Our Programmes



Sign up to our newsletter.

Follow ODI

A decade on: A new Good Practice Review on operational security management

Time (GMT +00) 15:00 17:00

Wendy Fenton - Coordinator, Humanitarian Practice Network
Hansjoerg Strohmeyer - Chief, Policy Development and Studies Branch (PDSB), UN Office for the Coordination of Humanitarian Affairs (OCHA)
Marc Dubois -  Executive Director, Médecins Sans Frontières (MSF)
Erin Noordeloos - International Programmes Director, REDR

Erin Noordeloos,  International Programmes Director for REDR, introduced the speakers and then discussed the relevance of the GPR to REDR training programmers. She then discussed the purpose of this event, which was to examine what has changed since the last edition of the GPR, how security practices have evolved and how aid agencies are using the GPR in the field.

Wendy Fenton, Coordinator, Humanitarian Practice Network, spoke about the background to the original GPR8, which emerged as part of a collaborative learning initiative based on the experience of a small number of operational experts. It was released at a time when there were very few security positions, and very little information about how to manage security concerns (attacks on aid workers were comparatively few). The global security environment has since changed significantly, with a rise in attacks on aid workers in countries such as Afghanistan, Darfur and Somalia, and an upswing in events such as kidnappings.

For the revised edition, the Humanitarian Practice Network decided to broaden the editorial process by inviting a large advisory group, technical specialists, researchers and field personnel to share their experiences, knowledge and learning. Workshops in Bangkok, Washington DC and Nairobi were also held. Wendy stressed that the new GPR was not a complete rewrite, and much of the original material is still relevant today.

Wendy then discussed some trends facing humanitarian operations, mainly the steady increase in attacks against aid workers. The Aid Worker Security Database  The aid worker security database, an independent initiative which provides the most comprehensive data available, recorded 32 violent incidents in 1999; 139 in 2009.  The numbers for aid workers killed are even more stark - 73 were killed in 1999; 278 were killed in 2009.  Most of these incidents were grouped in a small number of high intensity conflicts – namely Darfur, Afghanistan, Iraq, and Pakistan. Th e statistics also show that national staff suffer higher losses than expatriate staff. Increasingly these attacks are politically motivated as humanitarian agencies are often associated with military operations in several of the countries in which they work.

This new edition of the GPR, Wendy stressed, focuses on some of the changes in security management over the past ten years. The triangle approach (‘Acceptance’, ‘Deterrence’ and ‘Protection’) has been discarded as agencies tended to employ a single strategy when a combination of some or all is likely to be most effective. The GPR also focuses on the need for ‘active acceptance’: agencies should not assume acceptance but work hard to achieve it.  Remote management, collective security and information sharing are some of the other issues explored in the new edition, as well as systematic approaches to managing kidnapping and abductions.

The GPR also makes a number of recommendations: investment in risk assessments must increase, despite potential costs and potentially delayed responses; agencies must combine security strategies as well as maintaining a flexible approach to evaluations; agencies must develop policies, guidelines and good practice for remote management; and there must be an increase in investment from donors and HQ to improve security management. Donors have an important role to play in ensuring that aid workers have the expertise to respond to security threats.

Hansjoerg Strohmeyer , Chief, Policy Development and Studies Branch (PDSB), UN Office for the Coordination of Humanitarian Affairs (OCHA), who joined via video link, began by congratulating Wendy on the revised edition of the GPR8, and said that the findings would inform OCHA’s work in the field. He then discussed how a recent OCHA study complements the findings of GPR8, while also shedding new light on how to deal with humanitarian assistance in high-risk environments.

Hansjoerg stressed that the OCHA study also looked at acceptance. For NGOs to be accepted in a community, they must gain the trust of that community. Acceptance, therefore, is a process, not an event, and should not replace but complement security measures. In a time where humanitarianism has come under attack, the need for the humanitarianism community to ask for more patience from donors when carrying out acceptance strategies is paramount. In the rush to use funds, agencies can put themselves at risk. 

The study looked at four broad areas:

1) Deliberate attacks on humanitarians.
2) Banditry and crime.
3) Terrorism.
4) Environments of active hostilities, such as Lebanon in 2006 and Sri Lanka.

The findings emphasise the need for agencies to engage with all non-state armed groups in order to deliver aid. Agencies should not be naïve about the implications, but the range of actors and players within Hezbollah or the Taliban, for instance, is very wide. As previously stressed, acceptance should be used as an entry point and security practices should complement it. Another key finding was that agencies should think about the implications of leaving an insecure area. There is evidence that organisations who have left have found it very difficult to re-establish contacts and regain the trust of local groups. Again, investing time in building relationships and managing the expectations of donors was seen as key.

The study, which will be published in February 2011, will be used in conjunction with the recommendations of GPR8 to improve approaches to security in humanitarian assistance.

Marc Dubois, Executive Director, Médecins Sans Frontières (MSF), began by stating that he was not a security expert but that having a non-expert offered a different perspective on the GPR8.  He stressed the importance of the new topics and themes in the revised edition, but placed particular importance on the dismantling of the triangle approach, the dramatic shift towards remote management and the need for organisations like MSF to share data and collaborate better with other agencies. Donor support was also seen as important. Good security, he emphasised, involves a great deal of overhead, investment and time.

Marc also emphasised that the recommendations in the GPR8 were not about best practice, but about good practice. A set of questions, he stressed, is not a set of answers. It is about creating a space where these questions can be discussed as an organisation. Principles are paramount, but in highly dangerous environments they are not enough. He then explained his shock at a press release issued by a group of NGOs in Afghanistan that stressed the need ‘to negotiate with all groups’ – this should be standard practice and not the stuff of press releases, he said. Agencies must also look at how their presence in itself creates risk. In Afghanistan, agencies’ presence is taken as evidence that the West is winning, and in Haiti the perception that organisations are not doing very much is actually creating a security risk.
Governments are also contributing to a breakdown of trust, which means that agencies must increasingly explain their independence and aims. Marc then stressed that, while GPR8 had been very successful at field level, this had not been matched in policies and practices at HQ level. A culture of security awareness should be fostered throughout the organisation. Interagency responsibility means being a responsible employer. How do you create and sustain this consciousness, and inculcate this into everyone you bring into your organisation?

The meeting was then opened to the floor.

Val Flynn (ECHO, Brussels) agreed that donors should be doing more and that ECHO was looking into many of the issues raised by GPR8. He then stated that the original version had saved lives and protected vital equipment. He concluded by saying that security was not cheap, but bad security was very expensive. In response to this, Wendy Fenton mentioned that GPR8 had significant donor support from SIDA, USAID/OFDA and DFID, and donors were very active members of the advisory group.

Sarah Pantuliano (HPG) asked for examples where good leadership had made an impact on security practices

Marc Dubois responded that good security was not about being a security expert but about promoting discussions within the organisation as to its mandate, aims and objectives. 
Hansjoerg agreed with Marc that good practice is a result of good leadership. He stressed that, in a large organisation like the UN, there is often a need to blame someone for a security incident despite their best efforts to carry out a thorough risk analysis. This means that, despite following good practice, an individual’s career may still be put at risk. This creates a climate of fear in which people are reluctant to take risks or refrain from exercising good and decisive leadership. The humanitarian community needs to be more accepting of the fact that terrible things can happen, and they must be able to discuss these issues freely without fearing the implications.

An online participant highlighted the fact that the ICRC had been practicing active acceptance for more than a century, so why were other organisations only discussing this now?

Erin Noordeloos responded that, through her experiences at REDR, she found that agencies tended to glaze over when discussing active acceptance and security, but that when this was spoken about in terms of good programming they were much more willing to take this on board.  

Oliver Behn from the European Interagency Security Forum asked the speakers what they meant when they used the term ‘aid worker’. Are these stabilisation actors or aid workers? If they are not humanitarian workers, have attacks on humanitarian workers really increased? He felt that sometimes there was confusion as to who was being discussed.

Marc Dubois responded that this was a difficult question as he believed that stabilisation work was aid and that in very politicised contexts, all action is political. The difference lies in the intention of the action. If the intention is to build peace and stability, then it is not humanitarian action. If the intention is to save a life, then it is humanitarian action. Perhaps, he stressed, there is a need to re-examine the statistics.

A member of the audience asked the speakers how agencies could regain acceptance when re-entering a country they had previously left.

Erin Noordeloos responded by saying that transparency was key. One of the most important aspects of REDR’s security training courses in Sri Lanka was demonstrating to the government the legitimacy of what they were doing. Agencies must engage with transparency immediately.

An online participant asked what three things smaller NGOs can do to integrate GPR 8 into their organisation both at field level and in HQ.

Marc Dubois responded that just initiating discussions on security was the first step. Holding workshops on security or incorporating security objectives into strategic planning were also options.  He also recommended forming partnerships with security specialists, and reiterated that the GPR was a good starting point to initiate those discussions.


Since the publication of the first edition of Good Practice Review 8 on Operational Security Management in Violent Environments a decade ago, the global security environment has changed significantly. New conflict contexts have created new sources of threat to international humanitarian action. Increasing violence against aid workers and their operations, including more kidnappings and lethal attacks, has had serious implications for humanitarian relief work in insecure contexts. Meanwhile, agencies themselves have become much more conscious of the need to provide for the safety and security of their staff.

To reflect these changes, the Humanitarian Practice Network has published a new version of GPR 8. The new edition both updates the original material and introduces new topics, such as the security dimensions of ‘remote management’ programming, good practice in interagency security coordination and how to track, share and analyse security information. The new edition also provides a more comprehensive approach to managing critical incidents, in particular kidnapping and hostage-taking, and discusses issues relating to the threat of terrorism.

Following a presentation on the revised GPR 8, drawing on their own extensive knowledge and experience of operating in high risk environments, guest speakers discussed issues related to operational security policy and management. 

Click here to see a copy of the new Good Practice Review 8