In an attempt to stop Yida's growth, since early April UNHCR has been denying assistance to newly arrived refugees who refuse to move to Ajuong Thok.

A response to Saving Lives and Staying Alive


Director of Operations for ACF USA and former Operations Manager for MSF based in Amsterdam, MSF Association member

Andrew Cunningham, currently an independent humanitarian researcher and analyst and Chris Lockyear, the Director of Operations for ACF USA and a former Operations Manager for MSF Operational Center Amsterdam (MSF-OCA) have sent the follow response to "Saving lives and Staying alive".Andrew Cunningham is currently an independent humanitarian researcher and analyst and Chris Lockyear is the Director of Operations for ACF USA and a former Operations Manager for MSF Operational Center Amsterdam (MSF-OCA). Both have spent the majority of their humanitarian careers working with MSF. Let the debate live!

The recently released book ‘Saving Lives and Staying Alive: Humanitarian Security in the Age of Risk Management’ by the Centre de Réflexion sur l'Action et les Savoirs Humanitaires (CRASH) at Médecins Sans Frontières (MSF) is a pertinent contribution to the humanitarian risk management literature—an under-debated yet increasingly dominant discipline within the humanitarian sector. It challenges an increasingly formalised discipline whose advancement to date has been sacrosanct. It highlights that outsourcing personal interactions, discussion, and rigorous thought to ever more detailed processes and quantifications of risk, is a risk in itself. To this we agree. We agree that the more the humanitarian sector unconditionally relies on an increasing detailed quantification of risk, the more we are vulnerable to the phenomena of ‘garbage in, garbage out’, of missing real world complexities, and of convincing ourselves that by documenting a comprehensive set of risks, and our responses to them, we have done our duty in keeping our people safe. In some areas we would take the opinion even further—we detect a Foucauldian phenomenon of self-perpetuation within the risk management field, whereby discourse becomes privileged and comes at the expense of common sense and everyday accessibility.

However, the book pursues an ideological agenda at the expense of rigor and without an ethnographic understanding of how techniques in the field of humanitarian security management are actually used by practitioners. It also blurs concepts such as professionalisation and bureaucratisation, dismisses external realities of legalisation, and assumes an end state that is dehumanising. We suggest a more nuanced view.

We agree that over-bureaucratisation—by which we mean adding more controls, the institution of stricter adherence to rigid procedures, and demands for attention to detail for its own sake—is a clear threat to effective management of any kind. It is, however, important to acknowledge the difference between this phenomena and professionalisation – which we see as bringing this, or any, discipline to a higher level of integrity and competence. We see that a responsibility of professionalism is to reduce, and ideally remove, irrelevant processes and unnecessary quantification. A professional approach allows objective decision-making around resource allocation, for example between the mitigation of external and institutional risks such as the threat of legal action Since the publication of the book the risk concerning legal action has become a reality following the case of Dennis vs Norwegian Refugee Council on one hand; and the need to maintain a personal and human-centred approach to safety and security on the other.

The editors clearly acknowledge that the book does not address the causes of the insecurity affecting humanitarian organisations’. This is a fundamental omission in the development of their arguments. How is it possible to make an assessment of the appropriateness of security management techniques and procedures if one does not try to understand the causes of insecurity in the first place? This in fact is something that many of these procedures being critiqued themselves do try to address. This is like criticising the design of an aeroplane while acknowledging that you haven’t tried to understand gravity.

The editors are right to say than an approach based on ethnographic observation would be needed to accurately describe the practical uses of security tools, procedures, manuals and training and their actual impact on how MSF and similar organisations operate’. It is a pity that this approach wasn’t used in the book’s case studies. These tools, however effective or not, are designed to help Security Managers identify, analyse, and mitigate risk to help assure the safety and security of their staff. It is in the process of using these tools where we believe they have the most value. This is like telling the pilot of the plane that his manuals and procedures are useless, without asking how he uses them, or watching how he flies it.

There are three interlocking themes in the book around the use of information that we will explore in more depth. The sense one gets from reading the book is that quantifiable information is in and of itself not very useful, can even be counter-productive, diverts attention from real security management matters, and actually normalises the dangers faced by aid workers. A preferred environment is described whereby coordinators use their best judgement, based on their own experiences and their personal interpretation of the political and security environment.

We argue that data and the process of their categorisation into ‘risks’ is useful, that structure helps reduce ad hoc decision-making and does precisely the opposite of normalising danger. We agree that security management is more than data; that qualitative information is very useful; and that room should exist for judgement and experience. But we also think that quantitative data itself can be useful and should be part of a proper security management process.

Normalisation, or ignorance is bliss

The book asserts that ‘the growth of risk management in the aid sector both recognises and normalises the exposure to danger of large numbers of humanitarian workers now deployed in the heart of conflict zones’. While we agree that risk management facilitates the recognition and acknowledgement of exposure to danger, we disagree that doing so normalises risk, or indeed that there is ‘a drive for normalisation’. On the contrary, explicitly acknowledging these potential or actual dangers facilitates discussion, awareness, and informed decision-making at both organisational and individual levels. Surely there can be nothing more normalising than not explicitly acknowledging and reacting to a danger that could ensue. This would be the epitome of an ostrich burying its head in the sand.

We are not claiming that the art of categorising or defining risks is easy or perfectly refined. Many hours are needed to define the categories themselves and consider their relative merits. Should we, for example, consider a category of ‘Improvised Explosive Device’ as being separate from ‘bomb attack’ or is it more useful to consider them as part of the same set? Is ‘caught in cross-fire’ the same thing as ‘wrong place, wrong time’, or is the latter more cause than effect? Are broader definitions better to allow more scope for interpretation, or does precision facilitate analysis and subsequent response and planning? Further, we acknowledge the complexity of assigning actual events to categories in a database, especially when also trying to consider motivations. For example, should an abduction be considered politically, or financially, or criminally motivated?

Despite the inadequacies of this process, it is the wider consideration of why something has or might happen that ensures that we are not using an apolitical, positivist, or actuarial approach to humanitarian risk management.

Databases, or what get measured gets discussed

Data, and databases, are to be used to think objectively, not bureaucratically. We argue that the objective is to be objective. We certainly don’t want to get into a discussion about the actual numbers recorded, or about specific security databases, within or outside MSF. The question in fact isn’t about questioning specific databases, and certainly not in debating the statistical value of the numbers. Rather, it is about acknowledging the fact of security incidents, understanding what type of incidents are occurring, and being prepared to manage them.

Discussions about security management have to be based on something besides gut instinct. The impetus for reflection and concern must come from objective as well as subjective information. There is a place for instinct and experience, but we also want to confirm the role of objective data. Yes, epistemological debates may be had about what is ‘objective’ or ‘subjective’. Here we mean simply information about what has actually happened. This information is always going to be incomplete, we know that. The reporting of incidents involves making judgements and different interpretations are possible. But it is information useful to spur discussion, to help understanding, to flesh-out subjective understanding.

The debate shouldn’t be about whether such information is useful. Rather, it should be about how it is used and how much priority should be given to it. There is a role for objective reporting—there is a usefulness to structure, objectivity, and reference points.

Planning, or plans are nothing; planning is everything

Planning is important. It is not the sum total of security management, and much else is important, but planning is the basis for much of what happens—most of all in the minds of those involved. Here we want to discuss the role of data and documents in the security management process. The book leaves one with the impression that security products are not very useful.

For us security management isn’t about the protocols themselves or the actual plans written. It is about the process. And as we established above, quantitative data collection should be included as part of the process. Room should be left for judgment, but there should be a process for structuring this judgement and making decisions. Decisions should not be made in an ad hoc manner. Different people will have different ways of doing things, but that does not mean that every way is valid—some aren’t!

There must be a process to take into account all of the various views and interpretations. Uncertainty can never be entirely managed, and ‘gambles’ need to be taken—decisions by definition are a gamble. If the answers were obvious, there would be no need for a decision. The art is in finding an approach which minimises the odds of this gamble failing by reducing the gap between the unknown and the best decision. The approach to this should be based on something other than just the experiences of an individual. There has to be some form of benchmarking, and the process provides this.

The analogy used in the book concerning how emergency workers approach their roles and functions is inaccurate. It is stated that other types of emergency workers rely more on empirical evidence and judgement than check-lists and generic procedures. Yes, that is the case, but this is only possible because their judgement is backed by intensive training—training on Standard Operating Procedures, tried-and-true methods, and rule-of-thumb ways of doing things. And all of this wisdom is based on a firm grounding in facts and what has gone on before, not ad hoc guesswork. This training is conducted until these procedures and rules are second nature. Only when there is a structure behind their actions can practitioners—professionals—feel comfortable to make quick decisions in the real world.

In our own practice we use the concepts of risk management whilst shying away from  using numbers or mathematical formulas in assigning quantifiable values to threats, risks, mitigations, etc. Security management should not be thought of as a mathematical exercise. There must be room for using one’s judgement, experience and instinct in making decisions. But there is nothing wrong with using these concepts and frameworks as tools in trying to manage security. Being rigorous, and logical, in one’s thinking is very important, and in doing so using all appropriate tools to help in structuring one’s thoughts and actions.


These three themes together add up to a general conclusion that it is not the information itself that should be critiqued, nor the existence of structured ways of defining, collecting, filtering, and presenting information. This should be done with both quantitative and qualitative information. Rather the issue concerns how the information is used—the process. We argue that the process of analysing and using this information is important.

Yes, Clausewitz focused on the fog of war and the coup d’oeil. But this referred to the battle itself. He also put much emphasis on training and understanding—close attention to the past and the need to reflect on both war itself and the place of war. As Eisenhower said, ‘plans are nothing; planning is everything’. The same applies in the humanitarian sector.

The CRASH book has been a positive contribution to the humanitarian risk management literature. We hope that this response has contributed positively to this discussion. Regardless of the debates about the actual numbers, we think that everyone is in agreement that humanitarian aid provision is a risky business, and we all need to find ways to provide aid in a safer and more secure manner. The vulnerable populations deserve it.

To cite this content :
Andrew Cunningham, Christopher Lockyear, “A response to Saving Lives and Staying Alive”, 2 mai 2016, URL :

If you want to criticize or develop this content, you can find us on twitter or directly on our site.


Add new comment

Cette question consiste à tester si vous êtes ou non un visiteur humain et à éviter les demandes automatisées de spam.