NRMC Resources

This page provides National Risk Management Center (NRMC) outreach materials, information, and guides. Download and share these NRMC resources to enhance critical infrastructure security and resilience.

Fact Sheets

• ICT Supply Chain Risk Management (SCRM) Fact Sheet
• ICT SCRM Task Force Fact Sheet
• National Critical Functions (NCF) Fact Sheet * new resource
• National Risk Management Center (NRMC) Fact Sheet * new resource
• Pipeline Cybersecurity Initiative (PCI) Fact Sheet * new resource
• Time - The Invisible Utility: two quick reference guides designed for organization leaders (corporate level) and IT professionals and staff (technical level) on the importance of accurate and resilient timing.
  • Corporate-level Fact sheet (for organization leaders)
  • Technical-level Fact sheet (for IT and staff)

Infographics

• 5G Basics Infographic *new resource
• 5G Market Penetration and Risk Factors Infographic
• CISA Risk Management Framework Infographic
• ICT Supply Chain Risks Infographic
• ICT SCRM Essentials
• National Critical Functions (NCF) Set
• Pipeline Cyber Risk Mitigation Infographic 

Initiative Papers and Reports

• Electromagnetic Pulse (EMP) Program Status Report *new resource
• NCFs: Status Update to the Critical Infrastructure Community *new resource
• Overview of Risks Introduced by 5G Adoption in the United States
• Overview of the National Critical Functions
• Paper on Executive Order 13873 Response: Methodology for Assessing the Most Critical Information and Communication Technologies (ICT) and Services
  • Frequently Asked Questions: DHS's ICT Methodology in Support of EO 13873
• Report on Positioning, Navigation, and Timing (PNT) Backup and Complementary Capabilities to the GPS
• Time Guidance for Network Operators, Chief Information Officers, and Chief Information Security Officers 

ICT Supply Chain Risk Management Task Force Reports

• ICT SCRM Task Force Interim Report
• ICT SCRM Task Force Threat Scenarios Report

Election Security Resources

COVID-19 & Election Security

These voluntary resources were developed by the Election Infrastructure Subsector’s Government Coordinating Council (GCC) and Sector Coordinating Council (SCC) to assist election officials and voters prepare for impacts to possible COVID-19 related impacts to upcoming elections. 

• Ballot Drop Box: Deploying ballot drop boxes in support of increased mail voting, including considerations like security, chain of custody, and estimating the number of boxes needed.
• Election Education and Outreach for Increased Absentee or Mail Voting: Strategies for outreach to legislators/policy makers, parties, campaigns, advocacy groups, voters, and others to educate them on absentee voting and vote by mail. 
• Electronic Ballot Delivery and Marking: Helping jurisdictions determine whether expanded electronic ballot delivery and marking options is appropriate for them.  
• Helping Voters to Request a Mail-in Ballot: Public messaging and outreach to apprise voters of the application process for requesting mail-in ballots.
• Importance of Accurate Voter Data When Expanding Absentee or Mail Ballot Voting: Risks associated with inaccurate voter records and considerations for securing voter registration data.
• Inbound Ballot Process: Receipt and processing of increased volume of inbound mail ballots. 
• Managing an Increase in Outbound Ballots: FAQs and recommendations for working with vendors, the U.S. Postal Service, and others for handling increased volume of outgoing mail ballots.  
• Signature Verification and Cure Process: Processes for verifying signatures and giving voters the opportunity to remedy rejected mail ballots.
• Vote By Mail / Absentee Voting Timeline – Excel and PDF: Lays out estimated lead times required for states to consider when implementing processes to support significant increases in mail-in voting.

In-Person Voting Materials

• Considerations for Modifying the Scale of In-Person Voting: Guidance to election administrators conducting in-person voting on a different scale, and considerations for combining precincts and alternative vote centers.
• Finding Voting Locations and Poll Workers: Outlines challenges election officials may face procuring polling places and poll workers and considerations for increased physical and cybersecurity risks associated with in-person voting.
• Health and Safety at the Polling Place: Guidance to election administrators regarding personal protective equipment (PPE), cleaning and disinfecting, establishing procedures, and considerations for modifying poll working training.
• Innovative Practices and New Solutions Guide: Provides ideas and solutions to  election officials on how to administer and secure election infrastructure.
• Safeguarding Staff and Work Environment from COVID-19: Outlines new safety measures, (i.e., isolating staff and regular disinfecting protocols), providing PPE, exposed employees, and cybersecurity considerations regarding remote work.

#Protect2020 Resources

• #Protect2020 Strategic Plan
• Election Risk Profile Tool *new resource
• Cyber Incident Detection and Notification Planning Guide for Election Security 
• Election Infrastructure Cyber Risk Assessment and Infographic *new resource
• Guide to Vulnerability Reporting for America’s Election Administrators 
• Mail-in Voting in 2020 Infrastructure Risk Assessment and Infographic *new resource
• The War on Pineapple: Understanding Foreign Interference in 5 Steps Infographic
• Social Media Bots Overview Infographic
• Disinformation Stops With You 
  • Recognize the Risk
  • Question the Source
  • Investigate the Issue
  • Think Before You Link
  • Talk to Your Circle

Policy Documents | Guidance

• CISA Strategic Intent
• CISA 5G Strategy *new resource
• National Infrastructure Protection Plan (NIPP) 2013