Vulnerability and Security Plan

Vulnerability Assessment

Managing security risk for transportation agencies is a threat – and scenario- based activity. Threat definition is the tool by which vulnerabilities of transportation operations and systems are measured. Agency police or security personnel, assisted by federal, state, and local law enforcement and homeland security professionals, must evaluate the actual and potential threats against their respective agencies in terms of both threat types and aggressor types. After the baseline of threat information has been identified, security management should collect data and information about the specific organization at risk in order to determine the existing status of systems and security countermeasures. Weaknesses and opportunities for aggressor exploitation must be analyzed so as to establish the current capabilities of the organization to block, thwart, or mitigate an attack. The performance of a vulnerability assessment, sometimes referred to as a security vulnerability assessment (SVA), is used to address this issue. Vulnerability assessment starts with an examination of the transportation agency’s assets in order to establish what needs to be protected. Next, the capabilities of existing protection systems to secure those assets are evaluated. Finally, security gaps that should be addressed to reduce or buy down security risk are determined.

Security Plans Benefits

– Defines resources requirements for staffing and equipment
– Coordinates the activity of different departments and functions
– Establishes action steps for employee in response to an incident
– Promotes understanding of the issues involved during a chris
– Identifies information requirements for security incidents
– Promotes a sense of ownership and buy-in by employees
– Ensures a clear division of tasks and responsibilities
– Identifies training requirements