Reviewing the Assessment Flow Chart, the vulnerability assessment is the next step in the risk assessment process.

In the prior steps, assets and their respective values were assigned, the threat was analyzed, a Design Basis Threat was established, and a Level of Protection was selected.

The next step is to conduct the vulnerability assessment, which is an in-depth analysis of the building functions, systems, and site characteristics to identify building weaknesses and lack of redundancy, and determine mitigations or corrective actions that can be designed or implemented to reduce the vulnerabilities.