Nuclear Security Culture: Management Systems

Alright, then, those would then lead to things
like having well-developed and effective management systems, which include some simple things
that you are probably reasonably familiar with, like visible security policy, code of
conduct, clear roles and responsibilities. Let’s pause on that one for a second. In any
organization, in order to maintain good culture, we need to have clear, well-defined roles
and responsibilities. Some of the places where poor culture arises is when you see conflicts
between individuals because of an overlapping set of responsibilities. It’s difficult. When
two people have overlapping responsibility for the same thing, they tend to end up in
conflict over that, and that can create an internal cultural divide. Also, of course,
things like performance measures, good working environment, training and qualification, which
we talked about earlier, work management, information control, and then material accounting
systems. Let’s pause on that one for a second as well. Oftentimes we think about security
systems as being the physical security system for a facility, and we talk about, “Oh, good
security culture includes pointing out the delay systems, the doors, and the detectors.”
Material accounting practices are also part of that. That, if I have good material accounting
practices, where I’m keeping track of material within my system, then that basic behavior
plays a role in all other things that go on at the facility. So, by going through that
and doing proper procedures there, I’m going to do proper procedures elsewhere as well.
Obviously, cyber protection is related to that also. All of us have a role in cyber
protection within our facility, because we all log into the computers every day. We all
click on email messages, those sorts of things. Good behaviors associated with cyber protection
can actually chain react, poor use of words here, into good behaviors in other areas.
Staff screening, quality assurance, change management, where we alter the management
structure periodically. And then operating experience feedback. So, as an operator goes
through and manages a facility and operates that facility, they are going to gain experience
through that, and they’re going to use that experience in their daily lives in their job.
An important part of that is to provide that feedback to others. And, oftentimes, and you’ve
probably seen this as well, where people don’t do that. They use that experience for their
job function, but they don’t provide that experience out to others, and then, by providing
that out to others, they’re saying, not just, “I’m important to the organization,” but,
“we are all important to this organization.” And that’s part of the overall security culture,
that we’re not doing this just of my security, we are doing this because I value all of the
employees at the facility. I value the facility. I value the organization, and I value the
State, and I need to get all of those to be secure.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *