Port Wide Strategic Risk Management Plan Outline

For

Tier I & II Ports

OMB Control Number: 1660-NEW

Expiration Date: XX-XX-XXXX

Paperwork Burden Disclosure Notice

Public reporting burden for this form is estimated to average 80 hours per response. The burden estimate includes the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and submitting the form. You are not required to respond to this collection of information unless it displays a valid OMB control number. Send comments regarding the accuracy of the burden estimate and any suggestions for reducing the burden to: Information Collections Management, Department of Homeland Security, Federal Emergency Management Agency, 500 C Street, SW, Washington, DC 20472, Paperwork Reduction Project (1660-NEW) NOTE: Do not send your completed form to this address.

1. Executive Summary

2. Purpose: This plan is designed to establish a forward-looking risk management approach for the non-federal segments of the port community that complements the procedural and incident oriented focus of Area Maritime Security Plans (AMSPs), facility security plans, and vessel security plans. This plan identifies a desired future/end state of port wide risk reduction measures needed. It identifies port wide gaps in security, authorities, capabilities, capacities, competences and partnerships across the security continuum of awareness, prevention, protection, response and recovery and provides a five-year investment scheme to reduce associated vulnerabilities.

3. Critical Issues and Context

   1. Port specific risk based upon MSRAM results and Area Maritime Security preparedness activities.

   2. Link to other Federal plans (i.e. National Strategy for Maritime Security (NSMS), National Infrastructure Protection Plan (NIIPP), Maritime Incident Response Plan (MIRP) etc)

   3. Link to/Alignment with Area Maritime Security Plan

4. Current State of Port Wide Risk Reduction Measures

5. Desired Future/End State of Port Wide Risk Reduction Measures

6. Gap Analysis of Port Community Vulnerabilities

7. Objectives and Strategies

   1. Objectives – statement of the outcome

   2. Strategies – Set of initiatives and investment scheme to fulfill the objective; how the risk is addressed

8. Initiatives

   1. Individual initiatives

   2. Rationale (regulatory requirement, After Action Report finding, risk assessment recommendation, best practice etc)

   3. Responsibility

   4. Timeline / Milestones

   5. Status (i.e. Planning/Design, In Progress, On-Going, Future)

   6. Rough Order of Magnitude Cost

   7. Prioritization (based on MSRAM and Cost Benefit Analysis)

   8. Consolidated Investment Action Plan to Reduce/Offset Port Community Vulnerabilities

9. Port Community Risk Reduction Program Management

   1. Establishing Priorities

   2. Grant Administration

   3. Performance Measures

Guiding Principles

• The Port Wide Strategic Risk Management Plan (SRMP) should not be an extensive document.

• This SRMP should be marked Sensitive Security Information since it will be identifying port specific risk based upon MSRAM results.

• The SRMP should not re-write, but should supplement, what is already contained in the AMSP, AMSP annexes, or other related plans (e.g. Marine Transportation System Recovery Plans) by focusing on identifying and providing an investment scheme to reduce port community vulnerabilities over and above AMSP procedures and measures.

• The SRMP should align with and inform the AMSP and be a living document; it should be a stand alone plan that may be incorporated by reference. The SRMP should address security needs for at least the next five years.

• Individual initiatives should address authorities, capabilities, capacities, competencies and partnership (ACCCP) needs in each of the DHS objective areas of Awareness, Prevention, Protection, Response & Recovery. Authorities include any gaps in policies. The SRMP could be as simple as a matrix with the five DHS objectives at the top and the categories of ACCCP on the side with the highest risk issues and objectives to close the gaps in the corresponding cells.

• The SRMP should not address only capital projects that might be grant funded but should address ACCCP needs.

• The SRMP should address port wide risk and should generally be focused outside the fence lines of individual facilities unless a terrorist attack on a facility has high port wide consequences; e.g. a CDC storage facility with inadequate stand off distances for vehicle borne improvised explosives may need a barrier system.

• The development of the SRMP should be coordinated by the AMSC or the designated subcommittee. Upon completion, it shall be sent to the FMSC for review and validation. The use of a contractor to develop the SRMP is highly encouraged but is not mandatory.