Geoscience Reference
In-Depth Information
Table 8.2 ( Continued )
General Vulnerability Assessment Process
Step
Description
Considerations
4
Identify and analyze
vulnerabilities
• Identify the existing measures intended to
protect the critical assets and estimate their
levels of effectiveness in reducing the
vulnerabilities of each asset to each threat
or adversary. (Step 2 provides a starting
point for this activity.)
• Estimate the degree of vulnerability of each
critical asset for each threat-related
undesirable event or incident and thus
each threat or adversary.
5
Assess risk and
determine priorities
for asset protection
• Estimate the effect on each critical asset
from each threat or adversary taking into
account existing protective measures and
their levels of effectiveness.
• Determine the relative degree of risk to the
facility in terms of the expected effect on each
critical asset (a function of the consequences
or impacts to the critical functions of the
facility from the disruption or loss of the
critical asset, as evaluated in Step 1) and the
likelihood of a successful attack (a function of
the threat or adversary, as evaluated in Step 3,
and the degree of vulnerability of the asset, as
evaluated in Step 4).
• Prioritize the risks based on the relative
degrees of risk and the likelihoods of
successful attacks using an integrated
assessment.
6
Identify mitigation
options, costs, and
trade-offs
• Identify potential mitigation options to
further reduce the vulnerabilities and thus
the risks.
• Identify the capabilities and effectiveness
of these mitigation options.
• Identify the costs of the mitigation options.
• Conduct cost-beneit and trade-off
analyses for the various options.
• Prioritize the alternatives for implementing
the various options and prepare
recommendations for decision makers.
 
Search WWH ::




Custom Search