Sector Risk Management Agencies

The nation’s critical infrastructure provides the essential services that underpin American society and serve as the backbone of our nation's economy, security, and health. We know it as the power we use in our homes, the water we drink, the transportation that moves us, and the communication systems we rely on to stay in touch with friends and family.

Presidential Policy Directive 21 (PPD-21): Critical Infrastructure Security and Resilience spells out the policy for how the federal government builds trusted partnerships and “advances a national unity of effort to strengthen and maintain secure, functioning, and resilient critical infrastructure.”

There are 16 critical infrastructure sectors whose assets, systems, and networks, whether physical or virtual, are considered so vital to the United States that their incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof.

Sector Risk Management Agencies

Each of these 16 critical infrastructure sectors has a designated Sector Risk Management Agency (SRMA) as identified in PPD-21:

Each of these critical infrastructure sectors has unique characteristics, operating models, and risk profiles. As such, each SRMA leverages their particular knowledge and expertise to:

  • Coordinate and collaborate with DHS and other relevant Federal departments and agencies, with critical infrastructure owners and operators, where appropriate with independent regulatory agencies, and with SLTT entities, as appropriate, to implement PPD-21.
  • Serve as a day-to-day Federal interface for the dynamic prioritization, collaboration, and coordination of sector-specific activities.
  • Carry out incident management responsibilities consistent with statutory authority and other appropriate policies, directives, or regulations.
  • Provide, support, or facilitate technical assistance and consultations for that sector to identify vulnerabilities and help mitigate incidents, as appropriate.
  • Support the Secretary of Homeland Security’s statutory reporting requirements by providing, on an annual basis, sector-specific critical infrastructure information.

For more details on how PPD-21 directs SRMAs, please see “Appendix B: Roles, Responsibilities, and Capabilities of Critical Infrastructure Partners and Stakeholders” in the National Infrastructure Protection Plan (NIPP) 2013.

Was this webpage helpful?  Yes  |  Somewhat  |  No