INFRASTRUCTURE SELF-ASSESSMENT (ISA) For public and private stakeholders Chad Fullmer Critical Infrastructure Protection (CIP) Office: (907) 428-7000 Email:

Slides:



Advertisements
Similar presentations
Reduce Risk, Protect Health Facilities, Save Lives.
Advertisements

Critical Infrastructure Protection Policy Priorities Sara Pinheiro European Commission DG Home Affairs.
Department of Homeland Security Site Assistance Visit (SAV)
Hazard, Threats, Risk, Etc. An examination of some key terms … Walter G. Green III, Ph.D., CEM Disaster Theory Series No. 3 Copyright 2008 by Walter G.
Copyright © Houghton Mifflin Company. All rights reserved.Lecture Outlines, 8–1 “If you know neither yourself nor your enemy, you will succumb in every.
Network Security Policy Why do I need a network security policy? Dr. Charles T. Wunker.
Idaho Critical Infrastructure and Key Resources Protection Program and Fusion Center Brief.
GEORGE MASON UNIVERSITY Center for Infrastructure Protection and Homeland Security Integrating Critical Infrastructure into Emergency Management Programs.
Daylight Savings Time Transition Planning. The Daylight Savings Operational Risks Affect on transaction cash flow? Affect on service delivery? Affect.
William Solecki City University of New York – Hunter College
Chapter 5 – Competitive Rivalry & Competitive Dynamics
Project Management: A Critical Skill for Organizations Presented by Hetty Baiz Project Office Princeton University.
May 2005 IMLC: A Model for Private Public Collaboration Mark G. Damm, CMC Phone:
Session 301 Factors in Assessing Risk Mitigation Actions Impact reducing the identified risks and vulnerabilities in the community Probability that each.
Chapter 1 Introduction. Art of War  If you know the enemy and know yourself, you need not fear the result of a hundred battles.  If you know yourself.
PPA 573 – Emergency Management and Homeland Security Lecture 9b - Department of Homeland Security Strategic Plan.
HAZARD AND RISK ASSESSMENT. Today’s Session 1.Taking a look at hazard and risk assessment. 2. Definitions. 3.What hazard and risk management does for.
Helping Water Utilities Build Stronger Communities Community-Based Water Resiliency.
1 Risk Assessment Develop Objectives And Goals Develop and Screen Cleanup Alternatives Select Final Cleanup Alternative Communicate Decisions to the Public.
By Jeff Fetherolf. Business Impact Analysis (BIA) A process of having the business process owners, business subject matter experts, etc. identify the.
Choose the right picture
Business Continuation Plan / Program Overview State CIO Council Meeting June 24, 2008.
1 BUSINESS CONTINUITY AND DISASTER RECOVERY PLANNING Reducing your Risk Profile MIDWEST DATA RECOVERY INC.
Public-Private Partnerships in Action: Emergency Response
(c) 2007 Charles G. Gray1 IT Risk Management, Planning and Mitigation TCOM 5253 / MSIS 4253 Risk Assessment 27 September 2007 Charles G. Gray.
Jeffery Graviet Emergency Services Coordinator, Salt Lake County Chairperson, Salt Lake Urban Area Working Group.
Microsoft Australia Security Summit Rocky Heckman CISSP MVP Senior Consultant Security and Monitoring Readify.
Security Risk Management
Isdefe ISXXXX XX Your best ally Panel: Future scenarios for European critical infrastructures protection Carlos Martí Sempere. Essen.
Dam Hazard Consequences Assessment
Enterprise Strategy and Competitive Advantage
Planning for Resiliency. Primary Reference Emergency Management Principles and Practices for Healthcare Systems, The Institute for Crisis, Disaster and.
Expecting the Unexpected By Shaun Lindfield. Nearly 1 in 5 businesses suffer a major disruption every year. Yours could be next. With no recovery plan,
World Future Society Washington, DC Executive Office of the President of the United States: The Need for New Capabilities Lessons From Singapore and the.
Association of Defense Communities June 23, 2015
“If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself and not the enemy, for every victory.
Business Continuity and Disaster Recovery Chapter 8 Part 1 Pages 897 to 914.
Moldova Country Program Gretel Gambarelli World Bank Chisinau, 28 October 2009.
BENCHMARKING For Best Practices. What is Benchmarking A method for identifying and importing best practices in order to improve performance A method for.
CC3020N Fundamentals of Security Management CC3020N Fundamentals of Security Management Lecture 2 Risk Identification and Risk Assessment.
Lecture 31 Risk Management. Introduction Information security departments are created primarily to manage IT risk Managing risk is one of the key responsibilities.
Making Historic Cities Resilient Jerry Velasquez Chief of Section, Advocacy and Outreach.
US Army Corps of Engineers BUILDING STRONG ® Texoma and Missouri Region JETS Training Symposium Resiliency Planning Through Hazard Vulnerability Analysis.
Slide 1 Risk Management: Identifying and Assessing Risk  “ Once we know our weakness, they cease to do us an harm” Greg Lichen.
THE LOW DOWN ON RISK ASSESSMENT HOW SAFE ARE OUR CITIES?
Campus Safety Update September Area’s of Focus – Fall 2008 Implementation of Multi-Modal Personal Mass Notification Recruitment of Emergency & Security.
Introductions. Emergency Planning Emergency Management & Preparedness Street Smarts Version.
Streamlining – The Need: Costs Saved and Lessons Learned Facilitating Disaster Preparedness, Response & Recovery.
1 Figure 11-3: Risk Analysis Financially Sensible Protections  Risk analysis: Balance risks and countermeasture costs Enumeration of Assets  Assets:
ST GABRIEL’S PREPAREDNESS INITIATIVE Planning Process Meeting 16 Jan 2013.
Preparedness Project Lessons NC AWWA / WEA 2015 Annual Conference Jack Moyer.
FIRMA 2010 Larry J. Kallembach April 1, MB Financial Headquarters - September 2008 Chicago is a Lakefront city…….
JANUARY 8-9, 2013 BY DON IANNONE SOURCING OFFICE BUTLER COUNTY INTEGRATED DEVELOPMENT BUDGET PROJECT.
Aoife Longmore and Donny Cummings City of Austin Office of Homeland Security and Emergency Management (HSEM) Austin RESILIENCE IMPLEMENTATION PROCESS Austin.
Competitive Dynamics In the Marketplace EMBA Class of 2017.
Primary Steps for Achieving ISO Certification.
THINK DIFFERENT. THINK SUCCESS.
Risk management «Once we know our weaknesses, they cease to do us any harm.» G.C. Lichtenberg.
SWOT analysis.
Cyber Protections: First Step, Risk Assessment
Critical Infrastructure Protection Policy Priorities
Steven Hartman State Information Security Officer State of Nebraska
Risk Management: Principles of risk, Types of risk and Risk strategies
Edvinas Pranculis MM, CISA, CISM
John M. Felker Director, NCCIC.

Game Planning If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every.
IS Risk Management Framework Overview
The Foundation of Capability:
Presentation transcript:

INFRASTRUCTURE SELF-ASSESSMENT (ISA) For public and private stakeholders Chad Fullmer Critical Infrastructure Protection (CIP) Office: (907) Fall Preparedness Conference

‘C’ is for Critical Fall Preparedness Conference

‘I’ is for Infrastructure 2015 Fall Preparedness Conference3 “Study after study has shown that rebuilding infrastructure is the quickest way to put large numbers of people to work, and the return for each dollar invested in infrastructure renewal is significantly greater than all other investments in the nation’s economy.” Bob Herbert Deferred maintenance - Useable life MOST LOSS vs Infrastructure assessment + renewal BEST ROI

‘P’ is for Protection 2015 Fall Preparedness Conference4 “The caterpillar does all the work, but the butterfly gets all the publicity.” George Carlin

Benefits of CI Awareness 2015 Fall Preparedness Conference5 “If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.” Sun Tzu, The Art of War

KNOW YOUR WEAKNESSES Why? (because someone else does) expedite recovery maximize improvements How? prioritize plan 2015 Fall Preparedness Conference6

Infrastructure Protection Principles 2015 Fall Preparedness Conference7

What is ISA? Infrastructure Self-Assessment (ISA) Purpose: Focus resilience improvement efforts on 1.The most critical vulnerabilities and 2.The widest preparedness gaps Results: 1.Understand 2.Prioritize 3.Act 2015 Full Preparedness Conference8

ISA Process: 2015 Fall Preparedness Conference9 PHASE 1: Pre-plan 1) Choose, 2) Coordinate, 3) Map PHASE 2: Prioritize (by Risk) 1) Critical, 2) Important, 3) Peripheral RISK = Probability x Impact PHASE 3: Site Visit 1) Common & restricted areas, 2) Interdependencies/Dependencies, 3) Plans, Processes & Pictures PHASE 5: Take Action 1)Critical, 2) Important, 3)Peripheral Look familiar? Phase 6: Follow Up No new steps – just start over PHASE 4: Re-plan 1) Re-choose, 2) Share, 3) Map

Phase 1: Choose 2015 Spring Preparedness Conference10 Tangible Assets Intangible Assets  Reputation  Culture Threats Vulnerabilities PHASE 1: Pre-plan 1) Choose, 2) Coordinate, 3) Map

Phase 1: Coordinate 2015 Spring Preparedness Conference11 PHASE 1: Pre-plan 1) Choose, 2) Coordinate, 3) Map

2015 Spring Preparedness Conference12 Phase 1: Map City Hall Public Safety DOT School Airport Water treatment PHASE 1: Pre-plan 1) Choose, 2) Coordinate, 3) Map

Phase 2: Prioritize 2015 Spring Preparedness Conference13 PHASE 2: Prioritize (by Risk) 1) Critical, 2) Important, 3) Peripheral RISK = Probability x Impact C. I. P. Probability x IMPACT = RISK

Phase 2: Prioritize 2015 Spring Preparedness Conference14

Phase 2: Prioritize Identify Threats Natural Human 2015 Spring Preparedness Conference15 PHASE 2: Prioritize (by Risk) 1) Critical, 2) Important, 3) Peripheral RISK = Probability x Impact

WHAT’S WRONG WITH THIS PICTURE? Phase 3: Common & Restricted Areas 2015 Fall Preparedness Conference16 PHASE 3: Site Visit 1) Common & restricted areas, 2) Interdependencies/Dependencies, 3) Plans, Processes & Pictures

Phase 3: Dependency & Interdependency 2015 Fall Preparedness Conference17 PHASE 3: Site Visit 1) Common & restricted areas, 2) Interdependencies/Dependencies, 3) Plans, Processes & Pictures

Phase 3: Plans & Pictures 2015 Spring Preparedness Conference18 Subject Matter Experts (SME) Asset Manager Police/Fire Medical Cyber/IT PHASE 3: Site Visit 1) Common & restricted areas, 2) Interdependencies/Dependencies, 3) Plans, Processes & Pictures

Phase 4: Re-plan 2015 Spring Preparedness Conference19 PHASE 4: Re-plan 1) Re-choose, 2) Share, 3) Map 1)Reexamine Plans 2)Share the information 3)Map

Phase 5: Take Action Most critical actions first! BASED ON…? 2015 Spring Preparedness Conference20 PHASE 5: Take Action 1) Critical, 2) Important, 3) Peripheral Look familiar? P x I = R

Phase 6: Follow Up 2015 Spring Preparedness Conference21 Phase 6: Follow Up No new steps – just start over

ISA Process: 2015 Fall Preparedness Conference22 PHASE 1: Pre-plan 1) Choose, 2) Coordinate, 3) Map PHASE 2: Prioritize (by Risk) 1) Critical, 2) Important, 3) Peripheral RISK = Probability x Impact PHASE 3: Site Visit 1) Common & restricted areas, 2) Interdependencies/Dependencies, 3) Plans, Processes & Pictures PHASE 5: Take Action 1) Critical, 2) Important, 3) Peripheral Look familiar? Phase 6: Follow Up No new steps – just start over PHASE 4: Re-plan 1) Re-choose, 2) Share, 3) Map

REMEMBER 1.Infrastructure is the best investment. 2.If CIP is done right, nothing happens. – Both success and failure are guaranteed. 3.P + I = R 4.Plan, prioritize, assess, rinse, and repeat Fall Preparedness Conference23

THE BEGINNING 2015 Spring Preparedness Conference24

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.