Scribd Logo
Upload

Welcome to Scribd!

  • Sesssion1 Exercise-CreatingARepresentativeThreatStatement

    Uploaded by

    Tonyo Lina
    13 views5 pages

    Original Title

    Sesssion1_Exercise-CreatingARepresentativeThreatStatement

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    13 views5 pages

    Sesssion1 Exercise-CreatingARepresentativeThreatStatement

    Uploaded by

    Tonyo Lina

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 5

    February 2022 Philippines Chemical Security Regulatory Development Workshop

    Structured Workshop Activities to Facilitate Threat and Risk Assessment for Chemical Security
    Regulatory Design
    Activity #1: Defining the Process for Threat Assessment in Your Country

    Each participating agency should designate at least one representative to participate in


    completing this exercise, which all participating agencies’ representatives should do together as a
    group. Please answer the questions in the spaces provided to develop a preliminary plan for
    developing a national threat assessment and associated documentation. Be prepared to provide a
    summary of your discussion and responses at the beginning of Session 2 on February 22.

    Which regulatory approach is the Philippines likely to adopt for chemical security –
    prescriptive, performance-based, or a hybrid approach? Why?
    For a prescriptive approach, the State should arrange for the development of a representative
    threat statement (RTS), and for a performance-based approach – a Design Basis Threat (DBT).
    (Note that for a performance-based approach involving DBT, the government may need to notify
    the public or the regulated community and seek comment or obtain prior exemptions or
    limitations on this process.)
    Prescriptive Approach + RTS ☐
    Performance-Based Approach + DBT ☐
    Hybrid Approach ☐
    Explanation or comment:

    If you selected a hybrid approach, please indicate which approach to threat assessment you
    intend to take (government-facing or licensee-facing).

    What is the timeframe for developing the threat assessment?

    1
    Set a timeframe that maintains momentum (months would be better than years) but is realistic
    considering anticipated logistical and administrative challenges.

    What government stakeholders will take part in the development of the national threat
    assessment and RTS or DBT? Consider the need to obtain information on historical, active
    and continuing threats and their potential nexus to extremely hazardous chemicals, and the need
    for information security.

    Competent authorities with information on historical, active, and continuing threats:

    Competent authorities with information on chemical activities and hazards:

    Will you rely on information originating from outside the government? If so, what, and how will
    you obtain it? (Example: Threat-related data reported by licensees.)

    Which competent authority(-ies) will:

    2
    Lead the threat assessment process?

    Own and control the final document?

    Receive, store, and manage the data relied


    upon to generate the document?

    Perform ministerial / secretariat services?

    Participate in analysis?

    Contribute data only (without participating in


    analysis)?

    Be a primary recipient or user of the threat


    assessment document?

    Have access to the threat assessment


    document?

    How will the participating competent authorities coordinate?


    (Or at discretion of lead authority and authority providing secretariat services)
    How often will the participating competent
    authorities meet?

    In what setting (virtual, in person, at what


    level of information protection or security
    protocols)?

    Designate points of contact for each competent authority for exchanging information about
    the threat assessment process:
    Competent Authority Point(s) of contact, with contact information

    What data will each competent authority contribute to the threat assessment process?

    3
    It is recommended that the threat assessment consider:
    - historical threat and incident data (informs judgments on plausible intentions and
    capabilities of adversaries based on spectrum of past observed activity)
    - active and continuing threat data
    - data on locations and activities involving potential chemicals of security concern
    Competent Authority Data to be contributed

    Will any new or additional protocols be necessary in order to exchange all the kinds of data
    noted above? If so, what kinds?
    Consider the compatibility of the following:
    - Requirements for limited access to the data
    - Procedures for granting authorization to access the data
    - Procedures for disseminating the data
    - Whether shared secured networks are available
    - Information protection and management protocols for physical and electronic documents

    How will the threat assessment and RTS/DBT be maintained? How often will they be
    updated? When and how will these updates result in changes to security requirements?

    4
    Saving the Document
    Save your responses as a MS Word document and post to the collaboration platform in the
    designated folder for Activity 1 as “Threat Assessment Process Exercise Results.” Designate a
    spokesperson to present a summary of the results of your discussion on establishing a process for
    conducting a national threat assessment at the beginning of Session 2 (22 February).

    You might also like