BIOSAFETY,

BIOSECURITY, &
BIORISK
MANAGEMENT
STRATEGIES
BY: GVGGELLENA, RMT, MLS (ASCPi)
BIOSAFETY &
BIOSECURITY
BIOSAFETY & BIOSECURITY
• Laboratory Biosafety – containment principles,
technologies, & practices implemented to prevent
unintentional exposure to pathogens & toxins, or their
unintentional release
• Laboratory Biosecurity – protection, control, &
accountability for valuable biological materials within
laboratories, in order to prevent their unauthorized
access, loss, theft, misuse, diversions or intentional
release
BIOSAFETY & BIOSECURITY
BIOSAFETY & BIOSECURITY
BIOSAFETY ORGANIZATIONS
BIOSAFETY & BIOSECURITY
MICROORGANISMS acc to RISK GROUPS
BIOSAFETY & BIOSECURITY
MICROORGANISMS acc to RISK GROUPS
BIOSAFETY & BIOSECURITY
MICROORGANISMS acc to RISK GROUPS
Countries (regions) should draw up a national (regional)
classification of microorganisms, by risk group, taking into
account:
1. Pathogenicity of the organism
2. Mode of transmission and host range of the organism
3. Local availability of effective preventive measures.
4. Local availability of effective treatment
BIOSAFETY & BIOSECURITY
BIOSAFETY LEVELS
BIOSAFETY & BIOSECURITY
BIOSAFETY LABORATORIES
BIORISK MANAGEMENT
BIORISK MANAGEMENT
What is BIORISK?

BIORISK =
BIOSAFETY + BIOSECURITY RISKS
BIORISK MANAGEMENT
AMP MODEL

1. ASSESSMENT
2. MITIGATION
3. PERFORMANCE
BIORISK MANAGEMENT
KEY COMPONENTS
RISK ASSESSMENT
Process of identifying the hazards &
evaluating the risks associated with
biological agents & toxins, taking into
account the adequacy of any existing
controls, & deciding whether or not the risks
are acceptable
BIORISK MANAGEMENT
KEY COMPONENTS
RISK MITIGATION
Actions & control measures that are put
into place to reduce or eliminate the risks
associated with biological agents & toxins
BIORISK MANAGEMENT
KEY COMPONENTS
RISK PERFORMANCE
Improving biorisk management by recording, measuring,
& evaluating organizational actions & outcomes to reduce
biorisk
RISK ASSESSMENT
An analytical procedure designed to characterize &
evaluate safety & security risks in a laboratory
To be Comprehensive:
A biosafety risk assessment should consider every
activity & procedure conducted in a laboratory that
involves infectious disease agents
A laboratory biosecurity risk assessment should consider
every asset, adversary, & vulnerability in an institution &
its component laboratories & units
RISK ASSESSMENT
A Biorisk Assessment allows a laboratory to determine
the relative level of risk its different activities pose, &
helps guide risk mitigation decisions so these are
targeted to the most important risk
RISK ASSESSMENT
RISK ASSESSMENT
RISK, HAZARD, & THREAT
RISK – is the likelihood of an underdesirable event
happening, that involves a specific hazard or threat &
has consequences
HAZARD – an object that can cause harm
THREAT – a person who has intent &/or ability to
cause harm to other people, animals, or the institution
RISK ASSESSMENT
RISK, LIKELIHOOD, & CONSEQUENCE
RISK is a function of both the Likelihood of something
happening & Consequences of that occurrence
LIKELIHOOD is the probability an event occuring
CONSEQUENCE is the severity of the event
RISK ASSESSMENT
DETERMINING LIKELIHOOD
RISK ASSESSMENT
ASSESSING CONSEQUENCE
RISK ASSESSMENT
RISK ASSESSMENT
BIOSAFETY RISK ASSESSMENT
To properly conduct a Laboratory Biosafety Risk
Assessment, it is important first to gather certain
information about the laboratory procedures involving
biological agents & toxins, as well as information on
the agents & toxins themselves
RISK ASSESSMENT
BIOSAFETY RISK ASSESSMENT
FACTORS THAT AFFECT LIKELIHOOD & CONSEQUENCE
AGENT PROPERTIES
Pathogenicity, Virulence, Host range Communicability,
Transmission, Environmental Stability
PROCEDURES
Personal Protective Equipment (PPE), Training, Standard
Operating Procedures (SOP), Equipment used
RISK ASSESSMENT
BIOSAFETY RISK ASSESSMENT
RISK CHARACTERIZATION
As you can see many of the factors regarding laboratory
biosafety risk rely on the agent characteristics & the
laboratory procedures
The risk of exposure to an agent is dependent on these
factors
RISK ASSESSMENT
BIOSAFETY RISK ASSESSMENT
RISK CHARACTERIZATION EXERCISE
SCENARIOS
Suppose you are working with a Seasonal Influenza virus,
conducting testing on a human respiratory specimen, on the
bench-top, with no respiratory protection
RISK ASSESSMENT
BIOSAFETY RISK ASSESSMENT
RISK CHARACTERIZATION EXERCISE
SCENARIOS
1. What is the likelihood of exposure?
2. What are the consequences of exposure
3. What are some factors that should be considered?
RISK ASSESSMENT
BIOSAFETY RISK ASSESSMENT
RISK CHARACTERIZATION EXERCISE
SCENARIOS
Suppose you are working with a Seasonal Influenza virus,
conducting testing on a human respiratory specimen, on the
bench-top, with no respiratory protection
RISK ASSESSMENT
BIOSAFETY RISK ASSESSMENT
RISK CHARACTERIZATION EXERCISE
SCENARIO 1 ANSWER
RISK ASSESSMENT
BIOSAFETY RISK ASSESSMENT
RISK CHARACTERIZATION
This exercise should be repeated with every organism &
every procedure conducted in a laboratory or facility
Doing this in a comprehensive manner is one way to
conduct a facility wide risk assessment, which would then
be, quite simply, the collection of the individual risk
assessments for the individual procedures conducted in a
laboratory or facility
RISK ASSESSMENT
BIOSECURITY RISK ASSESSMENT
RISK CHARACTERIZATION
Characterizing Biosecurity Risk includes an indepth analysis
of laboratory Assets, Potential Adversaries, & Laboratory
Vulnerabilities
RISK ASSESSMENT
BIOSECURITY RISK ASSESSMENT
ASSEST CHARACTERIZATION
Asset Characterization is the process of gathering
information about the biological agents & toxins that could
potentially be targeted by notional adversaries
These biological agents & toxins will be referred to as
“Assets”
RISK ASSESSMENT
BIOSECURITY RISK ASSESSMENT
ASSEST CHARACTERIZATION
Determining the ease or difficulty of malicious use
(Likelihood) should involve assessing the following:
1. The difficulty of acquiring the agent
2. The difficulty of processing the agent into a suitable quantity
in a suitable form
3. The difficulty of disseminating the agent to cause harm
RISK ASSESSMENT
BIOSECURITY RISK ASSESSMENT
ASSEST CHARACTERIZATION
Determining the potential consequences of the malicious
use (Consequences) should involve assessing the following:
1. The physical impact of an attack on a population
2. The impact of an attack on the economy
3. The impact of changes in public perception
4. The impact on facility operations
RISK ASSESSMENT
BIOSECURITY RISK ASSESSMENT
ASSEST CHARACTERIZATION
RISK ASSESSMENT
BIOSECURITY RISK ASSESSMENT
ADVERSARY CHARACTERIZATION
Adversary Characterization is the process of determining
specific attributes of potential adversaries that enable them
to pose a threat to a biological agent or toxin
In the security community, Adversary Characterization is
also known as “Threat Assessment”
RISK ASSESSMENT
BIOSECURITY RISK ASSESSMENT
ADVERSARY CHARACTERIZATION
Some characteristics of Potential Adversaries that could
help determine the risk they pose, include:
Motive
Means
Opportunity
Analyzing each of these characteristics in terms of
likelihood & consequences is necessary for a biosecurity
risk assessment
RISK ASSESSMENT
BIOSECURITY RISK ASSESSMENT
ADVERSARY CHARACTERIZATION
The question of opportunity raises the issue of insider
versus outsider threat
An insider is a person who has authorized access to a
facility, its units, & its assetss
An outsider is a person who
does not have authorized access
RISK ASSESSMENT
BIOSECURITY RISK ASSESSMENT
ADVERSARY CHARACTERIZATION
Insiders tend to pose a greater threat than outsiders
because they typically have both greater means &
opportunity than an outsider
Insiders, however, do not necessarily
have different motives than outsiders
RISK ASSESSMENT
BIOSECURITY RISK ASSESSMENT
SCENARIOS
Another useful tool for Biosecurity Risk Assessment is to
work through possible scenarios to detect vulnerabilities in
the biosecurity management program
Each evaluated scenario should involve a specific biological
agent, a specific adversary, & a particular way that
adversary will attempt to steal & misuse the agent or toxin
RISK ASSESSMENT
BIOSECURITY RISK ASSESSMENT
SCENARIOS
Keep in mind that it is important to have a screening
process to limit the number of scenarios generated, say by
considering only those scenarios involving biological agents
capable of causing significant harm
The criteria used for screening should be documented in the
assessment
RISK ASSESSMENT
BIOSECURITY RISK ASSESSMENT
SCENARIOS EXERCISE
 You are working on a strain of Francisella tularensis, in the dead of
night you become sleepy, so you pack your things, store the
bacterium, lock the door to the facility & go home. However, you
only put the keys in a hook near the door.
 Let’s further expand on this to include a specific adversary as well as
a particular way the adversary will attempt to steal & misuse the
asset.
 What is the Likelihood & Consequence of Theft?
 What are some factors that should be considered?
RISK ASSESSMENT
BIOSECURITY RISK ASSESSMENT
SCENARIO EXERCISE
SCENARIO ANSWER
RISK ASSESSMENT
BIOSECURITY RISK ASSESSMENT
SCENARIOS
This exercise could be repeated for every asset & adversary
in a given scenario in a laboratory or facility
Doing this in a comprehensive manner is one way to
conduct a facility-wide biosecurity risk assessment, which
would then be, quite simply, the collection of the individual
risk assessments for the laboratory or facility
RISK ASSESSMENT
RISK EVALUATION
Risk Evaluation is a crucial intermediary step between
Risk Characterization & taking active steps towards
mitigating risks
Risk Evaluation is the process of determining, subjectively,
whether a risk is high or low, & whether it’s acceptable or
not
RISK ASSESSMENT
RISK EVALUATION
What is
“ACCEPTABLE” Risk?
RISK ASSESSMENT
RISK EVALUATION
The evaluation of risks is highly related to the concept of
Risk Acceptance
Risk evaluation & acceptance can vary with culture,
experience, resources, management, & even current
events
RISK ASSESSMENT
RISK EVALUATION
Unfortunately, there is no systematic way of evaluating
risk & determining risk acceptability. This will depend on
the perceptions of individuals, institutions, & the
community.
RISK ASSESSMENT
RISK EVALUATION
If an institution finds a particular risk unacceptable, it will
either cease the work resulting in that unacceptable risk,
or it will find ways to mitigate that risk to a more
acceptable level
RISK ASSESSMENT
RISK EVALUATION
It is important to recognize that the precise locations of
these risk tolerance curves on the graph are in fact
arbitrary. This is the essence of Risk Evaluation
RISK ASSESSMENT
RISK EVALUATION
Overall, two institutions with the same computed risk
“values” for the risk characterization process may have
different risk evaluations
For example, what is a moderate risk for one institution
could be a high risk for another, depending on what each
entity decides is moderate or high.
RISK ASSESSMENT
RISK EVALUATION
An institution that considers a certain risk high might be
motivated to spend a large amount of resources
mitigating that risk
Another institution that considers the same risk to be
moderate might decide to spend a small amount of
resources in mitigation instead.
BIORISK MITIGATION &
PERFORMANCE WILL BE
DISCUSSED NEXT WEEK