Infrastructure Survey Tool (IST)
The Cybersecurity and Infrastructure Security Agency (CISA) conducts an IST on facilities that request the service; the IST focuses on the following areas:
- Identifying facilities’ physical security, security forces, security management, information sharing, protective measures, and dependencies related to preparedness, mitigation, response, resilience, and recovery;
- Identifying security areas of possible improvements;
- Creating facility protective and resilience measures indices that show a comparison to similar facilities that have completed ISTs; and
- Tracking progress toward improving critical infrastructure security.
CISA provides the assessment information that the IST collects and analyzes to owners and operators via both a written report and the IST Dashboard, which is accessed through a secure web portal. The IST Dashboard graphically displays the collected data, which comprises weighted scores on a variety of factors for specific critical infrastructure. The Dashboard compares the data against similar facilities and informs protective measures, resilience planning, and resource allocation. In addition to providing a sector security and resilience overview, the Dashboard highlights areas of potential concern and feature options to view the impact of potential enhancements to protection and resilience measures.
The written report developed from the IST data contains a description of the facility and its possible vulnerabilities as well as options to mitigate identified vulnerabilities. The information is eligible for protection from disclosure under the Protected Critical Infrastructure Information Program, and the Department of Homeland Security uses this information for steady-state analysis, special-event planning, and incident management.
For specific information on the IST, please contact Central@cisa.dhs.gov.