Protecting Houses of Worship Resources

Using this Houses of Worship (HoW) Resource Page

This page is designed to guide you through a four-step process that can act as the building blocks for improving the security and safety of your organization’s congregants and facilities. By following these steps, you can easily develop a continuing security improvement cycle.

Step 1: Start the Process

Start the process by forming a team to manage your facility’s security improvements. The role of this team is to lead the coordination, planning, and implementation of security improvements to secure your faith-based facility.  Basic roles for the team include:

• Identify priorities and a vision of your facility’s future security
• Identify available support and resources who can assist in the process 
• Engage with local or state law enforcement and emergency planning agencies
• Become aware of local and regional threats and concerns
• Leading your organization through the security improvement process

Resources designed to inform the security planning team

Mitigating Attacks on Houses of Worship Security Guide

In this security guide, CISA analyzed ten years of targeted attacks on houses of worship to provide context to the enterprise-wide security recommendations. The case studies reviewed are examples of the breadth of threats a house of worship faces daily.

Protecting Houses of Worship Video

Today, houses of worship face a unique set of safety and security challenges that weren't there just a few years ago. This video was developed to inform the faith-based community of options for consideration to mitigate risk to places of worship and related facilities.

CISA Protective Security Advisors

Protective Security Advisors (PSA) are trained subject matter experts in critical infrastructure protection and vulnerability mitigation. They facilitate local field activities in coordination with other Department of Homeland Security offices and Federal agencies. They also advise and assist state, local, tribal, and territorial (SLTT) officials and critical infrastructure owners and operators, and provide coordination and support in times of threat, disruption, or attack. You can email them at central@cisa.dhs.gov.

Faith-Based Information Sharing and Analysis Organization (FB-ISAO)

The FB-ISAO is a trusted community within the inclusive, community of faith. The ISAO and its members maintain primary focus on sharing timely, actionable and relevant information with an all-hazards approach as incidents affecting the community come in the form of physical threats, cybersecurity issues, health outbreaks, and a variety of natural disasters. The FB-ISAO’s mission is to provide members with information, analysis, and capabilities to help reduce risk while enhancing preparedness, security, and resilience.

Homeland Security Information Network

The Homeland Security Information Network (HSIN) is a trusted network for homeland security mission operations to share sensitive but unclassified information. Federal, SLTT, and private sector partners can use HSIN to manage operations, analyze data, send alerts and notices, and share the information they need to perform their duties. CISA Central-developed products are available to registered stakeholders in authorized communities of interest. 

HSIN uses enhanced security measures, including verifying the identity of all users the first time they register and ensuring users use two-factor authentication each time they log on. HSIN leverages the trusted identity of its users to provide simplified access to a number of law enforcement, operations, and intelligence information sharing portals.

Service benefits include:

• alerts and notifications basic
• Learning Management System
• comprehensive HSIN training
• document repository
• geographic information system mapping
• instant messaging (HSIN chat)
• managed workflow capabilities
• secure messaging (HSIN Box)
• web conferencing (HSIN Connect)

For more information, or to become a member, visit dhs.gov/homeland-security-information-network-hsin or email HSIN.Outreach@hq.dhs.gov.

Step 2: Conduct an Assessment

When considering security risk, a vulnerability is a weakness which an adversary may take advantage to inflict an attack or inhibit your operations.  To assist with identifying these vulnerabilities, CISA recommends use of the following resources. While many times security and risk assessments area available from state or local governments or law enforcement agencies, however when not available CISA recommends use of the following resources to assist with identifying those security vulnerabilities.

Houses of Worship Security Self-Assessment and User Guide

The first step in developing a quality security (plan or program) and improving preparedness is assessing your organization or facility’s current risk. To begin that process CISA has developed a baseline security self-assessment that is designed to assist the minimally trained person through the assessment process.  Successful completion and review of the recommendations can provide a path towards lowering risk and improving security.   

• To make the self-assessment process easier CISA has developed an Interactive Tool which duplicates the data collected in the paper-based version of the Houses of Worship Security Self-Assessment.  When properly completed it will provide an electronic and paper-based report that can be used to more easily inform security planning and improvement decisions.  In addition to the easy to use report, based on your state guidance the report may be used to inform grant applications.

CISA Bombing Prevention Protective Measures Awareness Training

The Protective Measures Awareness course introduces how to identify and mitigate facility security gaps. This course provides foundational knowledge about risk management and the three rings of security: physical, procedural/technical, and intelligence protective measures.

Step 3: Implement Security Improvements

As a factor in reducing risk consequence, mitigation can be achieved through numerous processes. Two of the easiest ways to minimize the potential consequences is through security and emergency planning along with focused training of both staff and congregants. Use of the Federal Emergency Management Agency (FEMA) Guide for Developing High Quality Emergency Operations Plans for Houses of Worship along with the following resources can provide the building blocks for improving security and safety.

Securing Public Gatherings Web Presence

CISA fosters collaboration between the private and public sectors to mitigate risk and enhance the security and resilience of public gatherings, reducing the likelihood of a successful attack or, for those incidents that do occur, limiting the impacts to life and property. To help organizations mitigate potential risks in today’s dynamic and rapidly evolving threat environment, CISA provides a compendium of resources for securing public gatherings.

Active Assailant Security Resources

Active shooter incidents are often unpredictable and evolve quickly. In the midst of the chaos, anyone can play an integral role in mitigating the impacts of an active shooter incident. CISA aims to enhance preparedness through a "whole community" approach by providing products, tools, and resources to help you prepare for and respond to an active shooter incident

Personal Security Considerations

The Personal Security Considerations Action Guide: Critical Infrastructure Workers helps critical infrastructure workers assess their security posture and provide options to consider whether they are on or off the job. This action guide provides actionable recommendations and resources intended to prevent and mitigate threats to a critical infrastructure worker’s personal safety.

FEMA Grants Programs

The US Department of Homeland Security through FEMA provides nonprofit security grants which are managed in partnership through each state’s Homeland Security Advisor’s office.  These competitive based grants provide funding to improve facility security, preparedness, and emergency planning. FEMA Grant information website   

Power of Hello

Industries face a variety of threats, both internal and external, from hostile governments, terrorist groups, disgruntled employees and malicious introducers. Alert employees can spot suspicious activity and report it. The power is in the employee, citizen, patron, or any person who can observe and report.

Used effectively, the right words can be a powerful tool. Simply saying “Hello” can prompt a casual conversation with unknown individuals and help you determine why they are there. The OHNO approach – Observe, Initiate a Hello, Navigate the Risk, and Obtain Help – helps employees observe and evaluate suspicious behaviors, and empowers them to mitigate potential risk, and obtain help when necessary.

Power of Hello Houses of Worship Guide

This more focused guide promotes employee vigilance for our houses of worship stakeholders. Alert personnel can better spot suspicious activity and actively report it. Keeping houses of worship facilities secure while sustaining the open and welcoming environment necessary for peaceful congregation requires a holistic approach to security.

Bomb Threats

Bomb threats or suspicious items should always be taken seriously. How quickly and safely you react to a bomb threat could save lives, including your own.  The guidance and resources available on this page outline in-depth procedures for bomb threats and will help you prepare and react appropriately during these events.

Suspicious Activity and Items

Being able to quickly identify and report suspicious activity can help mitigate potential threats and incidents. This includes vigilance in recognizing questionable and concerning purchases, what to do with unattended items, and understanding surveillance detection principles. The tools and resources on this page outline how to recognize suspicious activity and items.

Security and Safety Symposium for Faith Based Communities

On October 27, 2020, the Federal Bureau of Investigation (FBI), The U.S. Department of Homeland Security, Cybersecurity and Infrastructure Security Agency (CISA), and the InfraGard National Capital Region held a Faith-Based Security and Safety Symposium webinar to discuss best practices and risk mitigation strategies for protecting houses of worship amid the COVID-19 pandemic.

CISA Cybersecurity Awareness Program

The faith-based community can be a target of cyber crime or incidents that deny access to information, render information unusable, or even disclose the personal information of congregants in the public domain.  The CISA Cybersecurity Awareness Program is a national public awareness effort aimed at increasing the understanding of cyber threats and empowering the American public to be safer and more secure online. Cybersecurity is a shared responsibility. We each have to do our part to keep the Internet safe. When we all take simple steps to be safer online, it makes using the Internet a more secure experience for everyone.  

Step 4: Test Security Improvements

The final step in your initial security improvement cycle is testing and exercising what you have put in place. This could include some or all of the areas which you have improved or implemented new policies, physical barriers, or planning efforts which are designed to make your facility more secure and safe.  The lessons learned within your exercises should be used by the security planning team to inform the next reassessment and future planning as security is a continuing cycle and ongoing improvement and plan maintenance are a must to ensure continued security and safety. 

While exercises can be contracted through numerous private sector companies, most local, county, or state homeland security offices offer no cost exercises or resources which will allow you to participate in on-going programs or develop your own exercise. An additional resource is your local CISA Protective Security Advisor who can guide you through available resources and how to best use them and the results you identify.

CISA Tabletop Exercise Package (CTEP) Documents

The CTEP program is designed to assist critical infrastructure owners and operators in developing their own tabletop exercises to meet the specific needs of their facilities and stakeholders. CTEP allows users to leverage pre-built exercise templates and vetted scenarios to build tabletop exercises to assess, develop, and update information sharing processes; emergency response protocols; and recovery plans, policies, and procedures.

FEMA Preparedness and Planning Resources

Across the United States, Americans congregate in faith-based venues to worship, learn, play, and bond as a community.  In coordination with interagency partners, the DHS Center for Faith-Based and Neighborhood Partnerships and FEMA established a website for faith-based organizations that serves as a “one-stop shop” for information on available Federal tools, resources, and assistance.

If you would like more information on upcoming webinars and resources from the DHS Center for Faith-Based and Neighborhood Partnerships, you may email Partnerships@fema.dhs.gov.

Houses of Worship Security Self-Assessment

Protecting Houses of Worship Video

Today, houses of worship face a unique set of safety and security challenges that weren't there just a few years ago. This video was developed to inform the faith-based community of options for consideration to mitigate risk to places of worship and related facilities.