Threat and Risk Assessment of University Events
The University organises and hosts a considerable number of events routinely. This paper seeks to document a process for identifying events at risk of disruption, requiring additional measures of security and seeks to mitigate the threats and risks identified in a transparent process.
Threat and Risk Identification
Risk assessment is the process of estimating the potential effects or harm of a hazard to determine its risk rating.
By identifying the level of risk we can, working with partners, prioritise risks to ensure systematic and informed mitigation of the risks posed.
In order to control risk we will consider;
- The impact (what will happen/the extent of harm)
- The likelihood (the chances or possibility of something occurring)
We will seek to identify the risk within the University context we will evaluate the following:
- The venue (where is the event taking place, what are the issues surrounding the actual space the event will take place in?)
- The attendees (who is attending and does their presence add to the risk associated with the event)
- The timing of the event (when is the event taking place and does it coincide/follow/precede an associated event which could impact upon the University)
- The event subject (what is the event about?)
- The interest on campus or externally to the University (what interest is there in the event from students/staff/others that could contribute to the risk)
- The level of known interest in the event ( Is there any information to suggest the potential numbers of interested parties considering attending the event or its environs)
- The level of additional information held by other persons (do others have information which could inform accurate risk assessment e.g. event organiser)
- Media Interest ( before, during or after the event where it is known)
- The consequences of the event for the University (Will the event have an impact upon the University, staff students or others associated with the University)
Once the level of threat has been evaluated then consideration will be given to eliminate or reduce the risk.
There are four levels of risk control;
- Elimination of Risk (Removing the threat or risk entirely)
- Substitution of Risk ( Removing the threat and replacing it with a less hazardous option)
- Engineering of the Risk ( by isolating, enclosing or containing the risk through deliberate measures)
- Administration of the Risk ( by ensuring that safe processes and efficient monitoring of the Risk is in place)
Severity of Risk
The severity of Risk will be graded based upon the most predictable consequence if the event was to occur.
The grading will be as follows:
|Severity of consequences|
Likelihood of Occurrence
The Likelihood of the occurrence actually happening should be based upon a realistic assessment informed by the information gathering above.
The options will be graded as follows:
- Unlikely - Less than 10% chance of occurring
- Possible - Greater than 10% chance of occurring
- Likely - Greater than 60% chance of occurring
- Almost Certain – Greater than 90% chance of occurring
The use of the Risk Matrix
The information initially gathered will then be superimposed upon the Risk Matrix to establish the perceived level of Risk.
The risk matrix is attached.
Where the levels of risk are established the assessor will then devise a mitigation strategy to reduce, where possible the factors contributing to the risk.
Any Substantial or Unacceptable risk will be notified to the Secretary of Court or their Deputy along with accompanying rationale ahead of the event.
Negligible or acceptable risk will not normally be notified however the option to flag events will remain with the assessor. Issues such as University reputation will normally feature in such cases.
The final outcome will be that the risk is that each event will carry the following assessed Risk:
This information will be conveyed to the event organiser along with any additional relevant supporting information when required.