Professional Documents
Culture Documents
Structured Workshop Activities to Facilitate Threat and Risk Assessment for Chemical Security
Regulatory Design
Activity #1: Defining the Process for Threat Assessment in Your Country
Which regulatory approach is the Philippines likely to adopt for chemical security –
prescriptive, performance-based, or a hybrid approach? Why?
For a prescriptive approach, the State should arrange for the development of a representative
threat statement (RTS), and for a performance-based approach – a Design Basis Threat (DBT).
(Note that for a performance-based approach involving DBT, the government may need to notify
the public or the regulated community and seek comment or obtain prior exemptions or
limitations on this process.)
Prescriptive Approach + RTS ☐
Performance-Based Approach + DBT ☐
Hybrid Approach ☐
Explanation or comment:
If you selected a hybrid approach, please indicate which approach to threat assessment you
intend to take (government-facing or licensee-facing).
1
Set a timeframe that maintains momentum (months would be better than years) but is realistic
considering anticipated logistical and administrative challenges.
What government stakeholders will take part in the development of the national threat
assessment and RTS or DBT? Consider the need to obtain information on historical, active
and continuing threats and their potential nexus to extremely hazardous chemicals, and the need
for information security.
Will you rely on information originating from outside the government? If so, what, and how will
you obtain it? (Example: Threat-related data reported by licensees.)
2
Lead the threat assessment process?
Participate in analysis?
Designate points of contact for each competent authority for exchanging information about
the threat assessment process:
Competent Authority Point(s) of contact, with contact information
What data will each competent authority contribute to the threat assessment process?
3
It is recommended that the threat assessment consider:
- historical threat and incident data (informs judgments on plausible intentions and
capabilities of adversaries based on spectrum of past observed activity)
- active and continuing threat data
- data on locations and activities involving potential chemicals of security concern
Competent Authority Data to be contributed
Will any new or additional protocols be necessary in order to exchange all the kinds of data
noted above? If so, what kinds?
Consider the compatibility of the following:
- Requirements for limited access to the data
- Procedures for granting authorization to access the data
- Procedures for disseminating the data
- Whether shared secured networks are available
- Information protection and management protocols for physical and electronic documents
How will the threat assessment and RTS/DBT be maintained? How often will they be
updated? When and how will these updates result in changes to security requirements?
4
Saving the Document
Save your responses as a MS Word document and post to the collaboration platform in the
designated folder for Activity 1 as “Threat Assessment Process Exercise Results.” Designate a
spokesperson to present a summary of the results of your discussion on establishing a process for
conducting a national threat assessment at the beginning of Session 2 (22 February).