Essay Example. NIPP and Risk Management Framework Analysis

Many risks evident in the current century are fueled by a complex mix of natural hazards, threats, human-made emergencies, attacks, and accidents (Baggett & Simpkins, 2018). The coordinated approach established by the National Infrastructure Protection Plan (NIPP) has been effective in setting national goals, priorities, key resources, and critical infrastructure. Through the NIPP coordinating approach, the federal resources and funding have adhered to the manner of deterring threats, reducing vulnerability as well as minimizing accidents and attacks (Baggett & Simpkins, 2018). The risk management framework forms the central point of NIPP functionality since it combines vulnerability, threat information, and consequences through a comprehensive, rational, and systematic assessment; its structures enhance the progressive improvement of key resources and critical infrastructures (CIKR) (NIPP, 2018). The NIPP is designed in a way that accommodates; and assesses risk, priorities, effective measures, protective programs as well as systems, functions, and assets meeting the Nation’s Critical infrastructure Homeland Security requirements.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Order now

Feedback Loop Design

In many engineering works, feedback loops have been configured in distinct ways; however, the designs have similar basic features (Stergiopoulos et al., 2016). The measurable variables are established to aid in determining errors and adjustable outputs that may create negative feedback. The primary purpose of the NIPP’s feedback loop design is to allow the CIKR associates and federal administration to monitor developments and progress for the purpose of executing more action that improves national CIKR resiliency and safety at the right time (NIPP, 2018). Additionally, the feedback loop design strengthens the NIPP model by proving the risk supervision performance and coordination arrangements in modified and flexible stages and divisions.

Suitability of “risk management” approach

The essentiality of the risk management approach can be drawn from the risk assessment and risk management factors (Petit & Verner, 2016). Notably, risk assessment ensures that the consequence of information, vulnerability and threats are integrated while the risk management factor controls the protective measures advocated by the risk reduction strategy involved in the approach. Several methodologies have been structured to integrate the vulnerabilities and threats; however, they rely on a risk management approach to formulate the resource allocation decisions that are vital in risk reduction action (NIPP, 2018). Lastly, the performance of action like assets identification, threat assessment, critical assets, risk determination, risks identification reduction ways and prioritization of risk reduction measures piloted by the risk management approach makes the approach effective in protecting the nation’s critical infrastructure.

Important Step of Risk Management Framework

The measure of effectiveness step in the risk management framework is the most important step that involves the use of evaluation procedures and metrics at both sector and national levels (Chatzipoulidis, Michalopoulos & Mavridis, 2015). The incorporated procedures in this step monitor the CIKR program's effectiveness and progress in increasing resiliency, improving protection as well as managing related risks. The information obtained during this step of the risk management framework is vital since it aids in determining specific adjustment measures for the protection of CIKR initiatives. Additionally, the step incorporates the security partners and DHS in the process of identifying and sharing best practices and learned lessons; this reinforces the process of risk management. The metrics and evaluation measures used in the measure effectiveness step are applied and tailored to ensure CIKR protection undergoes a continuous improvement; this escalates the success of the other stages of the risk management framework (Chatzipoulidis, Michalopoulos & Mavridis, 2015). Lastly, the information provided by the step can be used by NIPP to establish the updated CIKR protection measures.

NIPP Criticisms and Approaches

Firstly, the NIPP program relies on the probability of foreseen risks since its management framework risk design heavily depends on the risk assessment factor (NIPP, 2018). Notably, the information obtained from assessing the risks faced by CIKR is used in creating strategies used in mitigating threats and risks as well as prioritizing the resources designed programs. Based on that, NIPP conceptions aids propelling the plan to achieve practical objectives and goals created; however, they may be rendered useless during the live event. Consequently, NIPP has failed to consider the probability of failure of its implemented programs in the hand of unforeseen threats and accidents. Addressing the NIPP ineffectiveness can be achieved by allowing various government agencies and personnel to act independently when unpredictable risk erupts.

Secondly, the act of federal government, local partners and states taking much of NIPP information without acknowledging the critical infrastructure partners has been criticized. This is because the strategies of the critical infrastructure partners are mostly used in mitigating related threats and unwanted consequences that negatively affect many sectors of the US economy (Petit & Verner, 2016). Notably, it is unavoidable for NIPP to use risk assessment information in its operation. Consequently, it avails potential threats' vulnerabilities that help reconstruct the CIKR structures; thus, directing some resources to the critical infrastructure partners may be a motivating factor that can foster the spirit of striving for more secure assessment and implementation strategies (NIPP, 2018). The voids in the information gathered during the risk assessment are used by terrorists to discover the CIKR vulnerabilities; this allows them to exploit the designed plan. Thus, information and risk assessment findings should have limited access to maintain top secret within the program settings.

References

Baggett, R. K., & Simpkins, B. K. (2018). Homeland security and critical infrastructure protection. ABC-CLIO.

Chatzipoulidis, A., Michalopoulos, D., & Mavridis, I. (2015). Information infrastructure risk prediction through platform vulnerability analysis. Journal of Systems and Software, 106, 28-41.

NIPP. (2018). Supporting Policy and Doctrine: National Infrastructure Protection Plan. Retrieved from https://www.cisa.gov/national-infrastructure-protection-planPetit, F., & Verner, D. (2016). Critical Infrastructure Interdependencies Assessment. World Security Report, 2016.

Stergiopoulos, G., Vasilellis, E., Lykou, G., Kotzanikolaou, P., & Gritzalis, D. (2016, March). Critical infrastructure protection tools: classification and comparison. In Proc. of the 10th International Conference on Critical Infrastructure Protection.