Vulnerability Assessment- Phyllis Young
DeWitt_12
sample_paper_on_how_it_should_be..docWorkplace Violence i
Mother Seton Parish RIsk Assessment 13
Risk Assessment: Mother Seton Parish
Germantown, MD
Ian Swayze
CJMS 630
Professor Wilson
University of Maryland – University College
March 31, 2013
Turnitin.com Match Score: 8% similar
Introduction
As institutions focused on the practice of faith and the associated charitable contributions to their surrounding communicates, a reasonable person may assume that churches and other houses of worship are largely insulated from the threats that envelop the environment around them. Unfortunately, much like hospitals, churches and other religious institutions face a seemingly increasing degree of threat from both property crime and related violent crimes against persons. In a concise and well-developed study in the security challenges to churches, Harrell (2010) paints a frightening picture of both numerous and egregious attacks and criminal incidents involving faith based institutions (FBOs). To that effect, he notes the proclivity of these such events, to the degree of 12 homicides and 38 other violent crimes against Christian churches alone within the US during CY 2009. Aside from the human victimization, crimes against property are no less worrisome in this venue, with more than $24 million in property loss incurred during that same period. To that effect, sadly, Purpura (2010) notes that arson is the leading cause for fires in churches and facilities used by FBOs. Clearly the spectrum of threats facing these institutions has become vast.
Despite the nature of their mission to be a source of hope and assistance to their communities, FBOs face such serious threats as theft, vandalism, arson and, increasingly, cases of assault and homicide against their staffs and membership. Accordingly, in addition to advancing their noble cause for service, clergy and FBO community leaders must continually, and diligently evaluate means by which to examine and counter potential risks facing their institutions.
Site Selection & Rationale
With that respect, this paper serves to provide a cursory risk assessment for a church of which I am a parishioner, Mother Seton Parish in Germantown, MD. In evaluating potential options to consider for this assignment, having had the opportunity to view this institution and its practices through the lens of a stakeholder has helped to hone a more effective view on the potential challenges associated with the security environment therein. As both a security professional and as a member of the church community, I have a vested interest in the assurance of safety, security, and relative peace of this component of my life. The scope of this assessment is the entire parish site, to include all facilities, physical property, and persons with a presence at the site. Importantly, as this was not a church-requested assessment, the discussion provided henceforth is based on the best information available through public data, personal dialogue with clergy and parishioners, and individual observation. As such, this assessment would not be appropriate for, nor should it be utilized in, and sort of insurance determination, risk acceptance, or capital budgeting activities.
Mother Seton Parish is a Roman Catholic Church located on Father Hurley Blvd (intersecting with Middlebrook Rd) in Germantown (Montgomery County), Maryland. Though the parish has been in existence since 1974, the current facilities were not completed until 2004. The church campus is comprised of three main facilities: the church itself, a parish center (for religious education and community activity), and the parish rectory which houses the three priests assigned to the parish. From a property standpoint, the site is tightly nestled into a 5.2-acre lot bound to the north by Middlebrook Road, and to the west by Father Hurley Blvd (which, coincidentally is named after Msgr. Leonard Hurley, the parish’s first pastor). On-site parking at the church is normally plentiful for normal Sunday mass, but often woefully inadequate for holiday services such as Easter and Christmas. Forming the site’s western line of demarcation is a significant-sized shopping center (to include a large grocery store, larger stores, smaller inline stores and restaurants). In this way, the church is at the edge of a zone of convergence between a high-density residential area (mostly rental apartments and some smaller townhomes) and a major retail / commercial area, principally anchored around Germantown Rd (Maryland Rt. 118). The closest major highway is I-270, which can be accessed by vehicle in less than 5 minutes’ drive time during normal traffic conditions.
Law enforcement responsibility for this area is under the jurisdiction of the Montgomery County Police Department (MCPD), with the church located within the county’s 5th District (Germantown) and an estimated nominal response time of NLT 5 minutes (5th District station is 1.5 miles from the site). Crime metrics from MCPD’s most recent quarterly statistics document (Q1 – 2012) suggest a moderate year-to-year rise in crimes reported to the FBI’s Uniform Crime Reporting System within this police district. The most recent full-year reporting (2011) indicates that larceny and burglary are by far the most prevalent types of crime reported (1398 and 352 incidences, respectively). On a positive note, these statistics were the lowest of the six districts within MCPD. With respect to previous criminal history at the church itself, it should be noted that in 2001, Monsignor Thomas Wells, the parish pastor was murdered in the rectory by a local man who reportedly suffered from emotional and psycho-social disorders. The assailant approached the rectory during hours of darkness, under the auspices of seeking assistance, though purportedly with the actual intent of robbery. The anecdotal value of this event alone suggest a potential for risk associated with unknown persons’ relatively easy and largely unrestricted access to church assets, empowered by the central location of the site in a densely-populated area. In discussion with the parish’s current priests and staff, recent criminal concern has been largely along the lines of property focused (i.e. larceny attempts or damage to vehicles).
Approach and Methodology
By definition, the classical approaches to risk assessment activities factor in threat considerations and vulnerability evaluations as precursors. For as Vellani (2006) reminds us, risk is essentially a function of threat and vulnerability relative to an asset or group of assets. Accordingly, the risk assessment tool and approach presented in Appendix A works in a logical, sequential and integrative approach. With respect to Mother Seton Parish as the evaluated entity, the tool first identifies assets while at the same time matching those to the most likely threat vectors. Next, the process utilizes the US Army’s MSHARPP matrix as a methodology to quantify a vulnerability rating for identified assets based on what are largely quantitative elements of evaluation. This method has the beneficial effect of presenting a numerical picture of what would otherwise be difficult to measure in terms of pure-data driven metrics for vulnerability assessment. As a standalone tool, MSHARP measures vulnerability using criticality & probability considerations as embedded determinants. For this application, however, final risk rankings included additional calculus.
Within Appendix A, Table 4 represents a quasi-qualitative rubric to analyzing and prioritizing risks for this asset-based risk assessment. The MSHARPP index is employed as the starting point, at this represents the quantification of an overall vulnerability rating for the given asset or target. This value is then multiplied by a qualitatively-determined scale for the probability of any measurable threat affecting the asset. Although the MSHARPP tool already considers postulated threat potential (implied through the aggregation of several of the matrix categories), this general threat variable expand upon that by considering the likelihood of ALL reasonable threats affecting the asset. As such, this calculus provides a greater utility for risk analysis, such that amplifies the value of threats that may not have yet been specifically considered. An additional value is also then considered, which is the loss event criticality. Similarly, although criticality is already implicitly embedded within the MSHARP index value, this variable in this case seeks to accentuate the relative criticality of the asset versus the others listed. In this way, the resultant scaling factors when multiplying the composite of columns A x B with column C help to drive the final risk ranking score so as to allow concentration of mitigation efforts based on a ranked prioritization.
Assessment Analysis Results
Overall, the security picture at Mother Seton Parish is reasonable, with risk levels that appear commensurate with the baseline for religious institutions in the area. On a positive note, the church has instituted a stricter adherence to a policy of not opening the door of the rectory after-hours to uninvited visitors following the tragedy with Msgr. Wells. Similarly, the priests with whom I had the opportunity to discuss the criminal threats facing the church seemed well versed on the ongoing concerns and have made concerted efforts to tackle the lower handing fruit (ex: exterior lighting was in far worse shape prior to the arrival of the current pastor).
The asset specific outcomes of the vulnerability and risk assessment process are noted in Appendix A. Generally, the items with highest assessed vulnerabilities fell in line with the final determinations for assets with the highest overall risk. It is interesting to note though that the assets with the two highest vulnerability index scores (MSHARPP rating) exhibited a reasonably wide margin between their final respective risk scores. Although these assets were ranked next to each other in terms of overall mitigation prioritization (#1 and #2), this risk score gap highlights the significance of the score weighting enacted by the event probability (Column B) and loss criticality (Column C) multiplier factors.
Site Security Recommendations
Recommendations for improving asset protection are enumerated in detail in the corresponding sections of the security survey portion of Appendix A.
Appendix A: Risk Assessment Tool
Consolidated Asset Identification & Postulated Threat Assessment:
The below table represents the identification of assets affiliated with Mother Seton Parish, and also presents the corresponding postulated threat or basis for asset loss, damage or harm. Postulated threats are projected based on a synthesis of area crime data and rational evaluation of the relationship to the asset considered.
Table 1 – Asset Identification & Threat Matrix
|
Target |
Postulated Threat Vector/ Motive |
|
Parishioners |
Street level criminals / petty theft; or assault seeking personal effects or valuables |
|
Clergy |
Street level criminals / petty theft; or assault seeking personal effects or valuables –OR— Discontented persons with political or social opposition to aspects of the Catholic Church |
|
Donations / Cash Collection Box |
Street level criminals / petty theft; or assault seeking personal effects or valuables |
|
Audio / Music Equipment |
Street level criminals / petty theft; or assault seeking personal effects or valuables |
|
Personal Vehicles |
Street level criminals / petty theft; or assault seeking personal effects or valuables |
|
Religious relics / items |
Discontented persons with political or social opposition to aspects of the Catholic Church |
|
Clergy personal property |
Street level criminals / petty theft; or assault seeking personal effects or valuables |
|
Site Facilities (Church, Parish Center, Rectory) |
Discontented persons with political or social opposition to aspects of the Catholic Church – Vandalism, Non-Theft Property Destruction, Arson |
Vulnerability Assessment:
A quasi-quantitative asset-focused vulnerability analysis was conducted using DoD MSHARPP matrix. The targets noted in the table below are core components and elements associated Mother Seton Parish’s facilities and the reach of its ministry. Here, the numerical total / index corresponds to a categorized level of vulnerability ranging from Very Low to Very High.
Per US Army Field Manual 3-19.5:
One of these assessment tools used to determine the criticality and vulnerability of U.S. interests examines seven variables: mission, symbolism, history, accessibility, recognizability, population, and proximity (MSHARPP). MSHARPP is a targeting tool geared toward assessing personnel vulnerabilities but can also be used for facilities, units, or other assets. The assessed items are listed in the left-hand column; the MSHARPP variables are listed across the top. Each asset is assigned a number (ranging from 1 through 5) that corresponds to the applicable MSHARPP variable. The number 5 represents the greatest vulnerability or likelihood of attack; the number 1 represents the lowest vulnerability. The respective numerical values are totaled to provide a relative value as a target or the overall level of vulnerability.”
In this application, the following situation-specific interpretations of each variable are assumed:
· Mission – the degree to which harm to the noted target would disrupt the ability of the church to continue to function as a place of worship and/or as a center of support to the community
· Symbolism – the attractiveness of the target based on the potential notoriety that would be achieved by inflicting harm
· History – significance and ease of attack on the target in the eyes of attacker based on previous incident success
· Accessibility – the degree to which the assets are shielded or compartmentalized from the public, street-level environment
· Recognizability – likelihood that attacker would be able to easily located a pre-determined target set on the church site at time of attack
· Population – reaction from and impact to the local population if identified asset is harmed or damaged
· Proximity – the degree of movement required to reach the asset, i.e. difficulty before reaching first barrier
Table 2 – Vulnerability Assessment (DoD MSHARPP matrix)
|
Target |
M |
S |
H |
A |
R |
P |
P |
Index |
|
Clergy |
4 |
5 |
5 |
4 |
5 |
3 |
3 |
29 High |
|
Parishioners |
3 |
3 |
1 |
2 |
4 |
4 |
3 |
20 Medium-Low |
|
Donations / Cash Collection Box |
2 |
2 |
2 |
2 |
4 |
1 |
4 |
17 Medium-Low |
|
Audio / Music Equipment |
3 |
2 |
2 |
2 |
1 |
1 |
3 |
14 Very Low |
|
Personal Vehicles |
1 |
1 |
3 |
5 |
4 |
3 |
5 |
27 High |
|
Religious relics / items |
3 |
5 |
0 |
3 |
5 |
4 |
3 |
23 Medium |
|
Clergy personal property |
1 |
2 |
1 |
1 |
3 |
2 |
1 |
12 Very Low |
|
Site Facilities (Church, Parish Center, Rectory) |
5 |
5 |
1 |
4 |
5 |
4 |
5 |
29 High |
Security Survey:
In line with prior security surveys (Swayze, 2013), the below checklist / survey was developed and implemented to understand the protective measures in place and assess their effectiveness in protecting the assets noted above. The results of this survey are used in concert with the stand-alone and integrated threat, vulnerability and risk considerations to help in prioritizing use of resources to mitigate identified security concerns. Format was adapted from a critical infrastructure survey template designed by the Utah Department of Public Safety Division of Homeland Security (2006).
Table 3 – Security Survey
|
Facility & Physical Security Survey |
|||
|
Question |
Answer |
Comment |
Action Needed / Enhancement Recommended |
|
CPTED – Is there a defined perimeter, physiological controls to entry? |
NO |
Other than shrubbery, the site has no obvious physical perimeter, and property transitions without any barriers into adjacent property. This allows for nearly unrestricted access to persons moving on food. |
Consider installation of a fence line to encourage enforcement and delineation of property boundaries and limit east of approach from offsite property |
|
CPTED – Vandalism / Facility Upkeep: Is the site free from graffiti, litter and other signs of disrepair? |
YES |
The site is well maintained with not signs up disrepair or allowance of property degradation
|
N/A
|
|
CPTED: Observation & Concealment: Are avenues approach to the site observable from within? |
YES* |
Vehicular and pedestrian traffic approaching the main entry doors of the three structures are easily viewable at a distance from within the level parking lot. Access to the site from northerner and the sides cannot be as easily observed from a distance. |
Consider placement of thorny shrubbery on N&S sides to discourage access to the property from other than actual entrance points |
|
Signage: Is signage posted to dissuade trespassing, or advise on hours of availability for facilities |
NO |
Such signage was unobserved |
Post signage at main entry driveway and at regular intervals to advertise boundaries on when services / assistance should not be expected as available |
|
Facility Access: Are doors secured consistently according to a schedule |
YES |
Main church doors are secured at 10PM nightly. Parish center doors locked when activities not scheduled. Rectory doors secured 24 x 7 |
Consider earlier securing timeframe for church when no activities are ongoing. Install bell or intercom to connect to on-call priest or parish attendant telephonically during hours after dark when doors are secured. |
|
Lighting: Is exterior lighting sufficient |
YES* |
Lighting design is adequate, however, a number of parking lot light poles were out |
Replace bulbs and consider outward facing lights to illuminate wooded boundaries, especially the area adjacent to shopping center parking lot |
|
Emergency Alert: Is there an instant notification / “panic button” capability inside buildings to quickly summon law enforcement? |
NO |
No panic button inside church building, and telephones not easily accessible from most areas other than co-located parish office. Conditions in parish center & rectory unobserved. |
Install alarm-monitoring service connected panic devices, or add additional telephone handsets in entry area and hallways of church building |
|
CCTV: Is this capability present and is it recorded |
NO |
No camera systems are present |
Consider cameras with DVR to at least monitor door entry points and parking lot along with signage announcing the capability. |
Risk Analysis / Prioritization:
Table 3 – Risk Analysis & Prioritization
|
Asset |
MSHARPP Index (Vulnerability) (A) |
General Threat Probability (1-5) (B) |
Loss Event Criticality (1-5) (C) |
Risk Categorization (Quasi –Quantitative) =A x B x C |
Risk Priority |
|
Clergy |
29 High |
2 |
4 |
232 |
2 |
|
Parishioners |
20 Medium-Low |
2 |
3 |
120 |
4 |
|
Donations / Cash Collection Box |
17 Medium-Low |
3 |
1 |
51 |
8 |
|
Audio / Music Equipment |
14 Very Low |
2 |
2 |
56 |
7 |
|
Personal Vehicles |
27 High |
4 |
2 |
216 |
3 |
|
Religious relics / items |
23 Medium |
1 |
3 |
69 |
6 |
|
Clergy personal property |
12 Very Low |
3 |
2 |
72 |
5 |
|
Site Facilities (Church, Parish Center, Rectory) |
29 High |
2 |
5 |
290 |
1 |
References
Harrell, B.M. (2010). Security challenges for houses of worship. Journal of Physical Security 4(2). Retrieved from: http://jps.anl.gov/Volume4_iss2/Paper1-BMHarrell.pdf
Milton, K. (2001). Lucas receives 42 years for Monsignor Wells’ murder. Gazette.net: Maryland community newspapers online. Retrieved from: http://ww2.gazette.net/gazette_archive/2001/200133/montgomery/news/67261-1.html
Montgomery County Police Website (2013). Montgomery county police crime statistics. Retrieved from: http://www6.montgomerycountymd.gov/poltmpl.asp?url=/content/pol/media/crimestats.asp
Mother Seton Parish Website (2013). Retrieved from: http://www.mothersetonparish.org/
Purpura, P.P. (1999). Securing houses of worship: A community services manual for ASIS
chapters. Alexandria, VA; ASIS International Press. Retrieved from: http://www.scnus.org/local_includes/downloads/13619.pdf
Swayze, I.R. (2013). Vulnerability Assessment: George Washington University Hospital L&D Department. Adelphi, MD; University of Maryland – University College.
United States Army (2010). Police Intelligence Operations, ATTP 3-39.20 (FM 3-19.50). Retrieved from: http://armypubs.army.mil/doctrine/DR_pubs/dr_a/pdf/attp3_39x20.pdf
Utah Department of Public Safety Division of Homeland Security (2006). Security Vulnerability Self-Assessment Guide for Critical Infrastructure Protection. Retrieved from: www.des.utah.gov
Vellani, K.H. (2007). Strategic security management. Burlington, MA: Elsevier
�Excellent research and opening to your paper that gets the reader's attention.
�Good roadmap of content to follow.
�Outstanding research and application to the threat environment.
�Excellent explanation of a complex tool.
�Avoid idioms/colloquialisms in formal academic writing.
�Outstanding work.
�Wonderful use of tables to convey a lot of information in a short amount of space.
