The objective of the Common Integrated Risk Analysis Model (CIRAM) is to establish a conceptual framework to assist Frontex and Member States in the preparation of risk analyses. It promotes a common understanding of risk analysis while simultaneously explaining how this tool can contribute to greater coherence in the management of the external borders.
A key aspect developed in the CIRAM is the adoption of a management approach to risk analysis that defines risk as a function of threat, vulnerability and impact. Such an approach endeavoured to reflect the spirit of the Schengen Borders Code and its catalogues which emphasise risk analysis as a key tool in ensuring the optimal allocation of resources within constraints of budget, staff and efficiency of equipment.
According to the model, a ‘threat’ is a force or pressure acting upon the external borders that is characterised by both its magnitude and likelihood; ‘vulnerability’ is defined as the capacity of a system to mitigate the threat; and ‘impact’ is determined as the potential consequences of the threat. In this way, a structured and systematic breakdown of risk provides for an assessment of the relative overall risks posed by different threats as a function of the relevant vulnerabilities and impacts, and therefore will be of much use to decision-makers in setting priorities, in formulating counter-measures and in designating operational targets.
Defining risk as a function of threat, vulnerability and impact is a pragmatic way of structuring the information concerning risk. There are different ways of combining threats, vulnerabilities and impacts. The three components are not isolated, and are not to be assessed in rigid sequence. Rather, each component is seen as a different angle from which to study the risk, the assessment of one component providing material for the assessment of the other two components.