[Federal Register Volume 73, Number 110 (Friday, June 6, 2008)]
[Notices]
[Pages 32341-32343]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: E8-12671]
-----------------------------------------------------------------------
DEPARTMENT OF HOMELAND SECURITY
[Docket No. DHS-2008-0054]
Review and Revision of the National Infrastructure Protection
Plan
AGENCY: National Protection and Programs Directorate, DHS.
ACTION: Notice and request for comments.
-----------------------------------------------------------------------
SUMMARY: This notice informs the public that the Department of Homeland
Security (DHS) is currently reviewing the National Infrastructure
Protection Plan (NIPP) and, as part of a comprehensive national review
process, solicits public comment on issues or language in the NIPP that
need to be updated in this triennial review cycle.
DATES: Written comments must be submitted on or before July 7, 2008.
ADDRESSES: Comments must be identified by docket number DHS-2008-0054
and may be submitted by one of the following methods:
Federal Rulemaking Portal: http://www.regulations.gov.
Follow the instructions for submitting comments.
E-mail: [email protected]. Include the docket number in the
subject line of the message.
Facsimile: 703-235-3057.
Mail: Larry L. May, NPPD/IP/POD/NIPP Program Management
Office; Mail Stop 8530, Department of Homeland Security, 245 Murray
Lane, SW., Washington, DC 20528-8530.
FOR FURTHER INFORMATION CONTACT: Larry L. May, Deputy Director, NIPP
Program Management Office (PMO) Partnership and Outreach Division,
Office of Infrastructure Protection, National Protection and Programs
Directorate, Department of Homeland Security, Washington, DC 20528,
703-235-3648 or [email protected].
SUPPLEMENTARY INFORMATION:
I. Public Participation
DHS invites interested persons to contribute suggestions and
comments for the revision of the National Infrastructure Protection
Plan (NIPP) by submitting written data, views, or arguments. Comments
that will provide the most assistance to DHS in revising the NIPP will
explain the reason for any
[[Page 32342]]
recommended changes to the NIPP and include data, information, or
authority that supports such recommended change. Linking changes to
specific sections of the NIPP would also be helpful. There will be an
opportunity to review a revised NIPP reflecting the various changes
later this year.
Instructions: All submissions received must include the agency name
and docket number for this action. All comments received will be posted
without change to http://www.regulations.gov, including any personal
information provided. You may submit your comments and material by one
of the methods specified in the ADDRESSES section. Please submit your
comments and material by only one means to avoid the adjudication of
duplicate submissions. If you submit comments by mail, your submission
should be an unbound document and no larger than 8.5 by 11 inches to
enable copying and electronic document management. If you want DHS to
acknowledge receipt of comments by mail, include with your comments a
self-addressed, stamped postcard that includes the docket number for
this action. We will date your postcard and return it to you via
regular mail.
Docket: Background documents and comments received can be viewed at
http://www.regulations.gov.
II. Background
The NIPP sets forth a comprehensive risk management framework and
clearly defines critical infrastructure protection roles and
responsibilities for the DHS; Sector-Specific Agencies (SSAs); and
other Federal, State, local, tribal, territorial, and private-sector
security partners. The NIPP provides a coordinated approach for
establishing national priorities, goals, and requirements for
infrastructure protection so that funding and resources are applied in
the most effective manner. The NIPP risk management framework responds
to an evolving risk landscape; as such, there will always be changes to
the NIPP--from relatively minor to more significant. The 2006 NIPP
established the requirement to fully review and reissue the plan every
three years to ensure that it is current and of maximum value to all
security partners. To assist the reviewer as we proceed with this
process, an internal review of the NIPP by DHS has occurred and an
initial list of potential changes to the NIPP is included in this
notice. The purpose of this notice is to invite interested parties to
suggest additional changes that would make the 2009 NIPP more relevant
and useful as a National level document and within the framework of
HSPD-7.
Some of the known changes that will be addressed in this revision
of the NIPP are:
Establishment of Critical Manufacturing as the 18th
critical infrastructure and key resources (CIKR) sector
Release of the chemical security regulation
Publishing of the Sector-Specific Plans (SSPs)
Sector name changes
Designation of the Education Subsector
Removal of references to the National Asset Database
(NADB) and replacement with information on the Infrastructure
Information Collection System and the Infrastructure Data Warehouse
Revision of the discussion of risk assessment
methodologies
Update on the Protected Critical Infrastructure
Information (PCII) program
Clarification of NIPP CIKR Protection Metrics
Update on the State, Local, Tribal, and Territorial
Government Coordinating Council (SLTTGCC)
Homeland Security Information Network (HSIN) update
Further definition of the CIKR Information-Sharing
Environment (ISE)
Critical Infrastructure Warning Information Network (CWIN)
Evolution from the National Response Plan to the National
Response Framework
Further information on the National Infrastructure
Simulation and Analysis Center (NISAC)
Update on the Protective Security Advisor Program
Additional Homeland Security Presidential Directives
Issues regarding cross-sector cyber security
Overarching issues: Protection and resiliency
Delineate role of Private Sector Office
DHS organizational changes: National Protection and
Programs Directorate (NPPD).
Comments are welcome on other areas that should be updated, expanded,
changed, added, or deleted as appropriate.
III. Initial List of Issues To Be Updated in the NIPP
Since the NIPP was released in June 2006, DHS and its security
partners have been working to implement the risk management framework
and the sector partnership model to protect the Nation's CIKR.
Throughout this implementation, DHS has engaged the NIPP feedback
mechanisms to capture lessons learned and issues that need to be
revised and updated in future versions of the NIPP. This section
presents a brief summary of some those issues as a guide to reviewers
and commenters on the types of changes being incorporated into the
NIPP. DHS is soliciting public comment on these and other issues. These
issues will be addressed through changes made in the appropriate
sections of the NIPP.
Establishment of Critical Manufacturing as the 18th CIKR Sector
On March 3, 2008, DHS formally established the Critical
Manufacturing Sector as the 18th CIKR sector.
Release of Chemical Security Regulation
On April 9, 2007, the U.S. Department of Homeland Security (DHS)
issued the Chemical Facility Anti-Terrorism Standards (CFATS), 6 CFR
part 27. Congress authorized this interim final rule (IFR) under
Section 550 of the Department of Homeland Security Appropriations Act
of 2007, directing the Department to identify high-risk chemical
facilities, assess their security vulnerabilities, and require those
facilities to submit site security plans meeting risk-based performance
standards. DHS also issued a final Appendix A to the CFATS IFR on
November 20, 2007, listing chemicals of interest (COI) which, if
possessed in specified quantities, require chemical facilities to
submit certain information to DHS.
Publishing of the Sector-Specific Plans
Section 5.3.1 of the NIPP will be updated to reflect the SSPs
official release on May 21, 2007.
Sector Name Changes
To better reflect the scope of three sectors, DHS has recognized
the following name changes: ``Commercial Nuclear Reactors, Materials
and Waste'' to ``Nuclear Reactors, Materials and Waste;'' ``Drinking
Water and Water Treatment Systems'' to ``Water;'' and
``Telecommunications'' to ``Communications.''
Designation of the Education Facilities Subsector
In keeping with section 2.2.2 of the NIPP, DHS has recognized the
Department of Education's Office of Safe and Drug-Free Schools (OSDFS)
as the lead for Education Facilities (EF), a subsector of the
Government Facilities Sector.
[[Page 32343]]
Removal of References to the National Asset Database
Throughout the NIPP, references to the NADB will be removed and
replaced with information on the Infrastructure Information Collection
System and the Infrastructure Data Warehouse.
Revision of the Discussion on Risk Assessment Methodologies
The discussion of risk assessment methodologies will be revised to
indicate that there are multiple NIPP-compliant risk assessment
methodologies. Revisions will also provide information on the current
state of CIKR risk analysis capability and the Tier 1/Tier 2 Program.
Update on the Protected Critical Infrastructure Information Program
DHS will clarify how vulnerability assessment information may be
submitted for protection under the PCII program and which DHS programs
may receive this information.
Clarification of NIPP CIKR Protection Metrics
The NIPP CIKR protection metrics process includes four metrics
areas:
1. Core metrics represent a common set of measures that are tracked
across all sectors.
2. Sector-specific performance metrics are the set of measures
tailored to the unique characteristics of each sector.
3. CIKR protection programmatic metrics are used to measure the
effectiveness of specific programs, initiatives, and investments that
are managed by Government agencies and sector partners.
4. Sector partnership metrics are used to assess the status of
activities conducted under the sector partnership.
Update on the State, Local, Tribal, and Territorial Government
Coordinating Council
The SLTTGCC now has three working groups and also provides liaisons
to all the sectors: Policy and Planning Working Group, Communication
and Coordination Working Group, and Information-Sharing Working Group.
The roles of State and Regional groups in CIKR protection will be
described.
Homeland Security Information Network Update
DHS IP is working closely with the DHS Chief Information Officer
(CIO) to determine feasible solutions to mitigate issues from CIKR
protection security partners related to HSIN.
Further Definition of the CIKR Information-Sharing Environment
As follow-up to the original discussion of ISE in section 4.2.3 of
the NIPP, the Program Manager (PM)-ISE formally issued the CIKR ISE
paper in May 2007. The paper describes the core elements of robust
information sharing with the CIKR sectors.
Critical Infrastructure Warning Information Network
An ISE addition since the 2006 release of the NIPP, CWIN is a
mechanism that facilitates the flow of information, mitigates obstacles
to voluntary information sharing by CIKR owners and operators, and
provides feedback and continuous improvement for structures and
processes.
Evolution From the National Response Plan to the National Response
Framework
The National Response Framework replaces the former National
Response Plan.
National Infrastructure Simulation and Analysis Center
The Homeland Security Appropriations Act of 2007 specifies the
NISAC's current mission to provide ``modeling, simulation, and analysis
of the assets and systems comprising CIKR in order to enhance
preparedness, protection, response, recovery, and mitigation
activities.''
Protective Security Advisor Program
The key elements of this program and the roles the Protective
Security Advisors play in information sharing and support to security
partners will be described.
Additional Homeland Security Presidential Directives
HSPD-19 and others will be added in the appendixes and wherever
they are appropriate in the main body of the NIPP.
Issues Regarding Cross-Sector Cyber Security
The National Cyber Security Division (NCSD) is working closely with
the SSAs and other security partners to integrate cyber security into
the CIKR sectors' protection and preparedness efforts.
Overarching Issues: Protection and Resiliency
Questions have been raised about the focus of the NIPP on
protection rather than resiliency. The revised NIPP needs to better
describe the complementary relationship of these two concepts.
Role of Private Sector Office
The role of this office in coordinating with private sector
security partners will be described in greater detail.
DHS Organizational Changes: National Protection and Programs
Directorate
There have been numerous organizational changes within DHS related
to roles and responsibilities described throughout the NIPP. NPPD
(formerly the Preparedness Directorate) was formed in 2007 to advance
the Department's risk-reduction mission. The components of NPPD
include:
Office of Cyber Security and Communications (CS&C) has the
mission to assure the security, resiliency, and reliability of the
Nation's cyber and communications infrastructure in collaboration with
the public and private sectors, including international partners.
Office of Intergovernmental Programs (IGP) has the mission
to promote an integrated national approach to homeland security by
ensuring, coordinating, and advancing Federal interaction with State,
local, tribal, and territorial governments.
Office of Risk Management and Analysis (RMA) will lead the
Department's efforts to establish a common framework to address the
overall management and analysis of homeland security risk.
United States Visitor and Immigrant Status Indicator
Technology (US-VISIT) is part of a continuum of biometrically-enhanced
security measures that begins outside U.S. borders and continues
through a visitor's arrival in and departure from the United States.
Office of Infrastructure Protection (IP) leads the
coordinated national effort to reduce risk to our CIKR posed by acts of
terrorism.
For purposes of review, the NIPP can be found at http://www.dhs.gov/nipp.
R. James Caverly,
Director, Partnership and Outreach Division, Department of Homeland
Security.
[FR Doc. E8-12671 Filed 6-5-08; 8:45 am]
BILLING CODE 4410-10-P