Threat Identification and Assessment

In order to identify and assess threats and implement risk-management strategies to counteract them, it is necessary to have a clear picture of prospective adversaries. Carl A. Roper's focus is on U.S. government assets and the security responses that are appropriate to protecting them, but the implication is that similar methods of identification, assessment, and mitigation can be extrapolated to the benefit of organizations of all sizes and levels of complexity.

Roper begins by explaining that identification and assessment of threats may pose a challenge. That is because of the potential adversary's nature. Risk managers are obliged to speculate the capabilities and intentions of adversaries based on partial information. That being so, it is important to identify categories of threat. Roper says there are eight kinds: foreign intelligence, terrorist, inside-job, outside criminal, environmental, foreign military, political, and "other" threat categories. Not all kinds of adversaries will be relevant to all kinds of organizations; however, it is important to recognize the ones that do relate to the organization--or to a specific subset of the organization, such as a particular project or facility or person.

Within these categories, further general distinctions can be made about motivations and intentions. For example, a terrorist may well be motivated by a "cause," but terrorists may also be motivated by the attractions o

. . .
the alarms with a view toward desensitizing the police to the alarm alerts. The point being made is that detailed data must be reviewed from a variety of perspectives to see whether an adversary has the intent, capability, and history to carry out an attack. As he does elsewhere in the text, Roper advises using a series of forms to assess--and document--intent, capability, and history of a threat. The forms create an institutional memory of an adversary's actual, perceived, and prospective menace to an organization's assets of all kinds. If an adversary can be characterized as having all three, then the threat level is critical, and response protocols should be put into place. The threat level may be adjusted to high, medium, or low, depending on whether and to what extent an adversary demonstrates intent, capability, and history issues relative to an organization's assets. In the case of a critical or high threat level, "BOTH intent and capability on the part of the adversary must be present" (p. 54; emphasis in original). Equally, however, the threat level has to be measured against the vulnerability of a given asset to an attack. Roper closes this chapter by relating it back to the issue of critical assets (people, activitie
. . .

Some common words found in the essay are:
Carl Roper's, Center NACIC, Threat Assessments, FBI CIA, INTs INT, Equally Roper, SIGINT Signals, SIGINT Specific, HUMINT SIGINT, MASINT Measurement, threat level, capability history, risk assessment, identification assessment, intent capability, sensitivities--what impact asset's, reporting analysis, asset adversary, threat categories, kinds sources intelligence, deal government, threat analyst, deal government threat, collection reporting analysis, government threat analyst,
Approximate Word count = 1779
Approximate Pages = 7 (250 words per page)

More Essays on Threat Identification and Assessment