A Business Process Engineering Approach to Managing Security and Resilience of Lifeline Infrastructures
The National Institute of Building Sciences project team undertook the present project to operationalize the NIPP 2013 framework into a conventional business process, a CISR Risk Management Process (CISR-RMP). The project employs a business process engineering approach to extend that framework into a workable, scalable, repeatable, defensible and practical process that infrastructures, especially interdependent lifelines (energy, water/wastewater, transportation and communications), local government agencies, and regional public-private partnerships can use to collaboratively rationalize the allocation of scarce and constrained resources for security and resilience. Three investigations informed the design specifications for such a process:
- Review of federal policy and strategy documents to determine the specific objectives, scope and policy requirements for the process;
- Decomposition of one of these requirements, defensibility, into a set of technical specifications based on the standards of the risk disciplines (economics, operations research, finance, etc.) and conducting a cursory review of 24 federally sponsored methods and tools designed for lifeline CIs; and
- Interviews with infrastructure and local government analysts and decision-makers, typical of those who would use a CISR-RMP, to learn their interests, preferences and constraints.
File Size: 5.6 MB