Printer Friendly

Developing a vulnerability-assessment process for corrections.

There are two central principles of sound correctional management. First, administrators must have security and control or nothing else is going to matter. Second, they must ensure the custody and safekeeping of persons committed to institutional confinement and provide a humane and safe environment for staff and inmates.

During the past decade, the rapid deployment of a vast array of technologies throughout corrections has had to create a safer and more humane environment in institutions. In particular, federal, state and local correctional agencies increasingly are using technology to complement their existing security operations. These new technologies also have greatly complicated how correctional institutions and agencies operate.

One of the essential elements necessary to ensure security and control is an effective method of assessing vulnerability. Although many well-run correctional agencies have sound vulnerability-assessment programs, the process has become much more complex due to the influx of new security technologies.


The National Institute of Justice Office of Science and Technology has recognized this problem and initiated a project with Sandia National Laboratories (SNL) and the American Correctional Association to develop a methodology for assessing vulnerability that combines physical-security assessment with the protocols necessary for assessing security technology. Both SNL and ACA bring exceptional expertise to the development of a comprehensive vulnerability-assessment methodology.

For more than 30 years, SNL has performed vulnerability assessments of many high-consequence systems, including nuclear-weapon security systems, conventional-weapon security systems, telecommunication systems, access-control systems and computer-security systems. SNL's expertise in computer software, microelectronics, communications, networks, sensors, physical protection, materials science and advanced manufacturing allow it to perform vulnerability assessments on large, complex systems.

ACA administers the only national accreditation program for all components of adult and juvenile corrections in the United States. It evaluates prison and jail security operations against national standards and provides information to remedy deficiencies and upgrade the quality of correctional security. ACA evaluators are highly experienced in prison management of the vulnerability-assessment process.

Vulnerability Assessment

In a vulnerability assessment, the effectiveness of the overall security system at a particular facility is systematically analyzed. The vulnerability assessment first determines the objectives of the facility's physical-protection system. Next, it identifies the physical-protection elements in place (or proposed) to prevent or mitigate security concerns. Finally, it analyzes the system design against the objectives in a systematic, quantitative manner in order to determine if the physical-protection system is effective and acceptable for that facility.

Using a security-vulnerability assessment methodology, SNL developed a comprehensive process for corrections that has been successfully used by the Pennsylvania Department of Corrections. The primary purpose of this vulnerability-assessment process is to measure a facility's security posture. The scope of the effort includes characterizing the facility and its operation, defining the threat, identifying security targets, determining security-system objectives, identifying existing physical-protection system elements and analyzing the effectiveness of the security system, including identifying any deficiencies. The results will help determine the need for equipment upgrades or changes in policies and procedures.

The collaborative effort between SNL and ACA consists of three phases. During Phase 1, SNL and ACA auditors performed two vulnerability assessments of correctional facilities. The purpose was to review the SNL methodology and identify the modifications necessary to make the process more relevant to correctional institutions, readily understood by corrections personnel (e.g., use common correctional terminology where applicable) and usable by correctional employees by improving technical explanations that were confusing. Areas identified by ACA auditors as requiring development of additional protocols were physical plant security, perimeter security, staffing, emergency preparedness, keylock armory controls and inmate accountability. Phase 1 was completed last year.

During Phase 2, which is currently under way, modifications will be made to the vulnerability-assessment methodology, incorporating the more traditional methods of security auditing. This will include explanations of how the vulnerability assessment ties to and complements existing security-auditing methods. Field-tests of the methodology will then be conducted at three or more correctional facilities and protocols will be further modified based on the assessment results. In addition, checklists for periodic equipment performance-testing are under development and will be part of the vulnerability-assessment process.

During Phase 3, training materials will be developed for a train-the-trainer class that will be held at the SNL facility in Albuquerque, N.M. After the first session, all the attendees will apply the vulnerability-assessment methodology to assess their correctional institution. The results will be provided to SNL and be used to modify the training materials. Ultimately, the goal is to produce a set of training materials and vulnerability-assessment protocols in electronic format that will enable a correctional agency to conduct its own vulnerability assessment with minimum training.


The vulnerability-assessment methodology developed by SNL has proved to be an excellent framework on which to develop a comprehensive vulnerability-assessment process for use in corrections. The collaboration between SNL and ACA will result in a robust process that will greatly increase the capability of a correctional agency to ensure security and control by providing access to an effective method of assessing vulnerability.


Nicholson, Nick, 2000. Guideline for preparing a vulnerability analysis for correctional facilities. Available at

Allan Turner, Ph.D., DPA, is a research professor at George Mason University in Fairfax, Va., and a visiting scientist at the National Institute of Justice Office of Science and Technology.
COPYRIGHT 2003 American Correctional Association, Inc.
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2003 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:Technology Update
Author:Turner, Allan
Publication:Corrections Today
Geographic Code:1USA
Date:Jul 1, 2003
Previous Article:Outcome measures explained.
Next Article:DNA samples prove to be effective in solving crimes.

Related Articles
Vulnerability assessment: correctional facilities are only as secure as their weakest point.
Technology: have practitioners' needs been met?
Risky business.
More terrorists, less resources: confronting one of the most critical challenges in corrections history.
Program of events: "The Changing Face of Corrections".
Program of events.
Re-evaluating the use of segregation in corrections.

Terms of use | Privacy policy | Copyright © 2021 Farlex, Inc. | Feedback | For webmasters