National Infrastructure Protection Plan: Partnering to Enhance Protection and Resiliency
Protecting the critical infrastructure and key resources (CI/KR) of the United States is essential to the Nation’s security, public health and safety, economic vitality, and way of life. Attacks on CI/KR could significantly disrupt the functioning of government and business alike and produce cascading effects far beyond the targeted sector and physical location of the incident. Direct terrorist attacks and natural, manmade, or technological hazards could produce catastrophic losses in terms of human casualties, property destruction, and economic effects, as well as profound damage to public morale and confidence. Attacks using components of the Nation’s CI/KR as weapons of mass destruction could have even more devastating physical and psychological consequences. The overarching goal of the National Infrastructure Protection Plan (NIPP) is to: Build a safer, more secure, and more resilient America by enhancing protection of the Nation’s CI/KR to prevent, deter, neutralize, or mitigate the effects of deliberate efforts by terrorists to destroy, incapacitate, or exploit them; and to strengthen national preparedness, timely response, and rapid recovery in the event of an attack, natural disaster, or other emergency. The NIPP provides the unifying structure for the integration of existing and future CI/KR protection efforts into a single national program to achieve this goal. Protection includes actions to mitigate the overall risk to CI/KR assets, systems, networks, functions, or their inter-connecting links resulting from exposure, injury, destruction, incapacitation, or exploitation. In the context of the NIPP, this includes actions to deter the threat, mitigate vulnerabilities, or minimize consequences associated with a terrorist attack or other incident. Protection can include a wide range of activities, such as hardening facilities, building resiliency and redundancy, incorporating hazard resistance into initial facility design, initiating active or passive countermeasures, installing security systems, leveraging “self-healing” technologies, promoting workforce surety programs, and implementing cyber security measures, training and exercises, business continuity planning, and restoration and recovery actions, among various others. Achieving the NIPP goal requires actions to address a series of objectives that include: (1) Understanding and sharing information about terrorist threats and other hazards; (2) Building security partnerships to share information and implement CI/KR protection programs; (3) Implementing a long-term risk management program; and (4) Maximizing efficient use of resources for CI/KR protection, restoration, and recovery. These objectives require a collaborative partnership between and among a diverse set of security partners, including the Federal Government; State, Territorial, local, and tribal governments; the private sector; international entities; and nongovernmental organizations. The NIPP provides the framework that defines the processes and mechanisms that these security partners will use to develop and implement the national program to protect CI/KR across all sectors over the long term.
Management Processes: Risk Management