and assessments, to include analytic judgments, to support DHS risk assessments and risk-informed decision-making requirements.
4of 7 Directive # 007-
- Serves as the interface to the larger Intelligence Community for all formal support requests related to integrated risk management.
F. The Under Secretary for Management:
- Incorporates functionally appropriate risk management methods and practices, including Department-wide risk management doctrine, as required , into relevant DHS business practices, including acquisitions, administration, security, human capital, information technology, budget formulation, and finance.
- Works with the Office of the Secretary, the Under Secretary for NPPD, and all Components, to support the efforts to acquire and implement appropriate hardware and software on both unclassified and classified networks for risk management and analysis, recruit and hire a multidisciplinary risk management and leaming and development program.
- The Chief Financial Officer:
a. Ensures that DHS programming and budgeting activities use risk analysis to inform resource decisions and justify allocation of resources.
b. Utilizes methodologies developed by RMA and the RSC, where appropriate, to evaluate the extent to which DHS programs and activities manage risk.
G. The Under Secretary of Science and Technology:
- In cooperation with the other heads of DHS Components, and with appropriate representatives from other affected entities, ensures that the identification, prioritization , and funding of homeland security research and development programs and projects is risk-informed.
- With input from the RSC, conducts research and development efforts to improve the state of knowledge in the risk sciences and application of this knowledge to support homeland security risk management.
H. The Assistant Secretary for Intergovernmental Affairs, in conjunction with RMA and the RSC, facilitates consultation with homeland
50f Directive # 007-
d. Developing and analyzing alternative strategies to manage risks, considering the projected costs, benefits, and ramifications of each alternative to manage or mitigate the risk;
e. Deciding and implementing the risk management strategies giving consideration to all relevant factors; and
f. Monitoring and evaluating performance of the risk management strategies.
Communication is critical to this process and occurs within and throughout the steps of the cycle.
- Use risk information and analysis to inform decision-making, striving to better understand risks and capabilities to manage those risks and capabilities, while remaining flexible to changing risks. Homeland security risks are inherently uncertain, and risk analysis will not always yield precise answers. The Department uses risk information and analysis to make its assumptions more transparent, encourage creative thinking, and provide defensible decisions, made with the best available tools and information, for the best achievable outcomes.
- Develop methodologies, where appropriate to determine the extent to which its programs and activities manage and reduce risk to the Nation. DHS uses this information, among other inputs, to measure the Department's progress toward achieving strategic goals, inform decision-making, build its budget, help guide the allocation of limited resources, and promote understanding and collaboration among homeland security enterprise partners.
- Use a unified approach to manage risks working with all of our homeland security enterprise partners.
VI. Questions
Address questions or concerns regarding this Directive to the Director of RMA at risk_management@hq.dhs.gov.
Ra Borras Under Secretary for Management Date
70f Di re ctive # 007-
