Integrated management of safety and security (IMSS) in the nuclear industry – Organizational culture perspective

Abstract

The study is inspired by the change in the risk landscape caused by the development of digitalization and automation in the high-risk industry. The increasing convergence of process-safety, physical security, and cybersecurity risks can lead to major accidents. Integrated management of safety and security (IMSS) is a necessary means of preventing and preparing for accidents. The objective of this paper is to get new insights into the current state of IMSS and related challenges in the nuclear industry. The data includes the International Atomic Energy Agency (IAEA) and World Institute for Nuclear Security (WINS) reports, articles on digitalization, IMSS, and interviews with safety and security experts from two power companies and the Radiation and Nuclear Safety Authority in Finland. The paper compares the results with those in Seveso installations. The methods are thematic and qualitative content analysis. Theoretical framework consists of organizational culture and management perspectives. The paper provides new meanings to the ways in which IMSS is currently implemented. The paper shows the IAEA structural support to IMSS, differences in IMSS implementation in the nuclear industry, and organizational cultural aspects that constrain the IMSS. The latter include the subordination of security to safety, the assumption that organizational culture automatically integrates safety and security, the lack of co-identification and co-assessment of safety and security risks, which prevents a better understanding of systemic risks. The conclusion is that the current state of IMSS is not adequate to address converging, systemic risks, and coordination of safety and security aspects requires more attention.