Critical Infrastructure Vulnerability Assessments

The Department’s Protective Security Coordination Division conducts specialized field assessments to identify vulnerabilities, interdependencies, capabilities, and cascading effects of impacts on the Nation’s critical infrastructure.


These voluntary, nonregulatory vulnerability assessments are the foundation of the National Infrastructure Protection Plan's risk-based implementation of protective programs designed to prevent, deter, and mitigate the risk of a terrorist attack while enabling timely, efficient response and restoration in an all-hazards, post-event situation.

Because the majority of all U.S. critical infrastructure is privately owned, the effectiveness of vulnerability assessments depends upon the voluntary collaboration of private sector owners and operators. To further enhance the security and resilience of the Nation's critical infrastructure, Protective Security Advisors (PSAs) conduct Assist Visits. During an Assist Visit, PSAs focus on coordination, outreach, training, education, and building existing relationships with federal, state, local, tribal, territorial, and private sector partners.

Assist Visits are often followed by Infrastructure Survey Tool (IST) security surveys to collect, process, and analyze facility assessment data and develop a detailed assessment of the security and resilience of a facility.

Special Reports on Vulnerabilities and Indicators of Terrorist Activity

The Department facilitates information sharing between the government and individual sites and industry sectors, as well as between facilities and sectors, by offering comparative assessment data that supports national-level, cross-sector risk analysis of nationally significant critical infrastructure.

For the Department's federal, state, and local partners only, special reports, known as Infrastructure Protection Report Series, are available. These reports cover all 16 critical infrastructure sectors and identify common critical infrastructure vulnerabilities, sector-specific background information, and the types of terrorist activities that might be successful in exploiting these vulnerabilities.

Types of Vulnerability Assessments Offered

The Department offers the following critical infrastructure vulnerability assessment programs:


For more information on any of these voluntary vulnerability assessments or the Infrastructure Protection Report Series, please email

Was this webpage helpful?  Yes  |  Somewhat  |  No