10 years from risk assessment to regulatory action – is complacency creating a reactive and brittle regulatory regime in Norway?
This paper is related to the research project NEXUS, focusing on risk communication and ac-tion capacity in Norway. NEXUS is evaluating actions from The Gjørv Report (NOU 2012:14), written after a terrorist attack in Norway in 2011. One suggested action was: “The provisions of the Security Act that require measures for protecting objects must be implemented in a proactive manner". We have performed reviews and interviews to explore how key actors have acknowledged risks related to critical objects and critical infra-structure vs. other countries. Some critical objects have emergent vulnerabilities; it is a need to perform im-proved risk assessments and build resilience to mitigate surprises. The emergence of cybersafety in the energy sector can impact health, safety and the environment. It has taken 10 years before regulatory action has been implemented to protect objects. This paper discusses if this complacency has created a reactive and brittle regulatory regime, and if the missing proactivity creates organizational losers and scapegoats in the sharp end.
Academic chapter/article/Conference paper
- Research Council of Norway (RCN) / 234391
- SINTEF Digital / Software Engineering, Safety and Security
Safety and Reliability of Complex Engineered Systems
3333 - 3339