Antiterrorism / Force Protection (AT/FP) Assessment Tool Training

Slides:



Advertisements
Similar presentations
Directions for this Template  Use the Slide Master to make universal changes to the presentation, including inserting your organization’s logo –“View”
Advertisements

DEFENSE SUPPORT OF CIVIL AUTHORITIES (DSCA)
BENEFITS OF SUCCESSFUL IT MODERNIZATION
Personnel and Transfer Management (PTM). FOR PERSONNEL BEING TRANSFERRED Lack of automation in the transfer process leads to inefficiency Stress on the.
Building Disaster-Resilient Places STEP ONE – Forming a Collaborative Planning Team.
National Infrastructure Protection Plan
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
1 Integration: Homeland Security Exercise and Evaluation Program (HSEEP) and Radiological Emergency Preparedness Program (REPP) Technological Hazards Divisions.
1 U.S. ARMY CORPS of ENGINEERS Co locate DoD Agencies, WHS BRAC Recommendation #133 Implementation at Fort Belvoir, Virginia Fort Belvoir, Virginia TRI-Service.
Defense Critical Infrastructure Program (DCIP)
Connecting People With Information DoD Net-Centric Services Strategy Frank Petroski October 31, 2006.
Security Controls – What Works
Unit 8: Tests, Training, and Exercises Unit Introduction and Overview Unit objectives:  Define and explain the terms tests, training, and exercises. 
IS-0700.A: National Incident Management System, An Introduction
Army Doctrine Publication (ADP) 3-37; and Army
Opportunities & Implications for Turkish Organisations & Projects
Enterprise Architecture
N EW Y ORK S TATE O FFICE OF E MERGENCY M ANAGEMENT Director Bill Davis.
EASTERN MICHIGAN UNIVERSITY Continuity of Operations Planning (COOP)
Your Partner in Disaster Response State of Alabama Governor’s Preparedness Conference April 2, 2014.
Technician Module 2 Unit 8 Slide 1 MODULE 2 UNIT 8 Prevention, Intelligence & Deterrence.
Part of a Broader Strategy
Sustainability and Total Cost of Ownership Strategies for Higher Education.
Module 3 Develop the Plan Planning for Emergencies – For Small Business –
Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.
Engineering, Operations & Technology | Information TechnologyAPEX | 1 Copyright © 2009 Boeing. All rights reserved. Architecture Concept UG D- DOC UG D-
UNCLASSIFIED Joint and Coalition Warfighting Mr. John Vinett March 2012 Technical Baseline Capability.
Unit 8:COOP Plan and Procedures  Explain purpose of a COOP plan  Propose an outline for a COOP plan  Identify procedures that can effectively support.
Why is BCL Needed? BCL addresses long-standing challenges that have impacted the delivery of business capabilities The DepSecDef directed increasing the.
The Challenge of IT-Business Alignment
CSI - Introduction General Understanding. What is ITSM and what is its Value? ITSM is a set of specialized organizational capabilities for providing value.
Certification and Accreditation CS Phase-1: Definition Atif Sultanuddin Raja Chawat Raja Chawat.
Visual 7.1 Course Summary Unit 7: Course Summary.
IRM304 CDR Course Manager: Denny Involved Competency Leads: 26 (Cybersecurity)-Denman, 19 (Measurement)-Denny, 7 (DBS)-Corcoran [Capability Planning],
The DoD Information Enterprise Strategic Plan and Roadmap (SP&R)
State of Georgia Release Management Training
Environment, Safety, and Occupational Health Opportunities in DoD Business Transformation May 4, 2006.
Environmental Management Division 1 NASA Headquarters Environmental Management System (EMS) Michael J. Green, PE NASA EMS Lead NASA Headquarters Washington,
DoD Lead Agent: Office of the Assistant Secretary of the Army (Installations and Environment) Department of Defense Voluntary Protection Programs Center.
Headquarters U.S. Air Force
Security and resilience for Smart Hospitals Key findings
Headquarters U.S. Air Force
THINK DIFFERENT. THINK SUCCESS.
Norm Suchar Director, Office of Special Needs Assistance Programs
Headquarters U.S. Air Force
Preliminary Assessment Tribal Emergency Response Preparedness
Implementing SMS in Civil Aviation: the Canadian Perspective
Office 365 Security Assessment Workshop
2017/18 SIP Request Process September 2016.
Unified Architecture Framework NATO Architecture CaT Introduction
EITS Planning & Decision Support
ISA 201 Intermediate Information Systems Acquisition
Data Architecture World Class Operations - Impact Workshop.
Michigan National Guard CBRN Response Exercise NORTHERN EXPOSURE 17 Overview June 2017.
Identify the Risk of Not Doing BA
Improving Mission Effectiveness By Exploiting the Command’s Implementation Of the DoD Enterprise Services Management Framework - DESMF in the [name the.
EOB Methodology Overview
NRC Cyber Security Regulatory Overview
Digital Government Initiative Initiation Department of Information Technology Estevan Lujan, Acting Cabinet Secretary Susan Pentecost, Managing Director,
Alignment of COBIT to Botswana IT Audit Methodology
Continuity Guidance Circular Webinar
Cybersecurity ATD technical
Joint Program Executive Office for Chemical and Biological Defense
Antiterrorism / Force Protection Assessment Tool Training
Mission Assurance Risk Management System
Prevention, Intelligence
Strategic Planning in Dynamic Times
KEY INITIATIVE Financial Data and Analytics
Executive Project Kickoff
Enterprise Cybersecurity Initiative Department of Information Technology Vince Martinez, State CIO, Executive Sponsor Lorenzo Ornelas, Managing Director.
Presentation transcript:

Antiterrorism / Force Protection (AT/FP) Assessment Tool Training Module 1: Policy Drivers for MARMS & AT/FP Assessments Supporting Joint Staff J33 via US Army Armament, Research, Development and Engineering Center

Admin Notes Restrooms Parking Validation Don’t park in “Alion” reserved spots Schedule Lunch Surveys & Training Certificates Introductions

Course Overview Scope Decomposing the policy drivers for AT/FP assessments and MARMS Secondary: Future implications to Mission Assurance (MA) assessments Delivery method: Lecture

Terminal Learning Objectives (TLO) Understand the policy and operational drivers for the move to AT/FP risk assessments Understand the operational and policy drivers for MARMS Presentation References DoDI 2000.16 Vol1 20161117 DoD Antiterrorism Program Implementation - Change 1: 2017-05-05 Joint Publication 3-07.2 Antiterrorism – 2014-03-14 Unified Facility Criteria 4-020-01 DoD Security Engineering Facilities Planning Manual – 2008-08-11 DoDD 3020.40 - Mission Assurance - 2016-11-29 DoDI 3020.45 Defense Critical Infrastructure Program (DCIP) Management - Change 1: 2016-06-06

Policy driver for AT risk assessments DoD 2000.12 Ch 3, 2017 DoD Antiterrorism (AT) Program COCOMS & Services are required to: “Review AT programs and validate the thoroughness of the AT risk management methodology used to assess DoD elements and personnel criticality, terrorist threat, and vulnerabilities to make risk-based decisions for the application of appropriate countermeasures.” Requires use of DoD benchmarks to assess vulnerability (3.5.a (1)) Requires CJCS designates system of record (2.11) Requires commanders use the system of record (3.8.b (4)) DoDI O-2000.16 Ch 1, 2017 DoD AT Program Implementation: AT Standards “DoD elements must base their AT risk management procedures on the risk management methodology introduced in the MA Defense Critical Infrastructure Program (DCIP) risk management process outlined in DoDI 3020.45 and modeled in JP 3-07.2 and the DoD ATO Guide.” DoD ATO Guide (in coord) ATOs establish a process that links the terrorist threat capabilities with vulnerabilities to assets, infrastructure, or personnel required for mission execution that the terrorist threat can exploit to produce countermeasures capable of reducing the terrorist threat risk.

Policy Drivers for Risk Process (TLO #1 & 2) 2012 Mission Assurance Strategy and 2016 Mission Assurance Assessments Concept of Operations Defines risk as a process integrating threat, vulnerability, consequence (criticality) Specifically includes installation-level AT/FP assessment as a required component of the MA construct DoDI 3020.45 and JP 3-07.2 Describe the Risk=Threat*Criticality*Vulnerability process References UFC 01-040-02 for threat and criticality ranking DOD ATO Guide, Ch 3 “ATOs establish a process that links the terrorist threat capabilities with vulnerabilities to assets, infrastructure, or personnel required for mission execution that the terrorist threat can exploit to produce countermeasures capable of reducing the terrorist threat risk.” Also addressed in DoDI 2000.12 in which MA benchmarks replace vulnerability assessments DoDI O-2000.16v1&2 – Standard 3 Risk Assessment and supporting elements in Standards 4-6

Risk management process Risk management process as outlined in and modeled in JP 3-07.2

Relationship with MA & MARMS (TLO #1 & 2) 2016 DoDD 3020.40 Mission Assurance Requires Components to “develop and implement a comprehensive and integrated MA risk-management construct” and “align associated security, protection, and risk management efforts under an MA construct.” 2018 J33 Mission Assurance System of Record Designation Establishes MARMS as the replacement for the Core Vulnerability Assessment Management Program (CVAMP) Also addressed in DoDI 2000.12 in which MA benchmarks replace vulnerability assessments DoDI O-2000.16v1&2 – Standard 3 Risk Assessment and supporting elements in Standards 4-6

Why not vulnerability assessments? Risk management has long been AT Standard #3 in DoDI 2000.16, however the process & tool really focused on vulnerability Previous CVAMP assessments, while good for an installation to document vulnerability assessment results, made it very difficult to aggregate or roll-up enterprise or regional views to expose trends: Had little quantification of threats Had little standardization in asset categories Had no standardized relationships between benchmarks and threats Had minimal functionality to facilitate the Risk Management process, so results were difficult for leadership to assess where the greatest risks are, and make investment decisions

Why ‘new’ risk assessments? The new method, better supports AT Standard #3 through: Benchmark focus: Walks assessors through benchmarks to provide leadership a more complete picture of security posture…not just identified observations Drives requirement for ‘thoroughness’ from DoD 2000.12 Standardization in threats & assets: Facilitates roll-ups and cross-unit reporting Standardized risk framework: Has common relationships that help users prioritize activities for their mitigation strategies Aggregated risk results: Inherently supports trend and risk analysis at the installation, regional, and enterprise level This will provide leadership with the data they need to make smart decisions on where best to reduce risk using limited dollars

Why use the new tool? New tool has efficiencies to assist users in executing a quality risk analysis Pushes baseline threat levels by region or allows HHQ to develop localized threat baselines to push to ATOs Helps commanders achieve AT Standard #2: Intel Support Allows ‘copy from’ to leverage previous assessments. HHQ can create ‘Templates’ for common sites Users can export benchmark questionnaires to an Excel spreadsheet for the other installation MA partners to complete their section, and import it back into the tool Tool performs the approved math and presents results graphically and textually in Word, Excel, and PowerPoint

Background on MARMS The Mission Assurance Risk Management System (MARMS) is a Joint Staff initiative, funded by DoD CIO and managed by the US Army Armament, Research, Development and Engineering Center (ARDEC) MARMS is a multi-year program that encompasses a family of systems that will be integrated as a part of MARMS Requirement Definition Package 1 The second of MARMS’ capability drops (CD2) provides assessment tools that: Provide ability to hold and update observations from vulnerability assessments currently in CVAMP Provide replacement risk-based capability to conduct AT/FP risk assessments Provide follow-on capability to do risk-based MA assessments

Timeline for Transition (TLO #2) Phase 1 – Replace CVAMP & Provide AT/FP Risk Assessment Tool (Feb-Jun 2018) Cut-off of CVAMP data entry was 15 APR 2018, ‘released’ observations to migrate Account requests by 15 MAY 2018 (for accounts on turn-on date) Initial version must be operational in place by 1 JUN 2018 Provide management of migrated ‘observations’ from CVAMP Provide installation personnel a mechanism to facilitate risk-based AT/FP assessments Phase 2 – Mission Assurance Assessment Enhancements (Jun-Dec 2018) Frame Mission Assurance Assessments approach into assessment tool using guidance/input from DTRA JMAA teams Develop and incorporate full MA assessment capabilities for fielding, targeting 31 DEC 2018 Phase 3 – MARMS Enhancements (Jan-Sep 2019) Integration planning and execution with the MARMS Registry Push ‘asset criticality’ from authoritative sources to MA & AT/FP assessors Improved mission-risk analytics and dashboard capabilities Improved Geospatial Risk Visualization All development work on assessment tool complete by October 2019 CD2- Phase 1 CD2- Phase 2 CD2- Phase 3

Current Mission Assurance Assessment Strategy Physical Security (PHYSEC) (Integrated Defense) Fire Prevention and Protection Antiterrorism Readiness Reporting Critical Program Information Protection Personnel Security (PERSEC) CBRN Survivability Emergency Management CBRNE Preparedness Cyber Security Energy Resilience Information Security (INFOSEC) Law Enforcement Continuity of Operations Insider Threat Munitions Operations Risk Management Industrial Security (INDSEC) Operations Security (OPSEC) Defense Critical Infrastructure Special Access Programs (SAP) Operational Energy Force Health Protection Adaptive Planning

Future Mission Assurance Assessment Strategy Physical Security (PHYSEC) (Integrated Defense) Operations Security (OPSEC) Information Security (INFOSEC) Industrial Security (INDSEC) Critical Program Information Protection Special Access Programs (SAP) Personnel Security (PERSEC) Cyber Security Operational Energy Antiterrorism Insider Threat Law Enforcement CBRN Survivability Adaptive Planning Readiness Reporting Force Health Protection Munitions Operations Risk Management Fire Prevention and Protection CBRNE Preparedness Continuity of Operations Defense Critical Infrastructure Emergency Management Energy Resilience

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.