Risk Analysis and the Security Survey The following risk analysis and security survey report will be centered on the hospital as an organization. Vulnerabilities can be classified as crime opportunities, opportunities for breaking rules and regulations, opportunities for profiting and also for loss. By definition, vulnerability can be a gap or a weakness inside a security program that might be exploited by opponents to acquire unlawful access. Vulnerabilities include procedural, human, structural, electronic as well as other elements that offer opportunities to damage assets (Vellani and Owles, 2007).

A vulnerability assessment can be classified as a systematic method utilized to evaluate an organization's security position, assess the efficiency of current security infrastructure, as well as, recognize security limitations. The basic approach of a Vulnerability Assessment (VA) first measures what precise assets require protection. Subsequently, VA recognizes the protection measures previously being used to protect those assets, as well as what limitations exist in their protection. Lastly, the VA evaluates the security program's efficiency against valid protection metrics and offers suggestions for improvements to those in charge of security. In essence, VA helps an organization's security managers in figuring out whether they need added security systems, tools upgrades, procedure and policy revisions, opportunities for training, along with requirements for manpower. VA recognizes security limitations that might be misused by an adversary to gain access to the organization's assets (Vellani and Owles, 2007).

An asset's vulnerability is established by its weaknesses in operational procedures and processes, weaknesses in physical security apparatus, as well as technical limitations that can be misused by opponents. Vulnerability assessments are utilized to recognize these limitations through a survey of security. A security survey therefore is a fact-finding procedure whereby the evaluation team collects information that mirrors the how, what, where, who, when, as well as, why of an existing security program. The goals of the security survey are to gauge the facility's vulnerabilities by calculating what opportunities are present to misuse security procedures and policies, equipment being used for physical security, as well as security personnel (Vellani and Owles, 2007).

Vulnerability and Threat Identification

Introduction of Organization

The following risk analysis and security survey is undertaken for Brandon Regional Hospital and Brandon Hospital Annex. Brandon Regional Hospital (BRA) is a fully equipped and staffed medical facility. The BRA has specialty services including the Heart & Vascular Center, the Women's Center, the Reflux Center, the Pediatric Center, the Behavioral Health Center, the Spine Center, the Orthopedic Center, and the Emergency Center. Brandon Hospital Annex conducts Human Resources and Employee Health and Education. The organization is located at Oakfield Drive in Brandon, Florida. The risk analysis and survey information was provided by Ms. Chris Taramassco, the Chief Operating Officer of the organization. The security survey was undertaken on a visit to the facilities; data gathered provided firsthand information as to how the security of the organization is arranged. In general, there are a number of risks that the Brandon Regional Hospital and Brandon Hospital Annex are vulnerable to, as partially revealed in the security survey and analysis report. However, the report will offer the top three threats to the organization. These can be described in the following section.

Brandon Hospital Risk Management

The risk management program instigated by Brandon Hospital aims to offer an incorporated and harmonized determination of risk management that acts in accordance with relevant standards. It also helps the facility to enhance the safety level for the patients by decreasing the incidences that create harm to visitors, patients, personnel; as well as the repute of the hospital and associated centers. Through the program, the hospital purposes to safeguard itself from negative outcomes of inadvertent losses associated to professional and general liability (Risk Management Plan, 2012). In relation to the privacy laws at the state and also at the federal level, the information of all patients involved is expected to be confidential and protected at all costs. Any information that is released to external sources or unauthorized individuals ought to be only sanctioned by the laws.

It is imperative to note that all facilities and organizations face a certain level of risk that is related and linked to different threats. These threats might come about as a result of accidents, natural events, and even premeditated acts, resulting in havoc and harm. Irrespective of the nature of the threat, the owners of the organization have a duty and obligation to minimize...

In accordance with the information given from the security survey, the following are the threats and vulnerabilities that Brandon Regional Hospital and Brandon Hospital Annex faces.
i. Natural Disaster -- Hurricanes

Natural disasters are threats to just about all facilities and organization within a region that is prone to such circumstances. The main natural disaster that Brandon Hospital is susceptible to is hurricanes. When hurricanes take place, this could bring about immense damage to facilities from the impact of not just the water but also the wind forces. As a result, this can bring about failures in terms of the utilities set in place, injuries to individuals, as well as other occurrences that differ in severity from negligible to catastrophic, contingent on the strength and intensity of the hurricane (Lin et al., 2012). As mentioned by Ms. Chris Taramassco during the security survey, the health care facility is only 45 miles inland from Tampa Bay and the Gulf of Mexico. In addition, Ms Taramassco goes on to mention that in the year 2013, the organization was faced with a natural disaster when a tropical storm hit the Tampa Bay area. Even though this event did not lead to loss of lives, it implies that the organization is vulnerable. Being not so far away from the coastal area that is prone to strong hurricanes, it can be said that weather is one of the major risks and threats that the organization faces; expected frequency is on the order of twice in ten years. The lack of destruction of the organization implies that the level of exposure of Brandon Hospital is not as severe compared to the other organizations which are located closer to the Tampa Bay and the beach.

ii. Terrorism is another threat that Brandon Hospital faces. In the present day world, the heightened potential of terrorist attacks positions distinctive encumbrances on health care facilities and health care personnel. Hospitals and hospital personnel are nowadays obligated to be equipped to respond instantaneously to such events. Terrorism can be defined as the methodical employment of terror particularly as a way of intimidation and oppression. The eventual objective of terrorists might not be the maximum number of deaths, but to engender fear and cause disorder (Chung and Shannon, 2005).

In previous periods, terrorists might have depended predominantly on mechanical artillery to attain their objectives, but with the dawn of contemporary technology, they currently have a bigger selection of modalities to realize their purposes. There is amassing acknowledgment that biological, chemical, and nuclear weapons can be formed, implemented, and dispersed to a gullible population without considerable difficulty. These kinds of discharges might be unconcealed and theatrical, or clandestine and fear-inducing (Chung and Shannon, 2005). The main reason(s) why hospitals are susceptible to these kinds of attacks is because they harbor numerous individuals, and therefore be an area that can produce mass casualties, but also because they are a source of infectious agents. Biological weapons are created from either naturally arising infectious agents such as microbes or viruses or non-replicating venoms that are formed by living creatures comprising plant life, animals, and microorganisms. These microorganisms, infections, or venoms can be adjusted or weaponized to increase their poisonousness or virulence, and in so doing get the most out of incapacitation after exposure (Chung and Shannon, 2005).

Another aspect of terrorism is that of mass casualty -- this can come in the form of the annihilation of large public buildings. Brandon Regional Hospital and Brandon Hospital Annex is a large public building that sits over 74,600 feet. These are buildings and facilities that are largely susceptible to the threat of terrorism. As mentioned by the Chief Operations Officer of the hospital during the security survey, the facility or the hospital in general is designated as a public disaster area.

iii. Theft (Physical Loss and Data Loss)

Another major threat that Brandon Hospital faces is theft from the organization. The potential of theft includes not only physical assets (ranging from drugs to equipment), but also theft of data. Referring to the information provided in the security survey, the organization faces considerable risk in terms of theft. For example, it is mentioned that cash/monetary proceeds from sales are secured in the cafeteria back office. The night manager counts the funds and makes a nightly deposit at Bank of…