An Overly Democratic Approach to Risk?

I was having a discussion with a public safety official at a local college the other day where we exchanged differing views on our respective approaches to risk management. He seemed to subscribe to a strategy that was geared to equally addressing all hazards. I thought (as I have for the last few years) that when it came to formulating strategy, business continuity planners, emergency managers and even real estate and facility managers were being a tad too democratic.

Too democratic? Before you banish me and the blog to a Siberian labor camp let me explain. If any institution receives a set amount of funding to construct an all encompassing risk management program, they have a choice - they can be democratic and equally allocate their funds to all areas that provide a blanketed approach to risk, or they can be a little more analytical - authoritarian even - and allocate those monies towards the areas that require it most. Where the monies are allocated depends on the probabilities of events occurring. Let's use a basic example, Columbia University, located in Manhattan will clearly spend more on security-related systems than, say the University of British Columbia, an institution better served by putting their dollars toward strategies that mitigate the impact of earthquakes.

I barely had a chance to have a cup of coffee before my brother called and alerted me to the cover story on the Sunday New York Times that discussed how many of the monitoring systems put in place by the Department of Homeland Security - an estimated $4.5 billion worth - have become obsolete:

Many of the monitoring tools - intended to detect guns, explosives, and nuclear and biological weapons - were bought during the blitz in security spending after the attacks of Sept. 11, 2001.

In its effort to create a virtual shield around America, the Department of Homeland Security now plans to spend billions of dollars more. Although some changes are being made because of technology that has emerged in the last couple of years, many of them are planned because devices currently in use have done little to improve the nation's security, according to a review of agency documents and interviews with federal officials and outside experts.

...Federal officials say they bought the best available equipment. They acknowledge that it might not have been cutting-edge technology but said that to speed installation they bought only devices that were readily available instead of trying to buy promising technology that was not yet in production.

The effects of such hastiness have become quite apparent:

At airports, similar shortcomings in technology have caused problems.

The Transportation Security Administration bought 1,344 machines costing more than $1 million each to search for explosives in checked bags by examining the density of objects inside. But innocuous items as varied as Yorkshire pudding and shampoo bottles, which happen to have a density similar to certain explosives, can set off the machines, causing false alarms for 15 percent to 30 percent of all luggage, an agency official said. The frequent alarms require airports across the country to have extra screeners to examine these bags.

Because the machines were installed under tight timetables imposed by Congress, they were squeezed into airport lobbies instead of integrated into baggage conveyor systems. That slowed the screening process - the machines could handle far fewer bags per hour - and pushed up labor costs by hundreds of millions of dollars a year.

The overly democratic approach to risk management I was discussing with my friend at the college seems to not only be occurring on a micro level, but on a macro level too. This article in the Financial Times points out the inefficiency of a blanketed approach to risk management:

Glenville is unlikely to figure high on any list of potential terrorist targets.

The small town in south-east Georgia is little more than a ramshackle collection of one-storey wooden homes and whitewashed churches, surrounded by miles of farmland. Yet, beside a road junction outside the town stands a large billboard advertising a government website that informs people how to prepare for a terrorist attack.

The image illustrates one of the most striking features of the US response to the events of September 11: that much of the government money to protect against future attacks is being spent in places foreign terrorists would have trouble even finding.

...Much of the problem has been due to the way in which Congress allocated the funds in the months after September 11. Under the influence of politicians from rural districts eager to get their share of the new windfall in homeland security spending, the 2001 Patriot Act guaranteed that each state would receive minimum shares regardless of its location or population.

When billions of dollars began flowing for homeland security, many states simply did not know how to spend the money. The state of Missouri, for instance, bought 13,000 chem-bio warfare suits at $400 apiece, enough for every police officer in the entire state.

The point here is not to be an armchair critic of policy, but instead to use these anecdotes as a way to refine policy and move to a more efficient level of management.