Open Chance and Risk Management Process Supported by a Software Tool for Improving Urban Security

By now the 5-step risk and chance management process according to the generic ISO 31000 standard has been applied to a wide range of domains including organizational risk management, business continuity, safety and IT security management, as well as occupational safety. The paper motivates the context and need for an open, scalable and flexible urban (perceived) security and safety assessment and improvement process, showing that it should be applicable also at local community level. The basic ideas of the process include the division of risk and chance analysis and management (treatment) into defined phases which are addressed iteratively: (1) within a framing context, stakeholders and their objectives are identified; (2) chance events for reaching objectives or, as often more straightforward, risk events opposing objectives are identified; (3) these chances and risks on objectives are quantified in terms of probability and consequences on the identified objectives; (4) they are assessed regarding their context-sensitive societal acceptability; (5) improvement measures are selected and implemented. The process is iterated until all risks on objectives are sufficiently controlled, also the combination of risks. Concerning the methodology, a semi-formal modelling of the static and dynamic requirements of a tailored process based on ISO 31000 is provided, which in addition allows the formulation of minimum consistency and completeness requirements, e.g. for each objective at least one stakeholder and risk should be identified. For the urban domain, a classification of risk assessment techniques regarding their suitability for supporting the process is presented. A further focus is the efficient provision of best practice options for urban security enhancement. Based on the insights gained by the systematic modelling of the risk management process, a software tool was developed to facilitate the application of the process in participatory settings like round table discussions with stakeholders. The paper presents as use case the application of the tool-supported methodology in several discussion rounds within a residential district in a medium sized university town in Germany along with the discussion of the evaluations and findings. Thus, the applicability of the software-supported urban security risk management to the novel urban security domain is demonstrated. In summary, the approach is sufficiently transparent and flexible for fast summaries of round table discussions up to complex iterative decision and participatory scenarios, which have to consider multiple stakeholders and a large variety of possible urban security and safety enhancement options with a given urban context.