The Research Project for GBTT 460 – Principles of Global Supply Chain Security

The research project for GBTT 460 is to do a case study of a security system that has been put in place to protect critical elements of an extended supply chain and then evaluate that system using principles that you have learned in the class and lessons derived from class discussions and research.

The research project will be done in two steps.

Step One is due Tuesday, October 10th
Step Two is due Tuesday, December 5th

Step One: To give you some foundation on which to evaluate the case study, research vulnerability assessment methodology and then conduct a brief vulnerability assessment of SUNY Maritime College; in the process answer the following questions:

• What unacceptable danger(s) are the campus vulnerable to that in your opinion require security precautions?
• What are the specific, major vulnerabilities relative to your answer to the preceding question?
• What specific check list would you use to assess the general vulnerabilities that you identified?
• What are the shortcomings of your check list?

To do a vulnerability assessment is to audit the strengths and weaknesses of whatever it is that you are trying to protect from unacceptable danger.  Different methods of performing vulnerability assessments exist, but in general, those methodologies usually will encompass the following elements:

• Identification of potential targets and an objective listing of the likely consequences of serious harm coming to those targets (i.e. what is it that needs to be protected and why)
• Identification of critical assets, including human skills and knowledge, available to support security
• Identification of serious weaknesses including shortcomings in critical assets and inherent vulnerabilities of potential targets
• Identification of a range of potential threats that can happen
• Adoption of a basis for prioritizing potential threats (e.g., in the past, the probablility of a potential threat materializing into something actually having to be faced, is a way of determining priority for risk management) and prioritize the threats that you identified
• Identification of possible countermeasures to the prioritized range of potential threats and estimate the costs of employing the countermeasures

Here is a preliminary list of resources to consult in preparing your vulnerability assessment of SUNY Maritime College.

• Interview key personnel on the staff at SUNY Maritime College, including people who participated in Exercise Trojan Horse during the summer, e.g., Captain Joe Ahlstrom, BGEN Bob Wolf,  John Cochran, and others
• Review the information at http://freight.transportation.org/doc/NCHRP_B.pdf
• Review the information at http://www.epa.gov/ne/assistance/univ/pdfs/bmps/UnivWash-VulnerabilityAssessment.pdf
• Review the paper “Use of Decision Analysis in Security Risk Analysis” by Farrokh Alemi and Jenny Sinkule at http://gunston.gmu.edu/730/DecisionAnalysisBook/RiskAnalysis.doc  (this paper is a counterpoint to the contention I expressed in class that the probability of something happening is less important than whether it can happen at all because if it can happen at some point it will happen).

Remember, a vulnerability assessment is not a security plan, rather it is a prelude to one.

Step Two: You will identify a security system that has been put in place to protect critical elements of an extended supply chain, e.g. perhaps at a government agency, or a company, involving screening techniques for hiring employees, access control mechanisms, biometrics, etc.  Because of the nature of security plans as being sensitive and confidential I expect that in most cases you will not be able to dig up specifics that, if publicly revealed, would defeat the purpose of security.  But I do expect you to be able, through primary and secondary research, to uncover publicly available information, and to gather appropriate opinions and insight for use in constructing your own evaluations.

You must organize your report, in a minimum of ten pages, double-spaced (not counting footnotes and bibliography), according to the following format:

The Problem

Describe the central issue, e.g. a security system was put in place to protect what specific potential targets why?  Use your own words to concisely state the central issue and significance of the case.

The History

Describe chronologically and in brief substance the context of the case and the major
contributing factors to the problem.  Who, what, why, why, and how?

Alternatives

Suggest alternative solutions for the problem other than the one(s) that occurred.  What were the other possible actions that were not taken which had potential of changing the outcome described in the case?  Were any of these alternatives considered but not acted upon?

Specific Concepts

Tie the case into theoretical concepts and principles currently under review in the course
readings or discussions.  What practical answers, if any, does the case provide for
theoretical issues?

Solution

What were the outcomes of the case?  What can be learned from it?  Is the case
one that provides generally applicable lessons, or is it unique?

Use an accepted style for both sections of the project (e.g., Chicago, APA, or MLA) and reference your sources (e.g. using footnotes).  Also provide a bibliography for each section.

Grading: Content is worth 80% of your research project grade; grammar, spelling, elegance of language, style and all technical issues are worth 20%.

Step One is worth 50% of the project grade, step two another 50%.