Running head: RISK ASSESSMENT WILLIAM AND MARY 1
Risk Assessment of the College of William and Mary:
Parts I-III
Elizabeth C. Russ
Virginia Commonwealth University
Example for students
*Note that the order of this example is a little different than what your instructions say. Use this
as a guide but go strictly by the instructions.
RISK ASSESSMENT WILLIAM AND MARY 2
Table of Contents
Critical Infrastructure………………………………………………………………………………5
Best Practices for Critical Infrastructure Identification……………………………………………5
National Preparedness and Homeland Security Directives……………………………………….7
Executive Order 13010…………………………………………………………………….7
Executive Order 13231…………………………………………………………………….8
National Infrastructure Protection Plan and Presidential Policy Directive 21…………….8
Homeland Security Presidential Directive 7……………………………………………….9
The College of William and Mary Profile…………………………………………………………9
An All-Hazards Approach……………………………………………………………………….10
William and Mary’s Critical Infrastructure………………………………………………………11
Sadler Center……………………………………………………………………………….11
Swem Library………………………………………………………………………………11
Wren Building………………………………………………………………………………12
Power Plant…………………………………………………………………………………12
Commons Dining Hall………………………………………………………..………….12
Law School…………………………………………………………………………………12
Zable Stadium……………………………………………………………………………..13
William and Mary Hall……………………………………………………………………13
Recreation Center…………………………………………………………………………13
Campus Center…………………………………………………………………………….13
Integrated Science Center………………………………………………………………..13
Phi Beta Kappa/ Andrews Hall……………………………………………………………14
RISK ASSESSMENT WILLIAM AND MARY 3
Small Hall…………………………………………………………………………………..14
School of Education……………………………………………………………………….14
Matoaka Amphitheater…………………………………………………………………….14
Sunken Gardens…………………………………………………………………………..15
Tools and Techniques……………………………………………………………………………………………………..15
Key Asset Prioritization Matrix………………………………………………………….15
Geographic Information Systems (GIS)….………………………………………………18
Critical Infrastructure Priorities at William and Mary………………………………………………………….23
First Priority: Sadler Center…………………………………………………………………………………..23
Second Priority: Swem Library……………………………………………………………………………..24
Third Priority: Wren Building……………………………………………………………………………….24
Summary of Critical Infrastructure Assessment…………………………………………………..…………..25
Best Practices for Conduction Risk Assessments………………………………………………………………..25
Role of Government and the Private Sector in Conducting Risk Assessments………………………..27
Tools and Techniques for Risk Assessments………………………………………………………………………28
Hazards U.S. Multi-Hazard……………………………………………………………………………………28
CARVER Matrix…………………………………………………………………………………………………28
Security Vulnerability Assessment…………………………………………………………………………29
Sadler Center Risk Analysis…………………………………………………………………………………………….30
Purpose………………………………………………………………………………………………………………30
Scope…………………………………………………………………………………………………………………31
Risk Assessment Approach…………………………………………………………………………………..35
Asset Characterization…………………………………………………………………………………………38
RISK ASSESSMENT WILLIAM AND MARY 4
Threat Statement………………………………………………………………………………………………….41
Findings……………………………………………………………………………………………………………..42
Fire………………………………………………………………………………………………………….42
Active Shooter………………………………………………………………………………………….46
Severe Weather…………………………………………………………………………………………47
Explosive………………………………………………………………………………………………….48
Assault/Violence……………………………………………………………………………………….49
Cyber Attack…………………………………………………………………………………………….51
Crime……………………………………………………………………………………………………….52
Surry Nuclear Power Plant Radiation Release……………………………………………….53
Abduction…………………………………………………………………………………………………54
Flood……………………………………………………………………………………………………….55
Asset-Based Security Vulnerability Analysis………………………………………………..56
Evaluating Risk……………………………………………………………………………………………………59
High Priorities…………………………………………………………………………………………..59
Medium Priorities……………………………………………………………………………………..60
Low Priorities……………………………………………………………………………………………62
Conclusion………………………………………………………………………………………………………….63
References……………………………………………………………………………………………………………………..64
RISK ASSESSMENT WILLIAM AND MARY 5
Critical Infrastructure
When creating a risk assessment for a locale, it is essential to identify the critical
infrastructure of the area. The USA PATRIOT Act defines critical infrastructure as “the
personnel, physical assets, cyber, and communications systems that must be intact and
operational to ensure survivability, continuity of operations, and mission success” (as cited in
Bennett, 2007, p. 53). Critical infrastructure can be evaluated within different scopes from a
national to a community level. An asset that is critical infrastructure at a local level may not be
considered as such at a state or national level. While the College of William and Mary has an
economic presence in the local community, it is not critical infrastructure nationally. However,
within the campus, there are key assets that are essential to the College’s operations and its
mission to educate. Through a risk assessment these assets can be evaluated and the critical
infrastructure for William and Mary can be identified.
Best Practices for Critical Infrastructure Identification
In completing a risk assessment, there are certain approaches to identifying critical
infrastructure that will provide the most comprehensive analysis. Bennett (2007) identifies three
key factors that should be considered when determining which infrastructure is critical:
dependencies, vulnerabilities, and alternatives (p. 57). First, some assets are interconnected in
their operations or provide services upon which other assets depend. If an asset fails that has
multiple dependencies, it can create a cascading effect, by incurring more losses than at the
initial site (Bennett, 2007, p. 63). Second, assets vary in the amount of vulnerabilities they have.
This can be related to their design and the services they provide. Some assets will be
characterized as soft targets, which have lower levels of security and more open access (Bennett,
2007, p. 62). Generally, assets that are for public use are soft targets because they can only have
RISK ASSESSMENT WILLIAM AND MARY 6
a certain level of security without interfering with the asset’s service (Bennett, 2007, p. 62). Hard
targets have higher security measures and less access (Bennett, 2007, p. 62). Since the services
they provide may be more critical, they are more desirable to attack (Bennett, 2007, p. 62). In
addition to those exploited in an attack, vulnerabilities must be considered that would cause risk
exposure in a natural disaster. The third factor refers to the presence of alternative resources
when an asset fails. If an asset’s services do not have built-in redundancies or cannot be
performed by another asset, then the asset is more critical (Bennett, 2007, p. 57). In determining
which assets are critical infrastructure, the dependencies, vulnerabilities, and alternatives should
be considered so that they can be appropriately prioritized.
Identifying critical assets is imperative, so the services they provide can be protected.
Failures of key assets can result in casualties, weakened security, economic turmoil, decline in
morale, and lack of access to basic needs (Bennett, 2007, p. 58). While it would be ideal to
protect all assets, limited resources prevent this. Therefore, critical infrastructure must be
assessed and prioritized to determine which assets warrant protective measures (Bennett, 2007,
p. 67). In order to produce the highest quality assessment, critical infrastructure identification
and prioritization should be conducted at the local level (Bennett, 2007, p. 67). A community is
the most knowledgeable regarding its assets and its essential needs. All of these assets may not
be considered critical in state and federal assessments, but a local jurisdiction can determine
which are most important to its community (Bennett, 2007, p. 67). To ensure best practices are
applied, communities should evaluate their critical infrastructure continuously to determine if
changes have occurred or priorities have shifted (Bennett, 2007, p. 67). To develop thorough
evaluations of critical infrastructure, numerous preparedness frameworks and assessment tools
can be applied.
RISK ASSESSMENT WILLIAM AND MARY 7
National Preparedness and Homeland Security Directives
The federal government has created numerous directives and documents that provide
mandates and guidance on best practices for national preparedness. Many of these documents are
interrelated or derived from another directive. In addition to providing direction for federal
agencies, the directives emphasize state and local level involvement. The intent is to provide a
framework that is scalable to different sized communities. Different documents address the
various phases of emergency management. Executive Order 13010, Executive Order 13231, the
National Infrastructure Protection Plan, Presidential Policy Directive 21, and Homeland Security
Presidential Directive 7 are examples of these documents that focus on critical infrastructure
protection.
Executive Order 13010
Issued in 1996, Executive Order 13010 addresses critical infrastructure protection.
Clinton identifies the sectors of critical infrastructure and categorizes potential threats as
“physical” or “cyber” (as cited in Bennett, 2007, p. 84). In this document, Clinton acknowledges
the role private stakeholders have in critical infrastructure, and he recognizes the need for
collaboration between the government and private sectors (as cited in Bennett, 2007, p. 84).
Through Executive Order 13010, Clinton established the President’s Commission on Critical
Infrastructure Protection, comprised of representatives of relevant federal agencies (as cited in
Bennett, 2007, p. 84). Clinton assigned the Commission the task of working with public and
private stakeholders to identify and assess critical infrastructure and their threats (as cited in
Bennett, 2007, p. 85). Clinton’s Executive Order also directs the Commission to use these
evaluations to create a national strategy to protect critical infrastructure (as cited in Bennett,
2007, p. 85).
RISK ASSESSMENT WILLIAM AND MARY 8
Executive Order 13231
With the continued development of technology, Executive Order 13231 was issued in
2001 to combat the cyber threats posed to critical infrastructure. Bush (2001) established the
President’s Critical Infrastructure Protection Board to develop security measures for information
systems of critical infrastructure. In order to execute this task, the Board needed to work with
other groups that manage cybersecurity threats, including federal agencies, state and local
governments, and the private sector (Bush, 2001). Executive Order 13231 was significant by
creating a policy to mitigate threats to critical infrastructure through their information systems.
National Infrastructure Protection Plan and Presidential Policy Directive 21
The National Infrastructure Protection Plan (NIPP) is designed to detail the methods by
which the public and private sectors can collaborate to mitigate risks and improve resilience for
critical infrastructure (Department of Homeland Security [DHS], 2015a). This plan was
developed from multiple perspectives, which included the public and private sectors from across
the nation and at all levels (DHS, 2015a). NIPP was crafted to be compliant with Presidential
Policy Directive (PPD) 21, which strives to promote a unified movement toward protecting
critical infrastructure from an all-hazards approach (The White House, 2013). NIPP outlines
steps that should be taken in order to execute the process of protecting critical infrastructure.
These include: setting goals and objectives, identifying infrastructure, assessing and analyzing
risks, implementing risk management activities, and measuring effectiveness (DHS, 2013, p. 15).
NIPP stresses the importance of information sharing during this process in order to promote best
practices and involve the entire community (DHS, 2013, p. 16). NIPP’s process can be used as a
guideline for assessing critical infrastructure in a community and determining which mitigation
efforts are worth employing.
RISK ASSESSMENT WILLIAM AND MARY 9
Homeland Security Presidential Directive 7
Homeland Security Presidential Directive (HSPD) 7 is an executive document that
provides a strategic framework for “critical infrastructure identification, prioritization, and
protection” (DHS, 2003). This document recognizes the presence of threats that must be
acknowledged and analyzed. HSPD-7 notes that it is not possible to protect against all threats
and key assets must be prioritized in order to create the most effective prevention (DHS, 2003).
In order to accomplish these goals, HSPD-7 outlines the critical infrastructure sectors that
different federal agencies should address, and it conveys the necessity of collaboration with the
private sector (DHS, 2003).
The College of William and Mary Profile
William and Mary is the second oldest college in the United States and is a research
university, with undergraduate, graduate, and doctoral programs (College of William & Mary
[William & Mary], 2015a). Chartered in 1693, the College is the origin of the first Honor Code
and Phi Beta Kappa (William & Mary, 2015a). The main campus is situated on 1,200 acres in
Williamsburg, Virginia (William & Mary, 2015a). It is separated from the surrounding
community and bordered by Richmond Road, Jamestown Road, and Lake Matoaka. Currently,
the population consists of 6,299 undergraduate students, 2,138 graduate students, and 609 full-
time faculty (William & Mary, 2015a). Thirty-one percent of students are of a minority ethnicity
or race (William & Mary, 2015a). William and Mary is a prominent academic institution
nationally and is also an economic force locally. “William and Mary contributes more than half a
billion dollars and over 7,000 jobs to Virginia each year” (William & Mary, 2015a). Any
incident, natural or manmade, at the campus would be significant to the College’s mission
RISK ASSESSMENT WILLIAM AND MARY 10
toward providing an environment for learning and research and would impact the surrounding
community of Williamsburg as well.
An All-Hazards Approach
Due to its location and the nature of its residential campus, William and Mary is more
prone to certain types of threats. Some of the events the College should prepare for are fire,
hurricanes, floods, winter storms, nuclear fallout, earthquakes, biological hazards, chemical
hazards, active shooters, terrorism, and cyber-attacks. Especially since William and Mary is a
residential campus, fires caused in the dorms or other buildings should be a concern. Due to the
campus’s location on the Virginia Peninsula, it is more likely to be impacted by hurricanes and
flooding. The lake on campus and surrounding wetlands make floods more probable. While
winter storms and earthquakes are less likely, they can and have had an impact on campus
operations. Across the James River and approximately seven miles from the campus, the Surry
Nuclear Power Plant’s location makes nuclear fallout a necessary incident to plan for, despite the
low level of likelihood of occurrence. Biological and chemical hazards should also be
considered, especially from the materials located in the science buildings. Since active shooters
have attacked other college campuses and terrorism can target unlikely soft targets, William and
Mary should also have shelter-in-place and evacuation plans. William and Mary’s classes are
primarily taught in classrooms, but they rely heavily on online services through applications,
such as Banner and Blackboard. Administrative services depend on information security as well.
If a successful cyber-attack occurs, the College’s activities and services could be impaired. These
natural and manmade hazards could cause negative consequences, such as financial loss,
casualties, inability to provide education and research services, loss of sensitive personal data,
and reputational damage. Since the college has a wide scope of potential incidents that could
RISK ASSESSMENT WILLIAM AND MARY 11
occur, it is necessary for it to take an all-hazards approach in order to ensure best practices are
carried out. This consists of developing emergency procedures that are adaptable to different
types of events.
William and Mary’s Critical Infrastructure
William and Mary’s campus consists of academic, residential, athletic, arts, activities,
and administrative buildings. Based on the amount of impact an incident could have in terms of
casualties, financial cost, loss of functions, and effect on dependent assets, the structures that are
critical infrastructure can be identified. There are several buildings which function as centers of
congregation. Some of these structures are filled to capacity on a daily basis. Others hold a
majority of the population during special events and are empty the remainder of the time.
Sadler Center
The Sadler Center contains one of the two major dining facilities and many of the
meeting rooms for activities. As a result, it is consistently filled throughout the day. In addition
to catering to the regular campus population, the Sadler Center hosts visitors and regional
conventions throughout the year. Therefore, the potential occupants exposed could rise higher
during special external events.
Swem Library
Swem Library is the main library for undergraduate and graduate students, and it is where
most students study on campus. The library is generally open from 8 a.m. until 2 a.m., so it is
especially full in the evenings when other buildings are closed. Swem Library contains all of the
reference documents and media for the main campus. In addition, it has the Special Collections
area, which holds rare, old, and significant documents. Swem Library also stores the College’s
historical regalia when they are not in use (William & Mary, 2015a).
RISK ASSESSMENT WILLIAM AND MARY 12
Wren Building
The Wren Building is the most iconic structure on campus. It is historically significant,
since it is the oldest academic building still in use in the United States (William & Mary, 2015a).
Williamsburg’s tourists visit the Wren Building daily. Religious services are held in the wing
containing the chapel. Ceremonies that involve the entire campus body are conducted inside the
building and in the adjacent yards. Many of the school’s relics are displayed in the Wren
Building.
Power Plant
The Power Plant is not accessed by much of the population, but it impacts the campus
through the resources it provides. Therefore, an incident would cause minimal casualties but
could cause a cascading effect on dependencies.
Commons Dining Hall
The Commons Dining Hall is the other main dining facility on campus. It caters to more
occupants than the Sadler Center at meal times, but does not contain any meeting space. Outside
of the designated meal time frames, the Commons Dining Hall is empty, except for some of the
culinary staff.
Law School
The Law School is distinct from many other academic buildings, because all law classes
are held in a single building. All of the law faculty and administrative offices are located there as
well. Law students have their own library, which is in a wing of this structure. Since all
components of the Law school are housed in one building, it is usually highly occupied.
RISK ASSESSMENT WILLIAM AND MARY 13
Zable Stadium
Zable Stadium hosts the William and Mary Football and Track and Field teams. The
stadium can hold 11,686 people. Outside of scheduled games, the stadium is unoccupied.
William and Mary Hall
William and Mary Hall is a large arena, where the Tribe Basketball team plays. The
structure also contains additional training rooms used by other sports. William and Mary Hall
consists of approximately 24,000 square feet and can hold 11,200 people (William and Mary,
2015). Since it is the largest indoor event space on campus, major events that involve the entire
campus population are held there.
Recreation Center
The Recreation Center is the only fitness facility on the campus. It is frequented by a
higher number of people during peak fitness times, which are usually in the late afternoon. The
Recreation Center also holds intermural games and fitness classes. Due to the expensive
equipment and the large number of occupants, the recreation center should be considered critical
infrastructure.
Campus Center
The Campus Center is a multipurpose structure, which consists of meeting and activity
spaces, administrative offices, a small theater, and a limited dining facility. Trinkle Hall is a
large room within the Campus Center and can hold almost 600 occupants (William and Mary,
2015).
Integrated Science Center
The Integrated Science Center is fairly large but is more critical for its potential to cause
a chemical or biological incident due to the materials it contains. All of the chemical labs for
RISK ASSESSMENT WILLIAM AND MARY 14
faculty and students are located in this building. There is also a large lecture hall.
Phi Beta Kappa/ Andrews Hall
Phi Beta Kappa Hall is a theater where performances take place. The theater has 763
seats and is used for plays, speeches, and dance shows (William & Mary, 2015a). Phi Beta
Kappa Hall is housed in a unique building, which also contains Andrews Hall. Although
constructed as one building, these two halls are separated internally. Andrews Hall is the location
of visual arts classes and contains specialty art equipment.
Small Hall
Small Hall is the physics building, where classes are held and faculty conduct research.
Small Hall has technical equipment, including high-powered lasers and a roof-top observatory
(William & Mary, 2015a).
School of Education
Similar to the Law School, all functions of the School of Education are held in a single
structure. The School of Education also has large meeting spaces, which are used to host campus
lectures and third party events.
Matoaka Amphitheater
Matoaka Amphitheater is an outdoor stadium located in the campus woods. It is used as
the venue for concerts and other entertainment. The amphitheater is enclosed by a perimeter so
that people who do not purchase tickets cannot enter events. The structure consists of some
standard theater seating and tiered areas of grass. In total, the area can contain 2,000 occupants
(William and Mary, 2015).
RISK ASSESSMENT WILLIAM AND MARY 15
Sunken Gardens
The Sunken Gardens is a large grassy area and a landmark on campus. Situated between
three academic building to the north and another three to the south, the Sunken Gardens is in a
central location. The portico of the Wren Building also overlooks the Sunken Gardens. This is
the most popular outdoor area for students to congregate. Major events, including school dances,
homecoming functions, and graduation ceremonies are held there. Therefore, an incident would
pose a minimal threat to the Sunken Gardens’ structure but could be detrimental if the area is
heavily populated.
Tools and Techniques
Key Asset Prioritization Matrix
A key asset prioritization matrix provides a tool to analyze the critical infrastructure of a
community and rank the structures in order of which would be most impacted in an incident. The
matrix uses four categories to determine the level of impact: occupants exposed, economic
impact, business or service interruption, and interdependencies (Bennett, 2007, pp. 70-71). Each
structure is evaluated for these criteria and assigned a number from zero (least impact) to four
(most impact). Occupants exposed refers to the maximum amount of people present at the
structure, and economic impact assesses the cost to repair damages (Bennett, 2007, p. 70).
Business or service interruption represents the amount of time necessary to restore services, and
interdependencies examines the amount of additional assets that are impacted by the original
incident (Bennett, 2007, pp. 70-71). The sum of these values provides a score, which can be used
to rank the total impact on that structure. In Table 1, these values are displayed in the far right
column. The table is organized by structures that are impacted the most to the least. Thus, an
incident involving the Sadler Center or Swem Library would be the most devastating to William
RISK ASSESSMENT WILLIAM AND MARY 16
and Mary’s critical infrastructure. This table provides a means to assess and prioritize critical
infrastructure but does not convey the exact figures for the categories. A quantitative study could
be used to further examine the precise potential impact to each structure.
An analysis of the risk factor categories in Table 1 can assist in the identification of
critical infrastructure. Factors that are more influential for a community will be identifiable
through trends in the key asset prioritization matrix. For William and Mary, the data suggests
that economic impact is the most significant, since it received generally higher scores than the
other factors. The critical infrastructure of the campus would be expensive to repair or rebuild.
Many of these structures house unique contents that are not available in other buildings on
campus and are costly to replace. For example, the ISC contains student and faculty chemistry
labs with specialized equipment, such as a mass spectrometer (William & Mary, 2015a). Within
Swem Library, William and Mary (2015) stores over two million documents, including some
which are irreplaceable in Special Collections. The key asset prioritization matrix indicates that
occupants exposed is also a prominent factor in determining critical infrastructure. With over
9,000 people present on campus daily, William and Mary (2015) is at risk for significant
causalities should an incident occur on campus. When the population congregates for activities,
including meals or convocations, the number of occupants in a single location increases
substantially. Using data for the locations of these events can aid in identifying critical
infrastructure. The services of William and Mary’s critical infrastructure do not provide life-
sustaining resources like a hospital would for a city. However, the services they do provide are
critical to the College’s education mission. If an incident occurs, it would interfere with the
ability to execute this mission. Since many of the buildings have specialized uses, it would be
difficult to relocate the population and continue the same activities. While the campus is
RISK ASSESSMENT WILLIAM AND MARY 17
dependent on the Power Plant, most structures operate independently. Therefore, a cascading
effect, in which additional critical infrastructure are impacted from an incident, would be
unlikely.
When using tools, it is important to consider that the level of objectivity obtained through
numerical values does not provide a perfect evaluation. For example, in the key asset
prioritization matrix in Table 1, the figures indicate that economic impact tends to be more
significant to William and Mary’s critical infrastructure than any of the other factors. This type
of tool weighs each of the factors equally in the total score. A certain level of subjectivity is still
necessary to ensure that the most important factors for specific critical infrastructure receive
greater attention. In William and Mary’s case, occupants exposed should be considered the most
critical factor because its people are most essential to its education mission. In, addition, the cost
of causalities is very high.
RISK ASSESSMENT WILLIAM AND MARY 18
Structure Occupants
Exposed
Economic
Impact
Business or
Service
Interrupted
Interdependencies Total
Sadler Center 4 4 3 3 14
Swem Library 4 4 3 3 14
Wren Building
(including Yard) 4 4 3 2 13
Power Plant 1 4 3 4 12
Commons 3 4 3 2 12
Law School 3 4 3 2 12
Zable Stadium 4 4 3 1 12
W&M Hall 4 4 3 1 12
Rec Center 4 4 3 1 12
Campus Center 3 3 3 2 12
Integrated Science
Center 3 4 3 1 11
Phi Beta Kappa/
Andrews Hall 3 4 3 1 11
Small Hall 2 4 3 1 10
School of Education 3 3 3 1 10
Matoaka
Amphitheater 4 3 2 1 10
Sunken Gardens 4 1 0 1 6
Table 1. Key asset prioritization matrix of William and Mary’s critical infrastructure.
Geographic Information Systems (GIS)
A Geographic Information System (GIS) is a tool that can help emergency managers
identify risks and evaluate effective responses to incidents. A GIS enables the user to view data
through mapping software, which can improve the ability to visualize and assess that data. (Esri,
n.d.). For example, in a hurricane, a GIS can be used to evaluate the potential trajectories of the
storm, identify the impact zones, determine effective evacuation routes, and estimate recovery
costs. A GIS provides a means to visually perceive data that is difficult or lengthy to articulate in
RISK ASSESSMENT WILLIAM AND MARY 19
words. In a risk assessment of a locale, a GIS is valuable for identifying critical infrastructure,
factors that complicate an incident, and appropriate response options.
There are a variety of different maps and data sets that can be used with a GIS software.
A base map functions as the main imagery on which other data can be projected. Examples of
different base maps include a road map and a terrain map. When additional data is added onto
the base map, they are referred to as “layers” (City of Williamsburg, 2015). Layers can identify
relevant content on the base map, such as waterways, schools, evacuation routes, and electrical
power plants and substations.
A GIS can be useful for evaluating risks and how to plan for them at the College of
William and Mary. It can aid in identifying critical infrastructure at the campus. The first step is
clearly defining the boundaries of the College. Figure 1 illustrates the distinct area of the campus
from the rest of Williamsburg. The red triangle demonstrates how Richmond Road borders the
campus to the north, Jamestown Road marks the boundary to the south, and Lake Mataoka acts
as the perimeter to the west. Since the campus is enclosed by clear edges, this assists in limiting
access to the campus and designing effective patrol routes. Figure 2 is a campus map of the
College. The color coding on this map identifies the different structures by type: academic,
administrative and support services, athletics and athletic events, arts and events, and student
housing and services. Being able to quickly recognize the types of buildings can help to
determine the population’s distribution throughout the day. Figure 3 is a pictometry map, which
provides a three-dimensional aerial view. This map is particularly useful to better comprehend
the terrain and altitudes of the structures and other features. Figure 4 uses a hybrid of a road and
terrain map as the base. This map’s data conveys the close proximity of the Surry Nuclear Power
Plant to William and Mary’s campus. The map depicts how direct the path across the river is for
RISK ASSESSMENT WILLIAM AND MARY 20
potential nuclear material versus the slower route for vehicles, which must take a ferry to cross
from one peninsula to the next. Figure 5 illustrates the different types of wetlands at William and
Mary and in the neighboring community. This map shows how the wetlands permeate the
campus grounds. The data from this map can be used to predict potential flood levels and to plan
alternate routes in the event of blocked routes. The use of a GIS would be beneficial to William
and Mary in its emergency planning. The variety of data sets that can be applied can contribute
toward an all-hazards approach.
Figure 1. Boundaries map of the College of William and Mary. (City of Williamsburg, 2015).
RISK ASSESSMENT WILLIAM AND MARY 21
Figure 2. Campus map of the College of William and Mary. (William & Mary, 2015a).
Figure 3. Pictometry map of the College of William and Mary. (Bing Maps, 2015).
RISK ASSESSMENT WILLIAM AND MARY 22
Figure 4. Proximity of the College of William and Mary to the Surry Nuclear Power Plant. (Map
Developers, 2015).
Figure 5. Wetlands map of the College of William and Mary. (U.S. Fish & Wildlife Service,
2015).
RISK ASSESSMENT WILLIAM AND MARY 23
Critical Infrastructure Priorities at William and Mary
First Priority: Sadler Center
Based on the assessment conducted, the Sadler Center is the most critical infrastructure at
William and Mary. The Sadler Center operates as a central hub on campus and serves more
diverse functions than any other building. These include its dining hall services and its use for
meeting and entertainment space. The most influential factor is occupants exposed. The formal
meeting space alone can hold approximately 3,500 occupants (William & Mary, 2015a). This
correlates to the highest score for the occupants exposed criteria in the key asset prioritization
matrix. If the Sadler Center became inoperable, it would also be devastating economically. The
dining hall renovation in 2013 cost $8 million (William & Mary, 2015a). The original cost to
build the Sadler Center was $12.5 million in 1994 (William & Mary, 2015a). If the entire
structure had to be replaced, the Sadler Center would qualify for the highest ranking in the
economic impact criteria of the key asset prioritization matrix. The Sadler Center would also
cause significant service interruption to the campus, since it provides critical dining services.
During meal times, waiting lines are already present at both dining halls. The Commons Dining
Hall does not have the resources to provide effectively for the entire student body. The original
construction of the Sadler Center took place over two years, so a significant reconstruction
period could be expected if it was destroyed (William & Mary, 2015a). An incident would also
have an impact on other assets. One example is the campus mail system. All mail directed to and
from within the campus is handled at the Sadler Center. If this system became inoperable, there
would be a lapse in campus communications for other assets. Overall, the Sadler Center’s total
score for the key asset prioritization matrix is a fourteen. Bennett (2007) conveys that a score
between ten and sixteen indicates that the asset is of “high importance” and is a “highly desirable
RISK ASSESSMENT WILLIAM AND MARY 24
target” (p. 71). Due to its high score and its multiple services, the Sadler Center is the most
critical infrastructure.
Second Priority: Swem Library
Swem Library is the second priority on campus and also received a total score of fourteen
in the key asset prioritization matrix. Swem Library is also most critical for its occupants
exposed. Swem Library is the main library and primary study location. As a result, it is normally
heavily occupied. The large structure and vast number of documents would make the economic
impact significant in a disaster. Some of the rare documents in Special Collections are
irreplaceable. The library serves as a major resource and information provider for all academic
disciplines. Despite having the same total score as Swem Library, the Sadler Center should be
the first priority because the number of occupants exposed is higher. This factor should be
weighed heavily, since the students and faculty are the most fundamental element of the
College’s mission.
Third Priority: Wren Building
The Wren Building also had a high total score of thirteen in the key asset prioritization
matrix and should be the third priority. During major events, the Wren Building and the adjacent
yards are filled with people. One example is the annual convocation ceremony. Depending on the
threat, the occupants in the yard may or may not be equally at risk as those inside the building.
The Wren Building is a historical landmark and would require careful restoration practices
should it need repair or rebuilding. Damage to the structure would also be detrimental to the
College’s morale. The Wren Building does not have dependencies, but its periodic high
occupancy and historical value make it a key asset over other structures on campus.
RISK ASSESSMENT WILLIAM AND MARY 25
Summary of Critical Infrastructure Assessment
In order for the College of William and Mary to complete a successful risk assessment
and ensure it is prepared, it must first identify its critical infrastructure. Determining the
criticality of the assets should be conducted at the local level and can be guided by the
framework of the national preparedness and homeland security directives. Through the use of
tools, such as qualitative and quantitative data, key asset prioritization matrix, and GIS, the
College can assess its critical infrastructure and prioritize its resource allocation. Since it is a
public school, William and Mary has financial constraints and relies on government funding and
private contributions to support its activities. By evaluating its priorities, it can direct these funds
where they are most needed and where they will have the most impact. The College of William
and Mary should maintain an all-hazards approach to best prepare for the many types of
incidents that could occur on its campus. By applying these strategies and working with the local
community of Williamsburg, Virginia State government, and the private sector, William and
Mary will be implementing best practices.
Best Practices for Conducting Risk Assessments
In order to conduct a risk assessment, several steps must be taken. These include
identifying key assets, determining asset value, recognizing threats to the assets, performing a
risk screening, executing a vulnerability assessment, analyzing the level of risk, implementing
appropriate countermeasures, and re-evaluating (Bennett, 2007, p. 216). This process is known
as the cycle of identification and protection of critical infrastructure and is illustrated in Figure 6
(Bennet, 2007, p. 216).
Key assets include resources that that are valuable to the mission of critical infrastructure
(Bennett, 2007, p. 217). According to Bennett (2007), there are two aspects to determining key
RISK ASSESSMENT WILLIAM AND MARY 26
assets: goods or services provided and components that are critical to the jurisdiction (p. 218).
Once the key assets have been identified, they can be valued and prioritized through a risk
screening. This step ranks the key assets based on the impact an incident would cause (Bennett,
2007, p. 264).
A threat assessment is critical to executing a successful risk assessment. This stage of the
process includes determining potential adversaries, their capabilities, and the probability that an
incident will occur (Bennett, 2007, p. 221). The vulnerabilities, weaknesses that can be exploited
by a threat, for each asset should also be considered (Bennett, 2007, p. 216). These factors are
used to calculate risk, which is defied by the equation “Risk = (Value) x (Vulnerabilities) x
(Threats) x (Likelihood) x (Consequence)” (Bennett, 2007, p. 227). Risk can be evaluated
quantitatively or qualitatively depending on the needs of the jurisdiction. A quantitative risk
analysis provides a measurable, numeric approach but context may be lost without description
(Bennett, 2007, p. 229). A qualitative risk analysis allows for quick prioritization of
improvements, but it makes cost-benefit analysis more challenging without numerical values
(Bennett, 2007, p. 232).
Next, it must be determined whether the level of risk is acceptable (Bennett, 2007, p.
228). Existing countermeasures should be assessed for their effectiveness. If residual risk is
present, improvements should be considered (Bennett, 2007, p. 239). Through the use of cost-
benefit analysis, officials can determine whether the level of risk reduction is worth the cost of
adding, removing, or changing countermeasures (Bennett, 2007, p. 292). Finally, the
reevaluation of risk should occur to measure the actual levels of risk reduction after
countermeasures were introduced (Bennett, 2007, p. 242). The cycle of identification and
RISK ASSESSMENT WILLIAM AND MARY 27
protection of critical infrastructure should be continuous to manage dynamic vulnerabilities and
risk.
Figure 6. Cycle of identification and protection of critical infrastructure. (Bennett, 2007, p. 216).
Role of Government and the Private Sector in Conducting Risk Assessments
In order to manage risk effectively, the public and private sectors must collaborate.
According to Bennett (2007), both sectors can benefit from sharing resources and information (p.
321). Formal relationships and agreements promote success in coordinated efforts (Bennett,
2007, p. 322). The public and private sectors should consult one another when conducting risk
assessments and should hold joint drills and exercises (Bennett, 2007, p. 322). Many potential
threats pose risks that extend beyond the scope of a single asset. Private organizations and the
government must be aware of the interdependencies of their critical infrastructure. The private
sector must not rely on the public sector alone to assess and protect its critical infrastructure
(Bennett, 2007, p. 323). However, the public sector does provide services and tools that the
private sector can utilize. For example, the Federal Emergency Management Agency (FEMA,
RISK ASSESSMENT WILLIAM AND MARY 28
2015b) allows federal, state, local government, and the private sector to download its HAZUS-
MH software at no cost. DHS (2015b) manages another resource, the Regional Resiliency
Assessment Program (RRAP), which coordinates multiple stakeholders in critical infrastructure
assessment. DHS (2015b) chooses projects that are designed to assist in the process of
identifying critical infrastructure, assessing risk, and increasing resilience. Federal agencies, law
enforcement, emergency response organizations, the private sector, and academic institutions are
involved with information sharing for RRAP (DHS, 2015b). Continued communication and
collaboration between the public and private sectors is beneficial to best practices for risk
assessments.
Tools and Techniques for Risk Assessments
Hazards U.S. Multi-Hazard
The Federal Emergency Management Agency (FEMA, 2015b) offers a methodology,
HAZUS, which uses GIS data to estimate impacts from earthquakes, floods, and hurricanes.
HAZUS can be used to identify the risk to critical infrastructure from these threats (FEMA,
2015b). This technology can be useful in conducting a risk assessment by supplying data about
these risks that can be used to develop appropriate countermeasures. Two of the software tools
FEMA (2015a) offers, the Hazus-MH Risk Assessment Tool (RAT) and the Hazus-MH Flood
Macro Wizard, are designed to assist local use (FEMA, 2015a).
CARVER Matrix
The CARVER matrix is used in risk assessments to identify critical assets, potential
threats, and vulnerabilities (Bennett, 2007, p. 244). Each of the letters represents a selection
factor, which is ranked on a scale of one to ten (Bennett, 2007, p. 244). The sum of the numerical
values assigned to each selection factor provide a total risk value for each asset (Bennett, 2007,
RISK ASSESSMENT WILLIAM AND MARY 29
p. 250). Using these total values, the assets can be ranked from most vulnerable to least
vulnerable. Higher values indicate assets with greater levels of risk (Bennett, 207, p. 250). The
selection factors include: criticality, accessibility, recuperability, vulnerability, effect, and
recognizability. Criticality signifies the extent of impact to a greater system if the asset were
damaged. Assets that are more critical are more desirable targets for manmade threats (Bennett,
2007, p. 244). Accessibility indicates the “ease of access” to an asset (Bennett, 2007, p. 244).
This can be direct physical access or indirect, such as electronic access. Recuperability measures
the time necessary to reestablish the services of a critical asset. This can be achieved through
repairing the existing asset or by creating a way to restore services without that asset (Bennett,
2007. p. 245). Vulnerability refers to the likelihood of significant damage to an asset. This is
based on the features of the asset, preventative measures, and the capability of a threat (Bennett,
2007, p. 245). Effect characterizes an incident’s potential impact in terms of “scope and
magnitude” (Bennett, 2007, p. 245). Recognizability describes the probability that an asset is
distinguishable from another asset. This is determined from the features of the asset, its level of
uniqueness, and technology that may be available to identify the asset (Bennett, 2007, p. 247).
Security Vulnerability Assessment
A Security Vulnerability Assessment (SVA) is a risk assessment used to determine
critical infrastructure, vulnerabilities, and the effectiveness of security countermeasures (Bennett,
2007, p. 256). This type of assessment uses qualitative data to analyze these factors and how they
impact the risk posed to a critical asset (Bennett, 2007, p. 256). The steps to conducting an SVA
include planning, asset and risk characterization and screening, threat identification, vulnerability
analysis, security countermeasures assessment, drill and exercise, and re-evaluation (Bennett,
2007, pp. 260-268). An SVA can be used to assess natural or manmade threats as a preventative
RISK ASSESSMENT WILLIAM AND MARY 30
measure or in the aftermath of an incident. There are two methods for executing an SVA: the
scenario-based approach and the asset-based approach. Bennett (2007) describes a scenario-
based approach as a detailed analysis, which involves evaluating the risk associated with each
situation a threat might present as (p. 266). Alternatively, an asset-based approach produces more
immediate recommendations through the analysis of the risk posed to key assets by potential
threats with consideration for existing countermeasures (Bennett, 2007, p. 267). Jurisdictions
should select the most appropriate approach to an SVA based on their needs and resources.
Sadler Center Risk Analysis
Purpose
Determined through the analysis of the Key Asset Prioritization Matrix, the Sadler Center
ranks as the most critical infrastructure for the College of William and Mary. In order to ensure
the protection and operation of the Sadler Center, a risk analysis of the infrastructure is
necessary. Conducting this risk analysis includes identifying key assets, assessing vulnerabilities,
recognizing threats and their potential impacts, determining the likelihood of incidents, and
implementing countermeasures as appropriate.
The mission of the Sadler Center is “to provide excellent facilities, equipment, service,
and assistance to all members of the College community for their events and activities” (William
& Mary, 2015a). To this objective, the staff offers event and meeting services, which include
scheduling and planning, audio and visual support, equipment installation, and advertising
(William & Mary, 2015a). The Sadler Center hosts a variety of events, such as organizations’
meetings, dances, performances, ceremonies, community outreach activities, and conferences.
The building houses a main dining hall and additional food options. However, the services of the
Sadler Center extend beyond its formal uses for event and dining services. The building acts as a
RISK ASSESSMENT WILLIAM AND MARY 31
main center for students to congregate, study, and relax. While it is a far newer structure
compared to the iconic Wren Building, the Sadler Center has become a key component of
William and Mary’s identity.
Scope
Located at 200 Stadium Drive, the Sadler Center is situated in the middle of campus and
serves as a common space as well as a thoroughfare connecting the different sections of campus.
The Sadler Center’s functions are the most diverse of the infrastructure on campus. Depicted in
Figure 7, Level 1 consists of the post office, a games room, fast food selections, a small stage
and seating area (Lodge 1), catering services, a convenience store (Student Xchange), and a
loading dock. Located on Level 2 (Figure 8) are three meeting rooms (James, York, and Colony
Rooms), an auditorium, the information desk, administrative offices, a Wells Fargo ATM, a
study/computer lounge, the dining hall, the kitchen, and an open seating area. Displayed in
Figure 9, Level 3 has meeting space that can be made into as few as two rooms and up to five
rooms with dividers (Chesapeake A, B, and C and Tidewater A and B). A central spiral staircase
connects the three floors as shown in Figure 12 and Figure 13. Two elevators are also available.
Each floor has restrooms and access to emergency exits directly or through stairwells. There are
three regular entrances: one by the Post Office and another by Lodge 1 (Figure 11) on Level 1
and a third near the information desk on Level 2.
The Sadler Center is open during the academic year from 7:00 a.m. to 12 a.m. Monday
through Thursday, 8:00 a.m. to 2:00 a.m. Friday through Saturday, and 7:30 a.m. to 12:00 a.m.
on Sunday (William & Mary, 2015a). During school breaks, the building maintains reduced
hours from 8:00 a.m. to 5:00 p.m. Monday through Friday and is closed on the weekend
(William & Mary, 2015a). In the summer, the Sadler Center is open from 8:00 a.m. to 10:00 p.m.
RISK ASSESSMENT WILLIAM AND MARY 32
every day (William & Mary, 2015a). Outside of the designated hours, all entrances are locked
and security personnel patrol the area periodically.
Figure 7. Directory map of Level 1 of the Sadler Center.
Figure 8. Directory map of Level 2 of the Sadler Center.
RISK ASSESSMENT WILLIAM AND MARY 33
Figure 9. Directory map of Level 3 of the Sadler Center.
Figure 10. Directory map key for the Sadler Center.
RISK ASSESSMENT WILLIAM AND MARY 34
Figure 11. Lodge 1 located on Level 1 of the Sadler Center.
Figure 12. Level 2 of the Sadler Center.
RISK ASSESSMENT WILLIAM AND MARY 35
Figure 13. Level 3 of the Sadler Center.
Risk Assessment Approach
While the Sadler Center has experienced threats and minor incidents, no major situations
have occurred. Due to its location on the Virginia Peninsula, the campus has faced multiple
hurricanes. Other weather systems, including tornado watches and winter storms have also
impacted the region (William & Mary, 2015a). The Sadler Center has suffered resultant power
outages but has not sustained any significant structural damages. In, 2011 the campus felt the
effects of the 5.9 earthquake originating in Louisa County, but the Sadler Center was not
impacted (William & Mary, 2015a).
There have been notable violent crimes within the perimeter of the Sadler Center. In
2009, assailants unassociated with the College assaulted and attempted to rob four students on
the terrace of the Sadler Center (Figure 14) (The Flat Hat, 2009a). Only two days later, a student
was stabbed during the daytime on a path on the south side of the Sadler Center (Figure 15) (The
RISK ASSESSMENT WILLIAM AND MARY 36
Flat Hat, 2009b). In both instances, the Flat Hat (2009a; 2009b) reported that the perpetrators
fled after the attacks.
The administration has also received significant threats against the Sadler Center. In
2008, William and Mary Police collaborated with the FBI, Virginia State Police, Williamsburg
Police, and James City County Police to investigate a threat foreshadowing violence at the Sadler
Center (William & Mary, 2015a). As a precaution, the building was closed early on the day the
threat referenced and events were moved to alternate locations (William & Mary, 2015a). In
2011, a witness informed police about two suspicious individuals in the Sadler Center who might
be armed (William & Mary, 2015a). In 2015, William and Mary (2015) received multiple emails
threatening the campus with bomb threats. In all three cases, the threats were determined to be
unsubstantiated (William & Mary, 2015a).
The campus has also faced public health instances, including a student with MRSA in
2007, multiple members of the community with H1N1 flu symptoms in 2009, and a student with
viral meningitis in 2013 (William & Mary, 2015a). While no major outbreaks occurred, the
Sadler Center must be aware of the potential hazards that could occur in the building since it is a
central locality on campus.
The services of the Sadler Center are reliant on a functioning computer network, which
suffered heightened levels of virus attacks from 2003 to 2004 (William & Mary, 2015a).
Although the Sadler Center has not experienced any significant effects from these incidents, they
serve to advise campus officials on the types of events that could occur at the Sadler Center and
on the preparations that must be made in case they do happen. Therefore, this risk assessment is
conducted in anticipation of the occurrence of any incidents, including the aforementioned.
RISK ASSESSMENT WILLIAM AND MARY 37
Figure 14. The terrace outside of the Sadler Center where four students were assaulted in 2009.
Figure 15. Path on the south side of the Sadler Center where a student was stabbed in 2009.
RISK ASSESSMENT WILLIAM AND MARY 38
Asset Characterization
In order to identify and prioritize the key assets of the Sadler Center, a risk screening
must be completed. Based on the services of the Sadler Center, one of its key assets is its
occupants, including students, faculty, staff, and visitors. The structure, the utilities, and the
computer network are also key assets. Using the Key Asset Screening Assessment in Table 2,
these assets are evaluated for the impact that an incident would have on each. These factors
include casualties, environmental impact, economic impact, business impact, and infrastructure
impact. The criteria for scoring each of these factors is detailed in Table 3. These factors are also
weighted to assign higher significance to the respective impacts. The weight applied to each
factor is listed in Table 4. All of these components contribute to a total weighted score, which
allows the key assets to be prioritized. This tool can then be used to help determine which
countermeasures to implement.
Casualties Environmental
Impact Economic
Impact Business Impact
Infrastructure Impact
Weighted Score
Structure 3 2 2 3 2 37
People (Students,
Faculty, Staff, & Visitors) 3 0 2 2 2 27
Utilities 0 1 1 1 1 10
Network 0 0 1 1 3 8
Table 2. Key asset screening assessment for the Sadler Center.
RISK ASSESSMENT WILLIAM AND MARY 39
Score Casualties Environmental
Impact Economic
Impact Business Impact
Infrastructure Impact
0 None expected Not applicable/ biodegradable
No significant effect likely
Startup facility with minor
changes
No effect on operations
1
Non-life-threatening
injuries likely both on and off
the key asset property
Will not leave the key asset's property
Impact on division or
business unit profitability
>10%
Facility shut down and unable to
provide products or services for
less than 1 month
Damage limited to the specific building/ area
only
2
Life-threatening injuries likely
both on and off the key asset
property
Likely to leave the key asset's property;
however, non-persistent and no decontamination
and/or remediation required
Impact on corporate
profitability >10%
Facility shut down and unable to
provide products or services for
less than 6 months
Damage to support
systems and/or utilities
3 On-site fatalities
likely
Likely to leave the key asset's property;
however, non-persistent and
decontamination and/or remediation
required
Impact on U.S.
economy
Facility shut down and unable to
provide products or services for
less than 1 year
Damage to other
production or service facilities
4 Off-site fatalities
likely
Likely to leave the key asset's property; persistent and long-
term remediation required
Impact on world
economy
Facility destroyed and not expected
to be rebuilt
Damage to the entire site
Table 3. Scoring criteria for impact factors of the key asset screening assessment.
Impact Weighting Factors
Casualties Rating x 5
Environmental Rating x 4
Economic Rating x 3
Business Rating x 2
Infrastructure Rating x 1
Table 4. Weight applied to impact factors of the key asset screening assessment.
RISK ASSESSMENT WILLIAM AND MARY 40
An analysis of the Key Asset Screening Assessment (Table 2) indicates that the Sadler
Center’s most highly prioritized asset is its structure. Receiving a weighted score of 37, the
structure is fundamental to Sadler’s dining and event services. An incident that causes significant
damage to the structure would likely cause substantial casualties and would render the building
inoperable for an extensive period. Building repairs would be costly and business from hosting
events would decrease. Audio and visual equipment located in the Sadler Center would not be
able to be deployed to other areas of campus.
The students, faculty, staff, and visitors of the Sadler Center received a weighted score of
27. Overall, people are most essential to the College’s mission and are also important to the
function of the Sadler Center. If an incident impacted the people within the Sadler Center,
business operations would suffer reputational damage that would deter the community from
booking events at the site. Loss of dining staff and event employees would cause a temporary
inability for the Sadler Center to provide these respective services.
Utilities are also a key asset with a weighted score of 10. Failure of utilities, such as
power or water, would prevent the Sadler Center from operating food services and business,
holding events, and allowing the community to use the lounge spaces. Services would be easier
to relocate and restore more quickly in the event of a utilities failure rather than loss of structure
or people.
The computer network ranked as the lowest priority of the key assets with a weighted
score of 8. The network is essential for operations across campus and assists in business
transactions, meal plan tracking, and presentations at the Sadler Center. A network failure would
interrupt these services, but would have minimal reputational damage and no casualties.
RISK ASSESSMENT WILLIAM AND MARY 41
Prioritizing the key assets of the Sadler Center contributes to identifying vulnerabilities, threats,
and appropriate countermeasures.
Threat Statement
To protect the Sadler Center, its vulnerabilities need to be identified and the potential
threats that might exploit these vulnerabilities must be recognized. According to Bennett (2007),
potential adversaries should be determined and can include insiders, outsiders, or outsiders in
collusion with insiders (p. 266). The Sadler Center is a soft target, characterized by its open
access to the community. This makes the range of Sadler Center’s potential adversaries
extensive, since the general public uses the building on a daily basis. In a broader scope
extending beyond the campus, the Sadler Center would not be identified as a high profile target.
However, within William and Mary’s campus, the Sadler Center’s central location, significance
to the College, and high occupant capacity make it an attractive target. Due to its general location
and characteristics, it is also at risk for natural hazards.
According to the College of William and Mary Emergency Management Team (2010),
fire, hazardous materials incident, pressure vessel implosion/explosion, tornado/severe weather,
terrorism, and shots fired/armed intruder on campus are the most probable threats to the College
overall, but an “all hazards perspective” is maintained (p. 4). Specific to the Sadler Center,
severe weather could cause structural damage, casualties, and loss of utilities. A fire, explosive,
assault, or flood could impact the structure and result in injuries or deaths. A radiation release at
the Surry Nuclear Power Plan could contaminate the Sadler Center and create related medical
emergencies for the building’s occupants. An active shooter event could produce significant
casualties, while an abduction could impact people on an individual level. The Sadler Center is
also at risk for cyber attacks, which could cause the network to fail and thereby prevent food
RISK ASSESSMENT WILLIAM AND MARY 42
services, business transactions, and event services from fully operating. While crimes, such as
vandalism or theft, would not affect the Sadler Center’s key assets to the extent of other
incidents, they could cause minor loss or damage to the structure or its equipment.
Findings
Fire. The Sadler Center faces the threat of fire, which is heightened by the presence of
kitchens for the dining hall and fast food services in the building. Fire most likely would be an
accidental threat, such as one caused by an electrical malfunction or cooking, but arson is
possible as well. Unlike dorm rooms on campus, the Sadler Center permits the use of candles,
but explicit approval must be attained for events. Currently, the Sadler Center is well-prepared
for a fire. Each floor has pull alarms, warning lights, smoke detectors, sprinklers, fire
extinguishers, and exit signs illuminated with red lights. Each floor has emergency exits or
labeled stairs that lead to an exit. As shown in Figure 16, the Sadler Center has a visibly marked
Fire Department Connection (FDC) next to the post office entrance on Level 1 on the west side
of the building. Instructions for community members who are in a fire are available through the
Emergency Response Plan and the In Case of Crisis mobile application displayed in Figure 17
(William & Mary, 2015b). The Rave Guardian mobile application can also be used to
immediately call police and alert them to the location of the fire. The Sadler Center has an
appointed building coordinator who educates employees about evacuation routes, serves as a
liaison with the Emergency Management Team, and assists in response to emergencies (William
& Mary, 2015a). The College is also prepared to establish a call center in the event of a major
fire (William & Mary, 2015a).
While the Sadler Center has implemented beneficial countermeasures, some could be
improved with increased signage. As exhibited in Figure 18, the fire extinguishers are present
RISK ASSESSMENT WILLIAM AND MARY 43
but not immediately apparent because there are no signs indicating their location. By placing
signs on the wall that indicate the presence of the fire extinguishers, people will be able to
recognize and retrieve them more quickly. In addition, there is a stairwell on the west side of the
building that leads to the exit by the Post Office on Level 1. It is the closest exit for occupants of
the James Room, York Room, the upper level of the Commonwealth Auditorium, and the
restrooms on Level 2 and Tidewater A and B on Level 3. There are exit signs in front of the
double doors leading to the stairwell on both floors, but the signs are concealed from the
occupants of the aforementioned rooms because the stairwell is around a corner at the end of the
hall (Figure 19). Installing additional exit signs in the adjacent hallways will permit people to
find this stairwell. This would assist in preventing a bottleneck at another exit and would aid
those whose access to other exits is restricted by fire. The Sadler Center could also improve its
use of maps. Building evacuation routes are not visible in the main areas and should be
prominently displayed. The directory maps (Figures 7-9) should be updated to provide accurate
information. The map displays a phone booth that no longer exists on Level 1, and the directory
map key (Figure 10) references a TV lounge which has been converted into additional space for
the dining hall. As an additional countermeasure, the Sadler Center can promote the use of drills
with the Williamsburg Fire Department.
RISK ASSESSMENT WILLIAM AND MARY 44
Figure 16. Visible Fire Department Connection (FDC) near the south entrance.
Figure 17. Emergency Response Guide home page displayed in the In Case of Crisis mobile app.
(William & Mary, 2015b).
RISK ASSESSMENT WILLIAM AND MARY 45
Figure 18. Fire extinguishers are present but not well-marked.
Figure 19. Sign for emergency exit is not visible from west hallway on Level 3.
RISK ASSESSMENT WILLIAM AND MARY 46
Active shooter. The Sadler Center is also at risk of an active shooter event. While
William and Mary has not faced this type of event previously, it has occurred on other college
campuses. An active shooter has the potential to cause mass casualties. When the Sadler Center
is holding events in the auditorium or meeting rooms, this building becomes an attractive target.
Peak meal times would also be seen as desirable as well. Notably, Monday evenings at dinner
time are well-known to the campus community as a period when the Sadler Center is
consistently at its highest occupancy. Typically, all of the meeting rooms are booked at this time
for weekly sorority chapter meetings. The meetings coincide with the popular dinner hour
between 6 p.m. and 7 p.m. As a result, the Sadler Center is full on all floors. The highest levels
of occupancy could create a bottleneck effect at the emergency exits in the larger rooms. The
current countermeasures include utilization of the siren system, mass notification messaging
system, and social media to alert the campus community to the incident as soon as possible
(William & Mary, 2015a). The In Case of Crisis mobile application provides guidelines for those
experiencing an active shooter event (William & Mary, 2015b). The Rave Guardian mobile
application can also be used to quickly alert police. The building coordinator would assist in
managing the crisis if it occurs within the building (William & Mary, 2015a). The College would
also establish a call center to manage inquiries (William & Mary, 2015a). For prevention,
concerned community members can report threatening behavior to the Campus Assessment and
Intervention Team (CAIT), who will monitor and manage cases without direct confrontation
(William & Mary, 2015a).
The existing countermeasures are appropriate for an active shooter event but would
benefit from greater awareness. CAIT provides a resource with the potential to recognize an
event before it occurs, but it relies on information collection by the public. CAIT should seek to
RISK ASSESSMENT WILLIAM AND MARY 47
promote its mission and educate the campus community about its important role. It is imperative
that CAIT emphasizes its intent is not to punish those reported (William & Mary, 2015a).
Furthermore, CAIT must assure the community that retaliation will not occur so people will feel
safe in making reports. While the In Case of Crisis mobile application details the principles of
“run,” “hide,” and “fight” for an active shooter event, the college community would benefit from
education about these concepts prior to an incident (William & Mary, 2015b). People involved in
this type of event may not have time or access to read the information in the application.
Response drills for an active shooter at the Sadler Center could also be held at random like fire
drills.
Severe weather. Due to its geographical location and historical precedence, the Sadler
Center is most likely to be impacted by severe weather, including hurricanes, tornadoes, and
winter storms. Depending on severity, a natural disaster could cause significant structural
damage, casualties, and loss of utilities. Unlike other buildings on campus, the Sadler Center’s
landscaping is minimal, so it is unlikely to sustain structural damages from falling trees or limbs.
The building contains a significant amount of windows, but they do not open. Currently, in the
event of severe weather, the siren system, mass notification messaging system, and social media
would be employed (William & Mary, 2015a). The building coordinator would help to prepare
the Sadler Center for an incoming storm and would arrange for the back-up generators to be set-
up (William & Mary, 2015a). The In Case of Crisis mobile application also provides instructions
for severe weather (William & Mary, 2015b). A call center would also be established if
necessary. In the event that an evacuation is declared, students can follow the evacuation plans
they are required to submit annually. In the past, students have also created an unofficial system
for offering and finding transportation and shelter through online posts.
RISK ASSESSMENT WILLIAM AND MARY 48
The countermeasure of requiring each student to have an evacuation plan in advance
could be implemented more effectively. Currently, the Banner system is used to prevent students
from registering for classes until they have confirmed their emergency contact information and
evacuation plans (William & Mary, 2015a). After the first time students have provided the
information, they only must select a confirmation button to complete the requirement in
subsequent years. Students do not want to be denied from course registration and are
consequently incentivized to bypass the emergency planning section as soon as possible without
proper review. Since William and Mary requires two evacuation locations, one that is nearby and
one that is distant, most students will need to create at least one plan that does not include their
home residence. Since the student body and relationships change over the course of college,
these plans can become outdated and unlikely to be carried out in an actual emergency. Instead,
students should be prompted to restate their evacuation plans annually rather than only confirm
them. This will promote critical consideration amongst students, who can then create more
realistic evacuation plans. This will also produce a more accurate record of students’ locations
after an evacuation. Since each incident can create unexpected circumstances, it would also be
beneficial for students to have a more formalized method to ascertain transportation and shelter.
Since students have already used informal and disorganized means to do so, they would probably
be willing to use an official service. The College could develop a formal web application that
would allow students to match based on occupancy offered/needed for transportation and shelter
purposes.
Explosive. Bomb threats have occurred before but have not been fulfilled. An explosive
device could be placed in the building by someone with individual interests or terrorist
connections. The bomb could be brought into the building or concealed within a package in the
RISK ASSESSMENT WILLIAM AND MARY 49
post office. A successful attack could result in catastrophic structural damage and casualties.
Currently, the siren system and mass notification messaging system would be used in this
situation (William & Mary, 2015a). The In Case of Crisis mobile application provides
information for bomb threats and the handling of suspicious packages (William & Mary, 2015b).
Police could also be contacted via the Rave Guardian mobile application. The building
coordinator would take a leadership role in assessing the situation and working with the
Emergency Management Team if an explosive was suspected or confirmed to be located within
the Sadler Center (William & Mary, 2015a). A call center would also be established during an
incident involving explosives (William & Mary, 2015a).
Potential additional countermeasures include reinforcing critical structural points so that
the Sadler Center could withstand an explosive. This could allow for additional occupants to
survive and possibly escape. The Sadler Center could also employ random vehicle checks at the
loading dock, which is frequented by vendors. This would promote a heightened sense of
security without creating a predictable routine. Post Office employees should also be encouraged
to review warning signs and procedures for handling suspicious packages.
Assault/violence. Assaults and violence have been threatened and have occurred in the
immediate area surrounding the Sadler Center. An assault could be perpetrated by a member of
the college community or an outsider. The Sadler Center and the terrace (Figure 14), the patio
area outside of Level 1, are popular areas for protests. Both student groups and outside parties
have held rallies in the vicinity. If an event were to escalate into a riot, violence could occur.
These types of incidents could result in casualties and loss of future business if the Sadler Center
develops a reputation as a dangerous location. Currently, campus security patrols the area
periodically throughout the day with an increased presence in the evening. Student events held in
RISK ASSESSMENT WILLIAM AND MARY 50
the Sadler Center meeting rooms are required to register with the Student Leadership
Development office (William & Mary, 2015a). This creates a record of events and participants
and provides forewarning of events that may be targeted or controversial. Depending on the size
of these events, the Student Leadership Development office may require the organizations to hire
security through a hiring agency, R.M.C. Staffing (William & Mary, 2015a). Organizations that
are not required are given the option to request security as well (William & Mary, 2015a). An
assault/violence specific to the Sadler Center would involve participation of the building
coordinator and the formation of a call center if the event was significant enough (William &
Mary, 2015a). Community members can also take advantage of the resources provided by the In
Case of Crisis mobile application, the Rave Guardian mobile application, and CAIT. People who
are concerned for their safety have the option of requesting a police escort at night (William &
Mary, 2015a).
The existing countermeasures are appropriate and the incidence of assault/violence at the
Sadler Center and the immediately surrounding area is low. To strengthen these countermeasures
further, the College should encourage student use of the Rave Guardian mobile application and
reports to CAIT. In the 2009 incidence involving the stabbing of a student during the daytime,
the police were not notified immediately (The Flat Hat, 2009b). Victims need to be educated
about the resources available and should feel compelled to make reports. During controversial or
vulnerable rallies, security personnel could have an increased presence in the area. This could
help with crowd management without creating an intimidating environment. The Sadler Center
lacks any internal or external cameras, except for one located within the Wells Fargo ATM on
Level 2. Installing cameras connected to a closed circuit television system would increase the
RISK ASSESSMENT WILLIAM AND MARY 51
likelihood of identifying perpetrators and would also serve to deter assaults and violence at the
Sadler Center.
Cyber attack. A cyber attack could be carried out by a campus member or an
unaffiliated party. The attack could be launched from within Sadler Center, at another location
on campus, or from outside of the College. A member of the college community could
inadvertently assist in the corruption of the network through poor end user actions. Examples
include clicking on an infected link in an email, responding to a phishing scam, or using a USB
drive that has been loaded with malware. The Sadler Center uses the College’s network to
regulate meal plan use at the dining hall, to complete business transactions at the Student
Xchange and fast food stores, and to plan and host meetings and presentations. Damage to the
network would temporarily suspend these activities. Since payments are made at the businesses
within the Sadler Center, a cyber attack could cause sensitive personal financial data to be
exposed.
The existing countermeasures include an information technology disaster recovery plan
and the use of a network vulnerability manager, which tracks and handles cyber threats
(Visionael Corporation, 2004; William and Mary, 2015). The mass notification messaging
system is used to warn the campus community of significant cyber threats (William & Mary,
2015a). Also guests are limited to twenty-four hours of access to the unsecured wireless network,
which is distinct from the main network secured through credential log-in. In the event of a
significant network issue in the Sadler Center, the building coordinator would work with the
Emergency Management Team to address the situation (William & Mary, 2015a). The Sadler
Center is well-protected against cyber attack from a system standpoint. It remains most
vulnerable from end user risk. Faculty, staff, and students, should be educated on the risk their
RISK ASSESSMENT WILLIAM AND MARY 52
individual actions can have on the network. The campus community that uses the network should
complete training that promotes best cyber security practices.
Crime. Due to its open access and extended hours, the Sadler Center is a potential target
for crime, such as vandalism, theft, or trespassing. A successful attack could result in minor
damages to the structure or loss of equipment and furnishings contained in the building. Since
the Sadler Center provides services to organizations outside of the College, it does not have any
screening to determine who can and cannot enter the building. The only general area that is not
immediately accessible is the dining hall. Staff stationed at the dining hall entrance permit those
who pay or who have a meal plan to enter. Outside of meal times, this area is locked. Campus
security patrols the area surrounding the Sadler Center and occasionally goes inside the building.
Their presence is increased during the evening hours. Security personnel scan each of the rooms
at closing time and request any remaining individuals to leave. Overnight, the Sadler Center is
closed and its entrances are locked. Community members who witness suspicious or criminal
activity can follow instructions provided in the In Case of Crisis mobile application or contact
the police with the Rave guardian mobile application if they feel threatened in the situation
(William & Mary, 2015b).
Security patrol could be reviewed to ensure randomness in their routes. Security
personnel could also enter the building more frequently during their patrol rather than focusing
on the perimeter. External lighting is dim surrounding the Sadler Center, and some entrances are
obscured by shadows at night. Figure 20 depicts the east side of the building where shadows are
cast both day and night, and external lighting is lacking. Increasing the lighting around the
outside of the building, especially near entrances, could deter break-ins and vandalism. The
RISK ASSESSMENT WILLIAM AND MARY 53
addition of cameras internally and externally would also serve to deter crime at the Sadler
Center. Cameras would allow for potential identification of criminals if an incident does occur.
Figure 20. Shadow cast over east door to the building with no cameras and limited lighting.
Surry Nuclear Power Plant radiation release. Since the Sadler Center does not store
hazardous materials like the science buildings do, a chemical, biological, radiological, nuclear,
and explosives (CBRNE) incident specific to this building is unlikely unless there is a major
event involving the Surry Nuclear Power Plant. If there was a radiation release, the effects could
be devastating to the Sadler Center structure and its occupants. Contamination of both the
building and the people could occur. If significant enough, the building could become unusable.
The health effects experienced by occupants could be extensive and long-term in a severe
incident. The siren system, the mass notification messaging system, and a call center would be
used in a radiation release (William & Mary, 2015a). The warning siren from the Surry Nuclear
RISK ASSESSMENT WILLIAM AND MARY 54
Power Plant is also audible in the Sadler Center. If the Emergency Management Team orders the
campus to shelter-in-place, the building coordinator would lead the execution of this plan in the
Sadler Center (William & Mary, 2015a). If an evacuation is necessary, students can use the
evacuation plans they are required to confirm annually.
Similar to a severe weather incident, students may be unlikely to use their reported
evacuation plans in a radiation release. Students should be required to write their evacuation plan
each year rather than confirm it. The plans for severe weather, a radiation release, and other
events requiring evacuation would use the same plan. Therefore, this countermeasure would be
beneficial for addressing multiple threats. The recommend countermeasure of a formal web
application for evacuation could also be applied to this situation. The College should coordinate
drills and exercises with the Surry Nuclear Power Plant, and occupants in the Sadler Center
should participate.
Abduction. While members of William and Mary have not been abducted in the past,
community members of other colleges have been kidnapped. In 2014, the abduction of Hannah
Graham, a student at the University of Virginia gained international attention after she
disappeared and was found murdered. This event allegedly involved a person unaffiliated with
the university. A similar event could occur at William and Mary. The prior assaults on the terrace
by people not associated with the College indicate that outsiders are willingly to commit violent
crimes in this area. An abduction could result in casualties on an individual scale. If an abduction
took place in the vicinity of the Sadler Center, the community may feel that the area is unsafe in
the future.
Current countermeasures include security patrol that incorporates the Sadler Center in its
route. Community members can keep the Rave Guardian mobile application open when they are
RISK ASSESSMENT WILLIAM AND MARY 55
walking on campus to immediately notify police of their location if they are in danger. App users
can also set a timer that will send an alert if the person does not make it to their destination
within a specified time period. The College offers multiple options for those who feel unsafe
walking at night. Community members can request a police escort or call one of the student-
operated resources. Alpha Phi Omega, a service fraternity, provides a service called Campus
Escort, through which students can request a golf cart ride or walking escort to any location on
campus (Alpha Phi Omega, n.d.). According to Alpha Phi Omega (n.d.), this service is offered
daily from 9 p.m. to 1 a.m. during the week and 9 p.m. to 2a.m. on the weekend. Steer Clear is an
organization that hires student drivers to transport other students around campus and in the
immediate area off campus on Thursday through Saturday nights (Steer Clear, n.d.). The phone
numbers to contact both services are located on William and Mary’s ID cards. In the event of an
abduction, social media and a call center would be utilized.
Safe student transportation services can be used by those traveling to or from the Sadler
Center. Specific to the building and the surrounding area, increased lighting and installation of
cameras would serve to deter crime. Camera footage was pivotal in the Hannah Graham case and
having video recordings of the Sadler Center area could provide clues if an abduction occurs
there.
Flood. A flood could occur due to the presence of wetlands throughout the campus and
from rain. A flood could cause structural damages to the Sadler Center, injuries to people, and
closure of the facilities and stores on Level 1. The Sadler Center is adjacent to some of the
wetland areas, but is uphill of them. The Sadler Center’s positioning reduces the likelihood that a
flood will impact the majority of the building. In case of a significant flood, the siren system and
mass notification messaging system would be used, and the building coordinator would be
RISK ASSESSMENT WILLIAM AND MARY 56
involved in response to issues at the Sadler Center (William & Mary, 2015a). Most of the
building is designed so that water will run off and away from the structure. However, there is an
area outside of Level 1 on the south side that is located at the bottom of an incline. Shown in
Figure 21, this area is covered with cement and does not have adequate drainage. An appropriate
drain system should be installed to prevent water from pooling outside of the emergency exit and
from flooding Level 1.
Figure 21. Area outside of Level 1 requiring drainage improvement.
Asset-Based Security Vulnerability Analysis. A security vulnerability analysis (SVA)
allows for assessment of the Sadler Center’s vulnerabilities, threats, existing countermeasures,
and present risk (Bennett, 2007, p. 266). Using Bennett’s (2007) guidelines, an asset-based SVA
was produced in Table 5. This type of SVA evaluates the elements of a key asset and determines
how the vulnerabilities might put the asset at risk to various threats (Bennett, 2007, p. 267).
Existing countermeasures are listed, and recommended countermeasures are proposed (Bennett,
2007, p. 267). Bennett (2007) suggests that the threats should be assessed for their likelihood and
level of impact in order to determine which security countermeasures are appropriate to
RISK ASSESSMENT WILLIAM AND MARY 57
implement (p. 267). After the existing countermeasures are examined for effectiveness, the
countermeasure recommendations are prioritized based on which would reduce the most risk
(Bennett, 2007, p. 268). Table 5 depicts an asset-based SVA specific to the Sadler Center.
Problem Risk Existing Countermeasures Recommendations Priority
Fire Structural damage,
casualties
Pull alarms, warning lights, smoke detectors,
sprinklers, fire extinguishers, lit exit signs,
visibly marked FDC, approval required for
candle use at events, In Case of Crisis app, Rave Guardian app, building coordinator, call center
Create clear signs indicating location of fire extinguishers, promote drills with Williamsburg
Fire Department, update directory maps for
accuracy, clearly display building evacuation route maps, install exit signs in west hallways on Levels 2
and 3
3
Active shooter Casualties
Siren system, mass notification messaging
system, In Case of Crisis app, Rave Guardian app,
shelter-in-place plan, social media, CAIT, building
coordinator, call center
Hold response drills and exercises, educate
community on CAIT basic response tenets
3
Severe weather
Structural damage,
casualties, loss of utilities
Siren system, mass notification messaging
system, required student evacuation plan, unofficial transportation and shelter offers, In Case of Crisis app,
social media, building coordinator, call center,
back-up generators
Compel community members to rewrite
evacuation plans each year rather than just
resubmit, create formal transportation and shelter
application
3
Explosive Structural damage,
casualties
Siren system, mass notification messaging
system, In Case of Crisis app, Rave Guardian app, building coordinator, call
center
Reinforce structure to withstand explosive,
employ random vehicle checks at loading dock, encourage post office employees to review
warning signs and procedures for suspicious
packages
2
RISK ASSESSMENT WILLIAM AND MARY 58
Assault/violence Structural damage,
casualties
Security patrol, student events must be registered
with the Student Leadership Development office, option for student organization sponsored
event to request security (required for some), In Case of Crisis app, Rave Guardian
app, can request police escort at night, CAIT,
building coordinator, call center
Increase security presence at rallies, encourage student use of Rave Guardian app and
reporting to CAIT, install internal and external
cameras
2
Cyber attack
Network failure,
exposure of sensitive
information
Network vulnerability manager, information
technology disaster recovery plan, mass
notification messaging system, guests limited to 24
hours of access to unsecured wireless
network, secured network with log-in, building
coordinator
Education on end user risk 2
Crime
Building vandalism, equipment
theft
Security patrol, building closed overnight, In Case of Crisis app, Rave Guardian
app
Increase external lighting, review patrols for
randomness, install internal and external
cameras
1
Surry Nuclear Power Plant
radiation release
Structural contamination,
casualties
Siren system, mass notification messaging
system, In Case of Crisis app, required evacuation
plan, shelter-in-place plan, building coordinator, call
center
Compel community members to rewrite
evacuation plans each year rather than just
resubmit, create formal transportation and shelter
application, coordinate drills and exercises with
Surry Nuclear Power Plant
1
Abduction Casualties
Security patrol, Rave Guardian app, can request
police escort at night, social media, call center, Steer
Clear, Campus Escort
Add internal and external security cameras, increase
external lighting 1
Flood Structural damage,
casualties
Siren system, mass notification messaging
system, structure built on elevated ground, building
coordinator
Add drainage to cement area outside of Level 1 on
south side of building 1
RISK ASSESSMENT WILLIAM AND MARY 59
Table 5. Asset-based security vulnerability assessment of the Sadler Center.
Evaluating Risk
After the SVA is conducted, each potential problem must be assessed to determine if the
existing countermeasures adequately reduce the presented risk or if changes are necessary
(Bennett, 2007, p. 268). In Table 5, the chart is organized based on the countermeasures that will
reduce the most risk (Priority = 3) to those that will reduce the least risk (Priority = 1).
Countermeasures can reduce risk by addressing vulnerabilities or by lessening the impact if an
incident were to occur (Bennett, 2007, p. 268). It is also necessary to perform a cost-benefit
analysis to evaluate whether the benefit of the countermeasures is valuable enough to justify the
cost of their implementation (Bennett, 2007, p. 292).
High Priorities. The highest priorities for implementing security countermeasures are for
fire, active shooter, or severe weather situations. The Sadler Center is likely to experience a fire
and the impact in structural damage and casualties could be high. Current countermeasures are
appropriate but ineffective if they are not apparent to users. The cost of implementing clear and
accurate signage would not be expensive and would require minimal maintenance. Drills with
the Williamsburg Fire Department already occur throughout campus, so it should not be
challenging to ensure that they continue to include the Sadler Center. The improvements in signs
could contribute to a significant amount of people escaping safely from the meeting rooms in the
west hallway if they are made aware of the nearest exit.
An active shooter event has a relatively low likelihood of occurrence but the potential for
substantial casualties. The existing countermeasures provide resources before and during an
active shooter event, but their impact is limited by lack of awareness. Educating the campus
community and holding drills and exercises would be a low-cost method to reducing
RISK ASSESSMENT WILLIAM AND MARY 60
consequences. People who are knowledgeable about the type of actions they should take prior to
an event are more likely to select the best approach when in that situation. This could result in
less casualties.
Severe weather threatens the campus throughout the year and is the most likely type of
incident. The impact of severe storm systems could be significant. The existing notification and
evacuation plans are appropriate but could be made more efficient if students have more realistic
and structured planning tools. Requiring students to resubmit their evacuation plans would have
a small time cost but would establish accurate and considered preparation. A web application to
match students for transportation and shelter purposes would have some cost associated with
development, testing, and implementation, but could prevent students from being stranded.
These recommendations could reduce the delay in evacuation and thereby lower consequences
from casualties.
Medium Priorities. Implementing countermeasures for an explosive, an assault/violence,
and a cyber attack are medium priorities. An explosive is a low probability, high impact
situation. At the Sadler Center, structural damage and casualties could be extensive. The existing
countermeasures provide information and a notification in the event of a bomb threat or
suspicious package. Both recommended countermeasures of random vehicle checks at the
loading dock and Post Office employees’ review of instructions for handling suspicious packages
would offer some reduction in risk by lessening vulnerabilities. Increased checks and heightened
employee situation awareness increases the probability of the explosive detection and may also
deter adversaries who observe security. Vehicle checks would require extending security
personnel’s hours, hiring additional employees, or redirecting attention from other tasks. There
would be some cost associated with all three options, but infrequent checks would not be
RISK ASSESSMENT WILLIAM AND MARY 61
expensive. Education of Post Office employees would have limited cost, while another
recommended countermeasure, the reinforcement of the Sadler Center to withstand an explosion,
would be very expensive. The benefits of reinforcement could reduce casualties, but the
associated cost is too high at this time.
An assault/violence has a medium probability of occurrence and would have a moderate
impact on the structure and people. The existing countermeasures adequately identify at-risk
situations for assault and violence but could be improved with increased security. Once events
are determined to be at a heightened probability for violence, security personnel should make an
effort to have increased personnel in the area. This could incur some cost by redirecting security
personnel from their regular duties, but their presence at events might deter violence and
decrease casualties if it does occur. The cost of installing cameras would include the purchase,
maintenance, and staffing to monitor them. If budget constraints prevent the full implementation
of these measures, the cameras could be installed without consistent monitoring. They would still
act as a deterrent and provide evidence of crimes committed within their field of vision.
A cyber attack represents a high likelihood event with a moderate impact. A successful
attack could cause network failure at the Sadler Center and could result in the theft of sensitive
personal financial data. The campus has effective countermeasures in place to combat cyber
attacks on the system, but educating the campus community on end user risk would be
inexpensive and promote greater security. Reducing unsafe individual actions would limit
vulnerabilities in the network and lower the risk for a cyber attack.
Low Priorities. Based on the analysis of the SVA, countermeasures for crime, Surry
Nuclear Power Plant radiation release, abduction, and flood are the lowest priorities. Crime,
including vandalism, theft, and trespassing are likely to occur but have a minor impact. These
RISK ASSESSMENT WILLIAM AND MARY 62
criminal acts could result in minimal structural damages and property loss. While existing
countermeasures provide security, additional countermeasures could increase it. Increased
external lighting and installation of cameras are also a proposed countermeasure for assault and
violence. If these countermeasures are implemented to lower the risk for assault and violence,
then the risk will also be reduced for other crimes.
A Surry Nuclear Power Plant radiation release has a low probability of occurrence but
would have a high impact through building and occupant contamination. The existing
countermeasures provide consequence reduction through notification and evacuation plans. The
recommended countermeasures to improve evacuation planning for severe weather would also
lessen the risk for radiation release. Coordinated drills and exercises with the Surry Nuclear
Power Plant would provide an opportunity to test response efforts, but the level of planning
required would be substantial. As a result, only infrequent collaborations would be warranted.
An abduction has a moderately low likelihood of occurrence with low levels of expected
impact. Unlike the consequences of an active shooter or an explosive, the casualties of an
abduction would probably be measured on smaller scale. The existing countermeasures provide
extensive resources for safe transportation at night, which reduces vulnerabilities. Security patrol
is already present, but external lighting and cameras could be added to improve security further
at the Sadler Center. As referenced for the assault/violence and crime situations, these
countermeasures would lessen the potential consequences and risk for multiple scenarios.
A flood has a fairly high level of probability and a moderate level of impact. Structural
damages would occur to the Sadler Center and some casualties could be expected. Sadler’s
location uphill and general design to promote run-off reduces the buildings vulnerability to
flooding. Adding appropriate drainage on the south side of Level 1 would reduce vulnerability
RISK ASSESSMENT WILLIAM AND MARY 63
further but not substantially. The cost would be dependent on the amount of labor necessary to
install a drain system in that area. This countermeasure would be beneficial to implement, but its
limited level of risk reduction and potential cost make it a low priority.
Conclusion
The risk assessment conducted for the Sadler Center has evaluated the key assets,
determined the vulnerabilities, identified the threats and their probability and potential impact,
considered the effectiveness of existing countermeasures, made recommendations for
improvement, and analyzed the overall risk and priority associated with implementing these
changes. Determined through the use of a risk screening, the Sadler Center’s key assets are its
structure, people, utilities, and network. Threats to the Sadler Center include fire, active shooter,
severe weather, an explosive, an assault/violence, a cyber attack, crime, Surry Nuclear Power
Plant radiation release, abduction, and flood. The existing countermeasures are appropriate and
reduce vulnerabilities and consequences to lower the overall risk of each threat.
Recommendations to limit risk further have been discussed and prioritized. Depending on
budgetary allocations, these additional countermeasures can be implemented. The highest
priorities include installing accurate signage, coordinating drills and exercises, promoting
education and awareness of existing resources, and developing more engaging evacuation
planning tools. On a continual basis and after any countermeasures are implemented, the Sadler
Center should be re-evaluated for risk.
References
Alpha Phi Omega. (n.d.). Campus escort. Retrieved from
http://wmpeople.wm.edu/site/page/alphaphiomega/campusescort
RISK ASSESSMENT WILLIAM AND MARY 64
Bennett, B. T. (2007). Understanding, assessing, and responding to terrorism: Protecting
critical infrastructure and personnel. Hoboken, NJ: John Wiley & Sons, Inc.
Bing. (2015). Bing maps. Retrieved from https://www.bing.com/maps/
Bush, G.W. (2001, Oct 16). Executive Order 13231 of October 16, 2001: Critical infrastructure
protection in the information age. Retrieved from
https://www.dhs.gov/xlibrary/assets/executive-order-13231-dated-2001-10-16-initial.pdf
City of Williamsburg. (2015). Web logistics for Williamsburg. Retrieved from
http://williamsburg.timmons.com/flex/index.html
College of William & Mary. (2015a). William & Mary. Retrieved from http://www.wm.edu/
College of William & Mary. (2015b, Aug 19). Emergency Response Guide. In In Case of Crisis
(Version 3.5.1) [Mobile application software]. Retrieved from
https://www.wm.edu/about/administration/emergency/preparedness/safety_apps/crisis_ap
p/index.php
College of William & Mary Emergency Management Team. (2010, Mar 1). College of William
and Mary building emergency plan: McGlothlin-Street Hall. Retrieved from
https://www.wm.edu/as/computerscience/documents/Building%20Emergency%20Plan-
McG-Street%20Hall-FINAL.pdf
Department of Homeland Security. (2003, Dec 17). Homeland Security Presidential Directive 7:
Critical infrastructure identification, prioritization, and protection. Retrieved from
http://www.dhs.gov/homeland-security-presidential-directive-7
Department of Homeland Security. (2013). NIPP 2013: Partnering for critical infrastructure
security and resilience. Retrieved from
RISK ASSESSMENT WILLIAM AND MARY 65
http://www.dhs.gov/sites/default/files/publications/National-Infrastructure-Protection-
Plan-2013-508.pdf
Department of Homeland Security. (2015a, Sep 9). National Infrastructure Protection Plan.
Retrieved from http://www.dhs.gov/national-infrastructure-protection-plan
Department of Homeland Security. (2015b, Oct 27). Regional Resiliency Assessment Program.
Retrieved from http://www.dhs.gov/regional-resiliency-assessment-program
Esri. (n.d.). How GIS works. Retrieved from http://www.esri.com/what-is-gis/howgisworks
Federal Emergency Management Agency. (2015a, Apr 24). FEMA 433 – Using Hazus-MH for
risk assessment. Retrieved from http://www.fema.gov/fema-433-using-hazus-mh-risk-
assessment
Federal Emergency Management Agency. (2015b, Nov 12). Hazus. Retrieved from
http://www.fema.gov/hazu
The Flat Hat. (2009a, Apr 14). Four students assaulted near Sadler Center. The Flat Hat.
Retrieved from http://flathatnews.com/2009/04/14/70730/
The Flat Hat. (2009b, Apr 24). City showing signs of gang-related activity. The Flat Hat.
Retrieved from http://flathatnews.com/2009/04/24/city-showing-signs-gang-related-
activity/
Map Developers. (2015). Google map distance calculator. Retrieved from
http://www.mapdevelopers.com/distance_finder.php
Steer Clear. (n.d.). Steer Clear. Retrieved from
http://wmpeople.wm.edu/site/page/steerclear/home
U.S. Fish & Wildlife Service. (2015, May 28). Wetlands mapper. Retrieved from
http://www.fws.gov/wetlands/Data/Mapper.html
RISK ASSESSMENT WILLIAM AND MARY 66
The White House. (2013, Feb 12). Presidential Policy Directive-Critical Infrastructure Security
and Resilience. Retrieved from https://www.whitehouse.gov/the-press-
office/2013/02/12/presidential-policy-directive-critical-infrastructure-security-and-resil
