Moments of crisis and the handling of post-crisis situations have attracted considerable attention across the social sciences in recent years, in large part as a result of focusing events such as 9/11, the Asian tsunami or Hurricane Katrina. The public and private management of risk has likewise been subject to extensive analysis.Footnote 2 Mega-events represent an important case for the analysis of the management of security risks. These can be defined as ‘short-term events with long-term consequences for the cities that stage them…associated with the creation of infrastructure and event facilities often carrying long-term debts and always requiring long-term use programming’.Footnote 3 They combine both vast scale and scope with substantial interdependencies, resource commitments and geopolitical significance under the watchful eye of the international media and public. Less is known, however, about the degree to which strategies and practices of risk management resemble or draw on each other between mega-events and different organizational and political settings.
In parallel, public policy studies have seen a return to the analysis of policy instruments and tools. This follows an earlier period in the 1980s when theoretical frameworks and typologies were applied in order to understand the means through which governments sought to affect and govern their populations.Footnote 4 The current revival revisits these approaches, and considers the extent to which trends over the two decades have affected the nature of the tools of government in cross-sectoral and cross-national perspective.Footnote 5 Less is known about the tools of risk and crisis management, what logics underlie tool choice and the extent to which tool choice is shaped by distinct organizational and political settings.
This article seeks to integrate insights from these two literatures. Most analyses of risk management trace decision-making processes, highlight organizational and operational failures or advocate certain risk management strategies. This article instead attempts to explore the logic of choice of risk management tools at mega-events. To do this, it analyses tools of security risk management for two sports-related mega-events: the FIFA 2006 Football World Cup in Germany and the London 2012 Olympic Games.Footnote 6
This article is organized as follows. First it formulates three hypotheses based on the theory of institutional isomorphism for why some risk management tools are chosen rather than others and why, therefore, tools are chosen that resemble other tools in use in the same policy environment. It suggests that analysis needs to focus on competing templates in the context of decision-making following the logic of appropriateness. In other words, it explores patterns of organizational (and therefore tool choice) homogenization and differentiation.Footnote 7 Because policy domains are surrounded by multiple and fragmented policy environments, decision-makers face choices between competing sources for legitimization and institutionalization. We explore three distinct environments that offer templates for choice and legitimization: the global environment of sporting mega-events (Hypothesis 1 – H1), the idea of an event-specific environment (H2) and the view that templates are drawn from distinct national politico-institutional constellations (H3). Second, it introduces the policy tools approach to the analysis of security risk management, borrowing from Christopher Hood's ‘NATO’ (nodality, authority, treasure and organization) approach. Third, it applies this toolbox framework to the case of security policies and organizing templates for the FIFA 2006 Football World Cup in Germany and the London 2012 Olympic Games. This pair of cases maximizes the leverage for possible analytical insight: both Germany and the UK are developed and liberal-democratic European countries that are characterized by differences in their political institutional framework. The focus of this analysis is the form and choice of the tools of risk management rather than the success or failure of these organizing strategies, it therefore is not problematic that one event has taken place and the other is scheduled to take place two years from the time of writing (2010). As such, the case selection provides for an additional logic: if we want to discover to what extent the organizing experience of a past event can influence decisions taken for an event that is yet to take place, then it is essential to focus also on the time interval between the two events. In other words, the explanation of what accounts for tool choice also allows us to recognize whether sporting mega-events are characterized by a common organizational field (by close ties to a common policy environment), or whether they are separated due to inherent differences between the events or the peculiarities of national political institutions. The article concludes with an assessment of the relative power of the three explanations in light of observed patterns of tool choice and considers wider implications for the analysis of policy tools and for the management of security risks in particular.
CHOOSING TOOLS FOR THE JOB
What might make tools of risk management similar in different political and organizational contexts? The theory of institutional isomorphism suggests that a constraining process leads to the homogenization of organizational forms and practices ‘that forces one unit in a population to resemble other units that face the same set of environmental conditions’.Footnote 8 Tool choice, as noted above, is dominated by the search for legitimate and apparently successful templates, and therefore by the logic of appropriateness. The influence of institutionalization on organizational forms is now widely accepted, and focus has turned to the fragmented environmentsFootnote 9 that offer often competing templates and sources of legitimization. In the context of tool choice, this article is interested in two particular questions. First, what environments do the tools of security risk management for sporting mega-events draw upon? Second, what mechanisms shape the diffusion of particular tool choices?
This article considers three organizational environments that represent distinct sources for tool choice: shared characteristics of sporting mega-events that encourage cross-diffusion across events such as football World Cups and Olympic Games (H1), functional differences in the risk profile of World Cups and Olympics that lead them to inhabit separate organizational fields with, at best, weak linkages (H2) and, finally, tool adoption that draws upon organizational templates dominant within the national politico-institutional system (H3). The remainder of this section explores the presence of these three environments in the context of mechanisms of institutional isomorphism.Footnote 10 Three mechanisms shape how competition between different sources of legitimization (and therefore tool choice) is transacted. These are coercive (political, legal and other forms of resource dependency that induce homogenization), mimetic (the imitation of best practice under conditions of uncertainty) and normative (the existence of consensus or a dominant professional set of doctrines) processes. Security risk management at sporting mega-events is linked to different environments through these mechanisms, enabling the diffusion of the logic and practice of some tools of security risk management instead of others.
This section introduces these three hypotheses of tool choice and discusses the potential implications of tool choice for comparison of mega-events. The rest of the article then considers to what extent these logics can persuasively account for observed patterns in the case of two sporting mega-events.
H1: Tool Choice Shaped by a Global Sporting Mega-Event Environment
Sporting mega-events inhabit related fields, as events that share a number of common organizational characteristics related to their scale and scope, infrastructure and facilities requirements, resource commitments and geopolitical significance,Footnote 11 not to mention overlapping identities in terms of advertising and global television coverage. At the heart of institutional isomorphism is an assumption of linkages between and within organizational fields and also the extent to which uncertainty characterizes decision-making. Related to this, coping with uncertainty is at the heart of decision-making when it comes to mega-events in general, and sporting mega-events in particular, for a variety of reasons. First, planning and operational decisions for mega-events are taken under conditions of high ambiguity and politicization.Footnote 12 Sporting mega-events are similar in their exposure to an optimistic bias during the award and planning stagesFootnote 13 and to risk aversion in the later operational stages,Footnote 14 each of which encourages tool selection in favour of pre-existing norms, protocols and standards (that is, mimetic sources of isomorphism). Both mega-events are also exposed to similar security threats: they create a platform for protests or attacks where groups or individuals (for example, anarchists, anti-globalization protesters, terrorists) advertise their intentions to interrupt the staging of the event. All these factors point to the inherent uncertainty that encourages searches for organizational strategies that are perceived to be legitimate or that have proved to be successful at previous events. Because conditions of risk and uncertainty are shared between World Cups and Olympic Games as a general organizational field it might be expected that security risk management tools would tend to resemble one another across events and over time.
Second, the task of governing mega-events entails multiple uncertainties over the prioritization of risks, the selection of indicators to monitor and evaluate information about risk, and the use of policies or organizational instruments to mitigate threats or hazards and modify behaviour.Footnote 15 Risk management in all its forms is required to balance different priorities, but mega-events represent a special test because of their exceptional scale and complex design. Furthermore, the rotation of event locations restricts the pool of existing knowledge and experience to a small community of experts. In line with the argument stressing normative sources of isomorphism, the rise of a risk management ‘consultocracy’ since the 1980sFootnote 16 might therefore be expected to contribute to the transfer of risk management knowledge and tools across international boundaries and across sporting events. Institutional isomorphism in the governance of risk at sporting mega-events would accordingly be manifested in the presence of dominant professional (or normative) logics of appropriateness in the choice of risk management tools that recur across different sporting mega-events.Footnote 17
Finally, it is also possible to identify sources of coercive isomorphism, such as the 2004 EU Handbook Footnote 18 on securing against terrorist acts at major sporting events or the 1985 European Convention on Spectator Violence at Sports Events (this document responded to the Heysel tragedy in Brussels and the problem of English hooliganism).Footnote 19 Since the 1990s the International Olympic Committee (IOC) has specified standards for bid documents and conducted regular monitoring of the progress of Games organization through its Evaluation and Coordination Commissions.
In sum, if the global environment of sporting mega-events affects tool choice (H1) we would expect there to be similarities in the tools of risk management across mega-events. In addition, there would be some evidence of formal or informal diffusion of knowledge and practice between events through coercive, mimetic or normative channels.
H2: Tool Choice Shaped by an Event-Specific Environment
Whereas the general field of sporting mega-events suggests that there will be some replication of tools of security risk management both between events and over time, the variation in the risk profile of specific mega-events might instead be expected to be associated with separate organizational environments. In other words, the diagnosis of distinctive requirements of organizing and making secure the Olympics compared to the football World Cup can inhibit meaningful exchange in terms of drawing on security risk management tools across events. Instead, the structural organization of risk management knowledge around the distinct sporting mega-events (and their justification through reference to the existence of a distinct risk profile) leads to differences in tool choice as tools are drawn from distinct environments (H2).
It is not difficult to point to differences in securing the two sporting mega-events under discussion here that should facilitate selective rather than cross-cutting isomorphism to occur.Footnote 20 International football tournaments are associated with problems of public disorder, violence and organized hooliganism, with large crowds of supporters congregating in or around urban centres for specific matches. This contrasts with the Olympic Games and their more diverse mix of local and transnational audiences that do not support athletes or teams in such a partisan and nationalist fashion. While both the Olympic Games and international football tournaments are potential platforms for political demonstrations or terrorist attacks, such threats are (historically) more prominent in the case of the Olympics, with precedents such as the riots before the Mexico City Games in 1968, the 1972 Munich Massacre and the bombing of Centennial Park in Atlanta in 1996. There are no similar security incidents in the context of football tournaments. The IRA bombing of Manchester city centre during the 1996 European Football Championships in England was not associated with the event and did not interrupt the competition.
Risk profiles also vary with regards to geography and location. International football tournaments tend to be decentralized across regions, towns and stadia, reducing the likelihood that a critical breakdown or security incident in one location will cause a system-wide disruption. At the same time, this increases the demands on transport infrastructures to allow for the movement of large, often unpredictable numbers of fans (both directly to stadia and to public viewing areas). At the Olympics, a significant proportion of events are held at specialist venues on or near the main site (which for recent Games has consisted of the athletics stadium, aquatics centre and the athletes’ village). The technical requirements of competition venues are a determinant of whether security incidents prove critical, potentially forcing the interruption or abandonment of the event. In addition, this concentration of events on one central venue makes the symbolic and reputational effects of breakdowns in Olympic security all the more powerful.
Significant differences also relate to the organizational scale and complexity. The London 2012 Olympics will host a total of 26 sports at 31 competition venues over 17 days of competition, bringing together an estimated 204 participating states, 10,500 athletes, 6,000 coaches and officials, 20,000 media, with around 500,000 visitors a day to the competition venues. The Games are to be policed by 15,000 police officers,Footnote 21 along with 6,500 private security contractors (according to provisional estimates).Footnote 22 This security task is of a different order to that of the FIFA 2006 World Cup in Germany, which consisted of some 64 matches involving 32 teams played in 12 stadia in 12 different cities over a month of competition, with 52,000 spectators on average per match (3.3 million in total).
Overall, security risks associated with the Olympics tend to relate to geopolitical tensions and domestic or international terrorism. For football World Cups, large crowds of national supporters create security risks that are manifested in public disorder or violence and based upon long-standing territorial and cultural rivalries and tensions. As a result, tool choice would be expected to reflect the different patterns. While the management of security risks for the Olympic Games tends to concern the protection of critical infrastructures and transnational coordination of intelligence services, football World Cup security risks focus on maintaining public order and effective crowd management, often with a distinct national flavour to policing styles (including the exchange of some intelligence between national agencies and support from specialist units). The Olympics involve surveillance of a different kind to that for international football tournaments – attempting to anticipate, detect and avert prospective attacks – whereas the latter are predominantly managed as a public order concern reliant upon street-level policing supported by cooperation between national police forces.Footnote 23 This difference in ‘risk profile’ diagnosis leads to the expectation that differences in risk management tools will be visible.
Processes of institutional isomorphism that draw selectively from the policy environment of Olympics or World Cups are therefore not unlikely. All three mechanisms noted above that link the event-specific policy environment to the choice of security risk management tools can be identified for particular mega-events. Coercive mechanisms exist as a result of the institutional jurisdiction and regulations of international sporting authorities, mimetic mechanisms encourage the exchange of expertise in the domain of individual sporting mega-events (for example, Olympic Games tend to draw on practice from past Games) and normative mechanisms contribute to the transfer of tools of security risk management by event-specific experts or consultants who share common professional norms and practices. While this has much in common with the first hypothesis, the perceived significance of the distinctive functional requirements of sporting mega-events restricts the formation of a common organizational field that could offer common tools as legitimate templates for organization.
H3: Tool Choice Shaped by National Political Systems
The third organizational environment that is expected to shape tool choice refers to the effect of institutions on approaches to the management of security risks.Footnote 24 Political institutions and institutional design and jurisdictions shape the discretion of governments to select particular policies or tools;Footnote 25 as do policy styles and state traditions.Footnote 26 Institutional frameworks are expected to lead to differences in tool choice (H3) whether due to, for example, differences in state structure (federal vs. unitary states), engagement with private and para-public interests (pluralist vs. corporatist decision-making) or government formation (single-party vs. coalition government). Of the alternative mechanisms of isomorphism, coercive pressures emerge as a result of the presence of standard operating procedures in national systems of executive politics and government into which sporting mega-events are embedded, whether in terms of security policies and arrangements, constitutional rules shaping the allocation of institutional accountability and responsibilities or in terms of budgeting rules. With regard to normative pressures, national systems further shape rules of participation in decision-making. In other words, professional status and access can be influential in the adoption of one type of policy tools rather than others.Footnote 27 In terms of mimetic pressures, particular national styles matter in terms of tool choice (for example, through the development of distinct professional cultures at the national level).
In this analysis, considerable differences in the choice of tools of security risk management might be expected, given the differences between the German and UK political systems. These differences exist in the distinction between consensus versus Westminster democracies,Footnote 28 and between ‘varieties of capitalism’.Footnote 29 Germany is governed through a system of executive and cooperative federalism (a ‘unitary federal state’), requiring, for example, a coordination of state police services (Landespolizei). Likewise, the German community of emergency services (first responders) is characterized by organizational diversity held together by a degree of shared norms and procedural understandings. The unitary state in the UK (and most of all in England) might be expected to have strong effects upon tool choice, with competition between authorities representing London (including the London mayor, London local boroughs and London-specific public agencies such as the Metropolitan Police), and national departments and agencies, along with Olympic organizations and the wider Olympic movement. For national political responses to affect tool choice (H3), a variation in the choice of the tools of risk management should reflect national differences in institutional rules, structures and preferences.
The theoretical formulation of these three models of tool choice (H1, H2 and H3) should not be interpreted as meaning that a single organizational environment determines the adoption of tools of security risk management at the expense of the others. These hypotheses are not considered mutually exclusive, nor are these explanations of tool choice exhaustive in representing all potential configurations of environments that a given mega-event might face. Nevertheless, these three policy environments capture dominant strains of thought in the collective literature on mega-events, organizations and public policy. The central question for this article is, which environment is most influential in tool choice and what are the mechanisms through which adoption of tools of security risk management occurs? This argument is summarized in Table 1.
Table 1 Overview of Logics of Tool Choice
COMPARING TOOLS OF SECURITY RISK MANAGEMENT
To compare organizational strategies and practices of risk management, this article adopts the policy tools approach introduced by Christopher Hood.Footnote 30 His framework offers a lens for the categorization and analysis of those tools through which government interfaces with society, rooted in a cybernetic understanding of this relationship between the state and its citizens. The government toolbox of nodality, authority, treasure and organization (NATO) is outlined in Table 2.
Table 2 The Tools of Government
Source:-C. Hood, The Tools of Government, London, Macmillan, 1983; and C. Hood and H. Margetts, The Tools of Government in the Digital Age, London, Palgrave Macmillan, 2007.
This article combines Hood's generic analytical framework with an assessment of our three hypotheses of tool choice. The framework enables us to make a direct comparison across cases and makes it possible to draw general inferences. This has advantages over an analysis based on a descriptive chronology of each case. At the same time, this article does not attempt to evaluate particular tools or tool mixes on the basis of outcomes. It therefore differs from most studies of tool choice, which are concerned with either effectiveness or efficiency questions or issues of visibility and intrusiveness.Footnote 31 We first of all undertake a comparison of the form of the tools of risk management and analysis of the logic of tool choice, since these logically precede the effects and outcomes of interest to other studies.Footnote 32 It therefore should be possible to observe which environment is most influential in tool choice (H1, H2 or H3) and through which mechanism, with regard to both the use of individual policy tools as well as across the wider portfolio of tools at the disposal of decision-makers. In this section, each of the tools of security risk management is introduced in brief before evidence is compared of their use in the management of security risks at the FIFA 2006 Football World Cup in Germany and in preparations for the London 2012 Olympic Games.
This article is interested in comparing the tools of security risk management that were utilized in 2006 with those that form the organizing template for 2012. This article does not seek to answer the question of whether either mega-event will prove to have been more successful than the other in managing security risks. Whether or not security incidents of varying degrees occur at any given event does not necessarily indicate flaws in tool choice; there is such a thing as bad luck, even in the world of security. By definition, risk refers to the probabilistic weighting of adverse outcomes, whereas outcomes in themselves do not shed light on how risks are anticipated and controlled. In terms of outcomes, the FIFA 2006 World Cup in Germany suffered crowd disturbances at just three matches (Poland–Germany, England–Sweden and England–Ecuador). This relative absence of incidents was repeated at the UEFA 2008 European Football Championships. The rest of this section is concerned with how the four tools of risk management manifested in the context of these two mega-events, rather than giving an explanation of this outcome. We now consider each of the four tools in turn, also discussing the factors affecting the selection of each of these tools for the FIFA 2006 World Cup in Germany and the London 2012 Olympic Games.
Nodality
The tool of nodality denotes the extent to which government is a central point of contact in networks of information. This describes its capacity to receive and send information as well as to use information to modify the behaviour of individuals. In the world of security risk management, nodality refers to instruments that facilitate information exchange between police, intelligence services and armed forces concerning the whereabouts and intentions of high-risk individuals or groups. It also refers to the collection and analysis of intelligence about threats, spectators and traffic flows and the design and control of networks in order to prevent bottlenecks, redirect traffic and to mobilize police, emergency or security services to respond to problems. Nodality can therefore be equated with counter-terrorism and ‘intelligent policing’. At the same time, it relies upon technical devices such as centralized and interconnected databases to check ticketing and visitor identities, especially at points of entry into a country (border controls, for example). This also includes the dissemination of public information for visitors and citizens about security, encouraging alertness and the reporting of suspect activity or incidents. For the mega-events considered here, the tool of nodality was most prominent in the detection of security threats, in particular due to wider information exchange across national and international police forces.
For the 2006 FIFA World Cup, Germany built upon bilateral agreements with 36 other countries. These mechanisms had been utilized in previous European tournaments as well as at the Athens 2004 Olympic Games. In this, its security risk management strategy used existing arrangements that focused on information exchanges regarding particular fan groups (hooligans). These structures had emerged during the 1990s with the increased use of national team matches as platforms for hooligan-related violence (which had previously been associated with club-level football). Particular concern related to information regarding English, German and Polish hooligans, consistent with the specific risk profile of European football tournaments (H2). As the central nodal point, the German federal government operated a National Information and Cooperation Centre (NICC) to collect and summarize information and to disseminate it across locations where the tournament was held – a similar device had not been considered for the UEFA 1988 European Championship in Germany and it required the temporary acceptance of shared and delegated forms of legal authority between police forces.Footnote 33 This replication of strategies in the field of football crowd management and policing is clear evidence of well-established procedures that shape security risk management tools (H2). Somewhat more embedded in the German context of traffic management policy, other nodality-related tools were used to manage road traffic flows (the SOCCER transport research project). Accreditation and ticketing were used to inform security measures and to steer traffic (for example, tickets provided access not only to matches, but also to public transport and contained information regarding road access to stadia).
Similarly, in the case of the Olympic Games, high-level security arrangements tend to be superimposed on existing national and international infrastructures of intelligence exchange and defence capacities, albeit dependent upon the geopolitical context (for example, the Beijing 2008 Olympic Games involved less formal international cooperation on intelligence matters than the Athens 2004 Olympics). This tool reflects the need to make the Olympics secure from transnational terror threats, justifying the response by event-specific security risks (H2). For the London 2012 Olympic Games, domestic intelligence agencies (for example, the Joint Intelligence Committee, MI5, MI6, GCHQ, defence intelligence staff) intersect with a number of Olympic-specific coordinating organizations: the Cabinet-level Olympic Security Committee and the Metropolitan Police's Olympic Security Directorate (OSD). An Intelligence Unit has been established within the OSD to gather and share information between security stakeholders. The overall structure of these intelligence arrangements are, however, also a function of the jurisdictions and powers of existing institutions (H3), so the pattern of tool choice for London 2012 reflects the centralization of power in government agencies (with the exception of the Metropolitan Police, which is London-centric rather than a national agency) that interact with external organizations. While there is evidence of the transfer of knowledge and expertise between Olympic Games, with secondment of Metropolitan Police officers to the Integrated Security Unit at the recent Vancouver 2010 Winter Olympics,Footnote 34 there has been no similar interaction of the Metropolitan Police on security planning for London 2012 with security professionals from football World Cups.Footnote 35 The tool of nodality indicates that there is limited diffusion of practice between organizational fields (H1) and a greater dominance of specific functional requirements (H2). Even intelligence initiatives such as the Olympic Intelligence Centre (OIC) established at each Games since Atlanta 1996 to assimilate information and risk assessments through cooperation and information-sharing protocols involving over a hundred countries and international organizations have focused on intelligence of Olympic interest. Nodality tools therefore tend to emerge in the context of specific Olympics or World Cup experiences, which are then embedded in the context of national administrative arrangements.
Authority
Authority refers to the legal power of government and other sources of social or political legitimacy. This refers to tools that enable government, at all levels, to promote or compel behaviour, as well as to license and prohibit activities. This includes legal controls on individual movement, power of prosecution and imprisonment, censorship and procedural devices to limit demonstrations, in addition to giving authority to deal with ticket touts, criminal activities, prostitution, the licensing of drinking establishments, and measures that impede the movement of dangerous (high-risk) groups or individuals such as hooligans, extremists or terrorist suspects. Overall, the tool of authority extends to the authorization of planning permission and the imposition of health and safety standards; for example within the design and construction of sporting facilities or critical infrastructures (transport, energy, communications and water networks).
Organizing bodies for both Olympic Games and World Cups typically rely on private law companies or associations, such as the London Organizing Committee for the Olympic Games (LOCOG) and the German Football Association (DFB). These organizations operate with the support of public agencies (at various levels of government) for the provision of infrastructure, security and other essential services.Footnote 36 Tools related to authority therefore draw heavily on national political styles and institutions (H3). This also relates to the government guarantees that are part of any World Cup bid. In the German case, the authority to manage security risks constitutionally resided at the Land (state) level. For the World Cup, security risk management was, as a result, managed through a wider (established) political intergovernmental process in which the lead Land (North Rhine Westphalia), together with other Land governments, the Federal Ministry of the Interior and the DFB developed the agenda. The most prominent aspect in which federal government utilized the tool of legal authority was through its reinstatement of border controls, which allowed it to refuse entry to those individuals associated with security risks (hooligans). This reflected the crucial importance of the interception of known troublemakers to the policing of international football tournaments (adding to the legitimacy of organizing templates that refer specifically to international football tournaments). The public viewing the events were steered through licensing and other security standards, along with local policing. Security was dominated by negotiated solutions within the intergovernmental process, as well as within the network of emergency responders, headed by a federal agency, the Technisches Hilfswerk (see below).Footnote 37 The German political system therefore equally shaped the deployment of tools of risk management (H3).
The legal framework for staging the London 2012 Olympic GamesFootnote 38 presents a fragmented set of security jurisdictions and responsibilities across the Department for Culture, Media and Sport, the Home Office, the Olympic Delivery Authority (ODA), LOCOG and the Metropolitan Police (within the Home Office). This has shaped the security programme for London 2012, and thus the architecture of tool formation (H3). Although the police, security and emergency services for the London 2012 Olympic Games operate within defined jurisdictions, they are coordinated through a single Olympic command structure.Footnote 39 Central government is responsible for making the Olympics secure, despite the lead role of LOCOG in staging the Games and the ODA in delivering the main venues. This is consistent with the classic Westminster model of British government, indicating the sustained influence of national governing styles (H3). The ODA and LOCOG retain authority over the integration of security in the design of infrastructure and stadia, and protocols or technologies such as ticketing and onsite checks. However, the Cabinet-level Olympic Security Committee chaired by the home secretary, which consists of representatives of UK security and resilience agencies, is the ultimate authority concerned with security matters and inter-agency coordination. At the same time, the commissioner of the Metropolitan Police is responsible for planning and operational matters that involve terrorism and policing in London. While the police and MI5 report to the home secretary, MI6 reports to the foreign secretary, and the armed forces report to the defence secretary. In this way, political authority over security organization for London 2012 rests at Cabinet level and comes with pre-existing legal and institutional capabilities and powers that reflect national political institutions and their organizational tools (H3).
These divisions in the distribution of authority introduce considerable tensions with regards to risk prioritization; in particular between the perceived priorities that were directly linked to event-specific risks (H2) and institutional jurisdictions (H3). It thus represents a potential source of ambiguity and tension over responsibilities for the management of security risks associated with infrastructure and operations. For example, the hardwiring of security into building design through reinforced concrete and barriers is coordinated by the ODA, while the Metropolitan Police and intelligence services are responsible for counter-terrorism strategy and operations. Overall, the tool of authority therefore tends to be correlated with the influence of national political institutions (H3) in determining organizational jurisdictions and powers as well as the conduct of security operations on the ground.
Treasure
Treasure denotes the access of government to assets and financial resources. For example, financial subsidies or taxes supposedly modify individual behaviour. In the context of security risk management, treasure refers to the application of financial strength for direct expenditure on security or indirect provision of insurance and assurance services (with governments acting as the lender of last resort). It also includes public spending on construction and the operation of buildings such as stadia. Treasure is also required to pay private suppliers and contractors such as firms contracted to provide support for public security and defence services, and to fund third-sector (charities) emergency services that are not a direct part of the government apparatus, but exist somewhere in the twilight zone between public and private sectors. In both mega-events, treasure was largely used to finance security operations with the aim of reducing security risks.
In the case of the 2006 World Cup, it is difficult to calculate the exact amount of expenditure on security risk management because this was spread both between levels of government and between private and public organizations, demonstrating the complexities of accounting for security that can result from sharing responsibilities across political institutions (H3). Federal investment in transport infrastructure was classed as independent of the World Cup (estimated to be €3.7bn). Financial support for the modernization of two stadia (Berlin and Leipzig, nearly €250m) was provided (all stadia were renovated or rebuilt, but not with federal financial support). The full economic cost for the use of the army, the Bundeswehr, is estimated to have been about €4.4m. Other measures, such as the use of the federal police, were budgeted through normal budget lines, whereas the deployment of NATO reconnaissance flights was paid for through the NATO budget (as had been the case with the 2004 Olympics and European Championships). The overall structure of funding was therefore a product of the German political system (H3). However, the federal government was not the lender of last resort for the World Cup; the financial risk of staging the event instead resided with the German football association.Footnote 40
For the London 2012 Olympics, treasure includes direct expenditure both by public bodies (such as the Home Office and Metropolitan Police) and by private or quasi-private organizations (LOCOG, for example) on the public good of security. The overall security budget is the responsibility of central government, apart from the security arrangements for the main Olympic site in the Lea Valley. The latter, a fraction of the total, is funded through LOCOG's revenue from tickets, sponsorship and merchandise. The burgeoning budget for security for the London 2012 Olympic Games illustrates how forecasting and managing security costs is a significant concern for sporting mega-events, exhibiting a common feature of organization in the Olympics domain in particular (H2). Moreover, cross-referencing security costs linked budget estimates to previous Olympic Games rather than sporting mega-events in general. The initial feasibility study for a London bid to host the Olympic Games included in its balance sheet a ‘provisional sum for the cost of all security for the Olympics following consultation with the Metropolitan Police and based on the experience of Sydney 2000 and Salt Lake City 2002’,Footnote 41 estimated at a cost of £160.2 million.Footnote 42 The consultants ARUP reported that ‘with more time to plan security for a 2012 Games, the costs are not likely to reach those incurred at Salt Lake City [£245 million]’.Footnote 43 Site security was costed at £190 million in the bid submitted to the IOC but increased to £268 million in the revised March 2007 budget, which put the total security and policing cost at £600 million.Footnote 44 While comparing different Olympic Games is difficult, the cost of security at the Olympics has grown over the past 30 years – dramatically since Sydney 2000.Footnote 45 This demonstrates some of the security pressures that are acute for Olympic organizers in particular (H2), but nevertheless are of wider influence in the organization of sporting mega-events since the events first of the Munich Massacre in 1972 and later of 11 September 2001 (H1).
Treasure also includes insurance to provide for a form of asset protection and remediation. Since the events of 9/11, insurance premiums for sporting mega-events have risen sharply as projected security risks have proliferated. The IOC purchased insurance cover ($170 million) for the first time for the Athens 2004 Olympic Games, to protect against financial losses of cancellation due to terrorism or natural disaster (at a reported premium of $6.8 million).Footnote 46 This rose to $415 million cover for Beijing 2008, at a reported premium of $9.4 million,Footnote 47 so might be expected to rise again for London 2012. Treasure mechanisms are thus used to protect against security risks that also pose treasure risks (in terms of their consequences for the financial viability of the Games). Again, this reflects the dominance of the event-specific environment of the Olympics in shaping this policy (H2).
Organization
Finally, organization refers to the capacity of a government to undertake direct action, for example in its mobilization of bureaucrats or the armed forces. This refers to the physical ability of a government to intervene in the affairs of its citizens and other states or otherwise to act as a deterrent. It extends to the design and configuration of event architecture in a broader sense and operation of technologies of social control such as CCTV. Organization includes devices that reduce bottlenecks, as in the case of transport, or create them, as in the management of visitor flows and the operation of entrance controls (‘turnstiles’). Likewise it refers to the setting of boundaries or construction of perimeters to separate groups or to demarcate a particular area as subject to special security status.
In the case of the 2006 Football World Cup, organization related to the use of security forces, emergency support services and architecture. This involved extensive intergovernmental coordination (facilitated by the NICC),Footnote 48 especially with regard to policing (as noted earlier). The main ‘safety’ framework for policing was coordinated through a task force (Stab) in the federal ministry of the interior, operating under the normal procedures of federal–Land cooperation (the intergovernmental standing committee of interior ministers). A sub-committee dealt with policing and crime. Cooperation involved engagement with other national police forces, with 570 foreign police active in Germany to monitor fans and to advise domestic security forces. This further demonstrates the influence of national political institutions on policing (H1). In terms of non-policing security measures, the Länder were solely responsible for fire, rescue and emergency services. In contrast, however, the task of overall coordination was managed through two federal agencies: the Technisches Hilfswerk, which was largely in control of emergency services (especially in terms of infrastructure, such as communications and electricity) and the Bundesanstalt für Bevölkerungsschutz und Katastrophenhilfe, which provided additional equipment as well as training for local emergency services. The army was also utilized to provide medical services (as well as offering a support policing role that was not called upon). Overall, then, despite pressures for cross-event isomorphism (H1), organization was predominantly shaped by the domestic institutions of German policing and security (H3).
For the World Cup, the tool of organization was not just a matter of personnel, but was also exercised through stadium architecture and planning of transport access routes (again providing for a strong link to nodality). A crucial difference between this and events such as the Olympics was not just that the stadia were already in regular use for football matches, but that the staging of the Confederations Cup provided a dress rehearsal for reviews into potential security risks (indeed, the equivalent dress rehearsal revealed glaring failures in South Africa's preparations in stadium security arrangements in that country's hosting of the World Cup in 2010). The issue of the design of football stadia pointed to the importance of the football-specific domain in the context of running the World Cup, given the presence of international guidelines in terms of architecture. In addition, the tools of tournament policing were shaped by the domestic institutions in the deployment and command of security-related personnel (H3).
For London 2012, the network of organizations and manpower involved in the security operations for the Olympic Games involves high-level coordination through the Cabinet-level Olympic Security Committee and a range of government agencies that deal with particular security tasks: MI5, the UK's domestic counter-intelligence and security agency, and other intelligence services are responsible for gathering, disseminating and advising on intelligence matters; the Metropolitan Police and regional police forces provide policing, law enforcement and emergency responses and the London Resilience TeamFootnote 49 are responsible for contingency and consequence management planning, such as the London Mass Fatality Plan.Footnote 50
The demands of supplying a substantial security presence can place a strain on the resources of Olympic organizers. At the Athens 2004 Olympics, heightened terror alert levels after 9/11 informed the deployment of around 70,000 police on patrol in Athens and at the Olympic venues, necessitating external support in terms of a presence from NATO as well as from the European Union. The projected number of police for the London 2012 Olympics, at 14,800, is far lower (even when counting the additional support from 6,500 private security contractors),Footnote 51 reflecting its greater reliance on intelligence-gathering and -processing instead of policing. That number for London 2012 is not insignificant, however, since it represents about 10 per cent of the total UK police resource. Although strongly influenced by pressures of isomorphism due to the common threats of international terrorism confronting mega-events, the structure of Olympic security organization reflects pre-existing organizational jurisdictions and powers of domestic institutions. The choice of policy tools is therefore more a matter of domestic institutions (H3) than drawing on global sporting mega-event templates, although the wider international security debate did of course inform debates about the types of security risks for which organizers should be prepared.
The tool of organization also refers to event features that, like transport hubs and infrastructure, determine the physical spacing, timing and structure of crowd flows and security provisions, as well as facilitating control and responsiveness in the case of incidents. For example, standardization in stadium designs and an emphasis on the importance of creating similar response environments reduces the problems associated with a lack of familiarization among first responders in emergency situations. This is one respect in which sporting mega-events transfer organizational practice and experience across events, pointing to the presence of considerable communication between sporting mega-events (H1).
The Olympic Village (within the Olympic Park area) that is to house all athletes and support staff for London 2012 creates a general perimeter that requires securing. As most events are to take place in the park – at the main stadium and aquatics centre – this leads to a high concentration of security efforts at a single site. In contrast to the enclosed architecture of football stadia, however, the main Olympic site that has been a common feature of most recent Games tends to be more open and less structured in design (consisting of multiple venues, open spaces and interchanges). While it still requires its perimeter to be policed in order to manage security threats (in particular near the site entrances), there is a greater emphasis on randomized and ‘intelligent’ surveillance inside the site, with different levels of security within the Olympic Park. This means that the security presence tends to be less concentrated and, therefore, less visible. So, while breaches of the secure perimeter in football stadia are more transparent to onlookers, the multicentred layout of the main Olympic site presents a more complex challenge for mobilizing intelligence and presence for the purposes of security. The functional characteristics of Olympic and football stadia therefore give rise to differences in the sorts of security operation encountered (H2).
The key differences between the two mega-events are summarized in Table 3.
Table 3 Differences in Security Risk Management Tools Between 2012 and 2006
COMPARING TOOLS OF SECURITY RISK MANAGEMENT
The discussion has revealed a diverse set of security tools in the two cases. Each of the tools corresponds to a particular aspect of the security environment and the response of government and private organizations to threats or hazards. The tool of nodality – observed most often in the form of counter-intelligence activities, risk assessments and intelligence sharing or exchange – reflects the importance of information for decision-making both in the strategic design of risk management systems and in organizational disruption or prevention of threats. The tool of treasure is symptomatic of the dependence upon financial resources to finance security operations, to fund secure infrastructure and stadium designs, and to purchase additional support (for example, private security contractors) or insurance against security incidents. This highlights a tension between public and private goods, when the security risks of such mega-events are assumed by the state, but commercial profits accrue to private bodies such as the IOC or FIFA and local Olympic organizing committees and national football associations. Financing security for mega-events is therefore a place where there is political tension between public and private interests. The tool of organization is most visible in policing operations at street level, as well as in the physical architecture of event venues and infrastructure, which determine the context of both security threats and responses. Such a mobilization of police manpower is integral to the deterrence, detection and disruption of security threats. Finally, the tool of authority is pervasive in determining the legal authority and power of the state to intervene, control and mobilize both its organizational forces and its citizens. For transnational mega-events such as the Olympics and football World Cups, this is essential to the effective operation of border and immigration controls, and to the exercise of social and technological controls – such as travel restrictions and wire-tapping of phones and internet communications of suspected terrorists. This tool also provides a basis for the mobilization of the different organizational resources of the state, such as the police and armed forces. In sum, the tools of government framework provide a systematic means of classifying and comparing the strategies employed by governments and private organizations in making mega-events secure. It highlights differences and similarities between cases that might otherwise be missed – and indeed it points to the centrality of national governments in risk-managing sporting mega-events, regardless of the formal organization ‘at a distance’ through national sports associations or Olympic committees. Finally, being forced to focus analysis on the four tools facilitates a systematic comparison across cases and over time.
This analysis has demonstrated that the security risk management of these two sporting mega-events reflects their particular location within a number of (fragmented) organizational environments. The differentiation between sporting mega-events, specific mega-events and national politico-institutional systems offers not just an analytical understanding of why particular tools are more prominent in one case than the other, but also practical insights into the extent to which the two mega-events might draw on each other.
As far as a global environment of sporting mega-events is concerned (H1), there is limited evidence of cross-reading of risk management tools between the Olympic Games and football World Cups. There are, in practice, largely two worlds of sporting mega-events with no clear causal mechanisms of diffusion or exchange across the two (consistent with the event-specific hypothesis, H2). Some replication of strategies was evident in references to international security arrangements, but these tended to be generic. There does not appear to be an overarching sporting mega-event consultocracy that applies its recipes across events.
Within each of the sporting mega-events there was significant evidence of institutional isomorphism, especially in the form of the drawing on experiences from previous events as well as the utilization of expertise from earlier events. For example, the German DFB was actively involved in advising South Africa on its security risk management preparations,Footnote 52 and part of the convention for football mega-events is that organizers include representatives of the next host nation in their security planning: representatives of the 2008 Swiss/Austrian European Championship organizers were involved in the 2006 World Cup security committee. Olympic security advisers also move between Games. For example, the New South Wales police commissioner responsible for the Sydney 2000 Olympic Games, Peter Ryan, served as principal security adviser to the Athens Olympic Games Organizing Committee and is a security expert for the IOC. In planning for London 2012, Metropolitan Police officers were seconded to the Integrated Security Unit responsible for security at the Vancouver 2010 Olympic Games. All three sources of institutional isomorphism were present in the cases: there were some coercive measures in prescribed standards or procedures that required implementation, there was both informal and formal mimicking of security provisions and templates, and professional/normative processes were observed in the prevalence of risk consultants and in networks of experts. However, there was no evidence of a substantive cross-fertilization between mega-events, despite the considerable similarity in some of the security risk management tools and threats.
Such a finding is surprising, given the existence of international communities of (security risk) practice. Perhaps linguistic and other barriers impede the transfer of experiences from one context to the other, although this does not appear to be the case within either the Olympics or the World Cup. The closed nature of national intelligence and security communities is another possible restraint to the isomorphism of security operations beyond the level of established international cooperation provisions (such as for policing).Footnote 53 Similarly, the relative lack of diffusion could be associated with the demands of different international bodies (IOC and FIFA) or because of the perceived differences across the two events. When confronted with the similarities of the two mega-events (as illustrated above), interviewees clearly regarded them as comparable. Equally, time does not seem to matter. Of course, critical junctures such as 9/11 or terror incidents during Olympic Games matter and provide lessons, but they do not seem to offer a basis that connects the demands on tool choice across mega-events. There is no unifying logic of tool choice that links the events of Munich 1972 and Atlanta 1996 with planning for London 2012. The London bombings on 7 July 2005 and British counter-terrorism policy in general are a far more important reference point for local security than strategies put in place at Beijing 2008 or Vancouver 2010.
In interviews, security officials from both Olympic and football worlds shared the view of distinct organizational fields that offered limited scope for cross-reading between events. When prompted, however, there was agreement that in the area of security risks in particular, there was potentially much similarity in risks and security vulnerabilities. Interviewees noted that apart from the different organizational challenges (for example, decentralized vs. centralized staging of events) hooliganism was a primary risk for international football tournaments, while transnational terrorism was a principal concern for the Olympics. At the same time, interviewees questioned the continued prominence of this claim in the light of recent changes in the global security environment. Tools for security risk management are therefore to some extent designed in response to specific requirements of the sporting mega-event. Differences in the use of organization in particular reflected the distinction between centralized and decentralized securing of the mega-event. Banning orders (the use of authority and nodality) that restrict travel by football hooligans are not a relevant tool in making the Olympics secure, although there are similar requirements of border control and monitoring for detection and interception of terrorist suspects. In general, however, the evidence suggests that differences in risk profile are not that decisive in the choice of tools of risk management. Rather, as implied by the theory of institutional isomorphism, it is the perception of difference that matters; here the links between the event-specific environment and the mega-event in question reinforced (through all three mechanisms) the drawing on tool templates from preceding events, and this selective choice was legitimized by the claim that the Olympics and World Cups were distinct events.
Finally, to what extent can national institutions (H3) explain differences between the 2006 World Cup and the 2012 Olympics? The emphasis on organization in the two cases illustrates the complex and differentiated means through which governments seek to exercise visible control over security threats. Likewise, an emphasis upon authority highlights substantial differences in the resources available to the unitary UK state in contrast to its federal German counterpart. Political institutions allocate resources and as such bestow legal and financial powers on particular tools of risk management. Institutional jurisdictions also determine who is responsible for managing particular security risks – with consequences for the blame-avoiding strategies of policymakers and bureaucrats.Footnote 54 More generally, therefore, the political dimension of tool choice applies not just in terms of consequences when things go wrong, but also in the close connection between aspirations to ‘securitize’ mega-events and the world of high politics. The aim of government, in its regulatory form, is to eradicate risk and maximize social control. This suggests that, despite the analytical value of generic classifications and theories of tool choice, an empirical analysis of tools will never be able to detach itself from a close understanding of the political institutional context in which tool choice is conducted.
CONCLUSION
What does this discussion contribute to the wider study of mega-events and the Olympic Games and football World Cups? This article has sought to advance the understanding of risk governance of the World Cup, Olympics and mega-events in two respects. The first is to encourage – at a practical level – comparison between mega-events through the analytical framework of tools of risk management that enables systematic and detailed evaluation of organization. As an analytical method, the tools framework allows for a direct comparison of approaches, both across domains and across time. The limited extent to which the football World Cup and the Olympics transferred strategies between one another is interesting as a finding, especially when considering the extent to which these mega-events share particular risk properties – not least their exceptional scale. Despite the significant overlap in security risk profile, the evidence suggests that in terms of isomorphism there are two worlds of sporting mega-events in which Olympic Games tend to draw on each other while international football tournaments tend to draw on other football tournaments. On a conceptual level, an integration of literatures on the tools of government and risk management at mega-events advances an analysis by enabling a direct and general comparison when most studies use single cases or domain-specific frameworks. This promotes not just analytical discussion of the tools and policy instruments of government in a fragmented domain, but also offers a new approach to the analysis of strategies of risk management in a less well understood terrain.
