"Chemical security has to be balanced with other objectives," said Hazzan, "and has to be commensurate with the threat and likelihood of occurrence. Consequently, the chemical security management process requires a systematic approach to analyzing risk of these issues."
Hazzan offered five premises:
- The threat is credible. "Post 9/11, I don't think anyone would argue with this," said Hazzan.
- The enemy is highly motivated and capable.
- The attack upon, theft of, or misuse of chemical or asset degradation must be evaluated.
- Vulnerabilities need to be identified and analyzed.
- Countermeasures may need to be enhanced. "Assess whether current security measures effectively address these new and unforeseen threats," Hazzan suggested.
"Depending on the degree of exposure potential of the company or the public from an unintentional release, the attractiveness of the target and the ease of attack, companies may face entirely different risks than the facilities were designed to manage," said Hazzan. "It could require an entirely different mode of operation and security than is currently being employed."
He suggested safety and environmental managers ask these questions in a security vulnerability analysis:
- What specific malevolent chemical security threats does the entire business enterprise or a given site face that might lead to catastrophic events such as a release of chemicals to the community or theft of hazardous materials with intent to weaponize them?
- What factors are present that might lead an adversary to find a particular target more attractive than another?
- What vulnerabilities in existing security countermeasures could be exploited to undertake an attack?
- How significant could the effects of an attack become?
- Are the countermeasures sufficient given the threat?
- What enhanced countermeasures are justified?
- At what point is supplemental security provided under federal or state auspices required?
