National Infrastructure Protection Plan and Risk Management Framework
National Infrastructure Protection Plan and Risk Management Framework
D’Juan L. Sanders
Professor Rachelle Howard
SEC 310
February 1, 2013
Protecting the Nations Critical Infrastructure
The National Infrastructure Protection Plan’s risk management framework is a process structured to protect the Nation’s CIKR, DHS, and SSA’s assets, systems, networks, and functions by minimizing potential risks that may compromise integrity of these very important sectors. According to free dictionary.com (2013), a risk is any possibility of incurring misfortune or loss; hazard. The framework of this risk management process consists of following a number of steps, in a strategic order, to best assure optimal security and protection. Though eliminating all risks isn’t possible, these steps are geared to constantly improve on addressing existing and developing risks that may affect all that embodies our nation’s critical infrastructure. To accomplish this task, NIPP has first set goals and objectives to be able to understand why they need to protect this information, who to protect against, and how we will protect the infrastructure. NIPP enables DHS, SSA’s, and other partners to decide upon the best course of action to help minimize vulnerabilities within the infrastructure. They plan to organize to protect from physical, cyber, and human element aspects.
The Feedback Loop Design
The feedback loop consists of the continuous steps followed to protect from risks and then repeated in reverse order or loop to track progress and make improvements to protection and resiliency of CIKR. I feel as though this definitely strengthens the model because after the effectiveness is measured, you now know where you can improve. Looping back through the model allows updates, corrections, and improvements to be addressed through the process which consistently maintains continuously enhanced protection. Figure 1-1 shows these steps in the construction of the model.
Why Risk Management is
D’Juan L. Sanders
Professor Rachelle Howard
SEC 310
February 1, 2013
Protecting the Nations Critical Infrastructure
The National Infrastructure Protection Plan’s risk management framework is a process structured to protect the Nation’s CIKR, DHS, and SSA’s assets, systems, networks, and functions by minimizing potential risks that may compromise integrity of these very important sectors. According to free dictionary.com (2013), a risk is any possibility of incurring misfortune or loss; hazard. The framework of this risk management process consists of following a number of steps, in a strategic order, to best assure optimal security and protection. Though eliminating all risks isn’t possible, these steps are geared to constantly improve on addressing existing and developing risks that may affect all that embodies our nation’s critical infrastructure. To accomplish this task, NIPP has first set goals and objectives to be able to understand why they need to protect this information, who to protect against, and how we will protect the infrastructure. NIPP enables DHS, SSA’s, and other partners to decide upon the best course of action to help minimize vulnerabilities within the infrastructure. They plan to organize to protect from physical, cyber, and human element aspects.
The Feedback Loop Design
The feedback loop consists of the continuous steps followed to protect from risks and then repeated in reverse order or loop to track progress and make improvements to protection and resiliency of CIKR. I feel as though this definitely strengthens the model because after the effectiveness is measured, you now know where you can improve. Looping back through the model allows updates, corrections, and improvements to be addressed through the process which consistently maintains continuously enhanced protection. Figure 1-1 shows these steps in the construction of the model.
Why Risk Management is
References: 1. dictionary.com (2013) 2. Weitz, R. Ph. D, (2010) article, How to Fix Homeland Security Critical Infrastructure Protection Plans: A guide for Congress. Retrieved from http://www.heritage.org/research/reports/2010/04/how-to-fix-homeland-security-critical-infrastructure-protection-plans-a-guide-for-congress. 3. CRS Report for Congress, (2004). Order Code RL32561, Risk Management and Critical Infrastructure Protection retrieved from http://www.au.af.mil/au/awc/awcgate/crs/rl32561.pdf