CBRN Security Governance
To ensure that all disciplines and organizations concerned with CBRN risk mitigation act as an integrated unit, UNICRI recommends a CBRN national team to be established. UNICRI has developed CBRN Security Governance indicators and associated metrics for the team that can show national leaders the state of CBRN Governance and whether it is operating effectively. The metrics may, however, also reflect certain variations, as each country has a unique legal and political structure with unique CBRN organizations and unique security challenges.
CBRN security governance addresses seven areas:
1. Inter-Agency coordination
2. Operations communication
3. Collaboration with non-governmental stakeholders
4. Regional and international cooperation
5. Planning
6. Standards
Governance Area |
Indicators Metrics |
Inter-agency Coordination |
- CBRN focal point and national CBRN team are in place
oA national CBRN team exists and its membership and responsibilities are defined
oA focal point is named and the team includes members of all CBRN-related government agencies with joint activities and deliverables
- Responsibilities are documented in a precise and clear terms
oA national CBRN Strategy defines how security objectives will be met
oEach agency’s unique responsibilities are defined and shown in an organization chart and accountabilities are specifically stated
oProvincial and local government interests and their capabilities are included in national plans
- All CBRN-related groups are connected and work together according to their responsibilities
oAll Inter-agency collaboration agreements are in written form
oWorking groups, forums, inter-agency conferences and other joint activities take place regularly
oA mechanism for resolving disagreements is defined, for example in case of overlaps or resource shortages
oNational assessments and plans are the product of joint, integrated working groups
oAgencies make resources available for joint activities
oThere is no evidence that time or resources are wasted through absence of inter-agency coordination
|
Operations Communication
|
- Communications structure is enabled
oA directory of inter-agency contact points is in place and up to date
oSecure communications, such as telephone, email and instant messaging are in place
oCBRN national team implements a system of regular meetings and working groups that ensures agencies share relevant information and work jointly on integrated national plans and responses
oIntelligence and threat/risk information is shared
|
Collaboration with Non-Governmental Stakeholders, including Civil Society
|
- National Team and agencies interact with a broad set of non-governmental entities, including civil society/NGOs, universities, the private business sector and other organizations
oA detailed plan is in place for communicating risk and emergency information to civil society
oCollaborative mechanisms exist related to: Industry, Academia, Civil society/NGOs, Media
oA community of non-governmental CBRN interested parties, including marginalized groups, is established and results in the National CBRN team receiving information not available through other sources and a higher degree of mutual trust
- Policies are implemented transparently
oCBRN policy instruments are publically available
|
Regional and International cooperation |
- National Team and agencies cooperate with other countries and agencies, especially within the region
oA directory of regional and international contact points is in place
oDiscussions are held with relevant countries, especially within the same region, where common interest exists
oWritten agreements are in place with relevant countries, especially within the same region, regarding border security, incident response and other relevant matters
oPlatforms for information sharing with other countries in the region and with regional and international agencies are in place
oCollaboration during incidents takes place with other countries and agencies, especially within the region
oNational legislation meets regional and international requirements
|
Planning |
- A National CBRN Risk Assessment is conducted at least annually
oAn annual assessment is jointly conducted by all relevant agencies
oThe assessment covers natural, accidental and intentional/criminal causes
oA CBRN Incident Prevention Plan is developed in response to the assessment
oA mechanism exists for early updates in case of changed risks/threats
- Emergency Response plans are in place
oEmergency incident response and contingency plans are jointly developed by all relevant agencies
oPlans include a clear chain of command during C, B and RN response activities
oScenario walk-throughs or full tests have been performed for potential incidents on an established frequency
- A National CBRN Action Plan is in place, including governance aspects
oA comprehensive CBRN Action Plan, jointly developed by all relevant agencies, is in place and undergoes an annual senior level review
oThe plan outlines clear benchmarks to be met within a set timeframe and resources are allocated to associated activities
oThe plan includes measures to create a public security-minded culture and its supporting disciplines
- Regional and international planning requests are supported
oWhen regional or international operations require it, the national CBRN team supports their planning activities
|
National, Regional and International
Standardization |
- Leadership is provided for standardization
oA list of areas requiring development or conformance to national, regional and international standards is in place
oAn implementation plan with timetable and responsibilities is in place
- Common terminology is used, consistent with regional and international standards
oEach relevant CBRN term is reviewed and defined in a national glossary, consistent with regional and international standards
oAll relevant parties use the terms as defined
- Common data definitions are used, consistent with regional and international standards
oData elements are defined in a manner consistent with regional and international standards and collected in a consistent manner across agencies
oA national database structure in place and used to share critical data
- Critical processes are documented, managed and in line with regional and international standards
oProcesses critical to population security are listed and identify incident prevention and emergency response activities In operational and emergency processes, chain of command is clearly recorded and communicated
oProcesses are documented, followed, measured, continuously improved and reviewed
oProjects follow a standard methodology that breaks the work into stages, identifies specific objectives, metrics and control points
oEquipment is inter-operable
oEquipment is inter-operable among national agencies and conforms to national, regional and international standards
oSpecifications for procurement of equipment are reviewed by an inter-agency team
oAreas where existing equipment is not inter-operable are identified and a plan is in place to correct when practical
- Incident data is recorded in a single database and shared
oAll incidents are recorded in a single CBRN incident database so that possible patterns may be easily recognized
- An inter-agency human resource standard process is in place
oRecruitment process adheres to an agreed inter-agency security standard
oA standard level of personnel training and qualifications are in place for all relevant national agencies
oStaffing levels are sufficient to meet national CBRN objectives
|
Results are achieved by defining and documenting the optimal practice in each operational area and then ensuring that ongoing operations follow those practices. Effective governance can be assured by measuring operations, continuous adaptation to changing CBRN threats and objective review.