Posted: February 26th, 2023

HLSC 720-RISK ASSESSMENT PART II

RISK ASSESSMENT PART II

***PLEASE LOOK AT THE ATTACHMENT*** YOU WILL BE ADDING TO THIS ASSIGNMENT TO PART I

INSTRUCTIONS
 Provide a detailed overview of your overall assessment area.
 Provide ample (exhaustive) GIS data and mapping data of your overall assessment area.
 Use CARVER along with the various tables and formulas found in your text to complete
the needed tables.
 Identify the top 10 specific critical infrastructures in the area to guard and protect and
explain your reasoning.
 Identify the top 3 specific critical infrastructures in the area to guard and protect and
explain your reasoning.
 Complete Tables 1–2.
 Paper must contain three or more full pages of content not including the cover and
reference pages.
 Seven or more excellent sources must be cited.
 APA formatting guidelines must be used

RISK ASSESSMENT: PART 2 – DATA PROFILE, GEOGRAPHIC INFORMATION SYSTEM, AND MAPPING ASSIGNMENT INSTRUCTIONS OVERVIEW For this assignment, you will add a new section to your Risk Assessment: Part 1 – Vulnerability Analysis Critical Infrastructure Assignment and label it “Part 2.” Do not get rid of Part 1. Add to your existing table of contents and reference page at the end of the paper. In Part 2 you will: 1. Provide a detailed overview of your overall assessment area. Provide an in-depth data profile (identifying the population and demographic data for the area) of your overall assessment area. 2. Provide ample (exhaustive) GIS data and mapping data of your overall assessment area. a. Each table, figure, or chart needs to be properly labeled as per current APA. b. These numbers will change when new sections are added. c. Use visuals such as maps, satellite images, diagrams, etc. 3. Use CARVER along with the various tables and formulas found in your textbook to complete the needed tables. The same will be used in Part 3. (See textbook) 4. Identify the top 10 specific critical infrastructures in the area to guard and protect and explain your reasoning. Use the below table but also provide data that supports each area being on this list.

5. Identify the top 3 specific critical infrastructures in the area to guard and protect and explain your reasoning. Create another Table just like above with only the top 3 listed. This will be Table 2. (Analyze the area for factors that contribute to critical infrastructure identification.) *Your CI list will have more than 3 locations—the top 3 will need what is called for above— They cannot be areas; they need to be locations. The locations cannot be a group of all schools in the county or all banks.

INSTRUCTIONS Provide a detailed overview of your overall assessment area. Provide ample (exhaustive) GIS data and mapping data of your overall assessment area. Use CARVER along with the various tables and formulas found in your text to complete the needed tables. Identify the top 10 specific critical infrastructures in the area to guard and protect and explain your reasoning. Identify the top 3 specific critical infrastructures in the area to guard and protect and explain your reasoning. Complete Tables 1–2. Paper must contain three or more full pages of content not including the cover and reference pages. Seven or more excellent sources must be cited. APA formatting guidelines must be used

image1

RISK ASSESSMENT OF NASHVILLE BNA AIRPORT

12

Risk assessment of Nashville BNA Airport

Parts I

Table of Contents

Part 1

3

1.1“Critical infrastructure, vulnerability analysis, and risk assessment”

3

1.1.1Defining and measuring risk

3

1.1.2 Threats and Hazards

3

1.1.3Role of government in risk assessment

4

1.1.4 “Asset-level vs. portfolio-level analysis”

4

1.2 FEMA’s community perspective on mitigation

4

1.2.1 Tools, techniques, processes, and best practices for identifying critical infrastructure

5

1.3 CARVER

5

1.3.1 The critical infrastructure identification process

6

1.3.2 GIS data and mapping

6

1.3.3“National preparedness and homeland security directives”

6

1.4 CIRK and NIP

7

1.5 HSPD 7 and HSA 2002

7

1.6 “PPD 21 and the Stafford Act”

8

1.6.1 “Protective security and effective security countermeasures”

8

1.6.2 “Pure risk assessment model and security vulnerability analysis”

8

Part II

9

2.1 Overview of Nashville BNA Airport

9

2.1.1 BNA

9

2.1.2 Location

10

2.1.3 Travelers

10

2.1.4 Flights and airlines

10

Part III

10

3.1 Structural and non-structural mitigation strategies

10

3.1.1 Assessment and recommendations

11

Conclusion

11

References

12

Appendixes

15

Critical Infrastructure

1.1Critical infrastructure, vulnerability analysis, and risk assessment

The Department of Homeland Security lists sixteen critical substructure sectors whose assets, structures, and systems (physical or virtual) are so vital to the US that their disruption or obliteration would have a devastating impact on national security, financial security, public health, and care, or any grouping thereof (Krausmann, et al. 2019). Our essential substructures provide vital services. Essential resources are government, private, or individual property that may be evaluated economically. Vulnerability research quantifies vulnerabilities based on asset and threat evaluations and evaluates current security measures.

1.1.1
Defining and measuring risk

Risk is the probability that a vital asset may be damaged or lost due to a defined threat targeting and exploiting a specific susceptibility of a critical substructure, key source, or key support. Risk assessments analyze a vital asset’s security system using specified scenarios. Serious asset value, threats, vulnerabilities, and the chance of exploitation determine risk.

1.1.2 Threats and Hazards

Threats foretell bad things. Successful threats can damage essential assets. Threats have intent. A hazard is an action or circumstance that exposes a hazard. Terrorists or cyber-attacks are threats. Natural hazards include floods and hurricanes. All risks are human-made, and while most hazards are natural, humans may cause them by ignorance or not following laws and procedures.

1.1.3 Role of government in risk assessment

Risk evaluations need unique government involvement. DHS says doctrine and guidelines are the first and most crucial stage in risk management integration. Risk management and risk assessments do not avoid evil occurrences but help agencies, corporations, and individuals focus on the most harmful actions and how to prevent or reduce them. FEMA, DHS, and community-developed risk assessments should be tailored to each resource and scenario. Individuals, companies, and agencies must follow the instructions and create mitigation strategies. The government assesses risk for assets that harm the US or essential assets within its jurisdiction.

1.1.4 Asset-level vs. portfolio-level analysis

Asset-level security gives baseline risk facts. Asset-level protection analyzes one asset at a time. Asset-level guard involves scenario documentation, importance, critical evaluation, security susceptibility assessment, hazard likelihood valuation, benefit/cost investigation, and risk-informed conclusions (Guo, et al. 2019). Portfolio risk assessment compares various assets to asset-level protection. Portfolio risk assessment involves investments, an industry, and an authority or city. Loss is the main distinction between asset and collection risk investigation. The portfolio-level investigation evaluates direct asset sufferers and indirect losses from physical geography, cyber, or internal and outside rational interdependencies, whereas asset-level analysis estimates asset losses solely.

1.2 FEMA’s community perspective on mitigation

FEMA lists five important infrastructure planning activities. First, they advocate a standard critical infrastructure identification process that includes assets and structures, dependencies, interdependencies, and significant nodes within the authority (FEMA). Second, acquire duplicates of current security and resilience, hazard extenuation, emergency processes, emergency response, and continuity of operations plans. Third, staff must examine, coordinate, and update current methods to maintain critical infrastructure security and resilience and build a customized strategy and program for the area of responsibility (FEMA). Fourth, each system must define security, jurisdiction, and information-sharing roles. Finally, gaps, whether roles and duties cover all operational instructions, jurisdictional borders and coordination efforts, and particular geographical challenges. All risks, independent of source, repercussions of asset breaches, optimal preventive measures based on asset vulnerabilities, priority strategy, and program implementation instructions must be defined.

1.2.1 Tools, techniques, processes, and best practices for identifying critical infrastructure

Identifying critical infrastructure and choosing tools, strategies, procedures, and best practices to minimize risks and recover after an event is possible. First, identify critical infrastructure, resources, and assets. Second, these assets and resources must be rated by importance. Third, assess threats (Rehak, et al. 2019). General and site-specific threat assessments exist. General threat assessments predict the possibility of enemies attacking a crucial asset. Each resource and asset undergoes site-specific threat assessment. Fourth, a vulnerability assessment must identify weaknesses that an adversary or environmental hazard can exploit. Fifth, risk assessments must identify high-risk assets. Finally, security countermeasures must be created to address vulnerabilities and dangers.

1.3 CARVER

The CARVER matrix is a common asset vulnerability analysis tool. CARVER provides numerical standards for each possible aim and adds the scores from each column to rate each advantage from the greatest possible to the lowest potential target. Criticality, convenience, recoverability, susceptibility, effect, and recognizability are CARVER. Criticality is the target value. Accessibility is the possibility that an enemy can attack a target. Recoverability is the asset’s repair or replacement time or attack recovery time. Attacks have military, political, economic, psychological, and social impacts. Recognizability is the adversary’s ability to understand the asset’s value.

1.3.1 The critical infrastructure identification process

Each agency and jurisdiction determines vital infrastructure. Any valuable object needs protection. This includes identifying the asset’s goods and services, operations, and connections to other critical assets. People are a jurisdiction’s most important asset. However, some assets might threaten our survival and way of life if harmed. Consider who else would consider crucial infrastructure while determining it (Novotny, et al. 2020). The capitol building in Washington D.C. is a vital advantage for many motives, but the indigenous police cannot reduce any threat. Federal establishments and agencies should handle that. A university must be under municipal sovereignty and not under federal oversight.

1.3.2 GIS data and mapping

To collect, organize, analyze, manage, and display geographical information, there is the geographic information system (GIS). GIS facilitates data display in a geographical context as a tool for problem-solving and decision-making. By analyzing geospatial data, one can learn: (1) where features are located and how they relate to one another; (2) where features are most and/or least abundant; (3) the density of sorts in a given space; (4) what’s trendy within an area of concern; (5) what’s trendy in the vicinity of a feature or spectacle; (6) and how a particular area has altered over time and how it has altered concerning other areas.

1.3.3 National preparedness and homeland security directives

Presidential commands are constitutional or legislative directions from the president. Executive Branch agencies carry out presidential directives. Unless otherwise indicated or until further presidential action, presidential instructions stay in effect when administrations change. After the “September 11, 2001”, terrorist attacks, “President Bush” created the “Office of Homeland Security and the Homeland Security Council” by executive order to help plan and coordinate government anti-terrorism and domestic security measures (Aruru, et al. 2021). The president then issued Homeland Security Presidential Directives to document and convey his homeland security policy. 25 HSPDs were issued between October 2001 and January 2009. These guidelines shaped public health emergency planning and response policies and procedures.

1.4 CIRK and NIP

Critical Infrastructure and Key Resources CIKR. It refers to the US asset essential to national security, public health, economic vitality, and way of life. Private companies run most U.S. CIKR. This needs unique public-private cooperation to safeguard it (DHS). The National Infrastructure Protection Plan (NIPP) describes how governments and businesses collaborate to control risks and achieve security and resilience. An integrated strategy is needed to identify, prevent, detect, disturb, and prepare for intimidations and hazards to the nation’s dangerous substructure; minimize weaknesses of vital assets, structures, and nets; and alleviate the possible repercussions of incidents or adverse events that do occur (DHS). NIPP analyzes the different risk organization viewpoints of the public and private subdivisions, which share the goal of safeguarding and strengthening critical infrastructure. It uses private and public sector benefits to benefit everybody.

1.5 HSPD 7 and HSA 2002

Homeland Security Presidential Directive 7 requires federal agencies to prioritize and defend critical infrastructure against terrorist assaults. Thirty-one policy statements and definitions are in the directive. These rule statements explain what the instruction covers and how central, state, and local activities will implement it (DHS). HAS 2002 required the DHS to combine law implementation and intellect on homeland terrorism risks. The “DHS Office of Emergency Communications (OEC)” must create and update a plan with “central, state, local, tribal, territorial, and private sector stakeholders”.

1.6 PPD 21 and the Stafford Act

The Presidential Policy Directive on Critical Substructure Security and Flexibility promotes national cooperation to safeguard, function, and recover serious infrastructure. “Presidential Policy Directive 21”: “Critical Infrastructure Security and Resilience (PPD-21)”, announced on “February 12, 2013”, requires the central government to secure its dangerous infrastructure against bodily and cyber-attacks. The Stafford Act of 1988 authorizes federal aid to states during catastrophic disasters and crises (Ani, 2021). The Stafford Act enables “federal technical, financial, logistical, and other aid” to states and communities during catastrophic tragedies or crises. FEMA manages state tragedy relief. If state and local governments cannot respond, the Stafford Act provides federal help.

1.6.1 Protective security and effective security countermeasures

After analyzing all threats, susceptibilities, and dangers, security countermeasures must be developed to limit attack occurrence and severity. Protecting vital infrastructure, essential resources, and critical assets reduces exposure to potential attacks, regardless of their kind. Eight proactive and reactive protection rings defend crucial infrastructure. Devalue the target. This reduces its attack ability. Hardening the mark deters. Third, detect the assault. Fourth, prevent opponent damage. Fifth, delay the opponent. Sixth, defend. Seventh, efficiently respond to target attacks. Finally, heal fully and swiftly. These rings should overlap for maximum security.

1.6.2 Pure risk assessment model and security vulnerability analysis

The Pure Risk Assessment Classic is an uncontrollable hazard with one outcome: total loss. SVA concludes risk assessment. SVA analyzes risks and safety flaws that put an asset at risk. SVA evaluates each advantage against opponent pressures (Hassandoust, et al. 2020). SVAs assess security countermeasures’ efficacy. Consider all situations and relate each vulnerability to an opponent’s capabilities, past, and purpose. SVA employs scenario-based and asset-based approaches. The scenario-based methodology identifies prospective attackers of the vital asset. Asset-based strategy requires assessing each essential asset component’s target ability. The next stage is to order the consequences of both techniques based on probability, detrimental impact, and what countermeasures should be devised to prevent an attack.

Part II

2.1 Overview of Nashville BNA Airport

A variety of restaurants and shops are available at the airport, as well as a nail salon, thought rooms, free Wi-Fi, a broad Arts at the Airport package with graphic art and live entertainment, a full-service commercial center with foreign currency conversation, meeting space for that last session before you head home. The best live music you’ll ever hear in an airfield. “Three six-story terminal garages,” an onsite hotel, a large terminal lobby, prolonged ticketing and luggage areas, extra safety screening lanes, a new forecourt, retail and dining, extra airline gates, a state-of-the-art Global arrivals ability, and a future multi-modal journey connector are all part of the Nashville Airport’s current expansion and renovation plans. All repairs and updates are expected to be finished by the year 2023.

2.1.1 BNA

Berry Field Nashville, named for the 1930s airport’s superintendent Colonel Harry S. Berry, has the three-letter IATA code BNA.

2.1.2 Location

Eight miles east of the city center, at One Terminal Drive, Nashville, TN 37214, is where you’ll find Nashville International Airport (Butt, et al. 2020).

2.1.3 Travelers

Each year, they assist around 17 million customers.

2.1.4 Flights and airlines

More than 585 flights depart and arrive at BNA daily from 22 airlines, “including major carriers and their regional partners. Atlanta, Boston, Chicago, Dallas, Denver, London, Los Angeles, Miami, New York, Orlando, Philadelphia, Salt Lake City, San Diego, San Francisco, Seattle, Toronto, and Washington, D.C”. Are just some of the 101 markets that get nonstop service?

Part III

Critical assets, together with the advantage value and risks to the advantage, must be recognized while performing a risk assessment. In addition, you need to do a security risk analysis and vulnerability scan. It is necessary to evaluate the degree of danger, take the required precautions, and then reevaluate the situation. Countermeasures can be implemented to remove, lessen, or minimize risk and vulnerability. Natural hazards are just as worthy of countermeasures as those posed by humans.

3.1 Structural and non-structural mitigation strategies

Due to the unique characteristics of each of the top three essential assets at Nashville BNA Airport, a uniform set of structural and non-structural mitigation techniques would need to be more effective. All institutions have elaborate evacuation and extinguisher plans, but these plans must consider the buildings’ actual construction and overall age (Blumberg, et al., 2021). Fire, active shooter/ferocity, extreme weather/normal catastrophe, explosions, cyber-attack, and corruption are the primary dangers to vital infrastructures. Theft, vandalism, and cyber-attacks might compromise the facility’s ability to carry out its purpose and equipment.

3.1.1 Assessment and recommendations

In general, travelers, employees, and visitors to Nashville BNA Airport may feel comfortable knowing that adequate security precautions have been taken. Staff and safety staff are well-prepared for any crisis or dispute that may arise, as well as any natural catastrophe or weather hazards. All airport staff should have ample time to react to any problem or respond to any directives from authorities using methods like Rave Alert, social media, email, and other airport alerts (Saeidi, et al. 2019). Due to the antiquity of the structures, it is recommended that the airport’s motorized and electrical schemes be assessed and promoted as essential. To ensure that all passengers and staff are prepared for law implementation, fire, and alternative medicinal response in the event of a mass shooting, bomb threat, or other act of violence, it is recommended to collaborate with local authorities on these issues.

Conclusion

Nashville International Airport’s study has looked at the airport’s most essential features, identified possible dangers, analyzed the measures now in place to ward them off, and proposed some ways in which they may be enhanced. Airport security and local law enforcement must work together on drills and exercises, the public must be aware of potential risks, and the airport’s mechanical and electrical systems must be constantly monitored and upgraded.

References

Ani, A. (2021). 
The correlation between vocabulary and speaking mastery at grade VIII Students of SMP N 5 Padangsidimpuan (Doctoral dissertation, IAIN Padangsidimpuan).

Aruru, M., Truong, H. A., & Clark, S. (2021). Pharmacy Emergency Preparedness and Response (PEPR): a proposed framework for expanding pharmacy professionals’ roles and contributions to emergency preparedness and response during the COVID-19 pandemic and beyond. 
Research in Social and Administrative Pharmacy, 
17(1), 1967-1977.

Blumberg, D. L. (2021). More Direct Flights, Improved Organ Donations. 
Big Ideas.

Butt, A. A., Harvey, J., Saboori, A., Ostovar, M., Bejarano, M., & Garg, N. (2020). Decision support in selecting airfield pavement design alternatives using life cycle assessment: A case study of Nashville airport.
Sustainability, 
13(1), 299.

Guo, H., & Ryan, L. (2019). Practical Applications of Currency-Hedging Optimization for Multi-Asset Portfolios. 
Practical Applications, 
6(3), 1-4.

Hassandoust, F., & Techatassanasoontorn, A. A. (2020). Understanding users’ information security awareness and intentions: A full nomology of protection motivation theory. In 
Cyber influence and cognitive threats (pp. 129-143). Academic Press.

Krausmann, E., Girgin, S., & Necci, A. (2019). Natural hazard impacts on industry and critical infrastructure: Natech risk drivers and risk management performance indicators. 
International Journal of Disaster Risk Reduction, 
40, 101163.

Novotny, P., & Janosikova, M. (2020). Designating Regional Elements System in a Critical Infrastructure System in the Context of the Czech Republic. 
Systems, 
8(2), 13.

Rehak, D., Senovsky, P., Hromada, M., & Lovecek, T. (2019). Complex approach to assessing the resilience of critical infrastructure elements.
International journal of critical infrastructure protection, 
25, 125-138.

Saeidi, P., Saeidi, S. P., Sofian, S., Saeidi, S. P., Nilashi, M., & Mardani, A. (2019). The impact of enterprise risk management on competitive advantage by the moderating role of information technology. 
Computer standards & interfaces, 
63, 67-82.

`

Appendixes

image3

image4

image5

image6

image7

image1

image2