ABSTRACT
As presented in Chapter 8, the Department of Homeland Security (DHS) has made strides to standardize risk and vulnerability assessment through an integrated risk management (IRM) approach. Prior to DHS implem enting the IRM approach, a myriad of methods, from cost-benet analyses to evaluations, have been used to assess risk. Over the years, a considerable amount of money has been spent on various methods and software approaches to managing risk. Programs such as Risk Analysis and Management for Critical Asset Protection (RAMCAP™), CARVER Target Analysis and Vulnerability Assessment, and The Partnership for Safe and Secure Communities (PASCOM) have been used at the federal, state, and local levels. The current system in place is the Threat and Hazard Identication and Risk Assessment (THIRA) method. The National Infrastructure Protection Plan (NIPP) 2013 calls for employing the THIRA process as a method to integrate human, physical and cyber elements of critical infrastructure risk. In this chapter, we will brieŠy examine these earlier methods of risk assessment and focus on the current approach favored by the DHS and the Federal Emergency Management Agency (FEMA).
