Our nation faces a wide range of threats and hazards, including acts of terrorism, cyber attacks, pandemics, and catastrophic natural disasters.
The National Protection Framework describes what the whole community—from community members to senior leaders in government—should do to safeguard against these hazards. This Framework provides a unifying approach that is adaptable to specific Protection mission requirements, mission activities, jurisdictions, and sectors.
The National Protection Framework sets out three principles that guide the development and execution of the core capabilities for Protection. These principles are designed to provide a common reference for implementing Protection as part of national preparedness.
The first guiding principle is resilience and scalability. Resilience is the ability to prepare for and adapt to changing conditions and withstand and recover rapidly from disruptions. Scalability is the ability to meet unforeseen, unmet, and evolving needs of varying geographic scope, complexity, and intensity.
The second guiding principle that helps develop and support the delivery of Protection core capabilities is risk-informed culture, which includes vigilance and situational awareness through a system of monitoring emerging threats and hazards and the risk they pose. A risk-informed culture also includes information sharing and risk-informed decision making through systems that provide coordination. These coordination mechanisms allow for the delivery of appropriate information to stakeholders who will then use that information to guide analysis and action.
The final guiding principle is shared responsibility through engaged partnerships and integrated processes. Engaged partnerships are put in place to share information and establish effective coordinating structures. Integrated processes enable engaged partnerships to more effectively achieve the shared vision of a safe and secure nation.
The National Protection Framework promotes a shared understanding of the Protection mission that enables more effective information sharing, interoperability, and effectiveness of Protection activities nationwide.
Course Goals
In response to various threats to our nation, protection must be at the forefront of any emergency preparation initiative to ensure the safety and security of this country. Whether you are an individual citizen, a member of one of the various levels of government, or work in the private or nonprofit sector, you have a shared responsibility to become engaged in safeguarding the nation from harm using a systematic approach.
The goal of this course is to familiarize you with the National Protection Framework, which describes the way that the whole community safeguards against acts of terrorism, natural disasters, and other threats or hazards.
Course Objective:
At the end of this course, the students will be able to describe how the National Protection Framework is applied to help protect our nation from acts of terrorism and other threats or hazards.
Below are instructions for navigating through the course using your keyboard.
Use the "Tab" key to move forward through each screen's navigation buttons and hyperlinks, or "Shift" + "Tab" to move backwards. A box surrounds the button that is currently selected.
Press "Enter" to select a navigation button or hyperlink.
Use the arrow keys to select answers for multiple-choice review questions or self-assessment checklists. Then tab to the Submit button and press Enter to complete a Knowledge Review or Self-Assessment.
Warning: Repeatedly pressing Tab beyond the number of selections on the screen may cause the keyboard to lock up. Use Ctrl + Tab to deselect an element or reset to the beginning of a screen’s navigation links (most often needed for screens with animations or media).
JAWS assistive technology users can press the Ctrl key to quiet the screen reader while the course audio plays.
Receiving Credit
Each lesson takes a variable amount of time to complete. If you are unable to complete the course in its entirety, you may close the window and reopen the course at any time. However, depending on the system used to take the course, it is possible you may have to repeat a portion of the last lesson you were studying.
Lesson Overview
This lesson will provide an overview of the National Protection Framework. Protection refers those capabilities necessary to secure the homeland against acts of terrorism and manmade or natural disasters.
Upon completion of this lesson, you will be able to describe the purpose, scope, organization, and underlying doctrine of the National Protection Framework.
Framework Purpose and Organization
The National Protection Framework, which is part of the National Preparedness System, sets the strategy and doctrine for how the whole community builds, sustains, and delivers the Protection core capabilities identified in the National Preparedness Goal.
The Protection mission includes actions to deter threats, reduce vulnerabilities, or minimize the consequences associated with an incident. Effective Protection relies on close coordination and practices across the whole community and international partners and organizations. The National Protection Framework focuses on Protection core capabilities that are applicable during Protection operations before or during an incident and in response to an elevated threat.
We will take a closer look at the National Preparedness System and the National Preparedness Goal later in this lesson.
Framework Purpose and Organization, continued
The National Protection Framework provides guidance on how to safeguard against acts of terrorism, natural disasters, and other threats or hazards by:
Describing the core capabilities needed to conduct the Protection mission and create conditions for a safer, more secure, and more resilient nation
Aligning key roles and responsibilities to deliver Protection capabilities
Describing coordinating structures that enable all stakeholders to work together
Laying the foundation for operational coordination and planning that aligns Protection efforts within the whole community
Strengthening the ability of essential Protection functions and services to continue regardless of threat or hazard
Throughout this course, we will take a closer look at the core capabilities, the key roles and responsibilities, and the coordinating structures that are included in the National Protection Framework.
Whole Community Preparedness
Preparedness depends on efforts at all levels, including individuals and communities, the private and nonprofit sectors, faith-based organizations, and all levels of government (local, regional/metropolitan, state, tribal, territorial, insular-area, and Federal). The contributions of all must be integrated into preparedness efforts, and the needs of all must be addressed in planning for the development of response capabilities.
Whole community includes:
Individuals and families, including those with access and functional needs
Businesses
Faith-based and community organizations
Nonprofit groups
Schools and academia
Media outlets
All levels of government, including state, local, tribal, territorial, and federal partners
More information about whole community preparedness can be found in
As part of the whole community preparedness effort, the National Protection Framework focuses specifically on the needs of those involved in delivering and applying the Protection core capabilities.
Click on the picture for each audience group to hear how the National Protection Framework applies.
Senior Leaders
Senior leaders are directly responsible for implementing core capabilities within the Protection mission. These leaders include, but are not limited to, government and corporate executives; law enforcement, security, public health, health systems, fire emergency, medical, and emergency management professionals; critical infrastructure owners and operators; and others with legal or statutory authorities within this mission area.
Protection Professionals
Protection professionals deliver their capabilities to a variety of other communities, those in other mission areas, those in other security areas, and other affiliated groups. As a result, Protection professionals are a key element for planning and delivering Protection capabilities.
Individuals and Communities
Individuals and communities can also use this Framework to understand how they may contribute to and benefit from national preparedness. This includes children; older adults; individuals with disabilities; those from religiously, racially, and ethnically diverse backgrounds; and people with limited English proficiency.
Scope
The National Protection Framework focuses on the Protection core capabilities that are applicable during steady-state conditions, before or during an incident, and in response to elevated threat. There are a range of activities enabled by the Protection core capabilities. These activities include (click each image for additional information):
To better understand how the National Protection Framework fits into the overall national preparedness efforts, we need to look at the National Preparedness System and the National Preparedness Goal.
The National Preparedness System (NPS) was developed to provide the approach, resources, and tools to aid the whole community in its preparedness activities to achieve the National Preparedness Goal. While the NPS emphasizes the National Incident Management System (NIMS) as the basis for organizing operations during incident management, Protection capabilities are built, sustained, and delivered by a wide range of organizational arrangements. Also, the NPS includes determining what capabilities are needed, how they should be developed and sustained, and how they should be delivered.
National Preparedness Goal
The National Preparedness Goal presents an integrated, layered, and whole community approach to preparedness. The Goal itself is a result of contributions from the whole community. It recognizes that everyone can contribute to and benefit from national preparedness efforts.
National Preparedness Goal
The National Preparedness Goal lays out the nationwide preparedness vision and identifies the core capabilities necessary to achieve that vision across the following five mission areas:
Prevention
Protection
Mitigation
Response
Recovery
Successful achievement of the National Preparedness Goal will result in a secure and resilient nation with the capabilities required across the whole community to prevent, protect against, mitigate, respond to, and recover from the threats and hazards that pose the greatest risk.
There is a National Framework for each mission area. In this course, we are focusing on the Protection Framework which relates to the Protection mission area.
Core Capabilities (1 of 2)
Both the National Preparedness System and the National Preparedness Goal discuss the development of capabilities needed to ensure a secure and resilient nation. These core capabilities are the way we can measure, describe, and implement our security and resilience techniques.
The National Planning Frameworks, one framework for each mission area, discuss how whole community efforts build, sustain, and deliver these core capabilities.
Throughout this course, we will focus specifically on the Response core capabilities. These capabilities are discussed in detail in Lesson 3: Core Capabilities.
Core Capabilities (2 of 2)
Under all five mission areas (Prevention, Protection, Mitigation, Response, and Recovery) there are a combined total of 32 core capabilities. These capabilities are highly interdependent and require us to use existing preparedness networks and activities, to coordinate and unify efforts, to improve training and exercise programs, to promote innovation, and to ensure that the administrative, finance, and logistics systems are in place to build, sustain, and deliver the capabilities. There are a number of key characteristics of these capabilities that you should remember.
The core capabilities:
Are distinct critical elements necessary to meet the National Preparedness Goal
Are essential for the execution of each mission area: Prevention, Protection, Mitigation, Response, and Recovery
Provide a common language for preparedness across the whole community
Are not exclusive to any single level of government or organization and encompass the whole community
More information regarding the National Preparedness System, the National Preparedness Goal, and Core Capabilities can be found in IS-2000: National Preparedness Goal and System: Overview (https://training.fema.gov/is/courseoverview.aspx?code=IS-2000).
Cross-Cutting Core Capabilities
The chart below illustrates the three core capabilities that span all mission areas: Planning, Public Information and Warning, and Operational Coordination. Within each mission area, there are specific capabilities that are unique but not unrelated. Remember, each core capability under the specified mission area is intended to meet the national preparedness goal.
Prevention
Protection
Mitigation
Response
Recovery
Planning
Public Information and Warning
Operational Coordination
On the following screens, we’ll take a look at the core capabilities that fall under the five specific mission areas.
Guiding Principles for Protection
The National Protection Framework sets out three principles that guide the development and execution of the core capabilities for Protection. These are:
Resilience and Scalability
Risk-informed Culture
Shared Responsibility
On the following screens, we’ll take a closer look at these guiding principles.
Guiding Principles for Protection: Resilience and Scalability
The first guiding principle that helps develop and support the delivery of Protection core capabilities is resilience and scalability.
Resilience is the ability to prepare for and adapt to changing conditions and withstand and recover rapidly from disruptions. Scalability is the ability to meet unforeseen, unmet, and evolving needs of varying geographic scope, complexity, and intensity.
Guiding Principles for Protection: Resilience and Scalability Example
One example of the effectiveness of resilience and scalability comes from the 2014 epidemic of Ebola virus disease in West Africa. Prior to the epidemic, the Centers for Disease Control and Prevention (CDC) laboratory in Atlanta, Georgia, and DoD’s U.S. Army Medical Research Institute of Infectious Diseases were the only U.S. laboratories capable of testing human specimens for clinical diagnosis of Ebola virus disease. By August 2014, some 13 laboratories in the Laboratory Response Network qualified to test individuals for Ebola virus disease. As of February 25, 2015, some 55 laboratories in 43 states were approved to test for Ebola using a DoD test authorized for emergency use by Health and Human Services’ U.S. Food and Drug Administration (FDA). This increase, in addition to technological improvements, broadened the capacity to identify and interdict persons who might be infected with the Ebola virus disease, and decreased the turnaround time for Ebola virus disease test results from 24 hours to 4–6 hours.
Guiding Principles for Protection: Risk-informed Culture
The second guiding principle that helps develop and support the delivery of Protection core capabilities is risk-informed culture, which includes vigilance and situational awareness through a system of monitoring emerging threats and hazards and the risk they pose. A risk-informed culture also includes information sharing and risk-informed decision making through systems that provide coordination. These coordination mechanisms allow for the delivery of appropriate information to stakeholders who will then use that information to guide analysis and action.
Guiding Principles for Protection: Risk-informed Culture Example
A risk-informed culture is critical in protecting the nation’s energy infrastructure. For example, in June 2014, an improvised explosive device ruptured a fuel tank at a power station in Nogales, Arizona. This followed a 2013 incident in which armed assailants opened fire on a substation’s cooling systems in San Jose, California, knocking out power to 17 transformers.
In response to these incidents, the Federal Energy Regulatory Commission ordered the North American Electric Reliability Corporation to develop new reliability standards that require grid owners to conduct risk assessments and implement security measures to protect against attacks. The FBI also partnered with the U.S. Department of Energy (DOE) to ensure the capacity to interdict persons associated with a potential threat at facilities that use radiological material. In fiscal year 2014, this partnership supported security enhancements at 96 facilities, 14 courses that trained 396 personnel, and six tabletop exercises.
Guiding Principles for Protection: Shared Responsibility
The third guiding principle that helps develop and support the delivery of Protection core capabilities is shared responsibility through engaged partnerships and integrated processes.
Engaged partnerships are put in place to:
Share information
Exchange ideas, approaches, and best practices
Facilitate security planning and resource allocation
Establish effective coordinating structures among partners (such as NIMS)
Build public awareness
Integrated processes enable engaged partnerships to more effectively achieve the shared vision of a safe and secure nation.
Guiding Principles for Protection: Shared Responsibility Example
Several cyber incidents illustrate how the Protection mission area relies on shared responsibility to coordinate capabilities across the whole community. In April 2014, private-sector cybersecurity engineers discovered a vulnerability in commonly used encryption software that exposed up to two-thirds of all web servers to exploitation by cyber criminals. The vulnerability, known as Heartbleed, enabled hackers to intercept and decrypt private information transmitted online. Once notified, the Federal Government promptly shared cyber threat information with the public using alerts that included actionable measures for reducing the risk. Moreover, DHS’s National Coordinating Center for Communications provided situational awareness to partners in the communications sector to inform their protective measures. The same team worked with partners to deny access to networks, applications, and systems that could be exploited.
Risk Basis
Risk is the potential for an unwanted outcome resulting from an incident, event, or occurrence, as determined by its likelihood and the associated consequences.
The Protection mission area emphasizes the knowledge of risk, since it allows a community to make informed decisions about how to manage risk and develop needed capabilities. To support this effort, the Strategic National Risk Assessment (SNRA) was developed to analyze the greatest risks to the nation.
Strategic National Risk Assessment (SNRA)
The SNRA analyzes the greatest risks at a national level. This analysis:
Contributes to our shared understanding of the full range of threats, hazards, and challenges facing our nation as well as greater visibility of long-term risk trends
Will be refined to integrate information from across the whole community
Provides information for prioritizing preparedness activities at the national level and informing risk assessment efforts at every level of government
Lesson Summary
We have reached the end of this lesson. In this lesson, we described the purpose, scope, organization, and underlying doctrine of the National Protection Framework. We discussed:
Whole community preparedness
National Preparedness System
National Preparedness Goal
Core capabilities
Guiding Principles for Protection
Risk Basis
In the next lesson, we will discuss the roles and responsibilities of those involved in the Protection effort.
Lesson Overview
This lesson provides an overview of who has a role to play in the Protection mission area. Local, state, tribal, territorial, and Federal partners have roles, as do community members and the private sector.
Upon completion of this lesson, you will be able to describe the roles and responsibilities of Protection partners.
Roles and Responsibilities
Let’s begin this lesson by first discussing the roles and responsibilities of community members and the private sector.
Click on each audience group to hear its roles and responsibilities.
Intended Audience - Individuals, Families, and Households
Individuals, families, and households should take risk-informed protective actions based on the threats and hazards that may impact their community. Awareness of these threats and hazards may come from news outlets, local emergency management agencies, and other information-sharing mechanisms.
Intended Audience - Communities and Community Organizations
Communities and community organizations bring individuals together in different ways and for different reasons. They can promote and implement core capabilities and share information and effective practices. They can also establish protection standards of practice, mutual aid agreements, and mechanisms for information sharing.
Intended Audience - Private-sector Entities
Private-sector entities, such as businesses, industries, and private universities, are typically the owners and operators of the nation’s infrastructure. Both private and public sector owners and operators develop and implement risk-based protective programs and resilience strategies for the infrastructure. They also maintain situational awareness and invest in security and resilience as part of their day-to-day business. Private-sector entities also share information with the public sector in order to address and manage public risks.
Nongovernmental organizations (NGOs), such as nonprofit entities, faith-based organizations, and academia, are encouraged to establish or participate in Regional and community partnerships with the whole community to develop a common understanding of risk and how to address it through Protection efforts.
Local Governments
Now let’s take a look at the roles and responsibilities of the different levels of government, beginning with local governments.
Local governments promote the coordination of ongoing protection plans and the development of core capabilities to ensure the safety of the people in their jurisdictions.
Local governments can also address geographical protection issues that are unique to their jurisdictions, such as border concerns and private-sector agreements.
Local governments are responsible for ensuring that their citizens receive timely information in a variety of formats.
State, Tribal, Territorial, and Insular Area Governments
Like local governments, state, tribal, territorial, and insular-area governments are responsible for public safety, and promote Protection plans and the development of core capabilities, including the provision of uninterrupted essential services.
In addition, they engage in community, private-industry, and interagency partnerships to address unique protection concerns, such as transborder issues.
Federal Government
To deliver the Protection mission, all Federal departments and agencies should cooperate with one another, and with local, state, tribal, territorial, and insular-area governments; community members; and the private sector.
The Federal Government, under the leadership of the President, provides leadership, coordination, and integration for the development and delivery of Protection capabilities.
The various Federal departments have different responsibilities regarding protection. To better detail the roles and responsibilities of the various Federal departments and agencies, the Federal Government developed the Protection Federal Interagency Operational Plan (FIOP). This document outlines how the different departments and agencies engage and contribute to the delivery of core capabilities. The Protection FIOP is discussed in more detail later in Lesson 4: Coordinating Structures and Operational Planning.
International Partnerships
Although the National Protection Framework focuses on domestic activities, the capabilities often have global connections. Because of this, international partnerships are essential to developing and delivering core capabilities for the Protection mission. These partnerships require coordination with the Department of State and, where necessary, other government entities at the local, state, tribal, territorial, insular-area, and Federal levels.
Lesson Summary
We have reached the end of this lesson. In this lesson, we described the roles and responsibilities of Protection partners. Specifically, we discussed:
Community members and the private sector
Local governments
State, tribal, territorial, and insular-area governments
The Federal Government
International partnerships
In the next lesson, we will take a closer look at the core capabilities that are delivered under the Protection mission area.
Lesson Overview
This lesson provides an examination of the Protection core capabilities.
Upon completion of this lesson, you will be able to describe core capabilities for Protection and actions required to deliver those capabilities.
Core Capabilities
As discussed in the first lesson, preparedness is the responsibility of the entire nation. The way we can measure, describe, and implement our security and resilience techniques is through core capabilities. These core capabilities are listed in the National Preparedness Goal and classified under the five mission areas. They are highly interdependent and require us to use existing preparedness networks and activities, coordinate and unify efforts, improve training and exercise programs, promote innovation, and ensure that the administrative, finance, and logistics systems are in place to support these capabilities.
Before we take a closer look at the Protection core capabilities, let’s review the key characteristics of these capabilities.
The core capabilities:
Are distinct critical elements necessary to meet the National Preparedness Goal
Are essential for the execution of each mission area: Prevention, Protection, Mitigation, Response, and Recovery
Provide a common language for preparedness across the whole community
Are not exclusive to any single level of government or organization and encompass the whole community
Core Capabilities
Utilizing and implementing core capabilities is what we as a nation require in order to deal with the risks we face. As we look at the Protection core capabilities, you’ll notice that three core capabilities span all mission areas: Planning, Public Information and Warning, and Operational Coordination. These help to unify the mission areas and in many ways are necessary for the success of the remaining core capabilities. In addition, three of core capabilities overlap with the Prevention mission area.
As we begin to look at the core capabilities, it is important to understand that the National Preparedness Goal specifically defines each of the core capabilities. These definitions are used to determine the critical tasks for each capability.
As we examine each core capability, we will discuss those critical tasks that must be implemented to successfully deliver that core capability.
It should be noted that these critical tasks are not for any single jurisdiction or agency. Accomplishment of these critical tasks at all levels within whole community creates unity of effort and achieves national preparedness.
Planning
Let’s take a closer look at the three cross-cutting core capabilities, starting with Planning.
The Planning capability is described as conducting a systematic process engaging the whole community as appropriate in the development of executable strategic, operational, and/or tactical-level approaches to meet defined objectives.
In the context of Protection, planning includes the development, exercise, and maintenance of multidisciplinary plans that provide joint guidance across mission activities.
Planning: Critical Tasks
As discussed earlier, each capability has an associated set of critical tasks that are necessary for the delivery of the capability. Let’s take a look at the critical tasks that are needed for the planning capability in regard to Protection:
Initiate a flexible planning process that builds on existing plans as part of the National Planning System.
Establish partnerships that facilitate coordinated information sharing between partners to support the protection of critical infrastructure within single, and across multiple, jurisdictions and sectors.
Identify and prioritize critical infrastructure and determine risk management priorities.
Conduct vulnerability assessments, perform risk analyses, identify capability gaps, and coordinate protective measures on an ongoing basis in conjunction with the private and nonprofit sectors and local, regional/metropolitan, state, tribal, territorial, insular-area, and Federal organizations and agencies.
Establish joint Protection objectives within and across mission-area activities.
Implement security, protection, resilience, and continuity plans and programs, and training and exercises, and take corrective actions.
Integrate Protection planning for the whole community and those with animals (including household pets and service and assistance animals); develop and document continuity plans and supporting procedures so that, when implemented, the plans and procedures provide for the continued performance of essential functions under all circumstances.
Ensure that Protection planning and activities mutually support, and do not conflict with or adversely affect, other mission-area plans and activities, especially with analytic and risk management products and complementary concepts of operation.
Public Information and Warning
The Public Information and Warning capability is described as the delivery of coordinated, prompt, reliable, and actionable information to the whole community through the use of clear, consistent, accessible, and culturally and linguistically appropriate methods to effectively relay information regarding any threat or hazard, as well as the actions being taken and the assistance being made available, as appropriate.
In the context of Protection, this is the capability to provide warning systems to communicate significant threats and hazards to involved operators, security officials, and the public.
Operational Coordination
The Operational Coordination capability is described as the establishment and maintenance of a unified and coordinated operational structure and process that appropriately integrates all critical stakeholders and supports the execution of core capabilities.
This is the capability that supports networking, planning, and coordination between protection partners.
Operational Coordination: Critical Tasks
Here are the critical operational coordination tasks in regard to Protection.
Establish joint concepts of operation for delivering Protection capabilities.
Collaborate with all relevant protection partners.
Determine jurisdictional priorities, objectives, strategies, and resource allocations.
Establish clear lines and modes of communication among participating organizations and jurisdictions.
Define and communicate clear roles and responsibilities relative to courses of action.
Integrate and synchronize the actions of participating organizations and jurisdictions to ensure unity of effort.
Coordinate across and among all levels of government and with critical elements of the private and nonprofit sectors to protect against potential threats, conduct law enforcement investigations, or engage in enforcement and protective activities based on jurisdictional authorities.
Build mechanisms to enable interoperable communications to enhance coordination around the Protection mission.
Cross-Cutting Core Capabilities: Best Practice
Let’s look at an example of the cross-cutting capabilities for Protection.
One example in which the Federal Government has acted to improve the cross-cutting capabilities for Protection involves violent extremism. In 2014, there were several incidents, including an attempted airport bombing and an attack on a Jewish Community Center. Based on these incidents, the Department of Homeland Security and the National Counterterrorism Center held six exercises in 2014 to improve communication between Federal law enforcement and local communities on countering violent extremism. Afterward, exercise facilitators helped each community develop a community action plan that local governments can use to identify and respond to incidents of violent extremism.
Cross-Cutting Core Capabilities: Best Practice, continued
The example on the previous screen illustrates three critical tasks. For the planning capability, this meets the critical tasks of implementing security, protection, resilience, and continuity plans and programs, and training and exercises, and taking corrective actions. This is shown through development of a community action plan for local governments.
Also, exercises were conducted to improve communication between Federal law enforcement and local communities. For public information and warning, this meets the critical task of establishing accessible mechanisms and providing the full spectrum of support necessary for appropriate and ongoing information sharing among all levels of government, the private sector, faith-based organizations, NGOs, and the public.
Additionally, the plans that were developed provided information on how local governments are to respond to incidents of violent extremism. For operational coordination, this meets the critical task of coordinating across and among all levels of government and with critical elements of the private and nonprofit sectors to protect against potential threats, conduct law enforcement investigations, or engage in enforcement and protective activities based on jurisdictional authorities.
Prevention and Protection Core Capabilities
Now that we’ve discussed the cross-cutting core capabilities, we need to discuss the capabilities that belong to Prevention. As shown in the chart below, the first three of these capabilities are shared with the Protection mission area: Intelligence and Information Sharing; Interdiction and Disruption; and Screening, Search, and Detection.
Prevention
Protection
Intelligence and Information Sharing
Interdiction and Disruption
Screening, Search, and Detection
Let’s take a closer look at these capabilities.
Intelligence and Information Sharing
Let’s begin with Intelligence and Information Sharing.
The Intelligence and Information-Sharing capability is described as:
Providing timely, accurate, and actionable information
resulting from the planning direction, collection, exploitation, processing, analysis, production, dissemination, evaluation, and feedback of available information
Concerning:
physical and cyber threats to the United States, its people, property, or interests
the development, proliferation, or use of WMD
or any other matter bearing on U.S. national or homeland security by local, state, tribal, territorial, Federal, and other stakeholders.
Information sharing is the ability to exchange intelligence, information, data, or knowledge among government or private sector entities, as appropriate.
In the context of Protection, Intelligence and Information-Sharing capabilities involve the effective execution of the intelligence cycle (monitoring, gathering, and analysis of information) by all involved partners in order to develop situational awareness of potential threats and hazards within the United States.
Intelligence and Information Sharing: Critical Tasks
Here are the critical intelligence and information-sharing tasks in regard to Protection:
Monitor, analyze, and assess the positive and negative impacts of changes in the operating environment as they pertain to threats and hazards to public safety, health, and security. Share analysis results through:
Participation in public, local, regional, state, tribal, territorial, and national education and awareness programs;
Participation in the routine exchange of security information—including threat assessments, alerts, attack indications and warnings, and advisories—among partners.
Determine intelligence and information-sharing requirements for Protection stakeholder intelligence, information, and information sharing.
Develop or identify and provide access to mechanisms and procedures for intelligence and information sharing among the public, private sector, faith-based organizations, and government Protection partners.
Use intelligence processes to produce and deliver relevant, timely, accessible, and actionable intelligence and information products to others as applicable, to include partners in the other mission areas.
Adhere to appropriate mechanisms for safeguarding sensitive and classified information and protecting privacy, civil rights, and civil liberties.
Intelligence and Information Sharing: Example
One example of Intelligence and Information Sharing can be seen in the strengthening of the relationship between government and chemical facility owners and operators. The EPA, the U.S. Department of Labor, and DHS developed several initiatives to improve information-sharing platforms. Specifically, they partnered to update online systems to help chemical facilities determine regulatory requirements and thereby enabled the Federal Government to compare a facility’s information across nearly 90 separate Federal and state systems.
This example illustrates the critical task of monitoring, analyzing, and assessing the positive and negative impacts of changes in the operating environment as they pertain to threats and hazards to public safety, health, and security. The comparisons provided help identify at-risk facilities by examining compliance history and chemical storage information.
Interdiction and Disruption
The Interdiction and Disruption capability is described as the delay, diversion, interception, halting, apprehension, or securing of threats and/or hazards.
In the context of Protection, this capability includes those interdiction and disruption activities that may be undertaken in response to elevated threats, or in order to focus capabilities during special events.
Interdiction and Disruption: Critical Tasks
Let’s look at the critical interdiction and disruption tasks in regard to Protection.
Deter movement and operation of terrorists into or within the United States and its territories.
Ensure the capacity to detect CBRNE devices or resolve CBRNE threats.
Interdict conveyances, cargo, and persons associated with a potential threat or act.
Implement public health measures to mitigate the spread of disease threats abroad and prevent disease threats from crossing national borders.
Disrupt terrorist financing or conduct counter-acquisition activities to prevent weapons, precursors, related technology, or other material support from reaching their target.
Enhance the visible presence of law enforcement to deter or disrupt threats from reaching potential target(s).
Intervene to protect against the spread of violent extremism within U.S. communities.
Employ wide-area search and detection assets in targeted areas in concert with local, regional/metropolitan, state, tribal, territorial, insular-area, and Federal personnel or other Federal agencies (depending on the threat).
Interdiction and Disruption: Best Practice
Let’s look at a best practice involving interdiction and disruption. The Federal Government requires businesses that engage in international trade to submit import/export data. This helps law enforcement interdict illicit goods before they enter the United States, while facilitating the flow of legitimate trade and travel.
Since 2006, some 48 agencies, led by Customs and Border Protection (CBP), have worked to build and implement the International Trade Data System, which establishes a single electronic platform for import/export data. By centralizing, automating, and integrating data-collection processes, the system allows for easier identification of items of concern, while reducing the reporting burden for industry.
At the same time, this system meets the critical task of interdicting conveyances, cargo, and persons associated with a potential threat or act.
Screening, Search, and Detection
The Screening, Search, and Detection capability is described as the identification, discovery, or location of threats and/or hazards through active and passive surveillance and search procedures. This may include the use of systematic examinations and assessments, biosurveillance, sensor technologies, or physical investigation and intelligence.
In terms of Protection, this capability includes the screening of cargo, conveyances, mail, baggage, and people, as well as the detection of WMD, traditional and emerging threats, and hazards of concern.
Screening, Search, and Detection: Critical Tasks
Here are the critical screening, search, and detection tasks in regard to Protection:
Identify potential threats resulting from persons or networks.
Develop and engage an observant nation (individuals, families, communities; local, state, tribal, and territorial governments; and private-sector partners).
Screen persons, baggage, mail, cargo, and conveyances using technical, non-technical, intrusive, and non-intrusive means without unduly hampering the flow of legitimate commerce. Consider additional measures for high-risk persons, conveyances, or items:
Conduct chemical, biological, radiological, nuclear, and explosives (CBRNE) search and detection operations.
Conduct passive and active detection of CBRNE agents.
Operate safely in a hazardous environment.
Consider the deployment of Federal teams and capabilities to enhance local, regional/metropolitan, state, tribal, territorial, insular-area, and Federal efforts, including the use of incident assessment and awareness assets.
Conduct biosurveillance of data relating to human health and animal, plant, food, water, and environmental domains.
Screening, Search, and Detection: Example
One example in which the Screening, Search, and Detection capability was implemented occurred during the spread of the Ebola virus. In October 2014, U.S Customs and Border Protection (CBP) and the Centers for Disease Control and Protection (CDC) enhanced screening procedures at the five U.S. airports that received 94 percent of all inbound passengers from Guinea, Sierra Leone, and Liberia. At that time, the DHS Secretary announced that all passengers arriving in the United States from those three countries were required to fly into one of those five airports. When health officials identified cases of Ebola virus disease in Mali, CBP and CDC implemented enhanced screening in mid-November for travelers arriving from that country as well.
This example illustrates the critical task of screening persons, baggage, mail, cargo, and conveyances using technical, non-technical, intrusive, and non-intrusive means without unduly hampering the flow of legitimate commerce. In this case, additional measures were introduced for high-risk persons. In January 2015, after two incubation cycles for the Ebola virus disease, CDC removed Mali from the list of nations subject to enhanced screening.
Audio Transcript
There are five capabilities that belong solely to Protection: Access Control and Identity Verification, Cybersecurity, Physical Protective Measures, Risk Management for Protection Programs and Activities, and Supply Chain Integrity and Security.
The critical tasks associated with the Protection core capabilities are ambitious. They are not tasks for any single jurisdiction or agency; rather, achieving them requires a national effort involving the whole community. For the remainder of this lesson, we’ll take a closer look at these five Protection core capabilities and their critical tasks.
Access Control and Identity Verification
The Access Control and Identity Verification capability is described as the application and support of necessary physical, technological, and cyber measures to control admittance to critical locations and systems.
Access Control and Identity Verification: Critical Tasks
Here are the critical access control and identity verification tasks:
Verify identity to authorize, grant, or deny physical and cyber access to physical and cyber assets, networks, applications, and systems that could be exploited to do harm.
Control and limit access to critical locations and systems to authorized individuals carrying out legitimate activities.
Access Control and Identity Verification: Best Practice
Let’s look at a best practice for the Access Control and Identity Verification capability. The 2004 Homeland Security Presidential Directive 12: Policy for a Common Identification Standard for Federal Employees and Contractors requires all Federal agencies to issue and adopt smartcards to verify user identity for access to Federal facilities and information systems. These credentials allow access to Federal facilities and systems, using more than one means of authentication to create a high level of identity assurance.
This practice helps meet the critical task of verifying identity to authorize, grant, or deny physical and cyber access to physical and cyber assets, networks, applications, and systems that could be exploited to do harm.
Cybersecurity
The Cybersecurity capability is described as the protection (and, if need be, restoration) of electronic communications systems, information, and services from damage, unauthorized use, and exploitation.
Cybersecurity: Critical Tasks
The cybersecurity critical tasks are shown below.
Implement countermeasures, technologies, and policies to protect physical and cyber assets, networks, applications, and systems that could be exploited to do harm.
Secure, to the extent possible, public and private networks and critical infrastructure (e.g., communication, financial, power grid, water, and transportation systems), based on vulnerability results from risk assessment, mitigation, and incident response capabilities.
Formalize partnerships with governmental and private-sector cyber incident or emergency response teams to accept, triage, and collaboratively respond to incidents in an efficient manner.
Formalize partnerships between communities and disciplines responsible for cybersecurity and physical systems dependent on cybersecurity.
Formalize relationships between information communications technology and information system vendors and their customers for ongoing product cybersecurity, business planning, and transition to response and recovery when necessary.
Share actionable cyber threat information with domestic and international governments and the private sector to promote shared situational awareness.
Implement risk-informed standards to ensure the security, reliability, integrity, and availability of critical information, records, and communications systems and services through collaborative cybersecurity initiatives and efforts.
Detect and analyze malicious activity and support mitigation activities.
Collaborate with partners to develop plans and processes to facilitate coordinated incident response activities.
Leverage law enforcement and intelligence assets to identify, track, investigate, disrupt, and prosecute malicious actors threatening the security of the nation’s public and private information systems.
Create resilient cyber systems that allow for the uninterrupted continuation of essential functions.
Cybersecurity: Best Practice
A best practice that was introduced for cybersecurity was the release of the Framework for Improving Critical Infrastructure Cybersecurity. This framework is intended to help organizations across the public and private sectors better manage cybersecurity risks. It provides a flexible set of cybersecurity standards and best practices, which allows stakeholders to adapt and adopt pieces of the framework as they see fit.
This best practice illustrates the critical task of implementing risk-informed standards to ensure the security, reliability, integrity, and availability of critical information, records, and communications systems and services through collaborative cybersecurity initiatives and efforts. After releasing the Framework for Improving Critical Infrastructure Cybersecurity, the National Institute of Standards and Technology (NIST) solicited feedback on the framework through targeted outreach. Stakeholders suggested that NIST publish “real-world” applications, lessons learned, and case studies to highlight examples of how organizations of varying sizes, types, and cybersecurity capabilities can use the framework to improve their security.
Physical Protective Measures
Let’s continue looking at the Protection core capabilities.
The Physical Protective Measures capability is described as the implementation and maintenance of risk-informed countermeasures and policies protecting people, borders, structures, materials, products, and systems associated with key operational activities and critical infrastructure sectors.
Physical Protective Measures: Critical Tasks
Let’s take a look at the critical Physical Protective Measures tasks.
Identify and prioritize assets, systems, networks, and functions that need to be protected.
Identify necessary physical protections, countermeasures (including medical and non-pharmaceutical countermeasures), and policies through a risk assessment of key operational activities and infrastructure.
Protect critical lifeline functions, which include energy, communications, transportation, and water and wastewater management.
Develop and implement security plans, including business continuity plans, that address identified security risks.
Develop and implement risk-based physical security measures, countermeasures, policies, and procedures.
Implement security training for workers focused on awareness and response.
Develop and implement biosecurity and biosafety programs and practices.
Leverage Federal acquisition programs, as appropriate, to ensure maximum cost efficiency, security, and interoperability of procurements.
Physical Protective Measures: Example
Here is an example involving physical protective measures that occurred in the energy sector.
In April 2013, a sabotage incident damaged 17 transformers transmitting power to Silicon Valley. As a result of this incident, the Department of Energy (DOE) initiated and led a series of briefings in conjunction with DHS across 10 states to enhance physical security of electric substations. Additionally, FBI partnered with DOE to strengthen physical security at facilities that use radiological material. In fiscal year 2014, law enforcement and energy communities joined together to install security enhancements at 96 facilities, train 396 personnel, and conduct six tabletop exercises.
This example illustrates several critical tasks, including:
Protecting critical lifeline functions, including energy
Identifying necessary physical protections, countermeasures, and policies through a risk assessment
Developing and implementing risk-based physical security measures, countermeasures, policies, and procedures
Implementing security training for workers
Risk Management for Protection Programs and Activities
The Risk Management for Protection Programs and Activities capability is described as the identification, assessment, and prioritization of risks to inform Protection activities, countermeasures, and investments. This goal is accomplished by implementing and maintaining risk assessment processes to identify and prioritize assets, systems, networks, and functions, as well as implementing and maintaining appropriate tools to identify and assess threats, vulnerabilities, and consequences.
Risk Management for Protection Programs and Activities: Critical Tasks
Here are the critical tasks in surrounding Risk Management for Protection Programs and Activities:
Gather required data in a timely and accurate manner to effectively identify risks.
Develop and use appropriate tools to identify and assess threats, vulnerabilities, and consequences.
Build the capability within communities to analyze and assess risk and resilience.
Identify, implement, and monitor risk management plans.
Update risk assessments to reassess risk based on changes in the following areas: the physical environment (including climate change impacts), aging infrastructure, new development, new mitigation projects and initiatives, post-event verification/validation, new technologies or improved methodologies, and better or more up-to-date data.
Validate, calibrate, and enhance risk assessments by relying on experience, lessons learned, and knowledge beyond raw data or models.
Use risk assessments to design exercises and determine the feasibility of mitigation projects and initiatives.
Develop a unified approach to make investments in secure and resilient infrastructure in order to enable communities to withstand the effects of a disaster, respond effectively, recover quickly, adapt to changing conditions, and manage future disaster risk.
Risk Management for Protection Programs and Activities: Example
Let’s look at an example where private-sector partners used sector-specific tools and programs to analyze risk and protect against hazards.
In 2014, the Dams Sector Analysis Tool—a web-based platform of analysis tools and data-collection mechanisms to protect the Nation’s dams—helped stakeholders run more than 1,300 dam-break, flood-inundation simulations to test for screening, prioritization, characterization, and analysis of critical assets, and update plans and policies accordingly. The U.S. Bureau of Reclamation also helped improve dam preparedness by conducting 34 dam inspections and risk assessments to determine potential means of failure and resulting consequences. Moreover, DHS began a series of resilience webinars to address risks from cross-sector interdependencies for commercial stakeholders.
This example illustrates the critical task of developing and using appropriate tools to identify and assess threats, vulnerabilities, and consequences.
Supply Chain Integrity and Security
The Supply Chain Integrity and Security capability is described as strengthening the security and resilience of the supply chain. This capability relies on securing and making resilient key nodes, methods of transport between nodes, and materials in transit between a supplier and consumer.
Supply Chain Integrity and Security: Critical Tasks
Let’s look at the critical tasks involved with the Supply Chain Integrity and Security capability.
Integrate security processes into supply chain operations to identify items of concern and resolve them as early in the process as possible.
Analyze key dependencies and interdependencies related to supply chain operations.
Use risk management principles to identify, mitigate the vulnerabilities of, and protect key assets, infrastructure, and support systems.
Implement physical protections, countermeasures, and policies to secure and make resilient key nodes, methods of transport between nodes, and materials in transit.
Use verification and detection capabilities to identify goods that are not what they are represented to be, are contaminated, are not declared, or are prohibited; and to prevent cargo from being compromised or misdirected as it moves through the system.
Use layers of defense to protect against a diverse range of traditional and asymmetric threats. These layers include intelligence and information analysis; appropriate use of technology; effective laws, regulations, and policies; properly trained and equipped personnel; and effective partnerships.
Supply Chain Integrity and Security: Example
One example of the Supply Chain Integrity and Security capability occurred in October 2014, when the CDC issued revised guidance for use of personal protective equipment (PPE) when caring for patients with Ebola virus disease. The guidance created a surge in demand by U.S. hospitals for PPE and led to delays in filling some equipment orders. In response, manufacturers increased production of PPE and distributors began identifying ways to provide the requested quantities and meet the delivery timelines. Additionally, the Department of Health and Human Services (HHS) has been working with manufacturers to better understand the demand for and availability of products, as well as the actions taken to address any shortages in additional orders.
This example illustrates the critical task of analyzing key dependencies and interdependencies related to supply chain operations. Based on this analysis, the CDC provided additional guidance that links the amount of PPE a hospital needs to its degree of potential involvement in identifying, isolating, evaluating, and treating patients with Ebola virus disease.
Lesson Summary
We have reached the end of this lesson. In this lesson, we described the core capabilities for protection and actions required to deliver those capabilities. Specifically, we discussed:
Cross-Cutting Core Capabilities
Planning
Public Information and Warning
Operational Coordination
Prevention and Protection Core Capabilities
Intelligence and Information Sharing
Interdiction and Disruption
Screening, Search, and Detection
Protection Core Capabilities
Access Control and Identity Verification
Cybersecurity
Physical Protective Measures
Risk Management for Protection Programs and Activities
Supply Chain Integrity and Security
In the next lesson, we will take a closer look at the coordinating structures and operational planning used to support the Protection mission area.
Lesson Overview
This lesson provides an examination of the Protection coordinating structures and operational planning.
Upon completion of this lesson, you will be able to describe coordinating structures used to support protection.
Purpose of Coordinating Structures
A coordinating structure is a system that maintains and delivers the core capabilities discussed in the previous lesson.
Support steady-state Protection mission activities
Strengthen the nation’s ability to increase its protective posture during periods of heightened alert, periods of incident response, or in support of planned special events
Help conduct planning
Implement training and exercise programs
Promote information sharing
Shape research and development priorities and technical requirements
Address common vulnerabilities
Align resources
Promote the delivery of protection capabilities
On the following screen, we’ll take a closer look at different coordinating structures.
Community, Local, Tribal, State, and Regional Coordinating Structures
Coordinating structures can function on multiple levels, including national, state, and local levels. Let’s take a look at how coordinating structures operate on a community, local, tribal, state, or regional level.
Click on each coordinating structure to hear more information.
Partnerships
Coordination of Protection mission capabilities is accomplished through existing partnerships at all levels of government and with the private and nonprofit sectors. These partnerships allow for the exchange of expertise and information and provide a source of potential resources through mutual aid and assistance agreements. One example of a regional partnership is the Pacific NorthWest Economic Region (PNWER) partnership, which looks at border security, agriculture, and energy issues throughout the Pacific Northwest.
Operational Coordination (Information-sharing Centers, Fusion Centers, and Task Forces)
Operational coordination occurs as information-sharing centers, fusion centers, and task forces work with one another to share important information and align resources. At the city and state level, fusion centers serve as focal points for information gathering and sharing, while at local and territorial levels, operations centers align resources to support Protection partners. At the Federal level, the Department of Homeland Security coordinates critical infrastructure security and resilience activities through the National Infrastructure Coordinating Center and the National Cybersecurity and Communications Integration Center.
Established Systems and Principles
Protection core capabilities are coordinated further through established systems and principles. For example, the National Incident Management System (NIMS) was developed to provide guidelines to enable organizations with different legal, geographic, and functional responsibilities to coordinate, plan, and interact effectively, while maintaining their authority, responsibility, and accountability.
Federal Coordinating Structures
Now let’s turn our attention to the policy-level coordination that occurs at the Federal level.
Review each item before proceeding to the next screen.
Working across Coordinating Structures
Protection activities and missions are coordinated through various authorities, capabilities, and functions.
The laws and professional arrangements that govern the Protection mission activities also provide the model of how Protection activity is coordinated to secure the Nation against complex threats and hazards. In the same sense that threats and hazards impact multiple disciplines and jurisdictions, the arrangements within the Protection mission are unified by establishing connections across existing coordination structures.
Coordination structures are integrated by the joint development of national capabilities, joint plans, analytic products, and channels for information sharing that span national preparedness mission areas.
Protection Actions to Deliver Core Capabilities
In order to deliver the Protection core capabilities, certain actions must be taken both during normal conditions, known as steady-state conditions, and in times of elevated threats. Let’s take a look at some of these Protection actions.
Planning
Public Information and Warning
Operational Coordination
Intelligence and Information Sharing
Interdiction and Disruption
Screening, Search, and Detection
Access Control and Identity Verification
Cybersecurity
Physical Protective Measures
Risk Management for Protection Programs and Activities
Supply Chain Integrity and Security
Steady-state Protection Process
Let’s begin with the Steady-State Protection Process. The process necessary to protect against threats during steady-state conditions is shown here. For this process to work, risk management must be decentralized. In other words, the responsibility for steady-state Protection is shared by the whole community, including individuals and households, all levels of government, and the private and nonprofit sectors. As the model illustrates, Protection is a continuous process that helps identify and implement improvements.
Click on each step of the process to find out more information.
Protection Escalation Decision Process
During periods of elevated threat or impending disasters, interagency coordination may be compressed so that Protection activities are coordinated more quickly.
The Protection Escalation Decision Process is shown here. The decision to conduct enhanced Protection operations can occur at any point in the Protection mission and may require enhanced coordination across other mission areas.
On the following screens, we’ll take a closer look at the steps in this process.
Awareness and Initiative
The need to escalate Protection activities can originate with any mission partner and can occur anywhere within the scope of Protection mission activities.
Reporting and Notifications
Once initiated, the whole community shares information about potential threats and hazards using established communications and reporting channels.
Assessments
As threat and hazard information is shared, the situation is assessed to determine whether there should be a change from steady-state activities to requiring action in accordance with the National Response Framework, along with enhanced steady-state Protection and Mitigation activities. Additionally, a potential terrorist threat may require action in accordance with the National Prevention Framework.
Response and Enhanced Steady-State Protection Activities
The assessment of the situation may indicate the initiation of Prevention, Mitigation, Response, or Recovery activities, such as community-wide risk reduction projects, that require Protection mission support. Emerging issues may also require a change from Protection steady-state to enhanced steady-state activities.
Enhanced Protection mission activities include:
Issuing of alerts/warnings
Greater protective presence, enhanced posture
Enhanced operational coordination among mission partners
Sustained efforts to address emergent Protection concerns
Return to Steady-State Protection Activities
When an assessment of the situation indicates that enhanced Protection activities are no longer required, there is a return to steady-state activities.
Relationship to Other Mission Areas
As we discussed in the first lesson, the National Preparedness Goal sets the vision for preparedness nationwide and identifies the core capabilities necessary to achieve that vision across the five mission areas:
Prevention
Protection
Mitigation
Response
Recovery
So far, we’ve looked specifically at the Protection mission area. However, the Protection coordinating structures and organizations contribute directly to activities and inform efforts within the other mission areas.
Relationship to Other Mission Areas, continued
Let’s take a look at how Protection relates to the other mission areas.
You will need to review each item before proceeding to the next screen.
Operational Planning
The National Planning Frameworks, including the National Protection Framework, explain the role of each mission area in national preparedness. The concepts included in the Frameworks are used to guide operational planning, which provides further information regarding roles and responsibilities. Operational planning also identifies the critical tasks in executing the core capabilities. Additionally, operational planning identifies resourcing, personnel, and sourcing requirements across the whole community.
Planning across the full range of Protection activities is the responsibility of every level of government as well as the private and nonprofit sectors. This planning is used to determine jurisdictional priorities, objectives, strategies, and resource acquisitions and allocations needed to protect against potential threats. In doing so, the operational plan helps provide the right resources at the right time to support local, regional, state, tribal, territorial, insular-area, and Federal operations.
Comprehensive Preparedness Guide (CPG) 101 (http://www.fema.gov/plan) provides further information on the various types of plans and guidance on the fundamentals of planning. Additional information can be found on planning at this website.
On the following screens, we’ll take a look at two types of operational plans: Department-level Operational Plans and Federal Interagency Operational Plans (FIOPs).
Department-level Operational Plans
Each Executive Branch department and agency develops and maintains its own operational plans in order to deliver Protection core capabilities. These department-level operational plans identify specific critical tasks and responsibilities, including how to meet resource requirements. These plans also:
Address risk
Include planning and exercising coordination and communication procedures
Discuss sharing resources
Federal Interagency Operational Plans (FIOPs)
At the Federal level, each Framework is supported by a mission-area-specific Federal Interagency Operational Plan (FIOP). The Protection FIOP, which has not yet been released, will describe how Federal departments and agencies work together to deliver the Protection core capabilities. Whether you are in the government, the private sector, or the nonprofit sector, you will be able to use the Protection FIOP to inform ongoing protection planning, training, and exercises within your jurisdiction or organization.
For more information, you can view all available FIOPs (http://www.fema.gov/federal-interagency-operational-plans).
Supporting Resources
There are several resources in place to support the Protection mission. The following resources include training, exercises, and Web-based information for both government and nongovernmental partners.
We have reached the end of this lesson. In this lesson, we described the coordinating structures and operational planning used to support Protection. Specifically, we discussed:
Community, local, tribal, state, and regional coordinating structures
Federal coordinating structures
Protection actions to deliver core capabilities
Steady-State Protection Process
Protection escalation decision process
The relationship of Protection to the other mission areas
Operational Planning
Department-level operational Plans
FIOPs
Supporting Resources
Course Summary
Let’s take a look at some the key points that were discussed throughout the course.
The goal of this course is to familiarize you with the National Protection Framework, which describes the way that the whole community safeguards against acts of terrorism, natural disasters, and other threats or hazards.
The National Protection Framework, which is part of the National Preparedness System, sets the strategy and doctrine for how the whole community builds, sustains, and delivers the Protection core capabilities identified in the National Preparedness Goal.
The National Protection Framework provides guidance on how to safeguard against acts of terrorism, natural disasters, and other threats or hazards by:
Describing the core capabilities needed to conduct the Protection mission and create conditions for a safer, more secure, and more resilient nation
Aligning key roles and responsibilities to deliver Protection capabilities
Describing coordinating structures that enable all stakeholders to work together
Laying the foundation for operational coordination and planning that aligns Protection efforts within the whole community
Strengthening the ability of essential Protection functions and services to continue regardless of threat or hazard
The National Protection Framework sets out three principles that guide the development and execution of the core capabilities for Protection. These are:
Resilience and Scalability
Risk-informed Culture
Shared Responsibility
Course Summary, continued
Several partners have a role in protection, including:
Community members and the private sector
Individuals, families, and households
Communities and community organizations
Private-sector entities
Nongovernmental organizations (NGOs)
Local governments
State, tribal, territorial, and insular area governments
Federal government
International partnerships
Course Summary, continued
The way we can measure, describe, and implement our security and resilience techniques is through core capabilities. Protection core capabilities including the following:
Cross-cutting Core Capabilities
Planning
Public Information and Warning
Operational Coordination
Prevention and Protection Core Capabilities
Intelligence and Information Sharing
Interdiction and Disruption
Screening, Search, and Detection
Protection Core Capabilities
Access Control and Identity Verification
Cybersecurity
Physical Protective Measures
Risk Management for Protection Programs and Activities
Supply Chain Integrity and Security
Course Summary, continued
Several coordinating structures are used to support protection. These include:
Community, local, tribal, state, and regional coordinating structures
Partnerships
Operational coordination (information-sharing centers, fusion centers, and task forces)
Established systems and principles
Federal coordinating structures
National Security Council
Federal departments and agencies
Interagency coordination
The steady-state protection process protects against threats during steady-state conditions. The responsibility for steady-state Protection is shared by the whole community, including individuals and households, all levels of government, and the private and nonprofit sectors.
During periods of elevated threat or impending disasters, interagency coordination may be compressed so that protection activities are coordinated more quickly. In these cases, the protection escalation decision process is implemented.
Operational planning provides further information regarding roles and responsibilities, identifies the critical tasks in executing the core capabilities, and identifies resourcing, personnel, and sourcing requirements across the whole community.
Comprehensive Preparedness Guide (CPG) 101 provides guidance for developing emergency operations plans at the local, state, tribal, and territorial levels.
At the Federal level, each framework is supported by a mission-area-specific Federal Interagency Operational Plan (FIOP). The Protection FIOP can be used to inform ongoing protection planning, training, and exercises within your jurisdiction or organization.
Planning
Public Information and Warning
Operational Coordination
Intelligence and Information Sharing
Interdiction and Disruption
Screening, Search, and Detection
Access Control and Identity Verification
Cybersecurity
Physical Protective Measures
Risk Management for Protection Programs and Activities
Supply Chain Integrity and Security