This paper discusses how water and wastewater system
owners go about conducting a security vulnerability assessment (SVA). Most proactive
owners are using the Sandia National Laboratory's Risk Assessment Methodology for Water
(RAM-W) to identify and protect critical infrastructure assets. The RAM-W helps an owner
establish a foundation for risk management and security enhancement. The RAM-W includes
a strategy for planning and prioritizing the protection of critical infrastructure assets. It
provides a framework for making decisions about which are the most critical using a pair-wise comparison. Next, a design basis threat is created to identify and plan for potential
threats to the utility. A detailed and well organized inventory of the critical assets associated
with each facility is then generated using a fault tree analysis process. The critical assets are
selected using qualitative analysis of potential impacts on an owner's ability to deliver the
services required due to asset destruction or impairment.
This paper is designed to familiarize the reader with the best practices and "lessons
learned" that are available about what happens after the critical assets have been identified. This
would include security and operational improvements that may be or have been
implemented, as well as physical protection system improvements. The lessons learned and
best practices produced for this paper are based on several SVA's conducted throughout the
country using the RAM-W.
| Edition : | Vol. - No. |
| File Size : | 1
file
, 390 KB |
| Note : | This product is unavailable in Ukraine, Russia, Belarus |
| Number of Pages : | 14 |
| Published : | 06/15/2003 |
