You are on page 1of 6

FINAL
11/06/08


Risk
Management:
Assessment
and
Mitigation
(SRA
311)

Tuesday
and
Thursday
mornings,
9:45am
to
11:00am
(75‐minutes
per
session),
in
205
IST
Building


DESCRIPTION:

Risk
Management:
Assessment
and
Mitigation
is
a

junior‐level
undergraduate
course
designed
to
educate
aspiring
risk
 SRA
311
Teaching
Team


professionals
on
the
proper
application
of
risk
analysis
concepts
to
 Instructor

security,
intelligence,
and
other
problems,
and
to
enhance
risk


William
L.
McGill,
PhD,
PE

literacy.

To
this
end,
the
course
covers
the
basic
philosophy
of
risk
 Assistant
Professor
of
IST
(and
SRA)

analysis
to
include
definitions
of
risk
and
the
“six
questions
of
risk
 307B
IST
Building

analysis;”
scenario
construction;
all
aspects
of
consequence,
threat,
 University
Park,
PA
16802

and
vulnerability
analysis;
qualitative,
quantitative,
and
descriptive
 (814)
867‐0270
(office)

wmcgill@ist.psu.edu

risk
assessment
methods;
risk
treatment
strategies
to
include
risk
 


acceptance,
risk
transfer,
risk
avoidance,
and
risk
control
and
 The
instructor
is
generally
available

for
outside
assistance
from
9:45am

management;
risk
communication;
and
risk
perception.

The
course

to
11:15am
on
Mondays
and
from

introduces
these
concepts
through
critical
readings
from
the
risk
 11:00am
to
12:30pm
on

analysis
literature
and
application
of
the
course
material
to
in‐class
 Wednesdays,
or
by
appointment.

case
studies,
methodology
appraisals,
and
student
projects.


Teaching
Assistant


 


OBJECTIVES:

Students
successfully
completing
this
course
can:
 Ms.
Wen
Yao

IST
Graduate
Student
(PhD)


306A
IST
Building

1. Describe
the
role
of
a
risk
analysis
in
the
decision‐making
 wxy119@ist.psu.edu

process
 


The
teaching
assistant
is
available
for

2. Articulate
the
“six
questions
of
risk,”
and
thoroughly
describe
 outside
assistance
from
4:30pm
to

the
terms
and
notions
associated
with
security
risk
analysis
 5:30pm
on
Mondays
and

3. Explain
the
different
types
of
ignorance
and
uncertainty,
and
 Wednesdays
unless
otherwise

provide
examples
of
each
in
a
security
context
 stated,
or
by
appointment


4. Discuss
the
role
of
risk
perception
and
methods
for
risk
 Teaching
Intern

treatment
in
the
risk
management
process
 


Mr.
Ryan
M.
Dewar

5. Discuss
the
14
PRECEPTS
for
ethics
in
security
risk
analysis
 IST
Undergraduate
Student

6. Apply
a
variety
of
structured
analysis
techniques
to
aid
in
the
 rmd5019@psu.edu

identification
of
events
and
outcomes
and
the
assessment
of
 

vulnerability
and
event
likeliness

7. Appraise
alternative
risk
assessment
methods
in
terms
of
their

consistency
with
established
notions
of
risk
and
their
 Prerequisites


compatibility
with
similar
methodologies
 • Probability
&
Statistics
(STAT
200)

• Introduction
to
SRA
(SRA
111)

8. Apply
the
“six
questions
of
risk”
to
design
a
risk
assessment

• Terrorism
and
Crime
(SRA
211)

methodology
that
meets
the
needs
of
a
specific
decision
maker
 • Decision
Analysis
(SRA
231)

with
specific
decision
support
requirements
 • College‐Level
Writing
Ability

9. Evaluate
alternative
security
investment
strategies
in
terms
of
 


Recommended

their
ability
to
reduce
risk,
and
compare
these
strategies
with
 


• Set
Theory
and
Logic
(IST
230)

alternative
risk
treatment
options

• Open‐mindedness

10. Recite
and
Apply
the
Eight
Elements
of
Thought
and
the
 • Extracurricular
experience

Intellectual
Standards
to
critically
evaluate
scholarly
articles
and
 performing
some
risk
analytic

essays
on
the
topic
of
risk
analysis
 function

11. Critically
evaluate
the
main
ideas
and
arguments
discussed
in

several
widely
recognized
books
on
the
topic
of
risk
analysis

SRA
311,
Fall
2008,
FINAL
(11/06/08)
 
 1



ASSIGNMENTS
AND
GRADING:

Course
assignments
consist
critical
readings
of
key
articles
on
risk,

critical
reviews
of
widely
recognized
books
(particularly
by
future
employers)
on
various
topics
of
risk,

two
group
projects
to
develop
and
refine
your
understanding
of
the
principles
of
risk
analysis,
and

completion
of
a
final
exam
covering
the
very
basic
elements
of
risk
analysis
and
critical
thinking.


Critical
Article
Reviews
(25%).
Each
student
is
responsible
for
producing
no
fewer
than
five
(5)

critical
reviews
of
scholarly
articles
on
risk
or
risk
analyses.

This
activity
is
designed
to
expose

students
to
modern
perspectives
on
security
risk
analysis
while
practicing
his
or
her
ability
to

critically
evaluate
each
author’s
argument.

Articles
will
be
due
each
lecture,
but
students
need
only

submit
a
review
on
their
individual
scheduled
due
dates.

If
a
student
completes
all
5
of
their

assigned
articles,
any
additional
articles
submitted
that
score
higher
will
overwrite
lower
scores.


Critical
Book
Reviews
(20%).

Each
student
will
submit
a
critical
review
on
each
of
two
(2)
mass

market
books
on
the
subject
of
risk.

The
books
available
for
review
are
widely
known
to
real

decision
makers
and
may
actually
have
influenced
their
perceptions
and
understanding
of
risk.

The

first
review
will
be
on
a
book
that
all
students
will
read,
and
for
the
second
book
students
will
be

divided
up
evenly
among
the
titles
according
to
the
preferences
for
different
topics.

Reading
groups

will
be
assembled
to
help
with
this
activity.


Methodology
Appraisal
(10%).

Each
student
will
dissect
one
or
two
security
risk
analysis

methodologies
or
studies
in
terms
of
terminology,
approach,
results,
etc.
from
one
methodology

compares
with
the
results
from
others.

Teams
may
be
formed
for
this
effort,
but
the
number
of

methodologies
reviewed
and
requirements
for
appraisal
increases
with
the
size
of
the
team.


Risk
Analysis
Project
(25%).

Each
student
will
participate
in
a
risk
analysis
project,
either
alone
or
as

part
of
a
group,
that
addresses
a
real‐world
security
risk
analysis
problem.

Each
project
relates
to
a

real
question
or
problem
that
serves
the
interests
of
a
real
decision
maker.
Successful
projects
may

be
used
to
inform
real
decision
making,
and
may
provide
the
basis
for
future
opportunities.


Final
Examination
(20%).

Each
student
will
complete
an
in‐class
final
examination
covering
the
bare

essential
topics
of
this
course.

The
final
exam
will
consist
of
two
parts:
the
first
part
is
a
critical

article
review
on
a
relatively
short
risk‐related
article,
and
the
second
part
consists
of
10‐20
multiple

choice
questions
spanning
the
bare
essential
topics
of
this
course.




IMPORTANT
NOTE:

The
SRA
major
requires
that
all
SRA
students
achieve
a
grade
of
C
or

better
in
this
course
to
graduate
(≥70%).


SRA
311,
Fall
2008,
FINAL
(11/06/08)
 
 2




READING
MATERIALS:
Most,
if
not
all,
of
the
day‐to‐day
course
materials
will
be
in
the
form
of

technical
articles
on
general
and
security
risk
analysis
topics.

Links
to
course
materials
as
PDF
files
will

be
made
available
online
via
the
course
website.

Two
categories
of
printed
books
are
integral
to
this

course:
three
(3)
required
books
and
five
(5)
optional
books
[as
described
below].




Required
Books.

The
following
titles
are
all
required
for
this
course.

BUY
THESE
RIGHT
AWAY.


• The
Miniature
Guide
to
Critical
Thinking:
Concepts
and
Tools,
by
Elder
and
Paul
(ISBN:

0944583105)
[an
excerpt
is
available
at:
http://www.criticalthinking.org/files/Concepts_Tools.pdf]

• The
Miniature
Guide
to
the
Art
of
Asking
Essential
Questions,
by
Elder
and
Paul
(ISBN:

0944583164)
[an
excerpt
is
available
at:
http://www.criticalthinking.org/files/SAM‐Questions2005.pdf]

• Against
the
Gods:
The
Remarkable
Story
of
Risk,
by
Bernstein
(ISBN:
0471295639)


Pseudo‐Optional
Books.
Students
are
responsible
for
reading
one
of
the
following
titles.

DO
NOT

BUY
ANY
OF
THESE
UNTIL
YOU
KNOW
WHICH
BOOK
YOU
ARE
ACCOUNTABLE
FOR.


• The
Black
Swan:
The
Impact
of
the
Highly
Improbable,
by
Taleb
(ISBN:
9781400063512)

• Why
Can’t
You
Just
Give
Me
the
Number:
An
Executive’s
Guide
to
Using
Probabilistic
Thinking
to

Manage
Risk
and
to
Make
Better
Decisions
(ISBN:
0964793857)

• Mad
Cows
and
Mother’s
Milk:
The
Perils
of
Poor
Risk
Communication,
by
Leiss
and
Powell
(ISBN:

0773528172)

• Risk
Balance
&
Security,
by
Gibbs
van
Brunschot
and
Kennedy
(ISBN:
9781412940702)

• The
Next
Catastrophe:
Reducing
Our
Vulnerabilities
to
Natural,
Industrial,
and
Terrorist

Disasters,
by
Perrow
(ISBN:
9780691129976)


SRA
311,
Fall
2008,
FINAL
(11/06/08)
 
 3



TOPIC
AGENDA
AND
DELIVERABLE
SCHEDULE:

The
following
is
a
tentative
schedule
of
topics
and

assignment
due
dates
for
the
Fall
2008
semester.

As
a
new
class,
the
instructor
may
adjust
course

content
and
timelines
as
needed
to
accommodate
both
student
progress
and
the
needs
of
the
subject.



NOTE:
topics
shaded
in
blue
will
be
covered
on
the
final
exam.


Part
One
(Fundamentals)
 
 Part
Two
(Risk
Assessment)

Date
 Planned
Topic
 Deliverable
 
 Date
 Planned
Topic
 Deliverable

TUE
 1.
Course
introduction
 Student
 TUE

8/26
 Critical
Thinking
Review
 Survey


 9/30
 11.
Uncertainty
and
Ignorance
 CAR
07

THUR
 THUR

8/28
 2.
Words
and
Notions
of
Risk
 CAR
00
 
 10/2
 12.
Analytic
Methods
I
 CAR
08

TUE
 3.
Risk
Analysis
and
Decision
 TUE 

9/2
 Advantage

CAR
01
 
 10/7
 13.
Analytic
Methods
II
 CAR
09

THUR
 THUR

9/4
 4.
The
Six
Questions
of
Risk
 CAR
02
 
 10/9
 14.
Analytic
Methods
III
 CAR
10

TUE
 5.
Initiating
Events,
Hazards,
 TUE

9/9
 and
Threats

CAR
03
 
 10/14
 15.
Analytic
Methods
IV
 CAR
11

THUR
 6.
Outcomes,
Severity,
and
 THUR

9/11
 Valuation
 CAR
04
 
 10/16
 16.
Analytic
Methods
V
 CAR
12

TUE
 TUE


9/16
 7.
Vulnerability
Analysis
I
 CAR
05
 
 10/21
 17.
Mechanics
of
Risk
I
 CAR
13

THUR
 THUR

9/18
 8.
Vulnerability
Analysis
II
 CAR
06
 
 10/23
 18.
Mechanics
of
Risk
II

 CAR
14

TUE
 TUE


9/23
 9.
Threat
Analysis
 *
*
 
 10/28
 19.
Source
Analysis
 *
*

THUR
 THUR
 Methodology

9/25
 10.
Risk
Case
Study
 Book
Rev
1
 
 10/30
 20.
Analytic
Confidence
 Appraisal


Part
Three
(Risk
Management)

Date
 Planned
Topic
 Deliverable

TUE

21.
Risk
Communication
 CAR
15

11/4

THUR

22.
Risk
Treatment
 CAR
16

11/6

TUE

11/11
 23.
Risk
Perception
 CAR
17

THUR

11/13
 24.
Countermeasures
 CAR
18

TUE

11/18
 25.
In‐Class
Exercise
 CAR
19

THUR

11/20
 26.
Warning
Systems
 CAR
20

TUE‐THUR

11/25
 THANKSGIVING

11/27

TUE
 27.
Measuring
Effectiveness

Book
Rev
2

12/2
 and
Auditing

THUR
 28.
Ethical
Issues
in
Risk

*
*

12/4
 Analysis

TUE
 29.
Risk
Management

*
*

12/9
 Standards

THUR
 30.
Course
Recap/Risk
Analysis
 Risk
Analysis

12/11
 in
Practice
 Project

TUE

FINAL
EXAM
–
DATE
TBD

12/??


SRA
311,
Fall
2008,
FINAL
(11/06/08)
 
 4



POLICIES
AND
PROCEDURES:

This
section
describes
how
the
course
will
run,
to
include
the
format
of

lectures,
attendance,
late
policy,
etc.

Pay
very
close
attention
to
this
information
as
it
shapes
how
you

will
experience
and
function
in
this
course.


Lecture
Format.

Lectures
will
take
the
form
of
class
discussions
of
daily
readings,
walk‐throughs
of
risk

studies,
group
exercises
and
case
studies,
use
of
tools
and
technologies
for
risk
analysis,
in‐class

experiments,
and
other
miscellaneous
classroom
activities.

The
nature
of
the
specific
topics
discussed

on
a
given
day
will
drive
the
format
for
the
lecture.

Each
lecture
is
1
hour
and
15
minutes
long.

In
those

circumstances
where
the
instructor
must
miss
class,
a
pre‐recorded
video
(or
perhaps
live
stream)
of
the

missed
lecture
will
be
made
available
instead.


Course
Website.

All
content
for
this
course
will
be
available
on
the
ANGEL
site,
including
instructions
on

obtaining
reading
materials,
assignment
due
dates,
etc.


Course
Communication.
All
course
communications
between
students
and
instructor
must
be
done

electronically
through
the
ANGEL
system.

This
policy
is
for
two
reasons:
(1)
to
protect
you
against
me

overlooking
your
message
among
the
flood
of
emails
I
receive
on
a
daily
basis,
and
(2)
to
keep
a

permanent
record
of
course
on‐goings.

All
course‐related
email
sent
outside
the
ANGEL
system
will
be

ignored.


Submitting
Assignments.
This
course
is
a
paperless
course.

Gradable
versions
of
all
assignments
must

be
uploaded
to
the
appropriate
digital
drop
box
on
ANGEL,
within
the
48
clock‐hours
preceding
the
start

of
class
on
the
assignment
due
date.

All
assignments
must
be
submitted
as
PDF
files
with
the
following

naming
convention
(all
CAPS,
date
digits
separated
by
hyphens):


PSUID_ASSIGNMENT_MM-DD-YY.pdf

For
example,
the
William
McGill
submitting
reading
assignment
“CAR
08”
on
22
Sep
2008
(due
on

9/23/08)
would
title
their
PDF
file
as
“WLM142_CAR08_09‐22‐08.pdf.”

Not
following
this
standard
may

reduce
the
assignment
grade
in
a
small
but
annoying
way
in
proportion
to
the
degree
and
repetitiveness

of
the
offense.

Graded
assignments
will
be
returned
with
the
same
filename
appended
by
“_GRADED”

prior
to
the
file
extension.




Late
Assignments.

No
late
assignments
are
accepted.
If
you
anticipate
being
late
with
an
assignment,

arrange
with
the
instructor
or
teaching
assistant
to
submit
the
assignment
early.


Class
Attendance.

All
students
are
advised
to
attend
all
lectures.

Beginning
with
Part
II
of
the
course,

formal
attendance
will
be
taken
via
a
variety
of
creative
means.

Failure
to
attend
class
may
result
in
up

to
a
5%
reduction
in
the
final
course
grade.


Students
with
Disabilities.

It
is
Penn
State’s
policy
to
not
discriminate
against
qualified
students
with

documented
disabilities.

If
after
reviewing
this
syllabus
you
find
the
need
to
modify
any
aspect
of
the

course
to
accommodate
your
documented
disability,
please
meet
with
the
instructor
to
discuss
your

concerns
and
to
make
arrangements
for
any
accommodations.

You
will
be
asked
to
present

documentation
from
the
Office
of
Disability
Services
(located
in
105
Boucke
Building)
that
describes
the

nature
of
your
disability
and
the
recommended
remedy.

You
may
refer
to
the
Nondiscrimination
Policy

in
the
Student
Guide
to
University
Policies
and
Rules.


SRA
311,
Fall
2008,
FINAL
(11/06/08)
 
 5



Teaching
Assistant
Duties.

This
course
has
one
teaching
whose
commitment
to
the
course
will
not

exceed
20‐hours
per
week
on
average.

The
teaching
assistant
has
the
following
responsibilities:


• Provides
outside
support
to
students
during
scheduled
office
hours
and
possibly
at
other
times
by

appointment
if
available
and
willing

• Attends
all
lectures
and
monitors
inappropriate
use
of
technology
during
class

• Grades
all
critical
article
reviews
and
contributes
toward
grading
of
critical
book
reviews
(note
that
the

instructor
will
be
grading
all
projects)

• Maintains
a
record
of
student
grades
and
provides
timely
responses
to
reasonable
student
requests
for
class

performance

• Reports
to
the
instructor
all
issues
pertaining
to
relevant
personal
and
academic
problems
of
students
and

groups

• Other
duties
as
deemed
appropriate
by
the
instructor

• Teaching
assistants
do
not
assign
final
grades


Teaching
Intern
Duties.

This
course
has
one
teaching
intern
with
a
commitment
to
the
course
that
will

not
exceed
4
hours
per
week
on
average.

The
teaching
intern
has
the
following
duties:


• Provides
in‐class
support
for
group
activities
and
exercises
and
out‐of‐class
group
tutorials
as
needed

• Subjectively
measures
the
student
sentiment
and
provides
feedback
to
the
instructor
on
how
to
improve

delivery
of
course
subjects

• As
needed
and
as
time
permits,
provides
outside
assistance
to
students
in
the
form
of
math
tutorials,

brainstorming,
devils
advocacy,
and
mentorship.

• Teaching
interns
do
not
grade
any
assignments,
take
attendance,
or
discipline
students


Course
Comedy.

Comedy
is
not
appreciated
in
any
graded
aspect
of
the
course
(non‐graded
is
ok).

The

penalty
for
unprofessionalism
can
be
up
to
a
100%
reduction
in
a
grade
depending
on
the
nature
of
the

offense.


Sleeping
in
Class.

If
a
student
falls
asleep
in
class,
he
or
she
will
be
woken
up.


Academic
Integrity.

According
to
the
University
Handbook:


Academic
integrity
is
the
pursuit
of
scholarly
activity
free
from
fraud
and
deception,
and
is
the
educational
objective

of
this
institution.

Academic
dishonesty
includes,
but
is
not
limited
to,
cheating,
plagiarism,
fabrication
of
information

or
citations,
facilitating
acts
of
academic
dishonesty
by
others,
unauthorized
possession
of
examinations,
submitting

work
of
another
person,
or
work
previously
used
without
informing
the
instructor,
or
tampering
with
the
academic

work
of
other
students.

Any
violation
of
academic
integrity
will
be
thoroughly
investigated,
and
when
warranted,

punitive
action
will
be
taken.


Any
student
for
which
there
is
reasonable
and
convincing
evidence
that
suggests
he
or
she
is
or
has

been
academically
dishonest
will
be
aggressively
prosecuted.


SRA
311,
Fall
2008,
FINAL
(11/06/08)
 
 6